socket 1.0.96 → 1.0.98
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +850 -493
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/shadow-npm-bin.js +3 -3
- package/dist/shadow-npm-bin.js.map +1 -1
- package/dist/shadow-npm-inject.js +29 -49
- package/dist/shadow-npm-inject.js.map +1 -1
- package/dist/tsconfig.dts.tsbuildinfo +1 -1
- package/dist/types/commands/fix/coana-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/pull-request.d.mts +6 -1
- package/dist/types/commands/fix/pull-request.d.mts.map +1 -1
- package/dist/types/commands/fix/shared.d.mts +2 -1
- package/dist/types/commands/fix/shared.d.mts.map +1 -1
- package/dist/types/commands/patch/cmd-patch.d.mts +11 -0
- package/dist/types/commands/patch/cmd-patch.d.mts.map +1 -0
- package/dist/types/commands/patch/handle-patch.d.mts +10 -0
- package/dist/types/commands/patch/handle-patch.d.mts.map +1 -0
- package/dist/types/commands/patch/output-patch-result.d.mts +5 -0
- package/dist/types/commands/patch/output-patch-result.d.mts.map +1 -0
- package/dist/types/commands.d.mts +7 -0
- package/dist/types/commands.d.mts.map +1 -1
- package/dist/types/shadow/npm/arborist/lib/arborist/index.d.mts.map +1 -1
- package/dist/types/shadow/npm/arborist-helpers.d.mts +5 -5
- package/dist/types/shadow/npm/arborist-helpers.d.mts.map +1 -1
- package/dist/types/utils/alert/severity.d.mts.map +1 -1
- package/dist/types/utils/alerts-map.d.mts +4 -3
- package/dist/types/utils/alerts-map.d.mts.map +1 -1
- package/dist/types/utils/config.d.mts +5 -4
- package/dist/types/utils/config.d.mts.map +1 -1
- package/dist/types/utils/filter-config.d.mts +5 -0
- package/dist/types/utils/filter-config.d.mts.map +1 -0
- package/dist/types/utils/meow-with-subcommands.d.mts.map +1 -1
- package/dist/types/utils/sdk.d.mts +3 -3
- package/dist/types/utils/sdk.d.mts.map +1 -1
- package/dist/types/utils/socket-package-alert.d.mts +7 -5
- package/dist/types/utils/socket-package-alert.d.mts.map +1 -1
- package/dist/utils.js +246 -244
- package/dist/utils.js.map +1 -1
- package/dist/vendor.js +5124 -5114
- package/external/@coana-tech/cli/cli-wrapper.mjs +1 -0
- package/external/@coana-tech/cli/cli.mjs +302 -184
- package/external/@coana-tech/cli/reachability-analyzers-cli.mjs +134 -63
- package/external/@coana-tech/cli/repos/coana-tech/alucard/alucard.jar +0 -0
- package/external/@coana-tech/cli/repos/coana-tech/class-graph-analysis/dist/bundle/class-graph-analysis-cli.mjs +2337 -2821
- package/external/@coana-tech/cli/repos/coana-tech/cocoa/release/Coana.Cocoa.dll +0 -0
- package/external/@coana-tech/cli/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/external/@coana-tech/cli/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/external/@coana-tech/cli/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/external/@coana-tech/cli/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
- package/external/@socketsecurity/registry/lib/objects.js +16 -0
- package/package.json +7 -7
- package/dist/types/commands/scan/suggest-repo-slug.d.mts +0 -9
- package/dist/types/commands/scan/suggest-repo-slug.d.mts.map +0 -1
- package/dist/types/utils/strings.d.mts +0 -2
- package/dist/types/utils/strings.d.mts.map +0 -1
package/dist/cli.js
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
|
|
4
4
|
var require$$0 = require('node:url');
|
|
5
5
|
var vendor = require('./vendor.js');
|
|
6
|
-
var require$$
|
|
6
|
+
var require$$8 = require('../external/@socketsecurity/registry/lib/debug');
|
|
7
7
|
var logger = require('../external/@socketsecurity/registry/lib/logger');
|
|
8
8
|
var utils = require('./utils.js');
|
|
9
9
|
var fs = require('node:fs/promises');
|
|
@@ -18,16 +18,16 @@ var spawn = require('../external/@socketsecurity/registry/lib/spawn');
|
|
|
18
18
|
var fs$2 = require('../external/@socketsecurity/registry/lib/fs');
|
|
19
19
|
var strings = require('../external/@socketsecurity/registry/lib/strings');
|
|
20
20
|
var arrays = require('../external/@socketsecurity/registry/lib/arrays');
|
|
21
|
+
var regexps = require('../external/@socketsecurity/registry/lib/regexps');
|
|
21
22
|
var registry = require('../external/@socketsecurity/registry');
|
|
22
23
|
var npm = require('../external/@socketsecurity/registry/lib/npm');
|
|
23
24
|
var packages = require('../external/@socketsecurity/registry/lib/packages');
|
|
24
25
|
var sorts = require('../external/@socketsecurity/registry/lib/sorts');
|
|
25
|
-
var regexps = require('../external/@socketsecurity/registry/lib/regexps');
|
|
26
26
|
var shadowNpmInject = require('./shadow-npm-inject.js');
|
|
27
|
-
var require$$
|
|
27
|
+
var require$$9 = require('../external/@socketsecurity/registry/lib/objects');
|
|
28
28
|
var path$1 = require('../external/@socketsecurity/registry/lib/path');
|
|
29
29
|
var shadowNpmBin = require('./shadow-npm-bin.js');
|
|
30
|
-
var require$$
|
|
30
|
+
var require$$10 = require('../external/@socketsecurity/registry/lib/promises');
|
|
31
31
|
var require$$1 = require('node:util');
|
|
32
32
|
var os = require('node:os');
|
|
33
33
|
var promises = require('node:stream/promises');
|
|
@@ -322,21 +322,21 @@ async function handleAnalytics({
|
|
|
322
322
|
const {
|
|
323
323
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$M
|
|
324
324
|
} = constants;
|
|
325
|
-
const CMD_NAME$
|
|
326
|
-
const description$
|
|
327
|
-
const hidden$
|
|
325
|
+
const CMD_NAME$x = 'analytics';
|
|
326
|
+
const description$D = 'Look up analytics data';
|
|
327
|
+
const hidden$v = false;
|
|
328
328
|
const cmdAnalytics = {
|
|
329
|
-
description: description$
|
|
330
|
-
hidden: hidden$
|
|
331
|
-
run: run$
|
|
329
|
+
description: description$D,
|
|
330
|
+
hidden: hidden$v,
|
|
331
|
+
run: run$Q
|
|
332
332
|
};
|
|
333
|
-
async function run$
|
|
333
|
+
async function run$Q(argv, importMeta, {
|
|
334
334
|
parentName
|
|
335
335
|
}) {
|
|
336
336
|
const config = {
|
|
337
|
-
commandName: CMD_NAME$
|
|
338
|
-
description: description$
|
|
339
|
-
hidden: hidden$
|
|
337
|
+
commandName: CMD_NAME$x,
|
|
338
|
+
description: description$D,
|
|
339
|
+
hidden: hidden$v,
|
|
340
340
|
flags: {
|
|
341
341
|
...flags.commonFlags,
|
|
342
342
|
...flags.outputFlags,
|
|
@@ -352,7 +352,7 @@ async function run$P(argv, importMeta, {
|
|
|
352
352
|
$ ${command} [options] [ "org" | "repo" <reponame>] [TIME]
|
|
353
353
|
|
|
354
354
|
API Token Requirements
|
|
355
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
355
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$x}`)}
|
|
356
356
|
|
|
357
357
|
The scope is either org or repo level, defaults to org.
|
|
358
358
|
|
|
@@ -409,7 +409,7 @@ async function run$P(argv, importMeta, {
|
|
|
409
409
|
} = cli.flags;
|
|
410
410
|
const dryRun = !!cli.flags['dryRun'];
|
|
411
411
|
const noLegacy = !cli.flags['scope'] && !cli.flags['repo'] && !cli.flags['time'];
|
|
412
|
-
const hasApiToken = utils.
|
|
412
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
413
413
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
414
414
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
415
415
|
nook: true,
|
|
@@ -617,8 +617,8 @@ ${table}
|
|
|
617
617
|
} catch (e) {
|
|
618
618
|
process.exitCode = 1;
|
|
619
619
|
logger.logger.fail('There was a problem converting the logs to Markdown, please try the `--json` flag');
|
|
620
|
-
require$$
|
|
621
|
-
require$$
|
|
620
|
+
require$$8.debugFn('error', 'caught: markdown conversion error');
|
|
621
|
+
require$$8.debugDir('inspect', {
|
|
622
622
|
error: e
|
|
623
623
|
});
|
|
624
624
|
return 'Failed to generate the markdown report';
|
|
@@ -755,21 +755,21 @@ const {
|
|
|
755
755
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$L,
|
|
756
756
|
SOCKET_WEBSITE_URL: SOCKET_WEBSITE_URL$3
|
|
757
757
|
} = constants;
|
|
758
|
-
const CMD_NAME$
|
|
759
|
-
const description$
|
|
760
|
-
const hidden$
|
|
758
|
+
const CMD_NAME$w = 'audit-log';
|
|
759
|
+
const description$C = 'Look up the audit log for an organization';
|
|
760
|
+
const hidden$u = false;
|
|
761
761
|
const cmdAuditLog = {
|
|
762
|
-
description: description$
|
|
763
|
-
hidden: hidden$
|
|
764
|
-
run: run$
|
|
762
|
+
description: description$C,
|
|
763
|
+
hidden: hidden$u,
|
|
764
|
+
run: run$P
|
|
765
765
|
};
|
|
766
|
-
async function run$
|
|
766
|
+
async function run$P(argv, importMeta, {
|
|
767
767
|
parentName
|
|
768
768
|
}) {
|
|
769
769
|
const config = {
|
|
770
|
-
commandName: CMD_NAME$
|
|
771
|
-
description: description$
|
|
772
|
-
hidden: hidden$
|
|
770
|
+
commandName: CMD_NAME$w,
|
|
771
|
+
description: description$C,
|
|
772
|
+
hidden: hidden$u,
|
|
773
773
|
flags: {
|
|
774
774
|
...flags.commonFlags,
|
|
775
775
|
...flags.outputFlags,
|
|
@@ -797,7 +797,7 @@ async function run$O(argv, importMeta, {
|
|
|
797
797
|
$ ${command} [options] [FILTER]
|
|
798
798
|
|
|
799
799
|
API Token Requirements
|
|
800
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
800
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$w}`)}
|
|
801
801
|
|
|
802
802
|
This feature requires an Enterprise Plan. To learn more about getting access
|
|
803
803
|
to this feature and many more, please visit ${SOCKET_WEBSITE_URL$3}/pricing
|
|
@@ -840,7 +840,7 @@ async function run$O(argv, importMeta, {
|
|
|
840
840
|
const noLegacy = !cli.flags['type'];
|
|
841
841
|
let [typeFilter = ''] = cli.input;
|
|
842
842
|
typeFilter = String(typeFilter);
|
|
843
|
-
const hasApiToken = utils.
|
|
843
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
844
844
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
845
845
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
846
846
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -1028,8 +1028,8 @@ async function fetchScanData(orgSlug, scanId, options) {
|
|
|
1028
1028
|
return JSON.parse(line);
|
|
1029
1029
|
} catch (e) {
|
|
1030
1030
|
ok = false;
|
|
1031
|
-
require$$
|
|
1032
|
-
require$$
|
|
1031
|
+
require$$8.debugFn('error', 'caught: JSON.parse error');
|
|
1032
|
+
require$$8.debugDir('inspect', {
|
|
1033
1033
|
error: e,
|
|
1034
1034
|
line
|
|
1035
1035
|
});
|
|
@@ -1676,28 +1676,28 @@ sockJson, cwd = process.cwd()) {
|
|
|
1676
1676
|
sbt: false
|
|
1677
1677
|
};
|
|
1678
1678
|
if (sockJson?.defaults?.manifest?.sbt?.disabled) {
|
|
1679
|
-
require$$
|
|
1679
|
+
require$$8.debugLog('notice', '[DEBUG] - sbt auto-detection is disabled in socket.json');
|
|
1680
1680
|
} else if (fs$1.existsSync(path.join(cwd, 'build.sbt'))) {
|
|
1681
|
-
require$$
|
|
1681
|
+
require$$8.debugLog('notice', '[DEBUG] - Detected a Scala sbt build file');
|
|
1682
1682
|
output.sbt = true;
|
|
1683
1683
|
output.count += 1;
|
|
1684
1684
|
}
|
|
1685
1685
|
if (sockJson?.defaults?.manifest?.gradle?.disabled) {
|
|
1686
|
-
require$$
|
|
1686
|
+
require$$8.debugLog('notice', '[DEBUG] - gradle auto-detection is disabled in socket.json');
|
|
1687
1687
|
} else if (fs$1.existsSync(path.join(cwd, 'gradlew'))) {
|
|
1688
|
-
require$$
|
|
1688
|
+
require$$8.debugLog('notice', '[DEBUG] - Detected a gradle build file');
|
|
1689
1689
|
output.gradle = true;
|
|
1690
1690
|
output.count += 1;
|
|
1691
1691
|
}
|
|
1692
1692
|
if (sockJson?.defaults?.manifest?.conda?.disabled) {
|
|
1693
|
-
require$$
|
|
1693
|
+
require$$8.debugLog('notice', '[DEBUG] - conda auto-detection is disabled in socket.json');
|
|
1694
1694
|
} else {
|
|
1695
1695
|
const envyml = path.join(cwd, 'environment.yml');
|
|
1696
1696
|
const hasEnvyml = fs$1.existsSync(envyml);
|
|
1697
1697
|
const envyaml = path.join(cwd, 'environment.yaml');
|
|
1698
1698
|
const hasEnvyaml = !hasEnvyml && fs$1.existsSync(envyaml);
|
|
1699
1699
|
if (hasEnvyml || hasEnvyaml) {
|
|
1700
|
-
require$$
|
|
1700
|
+
require$$8.debugLog('notice', '[DEBUG] - Detected an environment.yml Conda file');
|
|
1701
1701
|
output.conda = true;
|
|
1702
1702
|
output.count += 1;
|
|
1703
1703
|
}
|
|
@@ -2203,7 +2203,7 @@ async function handleCreateNewScan({
|
|
|
2203
2203
|
return;
|
|
2204
2204
|
}
|
|
2205
2205
|
logger.logger.success(`Found ${packagePaths.length} local ${words.pluralize('file', packagePaths.length)}`);
|
|
2206
|
-
require$$
|
|
2206
|
+
require$$8.debugDir('inspect', {
|
|
2207
2207
|
packagePaths
|
|
2208
2208
|
});
|
|
2209
2209
|
if (readOnly) {
|
|
@@ -2376,9 +2376,9 @@ const config$k = {
|
|
|
2376
2376
|
const cmdCI = {
|
|
2377
2377
|
description: config$k.description,
|
|
2378
2378
|
hidden: config$k.hidden,
|
|
2379
|
-
run: run$
|
|
2379
|
+
run: run$O
|
|
2380
2380
|
};
|
|
2381
|
-
async function run$
|
|
2381
|
+
async function run$O(argv, importMeta, {
|
|
2382
2382
|
parentName
|
|
2383
2383
|
}) {
|
|
2384
2384
|
const cli = utils.meowOrExit({
|
|
@@ -2431,7 +2431,7 @@ async function discoverConfigValue(key) {
|
|
|
2431
2431
|
};
|
|
2432
2432
|
}
|
|
2433
2433
|
if (key === 'defaultOrg') {
|
|
2434
|
-
const hasApiToken = utils.
|
|
2434
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
2435
2435
|
if (!hasApiToken) {
|
|
2436
2436
|
return {
|
|
2437
2437
|
ok: false,
|
|
@@ -2461,7 +2461,7 @@ async function discoverConfigValue(key) {
|
|
|
2461
2461
|
};
|
|
2462
2462
|
}
|
|
2463
2463
|
if (key === 'enforcedOrgs') {
|
|
2464
|
-
const hasApiToken = utils.
|
|
2464
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
2465
2465
|
if (!hasApiToken) {
|
|
2466
2466
|
return {
|
|
2467
2467
|
ok: false,
|
|
@@ -2623,21 +2623,21 @@ async function handleConfigAuto({
|
|
|
2623
2623
|
const {
|
|
2624
2624
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$J
|
|
2625
2625
|
} = constants;
|
|
2626
|
-
const CMD_NAME$
|
|
2627
|
-
const description$
|
|
2628
|
-
const hidden$
|
|
2626
|
+
const CMD_NAME$v = 'auto';
|
|
2627
|
+
const description$B = 'Automatically discover and set the correct value config item';
|
|
2628
|
+
const hidden$t = false;
|
|
2629
2629
|
const cmdConfigAuto = {
|
|
2630
|
-
description: description$
|
|
2631
|
-
hidden: hidden$
|
|
2632
|
-
run: run$
|
|
2630
|
+
description: description$B,
|
|
2631
|
+
hidden: hidden$t,
|
|
2632
|
+
run: run$N
|
|
2633
2633
|
};
|
|
2634
|
-
async function run$
|
|
2634
|
+
async function run$N(argv, importMeta, {
|
|
2635
2635
|
parentName
|
|
2636
2636
|
}) {
|
|
2637
2637
|
const config = {
|
|
2638
|
-
commandName: CMD_NAME$
|
|
2639
|
-
description: description$
|
|
2640
|
-
hidden: hidden$
|
|
2638
|
+
commandName: CMD_NAME$v,
|
|
2639
|
+
description: description$B,
|
|
2640
|
+
hidden: hidden$t,
|
|
2641
2641
|
flags: {
|
|
2642
2642
|
...flags.commonFlags,
|
|
2643
2643
|
...flags.outputFlags
|
|
@@ -2764,9 +2764,9 @@ ${utils.getSupportedConfigEntries().map(([key, desc]) => ` - ${key} -- ${des
|
|
|
2764
2764
|
const cmdConfigGet = {
|
|
2765
2765
|
description: config$j.description,
|
|
2766
2766
|
hidden: config$j.hidden,
|
|
2767
|
-
run: run$
|
|
2767
|
+
run: run$M
|
|
2768
2768
|
};
|
|
2769
|
-
async function run$
|
|
2769
|
+
async function run$M(argv, importMeta, {
|
|
2770
2770
|
parentName
|
|
2771
2771
|
}) {
|
|
2772
2772
|
const cli = utils.meowOrExit({
|
|
@@ -2903,9 +2903,9 @@ const config$i = {
|
|
|
2903
2903
|
const cmdConfigList = {
|
|
2904
2904
|
description: config$i.description,
|
|
2905
2905
|
hidden: config$i.hidden,
|
|
2906
|
-
run: run$
|
|
2906
|
+
run: run$L
|
|
2907
2907
|
};
|
|
2908
|
-
async function run$
|
|
2908
|
+
async function run$L(argv, importMeta, {
|
|
2909
2909
|
parentName
|
|
2910
2910
|
}) {
|
|
2911
2911
|
const cli = utils.meowOrExit({
|
|
@@ -2982,21 +2982,21 @@ async function handleConfigSet({
|
|
|
2982
2982
|
const {
|
|
2983
2983
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$G
|
|
2984
2984
|
} = constants;
|
|
2985
|
-
const CMD_NAME$
|
|
2986
|
-
const description$
|
|
2987
|
-
const hidden$
|
|
2985
|
+
const CMD_NAME$u = 'set';
|
|
2986
|
+
const description$A = 'Update the value of a local CLI config item';
|
|
2987
|
+
const hidden$s = false;
|
|
2988
2988
|
const cmdConfigSet = {
|
|
2989
|
-
description: description$
|
|
2990
|
-
hidden: hidden$
|
|
2991
|
-
run: run$
|
|
2989
|
+
description: description$A,
|
|
2990
|
+
hidden: hidden$s,
|
|
2991
|
+
run: run$K
|
|
2992
2992
|
};
|
|
2993
|
-
async function run$
|
|
2993
|
+
async function run$K(argv, importMeta, {
|
|
2994
2994
|
parentName
|
|
2995
2995
|
}) {
|
|
2996
2996
|
const config = {
|
|
2997
|
-
commandName: CMD_NAME$
|
|
2998
|
-
description: description$
|
|
2999
|
-
hidden: hidden$
|
|
2997
|
+
commandName: CMD_NAME$u,
|
|
2998
|
+
description: description$A,
|
|
2999
|
+
hidden: hidden$s,
|
|
3000
3000
|
flags: {
|
|
3001
3001
|
...flags.commonFlags,
|
|
3002
3002
|
...flags.outputFlags
|
|
@@ -3109,21 +3109,21 @@ async function handleConfigUnset({
|
|
|
3109
3109
|
const {
|
|
3110
3110
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$F
|
|
3111
3111
|
} = constants;
|
|
3112
|
-
const CMD_NAME$
|
|
3113
|
-
const description$
|
|
3114
|
-
const hidden$
|
|
3112
|
+
const CMD_NAME$t = 'unset';
|
|
3113
|
+
const description$z = 'Clear the value of a local CLI config item';
|
|
3114
|
+
const hidden$r = false;
|
|
3115
3115
|
const cmdConfigUnset = {
|
|
3116
|
-
description: description$
|
|
3117
|
-
hidden: hidden$
|
|
3118
|
-
run: run$
|
|
3116
|
+
description: description$z,
|
|
3117
|
+
hidden: hidden$r,
|
|
3118
|
+
run: run$J
|
|
3119
3119
|
};
|
|
3120
|
-
async function run$
|
|
3120
|
+
async function run$J(argv, importMeta, {
|
|
3121
3121
|
parentName
|
|
3122
3122
|
}) {
|
|
3123
3123
|
const config = {
|
|
3124
|
-
commandName: CMD_NAME$
|
|
3125
|
-
description: description$
|
|
3126
|
-
hidden: hidden$
|
|
3124
|
+
commandName: CMD_NAME$t,
|
|
3125
|
+
description: description$z,
|
|
3126
|
+
hidden: hidden$r,
|
|
3127
3127
|
flags: {
|
|
3128
3128
|
...flags.commonFlags,
|
|
3129
3129
|
...flags.outputFlags
|
|
@@ -3182,9 +3182,9 @@ ${utils.getSupportedConfigEntries().map(([key, desc]) => ` - ${key} -- ${des
|
|
|
3182
3182
|
});
|
|
3183
3183
|
}
|
|
3184
3184
|
|
|
3185
|
-
const description$
|
|
3185
|
+
const description$y = 'Manage Socket CLI configuration';
|
|
3186
3186
|
const cmdConfig = {
|
|
3187
|
-
description: description$
|
|
3187
|
+
description: description$y,
|
|
3188
3188
|
hidden: false,
|
|
3189
3189
|
async run(argv, importMeta, {
|
|
3190
3190
|
parentName
|
|
@@ -3197,74 +3197,13 @@ const cmdConfig = {
|
|
|
3197
3197
|
unset: cmdConfigUnset
|
|
3198
3198
|
}, {
|
|
3199
3199
|
argv,
|
|
3200
|
-
description: description$
|
|
3200
|
+
description: description$y,
|
|
3201
3201
|
importMeta,
|
|
3202
3202
|
name: `${parentName} config`
|
|
3203
3203
|
});
|
|
3204
3204
|
}
|
|
3205
3205
|
};
|
|
3206
3206
|
|
|
3207
|
-
async function coanaFix(fixConfig) {
|
|
3208
|
-
const {
|
|
3209
|
-
ghsas
|
|
3210
|
-
} = fixConfig;
|
|
3211
|
-
if (!ghsas.length) {
|
|
3212
|
-
return {
|
|
3213
|
-
ok: true,
|
|
3214
|
-
data: {
|
|
3215
|
-
fixed: false
|
|
3216
|
-
}
|
|
3217
|
-
};
|
|
3218
|
-
}
|
|
3219
|
-
const {
|
|
3220
|
-
cwd,
|
|
3221
|
-
orgSlug,
|
|
3222
|
-
spinner
|
|
3223
|
-
} = fixConfig;
|
|
3224
|
-
spinner?.start();
|
|
3225
|
-
const sockSdkCResult = await utils.setupSdk();
|
|
3226
|
-
let lastCResult = sockSdkCResult;
|
|
3227
|
-
const sockSdk = sockSdkCResult.ok ? sockSdkCResult.data : undefined;
|
|
3228
|
-
const supportedFilesCResult = sockSdk ? await fetchSupportedScanFileNames() : undefined;
|
|
3229
|
-
if (supportedFilesCResult) {
|
|
3230
|
-
lastCResult = supportedFilesCResult;
|
|
3231
|
-
}
|
|
3232
|
-
const supportedFiles = supportedFilesCResult?.ok ? supportedFilesCResult.data : undefined;
|
|
3233
|
-
const packagePaths = supportedFiles ? await utils.getPackageFilesForScan(['.'], supportedFiles, {
|
|
3234
|
-
cwd
|
|
3235
|
-
}) : [];
|
|
3236
|
-
const uploadCResult = sockSdk ? await utils.handleApiCall(sockSdk?.uploadManifestFiles(orgSlug, packagePaths), {
|
|
3237
|
-
desc: 'upload manifests'
|
|
3238
|
-
}) : undefined;
|
|
3239
|
-
if (uploadCResult) {
|
|
3240
|
-
lastCResult = uploadCResult;
|
|
3241
|
-
}
|
|
3242
|
-
const tarHash = uploadCResult?.ok ? uploadCResult.data.tarHash : '';
|
|
3243
|
-
if (!tarHash) {
|
|
3244
|
-
spinner?.stop();
|
|
3245
|
-
return lastCResult;
|
|
3246
|
-
}
|
|
3247
|
-
const isAllOrAuto = ghsas.length === 1 && (ghsas[0] === 'all' || ghsas[0] === 'auto');
|
|
3248
|
-
const ids = isAllOrAuto ? ['all'] : ghsas;
|
|
3249
|
-
const fixCResult = ids.length ? await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...ids, ...fixConfig.unknownFlags], fixConfig.orgSlug, {
|
|
3250
|
-
cwd,
|
|
3251
|
-
spinner
|
|
3252
|
-
}) : undefined;
|
|
3253
|
-
if (fixCResult) {
|
|
3254
|
-
lastCResult = fixCResult;
|
|
3255
|
-
}
|
|
3256
|
-
spinner?.stop();
|
|
3257
|
-
require$$6.debugDir('inspect', {
|
|
3258
|
-
lastCResult
|
|
3259
|
-
});
|
|
3260
|
-
return lastCResult.ok ? {
|
|
3261
|
-
ok: true,
|
|
3262
|
-
data: {
|
|
3263
|
-
fixed: true
|
|
3264
|
-
}
|
|
3265
|
-
} : lastCResult;
|
|
3266
|
-
}
|
|
3267
|
-
|
|
3268
3207
|
function formatBranchName(name) {
|
|
3269
3208
|
return name.replace(/[^-a-zA-Z0-9/._-]+/g, '+');
|
|
3270
3209
|
}
|
|
@@ -3352,34 +3291,6 @@ function getSocketPullRequestTitle(purl, newVersion, workspace) {
|
|
|
3352
3291
|
return `Bump ${fullName} from ${purlObj.version} to ${newVersion}${workspace ? ` in ${workspace}` : ''}`;
|
|
3353
3292
|
}
|
|
3354
3293
|
|
|
3355
|
-
function getPrsForPurl(fixEnv, partialPurl) {
|
|
3356
|
-
if (!fixEnv) {
|
|
3357
|
-
return [];
|
|
3358
|
-
}
|
|
3359
|
-
const prs = [];
|
|
3360
|
-
const partialPurlObj = utils.getPurlObject(partialPurl);
|
|
3361
|
-
const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
|
|
3362
|
-
const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
|
|
3363
|
-
for (const pr of fixEnv.prs) {
|
|
3364
|
-
const parsedBranch = genericSocketBranchParser(pr.headRefName);
|
|
3365
|
-
if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
|
|
3366
|
-
prs.push(pr);
|
|
3367
|
-
}
|
|
3368
|
-
}
|
|
3369
|
-
if (require$$6.isDebug('notice,silly')) {
|
|
3370
|
-
const fullName = packages.resolvePackageName(partialPurlObj);
|
|
3371
|
-
if (prs.length) {
|
|
3372
|
-
require$$6.debugFn('notice', `found: ${prs.length} PRs for ${fullName}`);
|
|
3373
|
-
require$$6.debugDir('silly', {
|
|
3374
|
-
prs
|
|
3375
|
-
});
|
|
3376
|
-
} else if (fixEnv.prs.length) {
|
|
3377
|
-
require$$6.debugFn('notice', `miss: 0 PRs found for ${fullName}`);
|
|
3378
|
-
}
|
|
3379
|
-
}
|
|
3380
|
-
return prs;
|
|
3381
|
-
}
|
|
3382
|
-
|
|
3383
3294
|
let _octokit;
|
|
3384
3295
|
function getOctokit() {
|
|
3385
3296
|
if (_octokit === undefined) {
|
|
@@ -3388,14 +3299,14 @@ function getOctokit() {
|
|
|
3388
3299
|
SOCKET_CLI_GITHUB_TOKEN
|
|
3389
3300
|
} = constants.ENV;
|
|
3390
3301
|
if (!SOCKET_CLI_GITHUB_TOKEN) {
|
|
3391
|
-
require$$
|
|
3302
|
+
require$$8.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
|
|
3392
3303
|
}
|
|
3393
3304
|
const octokitOptions = {
|
|
3394
3305
|
auth: SOCKET_CLI_GITHUB_TOKEN,
|
|
3395
3306
|
// Lazily access constants.ENV.GITHUB_API_URL.
|
|
3396
3307
|
baseUrl: constants.ENV.GITHUB_API_URL
|
|
3397
3308
|
};
|
|
3398
|
-
require$$
|
|
3309
|
+
require$$8.debugDir('inspect', {
|
|
3399
3310
|
octokitOptions
|
|
3400
3311
|
});
|
|
3401
3312
|
_octokit = new vendor.Octokit(octokitOptions);
|
|
@@ -3410,7 +3321,7 @@ function getOctokitGraphql() {
|
|
|
3410
3321
|
SOCKET_CLI_GITHUB_TOKEN
|
|
3411
3322
|
} = constants.ENV;
|
|
3412
3323
|
if (!SOCKET_CLI_GITHUB_TOKEN) {
|
|
3413
|
-
require$$
|
|
3324
|
+
require$$8.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
|
|
3414
3325
|
}
|
|
3415
3326
|
_octokitGraphql = vendor.graphql2.defaults({
|
|
3416
3327
|
headers: {
|
|
@@ -3420,19 +3331,6 @@ function getOctokitGraphql() {
|
|
|
3420
3331
|
}
|
|
3421
3332
|
return _octokitGraphql;
|
|
3422
3333
|
}
|
|
3423
|
-
async function cacheFetch(key, fetcher, ttlMs) {
|
|
3424
|
-
// Optionally disable cache.
|
|
3425
|
-
// Lazily access constants.ENV.DISABLE_GITHUB_CACHE.
|
|
3426
|
-
if (constants.ENV.DISABLE_GITHUB_CACHE) {
|
|
3427
|
-
return await fetcher();
|
|
3428
|
-
}
|
|
3429
|
-
let data = await readCache(key, ttlMs);
|
|
3430
|
-
if (!data) {
|
|
3431
|
-
data = await fetcher();
|
|
3432
|
-
await writeCache(key, data);
|
|
3433
|
-
}
|
|
3434
|
-
return data;
|
|
3435
|
-
}
|
|
3436
3334
|
async function readCache(key,
|
|
3437
3335
|
// 5 minute in milliseconds time to live (TTL).
|
|
3438
3336
|
ttlMs = 5 * 60 * 1000) {
|
|
@@ -3460,6 +3358,19 @@ async function writeCache(key, data) {
|
|
|
3460
3358
|
}
|
|
3461
3359
|
await fs$2.writeJson(cacheJsonPath, data);
|
|
3462
3360
|
}
|
|
3361
|
+
async function cacheFetch(key, fetcher, ttlMs) {
|
|
3362
|
+
// Optionally disable cache.
|
|
3363
|
+
// Lazily access constants.ENV.DISABLE_GITHUB_CACHE.
|
|
3364
|
+
if (constants.ENV.DISABLE_GITHUB_CACHE) {
|
|
3365
|
+
return await fetcher();
|
|
3366
|
+
}
|
|
3367
|
+
let data = await readCache(key, ttlMs);
|
|
3368
|
+
if (!data) {
|
|
3369
|
+
data = await fetcher();
|
|
3370
|
+
await writeCache(key, data);
|
|
3371
|
+
}
|
|
3372
|
+
return data;
|
|
3373
|
+
}
|
|
3463
3374
|
async function cleanupPrs(owner, repo, options) {
|
|
3464
3375
|
const contextualMatches = await getSocketPrsWithContext(owner, repo, options);
|
|
3465
3376
|
if (!contextualMatches.length) {
|
|
@@ -3494,14 +3405,14 @@ async function cleanupPrs(owner, repo, options) {
|
|
|
3494
3405
|
pull_number: prNum,
|
|
3495
3406
|
state: 'closed'
|
|
3496
3407
|
});
|
|
3497
|
-
require$$
|
|
3408
|
+
require$$8.debugFn('notice', `pr: closing ${prRef} for ${prToVersion}`);
|
|
3498
3409
|
// Remove entry from parent object.
|
|
3499
3410
|
context.parent.splice(context.index, 1);
|
|
3500
3411
|
// Mark cache to be saved.
|
|
3501
3412
|
cachesToSave.set(context.cacheKey, context.data);
|
|
3502
3413
|
return null;
|
|
3503
3414
|
} catch (e) {
|
|
3504
|
-
require$$
|
|
3415
|
+
require$$8.debugFn('error', `pr: failed to close ${prRef} for ${prToVersion}\n`, e?.message || 'Unknown error');
|
|
3505
3416
|
}
|
|
3506
3417
|
}
|
|
3507
3418
|
// Update stale PRs.
|
|
@@ -3514,7 +3425,7 @@ async function cleanupPrs(owner, repo, options) {
|
|
|
3514
3425
|
base: match.headRefName,
|
|
3515
3426
|
head: match.baseRefName
|
|
3516
3427
|
});
|
|
3517
|
-
require$$
|
|
3428
|
+
require$$8.debugFn('notice', `pr: updating stale ${prRef}`);
|
|
3518
3429
|
// Update entry entry.
|
|
3519
3430
|
if (context.apiType === 'graphql') {
|
|
3520
3431
|
context.entry.mergeStateStatus = 'CLEAN';
|
|
@@ -3525,7 +3436,7 @@ async function cleanupPrs(owner, repo, options) {
|
|
|
3525
3436
|
cachesToSave.set(context.cacheKey, context.data);
|
|
3526
3437
|
} catch (e) {
|
|
3527
3438
|
const message = e?.message || 'Unknown error';
|
|
3528
|
-
require$$
|
|
3439
|
+
require$$8.debugFn('error', `pr: failed to update ${prRef} - ${message}`);
|
|
3529
3440
|
}
|
|
3530
3441
|
}
|
|
3531
3442
|
return match;
|
|
@@ -3726,7 +3637,47 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
|
|
|
3726
3637
|
base: baseBranch,
|
|
3727
3638
|
body: getSocketPullRequestBody(purlObj, newVersion, workspace)
|
|
3728
3639
|
};
|
|
3729
|
-
require$$
|
|
3640
|
+
require$$8.debugDir('inspect', {
|
|
3641
|
+
octokitPullsCreateParams
|
|
3642
|
+
});
|
|
3643
|
+
return await octokit.pulls.create(octokitPullsCreateParams);
|
|
3644
|
+
} catch (e) {
|
|
3645
|
+
let message = `Failed to open pull request`;
|
|
3646
|
+
const errors = e instanceof vendor.RequestError ? e.response?.data?.['errors'] : undefined;
|
|
3647
|
+
if (Array.isArray(errors) && errors.length) {
|
|
3648
|
+
const details = errors.map(d => `- ${d.message?.trim() ?? `${d.resource}.${d.field} (${d.code})`}`).join('\n');
|
|
3649
|
+
message += `:\n${details}`;
|
|
3650
|
+
}
|
|
3651
|
+
require$$8.debugFn('error', message);
|
|
3652
|
+
}
|
|
3653
|
+
return null;
|
|
3654
|
+
}
|
|
3655
|
+
async function openCoanaPr(owner, repo, branch, ghsaIds, options) {
|
|
3656
|
+
const {
|
|
3657
|
+
baseBranch = 'main'
|
|
3658
|
+
} = {
|
|
3659
|
+
__proto__: null,
|
|
3660
|
+
...options
|
|
3661
|
+
};
|
|
3662
|
+
const octokit = getOctokit();
|
|
3663
|
+
const vulnCount = ghsaIds.length;
|
|
3664
|
+
const prTitle = vulnCount === 1 ? `Fix for ${ghsaIds[0]}` : `Fixes for ${vulnCount} GHSAs`;
|
|
3665
|
+
let prBody = '';
|
|
3666
|
+
if (vulnCount === 1) {
|
|
3667
|
+
prBody = `[Socket](https://socket.dev/) fix for [${ghsaIds[0]}](https://github.com/advisories/${ghsaIds[0]}).`;
|
|
3668
|
+
} else {
|
|
3669
|
+
prBody = `[Socket](https://socket.dev/) fixes for ${vulnCount} GHSAs.\n\n**Fixed GHSAs:**\n${ghsaIds.map(id => `- [${id}](https://github.com/advisories/${id})`).join('\n')}`;
|
|
3670
|
+
}
|
|
3671
|
+
try {
|
|
3672
|
+
const octokitPullsCreateParams = {
|
|
3673
|
+
owner,
|
|
3674
|
+
repo,
|
|
3675
|
+
title: prTitle,
|
|
3676
|
+
head: branch,
|
|
3677
|
+
base: baseBranch,
|
|
3678
|
+
body: prBody
|
|
3679
|
+
};
|
|
3680
|
+
require$$8.debugDir('inspect', {
|
|
3730
3681
|
octokitPullsCreateParams
|
|
3731
3682
|
});
|
|
3732
3683
|
return await octokit.pulls.create(octokitPullsCreateParams);
|
|
@@ -3737,7 +3688,7 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
|
|
|
3737
3688
|
const details = errors.map(d => `- ${d.message?.trim() ?? `${d.resource}.${d.field} (${d.code})`}`).join('\n');
|
|
3738
3689
|
message += `:\n${details}`;
|
|
3739
3690
|
}
|
|
3740
|
-
require$$
|
|
3691
|
+
require$$8.debugFn('error', message);
|
|
3741
3692
|
}
|
|
3742
3693
|
return null;
|
|
3743
3694
|
}
|
|
@@ -3748,16 +3699,16 @@ async function setGitRemoteGithubRepoUrl(owner, repo, token, cwd = process.cwd()
|
|
|
3748
3699
|
const url = `https://x-access-token:${token}@${host}/${owner}/${repo}`;
|
|
3749
3700
|
const stdioIgnoreOptions = {
|
|
3750
3701
|
cwd,
|
|
3751
|
-
stdio: require$$
|
|
3702
|
+
stdio: require$$8.isDebug('stdio') ? 'inherit' : 'ignore'
|
|
3752
3703
|
};
|
|
3753
3704
|
const quotedCmd = `\`git remote set-url origin ${url}\``;
|
|
3754
|
-
require$$
|
|
3705
|
+
require$$8.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
3755
3706
|
try {
|
|
3756
3707
|
await spawn.spawn('git', ['remote', 'set-url', 'origin', url], stdioIgnoreOptions);
|
|
3757
3708
|
return true;
|
|
3758
3709
|
} catch (e) {
|
|
3759
|
-
require$$
|
|
3760
|
-
require$$
|
|
3710
|
+
require$$8.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
3711
|
+
require$$8.debugDir('inspect', {
|
|
3761
3712
|
error: e
|
|
3762
3713
|
});
|
|
3763
3714
|
}
|
|
@@ -3770,7 +3721,7 @@ function ciRepoInfo() {
|
|
|
3770
3721
|
GITHUB_REPOSITORY
|
|
3771
3722
|
} = constants.ENV;
|
|
3772
3723
|
if (!GITHUB_REPOSITORY) {
|
|
3773
|
-
require$$
|
|
3724
|
+
require$$8.debugFn('notice', 'miss: GITHUB_REPOSITORY env var');
|
|
3774
3725
|
}
|
|
3775
3726
|
const ownerSlashRepo = GITHUB_REPOSITORY;
|
|
3776
3727
|
const slashIndex = ownerSlashRepo.indexOf('/');
|
|
@@ -3794,9 +3745,9 @@ async function getFixEnv() {
|
|
|
3794
3745
|
// but some CI checks are passing,
|
|
3795
3746
|
constants.ENV.CI || gitEmail || gitUser || githubToken) &&
|
|
3796
3747
|
// then log about it when in debug mode.
|
|
3797
|
-
require$$
|
|
3748
|
+
require$$8.isDebug('notice')) {
|
|
3798
3749
|
const envVars = [...(constants.ENV.CI ? [] : ['process.env.CI']), ...(gitEmail ? [] : ['process.env.SOCKET_CLI_GIT_USER_EMAIL']), ...(gitUser ? [] : ['process.env.SOCKET_CLI_GIT_USER_NAME']), ...(githubToken ? [] : ['process.env.GITHUB_TOKEN'])];
|
|
3799
|
-
require$$
|
|
3750
|
+
require$$8.debugFn('notice', `miss: fixEnv.isCi is false, expected ${arrays.joinAnd(envVars)} to be set`);
|
|
3800
3751
|
}
|
|
3801
3752
|
let repoInfo = null;
|
|
3802
3753
|
if (isCi) {
|
|
@@ -3804,7 +3755,7 @@ async function getFixEnv() {
|
|
|
3804
3755
|
}
|
|
3805
3756
|
if (!repoInfo) {
|
|
3806
3757
|
if (isCi) {
|
|
3807
|
-
require$$
|
|
3758
|
+
require$$8.debugFn('notice', 'falling back to `git remote get-url origin`');
|
|
3808
3759
|
}
|
|
3809
3760
|
repoInfo = await utils.getRepoInfo();
|
|
3810
3761
|
}
|
|
@@ -3823,6 +3774,262 @@ async function getFixEnv() {
|
|
|
3823
3774
|
};
|
|
3824
3775
|
}
|
|
3825
3776
|
|
|
3777
|
+
async function coanaFix(fixConfig) {
|
|
3778
|
+
const {
|
|
3779
|
+
autoMerge,
|
|
3780
|
+
cwd,
|
|
3781
|
+
ghsas,
|
|
3782
|
+
limit,
|
|
3783
|
+
orgSlug,
|
|
3784
|
+
spinner
|
|
3785
|
+
} = fixConfig;
|
|
3786
|
+
const fixEnv = await getFixEnv();
|
|
3787
|
+
require$$8.debugDir('inspect', {
|
|
3788
|
+
fixEnv
|
|
3789
|
+
});
|
|
3790
|
+
spinner?.start();
|
|
3791
|
+
const sockSdkCResult = await utils.setupSdk();
|
|
3792
|
+
if (!sockSdkCResult.ok) {
|
|
3793
|
+
return sockSdkCResult;
|
|
3794
|
+
}
|
|
3795
|
+
const sockSdk = sockSdkCResult.data;
|
|
3796
|
+
const supportedFilesCResult = await fetchSupportedScanFileNames();
|
|
3797
|
+
if (!supportedFilesCResult.ok) {
|
|
3798
|
+
return supportedFilesCResult;
|
|
3799
|
+
}
|
|
3800
|
+
const supportedFiles = supportedFilesCResult.data;
|
|
3801
|
+
const scanFilepaths = await utils.getPackageFilesForScan(['.'], supportedFiles, {
|
|
3802
|
+
cwd
|
|
3803
|
+
});
|
|
3804
|
+
const uploadCResult = await utils.handleApiCall(sockSdk.uploadManifestFiles(orgSlug, scanFilepaths), {
|
|
3805
|
+
desc: 'upload manifests'
|
|
3806
|
+
});
|
|
3807
|
+
if (!uploadCResult.ok) {
|
|
3808
|
+
return uploadCResult;
|
|
3809
|
+
}
|
|
3810
|
+
const tarHash = uploadCResult.data.tarHash;
|
|
3811
|
+
if (!tarHash) {
|
|
3812
|
+
spinner?.stop();
|
|
3813
|
+
return {
|
|
3814
|
+
ok: false,
|
|
3815
|
+
message: 'No tar hash returned from Socket API upload-manifest-files endpoint',
|
|
3816
|
+
data: uploadCResult.data
|
|
3817
|
+
};
|
|
3818
|
+
}
|
|
3819
|
+
const isAll = ghsas.length === 1 && (ghsas[0] === 'all' || ghsas[0] === 'auto');
|
|
3820
|
+
const shouldOpenPrs = fixEnv.isCi && fixEnv.repoInfo;
|
|
3821
|
+
if (!shouldOpenPrs) {
|
|
3822
|
+
const ids = isAll ? ['all'] : ghsas.slice(0, limit);
|
|
3823
|
+
if (!ids.length) {
|
|
3824
|
+
spinner?.stop();
|
|
3825
|
+
return {
|
|
3826
|
+
ok: true,
|
|
3827
|
+
data: {
|
|
3828
|
+
fixed: false
|
|
3829
|
+
}
|
|
3830
|
+
};
|
|
3831
|
+
}
|
|
3832
|
+
const fixCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...(isAll ? ['all'] : ghsas), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
|
|
3833
|
+
cwd,
|
|
3834
|
+
spinner
|
|
3835
|
+
});
|
|
3836
|
+
spinner?.stop();
|
|
3837
|
+
return fixCResult.ok ? {
|
|
3838
|
+
ok: true,
|
|
3839
|
+
data: {
|
|
3840
|
+
fixed: true
|
|
3841
|
+
}
|
|
3842
|
+
} : fixCResult;
|
|
3843
|
+
}
|
|
3844
|
+
let ids;
|
|
3845
|
+
if (isAll) {
|
|
3846
|
+
const foundCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, ...fixConfig.unknownFlags], fixConfig.orgSlug, {
|
|
3847
|
+
cwd,
|
|
3848
|
+
spinner
|
|
3849
|
+
});
|
|
3850
|
+
if (foundCResult.ok) {
|
|
3851
|
+
const foundIds = utils.cmdFlagValueToArray(/(?<=Vulnerabilities found:).*/.exec(foundCResult.data));
|
|
3852
|
+
ids = foundIds.slice(0, limit);
|
|
3853
|
+
}
|
|
3854
|
+
} else {
|
|
3855
|
+
ids = ghsas.slice(0, limit);
|
|
3856
|
+
}
|
|
3857
|
+
if (!ids?.length) {
|
|
3858
|
+
require$$8.debugFn('notice', 'miss: no GHSA IDs to process');
|
|
3859
|
+
}
|
|
3860
|
+
if (!fixEnv.repoInfo) {
|
|
3861
|
+
require$$8.debugFn('notice', 'miss: no repo info detected');
|
|
3862
|
+
}
|
|
3863
|
+
if (!ids?.length || !fixEnv.repoInfo) {
|
|
3864
|
+
spinner?.stop();
|
|
3865
|
+
return {
|
|
3866
|
+
ok: true,
|
|
3867
|
+
data: {
|
|
3868
|
+
fixed: false
|
|
3869
|
+
}
|
|
3870
|
+
};
|
|
3871
|
+
}
|
|
3872
|
+
const scanBaseNames = new Set(scanFilepaths.map(p => path.basename(p)));
|
|
3873
|
+
let count = 0;
|
|
3874
|
+
let overallFixed = false;
|
|
3875
|
+
|
|
3876
|
+
// Process each GHSA ID individually, similar to npm-fix/pnpm-fix.
|
|
3877
|
+
ghsaLoop: for (let i = 0, {
|
|
3878
|
+
length
|
|
3879
|
+
} = ids; i < length; i += 1) {
|
|
3880
|
+
const id = ids[i];
|
|
3881
|
+
require$$8.debugFn('notice', `Processing GHSA ID: ${id}`);
|
|
3882
|
+
|
|
3883
|
+
// Apply fix for single GHSA ID.
|
|
3884
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3885
|
+
const fixCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', id, ...fixConfig.unknownFlags], fixConfig.orgSlug, {
|
|
3886
|
+
cwd,
|
|
3887
|
+
spinner
|
|
3888
|
+
});
|
|
3889
|
+
if (!fixCResult.ok) {
|
|
3890
|
+
logger.logger.error(`Update failed for ${id}: ${fixCResult.message || 'Unknown error'}`);
|
|
3891
|
+
continue ghsaLoop;
|
|
3892
|
+
}
|
|
3893
|
+
|
|
3894
|
+
// Check for modified files after applying the fix.
|
|
3895
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3896
|
+
const unstagedCResult = await utils.gitUnstagedModifiedFiles(cwd);
|
|
3897
|
+
const modifiedFiles = unstagedCResult.ok ? unstagedCResult.data.filter(relPath => scanBaseNames.has(path.basename(relPath))) : [];
|
|
3898
|
+
if (!modifiedFiles.length) {
|
|
3899
|
+
require$$8.debugFn('notice', `skip: no changes for ${id}`);
|
|
3900
|
+
continue ghsaLoop;
|
|
3901
|
+
}
|
|
3902
|
+
overallFixed = true;
|
|
3903
|
+
|
|
3904
|
+
// Create PR if in CI environment
|
|
3905
|
+
try {
|
|
3906
|
+
const branch = `socket/coana-fix/${id}`;
|
|
3907
|
+
|
|
3908
|
+
// Check if branch already exists
|
|
3909
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3910
|
+
if (await utils.gitRemoteBranchExists(branch, cwd)) {
|
|
3911
|
+
require$$8.debugFn('notice', `skip: remote branch "${branch}" exists`);
|
|
3912
|
+
continue ghsaLoop;
|
|
3913
|
+
}
|
|
3914
|
+
require$$8.debugFn('notice', `pr: creating for ${id}`);
|
|
3915
|
+
const pushed =
|
|
3916
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3917
|
+
(await utils.gitCreateBranch(branch, cwd)) && (
|
|
3918
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3919
|
+
await utils.gitCheckoutBranch(branch, cwd)) && (
|
|
3920
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3921
|
+
await utils.gitCommit(`fix: Apply Coana security fix for ${id}`, modifiedFiles, {
|
|
3922
|
+
cwd,
|
|
3923
|
+
email: fixEnv.gitEmail,
|
|
3924
|
+
user: fixEnv.gitUser
|
|
3925
|
+
})) && (
|
|
3926
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3927
|
+
await utils.gitPushBranch(branch, cwd));
|
|
3928
|
+
if (!pushed) {
|
|
3929
|
+
logger.logger.warn(`Push failed for ${id}, skipping PR creation.`);
|
|
3930
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3931
|
+
await utils.gitResetAndClean(fixEnv.baseBranch, cwd);
|
|
3932
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3933
|
+
await utils.gitCheckoutBranch(fixEnv.baseBranch, cwd);
|
|
3934
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3935
|
+
await utils.gitDeleteBranch(branch, cwd);
|
|
3936
|
+
continue ghsaLoop;
|
|
3937
|
+
}
|
|
3938
|
+
|
|
3939
|
+
// Set up git remote.
|
|
3940
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3941
|
+
await setGitRemoteGithubRepoUrl(fixEnv.repoInfo.owner, fixEnv.repoInfo.repo, fixEnv.githubToken, cwd);
|
|
3942
|
+
|
|
3943
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3944
|
+
const prResponse = await openCoanaPr(fixEnv.repoInfo.owner, fixEnv.repoInfo.repo, branch,
|
|
3945
|
+
// Single GHSA ID.
|
|
3946
|
+
[id], {
|
|
3947
|
+
baseBranch: fixEnv.baseBranch,
|
|
3948
|
+
cwd
|
|
3949
|
+
});
|
|
3950
|
+
if (prResponse) {
|
|
3951
|
+
const {
|
|
3952
|
+
data
|
|
3953
|
+
} = prResponse;
|
|
3954
|
+
const prRef = `PR #${data.number}`;
|
|
3955
|
+
logger.logger.success(`Opened ${prRef} for ${id}.`);
|
|
3956
|
+
if (autoMerge) {
|
|
3957
|
+
logger.logger.indent();
|
|
3958
|
+
spinner?.indent();
|
|
3959
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3960
|
+
const {
|
|
3961
|
+
details,
|
|
3962
|
+
enabled
|
|
3963
|
+
} = await enablePrAutoMerge(data);
|
|
3964
|
+
if (enabled) {
|
|
3965
|
+
logger.logger.info(`Auto-merge enabled for ${prRef}.`);
|
|
3966
|
+
} else {
|
|
3967
|
+
const message = `Failed to enable auto-merge for ${prRef}${details ? `:\n${details.map(d => ` - ${d}`).join('\n')}` : '.'}`;
|
|
3968
|
+
logger.logger.error(message);
|
|
3969
|
+
}
|
|
3970
|
+
logger.logger.dedent();
|
|
3971
|
+
spinner?.dedent();
|
|
3972
|
+
}
|
|
3973
|
+
}
|
|
3974
|
+
|
|
3975
|
+
// Reset back to base branch for next iteration.
|
|
3976
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3977
|
+
await utils.gitResetAndClean(branch, cwd);
|
|
3978
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3979
|
+
await utils.gitCheckoutBranch(fixEnv.baseBranch, cwd);
|
|
3980
|
+
} catch (e) {
|
|
3981
|
+
logger.logger.warn(`Unexpected condition: Push failed for ${id}, skipping PR creation.`);
|
|
3982
|
+
require$$8.debugDir('inspect', {
|
|
3983
|
+
error: e
|
|
3984
|
+
});
|
|
3985
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3986
|
+
await utils.gitResetAndClean(fixEnv.baseBranch, cwd);
|
|
3987
|
+
// eslint-disable-next-line no-await-in-loop
|
|
3988
|
+
await utils.gitCheckoutBranch(fixEnv.baseBranch, cwd);
|
|
3989
|
+
}
|
|
3990
|
+
count += 1;
|
|
3991
|
+
require$$8.debugFn('notice', `Processed ${count}/${Math.min(limit, ids.length)} fixes`);
|
|
3992
|
+
if (count >= limit) {
|
|
3993
|
+
break ghsaLoop;
|
|
3994
|
+
}
|
|
3995
|
+
}
|
|
3996
|
+
spinner?.stop();
|
|
3997
|
+
return {
|
|
3998
|
+
ok: true,
|
|
3999
|
+
data: {
|
|
4000
|
+
fixed: overallFixed
|
|
4001
|
+
}
|
|
4002
|
+
};
|
|
4003
|
+
}
|
|
4004
|
+
|
|
4005
|
+
function getPrsForPurl(fixEnv, partialPurl) {
|
|
4006
|
+
if (!fixEnv) {
|
|
4007
|
+
return [];
|
|
4008
|
+
}
|
|
4009
|
+
const prs = [];
|
|
4010
|
+
const partialPurlObj = utils.getPurlObject(partialPurl);
|
|
4011
|
+
const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
|
|
4012
|
+
const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
|
|
4013
|
+
for (const pr of fixEnv.prs) {
|
|
4014
|
+
const parsedBranch = genericSocketBranchParser(pr.headRefName);
|
|
4015
|
+
if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
|
|
4016
|
+
prs.push(pr);
|
|
4017
|
+
}
|
|
4018
|
+
}
|
|
4019
|
+
if (require$$8.isDebug('notice,silly')) {
|
|
4020
|
+
const fullName = packages.resolvePackageName(partialPurlObj);
|
|
4021
|
+
if (prs.length) {
|
|
4022
|
+
require$$8.debugFn('notice', `found: ${prs.length} PRs for ${fullName}`);
|
|
4023
|
+
require$$8.debugDir('silly', {
|
|
4024
|
+
prs
|
|
4025
|
+
});
|
|
4026
|
+
} else if (fixEnv.prs.length) {
|
|
4027
|
+
require$$8.debugFn('notice', `miss: 0 PRs found for ${fullName}`);
|
|
4028
|
+
}
|
|
4029
|
+
}
|
|
4030
|
+
return prs;
|
|
4031
|
+
}
|
|
4032
|
+
|
|
3826
4033
|
async function getActualTree(cwd = process.cwd()) {
|
|
3827
4034
|
try {
|
|
3828
4035
|
// @npmcli/arborist DOES have partial support for pnpm structured node_modules
|
|
@@ -3936,7 +4143,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
3936
4143
|
pkgPath: rootPath
|
|
3937
4144
|
} = pkgEnvDetails;
|
|
3938
4145
|
const fixEnv = await getFixEnv();
|
|
3939
|
-
require$$
|
|
4146
|
+
require$$8.debugDir('inspect', {
|
|
3940
4147
|
fixEnv
|
|
3941
4148
|
});
|
|
3942
4149
|
const {
|
|
@@ -3952,19 +4159,19 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
3952
4159
|
} = fixConfig;
|
|
3953
4160
|
let count = 0;
|
|
3954
4161
|
const infoByPartialPurl = utils.getCveInfoFromAlertsMap(alertsMap, {
|
|
3955
|
-
|
|
3956
|
-
upgradable:
|
|
4162
|
+
filter: {
|
|
4163
|
+
upgradable: false
|
|
3957
4164
|
}
|
|
3958
4165
|
});
|
|
3959
4166
|
if (!infoByPartialPurl) {
|
|
3960
4167
|
spinner?.stop();
|
|
3961
4168
|
logger.logger.info('No fixable vulns found.');
|
|
3962
4169
|
if (alertsMap.size) {
|
|
3963
|
-
require$$
|
|
4170
|
+
require$$8.debugDir('inspect', {
|
|
3964
4171
|
alertsMap
|
|
3965
4172
|
});
|
|
3966
4173
|
} else {
|
|
3967
|
-
require$$
|
|
4174
|
+
require$$8.debugFn('inspect', '{ alertsMap: Map(0) {} }');
|
|
3968
4175
|
}
|
|
3969
4176
|
return {
|
|
3970
4177
|
ok: true,
|
|
@@ -3973,14 +4180,14 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
3973
4180
|
}
|
|
3974
4181
|
};
|
|
3975
4182
|
}
|
|
3976
|
-
if (require$$
|
|
4183
|
+
if (require$$8.isDebug('notice,inspect')) {
|
|
3977
4184
|
spinner?.stop();
|
|
3978
4185
|
const partialPurls = Array.from(infoByPartialPurl.keys());
|
|
3979
4186
|
const {
|
|
3980
4187
|
length: purlsCount
|
|
3981
4188
|
} = partialPurls;
|
|
3982
|
-
require$$
|
|
3983
|
-
require$$
|
|
4189
|
+
require$$8.debugFn('notice', `found: ${purlsCount} ${words.pluralize('PURL', purlsCount)} with CVEs`);
|
|
4190
|
+
require$$8.debugDir('inspect', {
|
|
3984
4191
|
partialPurls
|
|
3985
4192
|
});
|
|
3986
4193
|
spinner?.start();
|
|
@@ -4029,14 +4236,14 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4029
4236
|
const name = packages.resolvePackageName(partialPurlObj);
|
|
4030
4237
|
const infos = Array.from(infoEntry[1].values());
|
|
4031
4238
|
if (!infos.length) {
|
|
4032
|
-
require$$
|
|
4239
|
+
require$$8.debugFn('notice', `miss: CVEs expected, but not found, for ${name}`);
|
|
4033
4240
|
continue infoEntriesLoop;
|
|
4034
4241
|
}
|
|
4035
4242
|
logger.logger.log(`Processing '${name}'`);
|
|
4036
4243
|
logger.logger.indent();
|
|
4037
4244
|
spinner?.indent();
|
|
4038
4245
|
if (registry.getManifestData(partialPurlObj.type, name)) {
|
|
4039
|
-
require$$
|
|
4246
|
+
require$$8.debugFn('notice', `found: Socket Optimize variant for ${name}`);
|
|
4040
4247
|
}
|
|
4041
4248
|
// eslint-disable-next-line no-await-in-loop
|
|
4042
4249
|
const packument = await packages.fetchPackagePackument(name);
|
|
@@ -4046,7 +4253,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4046
4253
|
// Skip to next package.
|
|
4047
4254
|
continue infoEntriesLoop;
|
|
4048
4255
|
}
|
|
4049
|
-
require$$
|
|
4256
|
+
require$$8.debugDir('inspect', {
|
|
4050
4257
|
infos
|
|
4051
4258
|
});
|
|
4052
4259
|
const availableVersions = Object.keys(packument.versions);
|
|
@@ -4097,7 +4304,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4097
4304
|
}
|
|
4098
4305
|
const oldVersions = arrays.arrayUnique(shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.version).filter(Boolean));
|
|
4099
4306
|
if (!oldVersions.length) {
|
|
4100
|
-
require$$
|
|
4307
|
+
require$$8.debugFn('notice', `skip: ${name} not found`);
|
|
4101
4308
|
cleanupInfoEntriesLoop();
|
|
4102
4309
|
// Skip to next package.
|
|
4103
4310
|
continue infoEntriesLoop;
|
|
@@ -4113,8 +4320,8 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4113
4320
|
const seenVersions = new Set();
|
|
4114
4321
|
let hasAnnouncedWorkspace = false;
|
|
4115
4322
|
let workspaceLogCallCount = logger.logger.logCallCount;
|
|
4116
|
-
if (require$$
|
|
4117
|
-
require$$
|
|
4323
|
+
if (require$$8.isDebug('notice')) {
|
|
4324
|
+
require$$8.debugFn('notice', `check: workspace ${workspace}`);
|
|
4118
4325
|
hasAnnouncedWorkspace = true;
|
|
4119
4326
|
workspaceLogCallCount = logger.logger.logCallCount;
|
|
4120
4327
|
}
|
|
@@ -4123,7 +4330,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4123
4330
|
const oldPurl = utils.idToPurl(oldId, partialPurlObj.type);
|
|
4124
4331
|
const node = shadowNpmInject.findPackageNode(actualTree, name, oldVersion);
|
|
4125
4332
|
if (!node) {
|
|
4126
|
-
require$$
|
|
4333
|
+
require$$8.debugFn('notice', `skip: ${oldId} not found`);
|
|
4127
4334
|
continue oldVersionsLoop;
|
|
4128
4335
|
}
|
|
4129
4336
|
infosLoop: for (const {
|
|
@@ -4143,7 +4350,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4143
4350
|
continue infosLoop;
|
|
4144
4351
|
}
|
|
4145
4352
|
if (vendor.semverExports.gte(oldVersion, newVersion)) {
|
|
4146
|
-
require$$
|
|
4353
|
+
require$$8.debugFn('silly', `skip: ${oldId} is >= ${newVersion}`);
|
|
4147
4354
|
continue infosLoop;
|
|
4148
4355
|
}
|
|
4149
4356
|
const branch = getSocketBranchName(oldPurl, newVersion, workspace);
|
|
@@ -4152,14 +4359,14 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4152
4359
|
}
|
|
4153
4360
|
const pr = prCheck ? prs.find(p => p.headRefName === branch) : undefined;
|
|
4154
4361
|
if (pr) {
|
|
4155
|
-
require$$
|
|
4362
|
+
require$$8.debugFn('notice', `skip: PR #${pr.number} for ${name}@${newVersion} exists`);
|
|
4156
4363
|
seenBranches.add(branch);
|
|
4157
4364
|
continue infosLoop;
|
|
4158
4365
|
}
|
|
4159
4366
|
if (fixEnv.isCi && (
|
|
4160
4367
|
// eslint-disable-next-line no-await-in-loop
|
|
4161
4368
|
await utils.gitRemoteBranchExists(branch, cwd))) {
|
|
4162
|
-
require$$
|
|
4369
|
+
require$$8.debugFn('notice', `skip: remote branch "${branch}" for ${name}@${newVersion} exists`);
|
|
4163
4370
|
seenBranches.add(branch);
|
|
4164
4371
|
continue infosLoop;
|
|
4165
4372
|
}
|
|
@@ -4188,7 +4395,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4188
4395
|
|
|
4189
4396
|
// eslint-disable-next-line no-await-in-loop
|
|
4190
4397
|
if (!(await hasModifiedFiles(cwd))) {
|
|
4191
|
-
require$$
|
|
4398
|
+
require$$8.debugFn('notice', `skip: no changes for ${name}@${newVersion}`);
|
|
4192
4399
|
seenVersions.add(newVersion);
|
|
4193
4400
|
// Reset things just in case.
|
|
4194
4401
|
if (fixEnv.isCi) {
|
|
@@ -4244,7 +4451,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4244
4451
|
|
|
4245
4452
|
// Check repoInfo to make TypeScript happy.
|
|
4246
4453
|
if (!errored && fixEnv.isCi && fixEnv.repoInfo) {
|
|
4247
|
-
require$$
|
|
4454
|
+
require$$8.debugFn('notice', 'pr: creating');
|
|
4248
4455
|
try {
|
|
4249
4456
|
const pushed =
|
|
4250
4457
|
// eslint-disable-next-line no-await-in-loop
|
|
@@ -4329,7 +4536,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4329
4536
|
errored = true;
|
|
4330
4537
|
}
|
|
4331
4538
|
} else if (fixEnv.isCi) {
|
|
4332
|
-
require$$
|
|
4539
|
+
require$$8.debugFn('notice', 'skip: PR creation');
|
|
4333
4540
|
}
|
|
4334
4541
|
if (fixEnv.isCi) {
|
|
4335
4542
|
spinner?.start();
|
|
@@ -4381,7 +4588,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4381
4588
|
} else {
|
|
4382
4589
|
changed = true;
|
|
4383
4590
|
}
|
|
4384
|
-
require$$
|
|
4591
|
+
require$$8.debugFn('notice', 'increment: count', count + 1);
|
|
4385
4592
|
if (++count >= limit) {
|
|
4386
4593
|
cleanupInfoEntriesLoop();
|
|
4387
4594
|
// Exit main loop.
|
|
@@ -4415,20 +4622,18 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4415
4622
|
};
|
|
4416
4623
|
}
|
|
4417
4624
|
|
|
4418
|
-
const CMD_NAME$
|
|
4625
|
+
const CMD_NAME$s = 'socket fix';
|
|
4419
4626
|
function getFixAlertsMapOptions(options = {}) {
|
|
4420
4627
|
return {
|
|
4421
4628
|
__proto__: null,
|
|
4422
4629
|
consolidate: true,
|
|
4423
4630
|
nothrow: true,
|
|
4631
|
+
onlyFixable: true,
|
|
4424
4632
|
...options,
|
|
4425
|
-
|
|
4426
|
-
__proto__: null,
|
|
4633
|
+
filter: utils.toFilterConfig({
|
|
4427
4634
|
existing: true,
|
|
4428
|
-
|
|
4429
|
-
|
|
4430
|
-
...options?.include
|
|
4431
|
-
}
|
|
4635
|
+
...require$$9.getOwn(options, 'filter')
|
|
4636
|
+
})
|
|
4432
4637
|
};
|
|
4433
4638
|
}
|
|
4434
4639
|
|
|
@@ -4441,7 +4646,7 @@ async function install$1(pkgEnvDetails, options) {
|
|
|
4441
4646
|
__proto__: null,
|
|
4442
4647
|
...options
|
|
4443
4648
|
};
|
|
4444
|
-
const useDebug = require$$
|
|
4649
|
+
const useDebug = require$$8.isDebug('stdio');
|
|
4445
4650
|
const args = [
|
|
4446
4651
|
// If "true", npm does not run scripts specified in package.json files.
|
|
4447
4652
|
// Note that commands explicitly intended to run a particular script, such
|
|
@@ -4472,7 +4677,7 @@ async function install$1(pkgEnvDetails, options) {
|
|
|
4472
4677
|
const wasSpinning = !!spinner?.isSpinning;
|
|
4473
4678
|
spinner?.stop();
|
|
4474
4679
|
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4475
|
-
require$$
|
|
4680
|
+
require$$8.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4476
4681
|
try {
|
|
4477
4682
|
await utils.runAgentInstall(pkgEnvDetails, {
|
|
4478
4683
|
args,
|
|
@@ -4483,8 +4688,8 @@ async function install$1(pkgEnvDetails, options) {
|
|
|
4483
4688
|
const result = {
|
|
4484
4689
|
error
|
|
4485
4690
|
};
|
|
4486
|
-
require$$
|
|
4487
|
-
require$$
|
|
4691
|
+
require$$8.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4692
|
+
require$$8.debugDir('inspect', result);
|
|
4488
4693
|
return result;
|
|
4489
4694
|
}
|
|
4490
4695
|
const treeResult = await getActualTree(cwd);
|
|
@@ -4494,8 +4699,8 @@ async function install$1(pkgEnvDetails, options) {
|
|
|
4494
4699
|
}
|
|
4495
4700
|
return treeResult;
|
|
4496
4701
|
}
|
|
4497
|
-
require$$
|
|
4498
|
-
require$$
|
|
4702
|
+
require$$8.debugFn('error', 'caught: await arb.loadActual() error');
|
|
4703
|
+
require$$8.debugDir('inspect', treeResult);
|
|
4499
4704
|
if (wasSpinning) {
|
|
4500
4705
|
spinner.start();
|
|
4501
4706
|
}
|
|
@@ -4528,8 +4733,8 @@ async function npmFix(pkgEnvDetails, fixConfig) {
|
|
|
4528
4733
|
actualTree = await arb.reify();
|
|
4529
4734
|
} catch (e) {
|
|
4530
4735
|
spinner?.stop();
|
|
4531
|
-
require$$
|
|
4532
|
-
require$$
|
|
4736
|
+
require$$8.debugFn('error', 'caught: await arb.reify() error');
|
|
4737
|
+
require$$8.debugDir('inspect', {
|
|
4533
4738
|
error: e
|
|
4534
4739
|
});
|
|
4535
4740
|
return {
|
|
@@ -4542,8 +4747,8 @@ async function npmFix(pkgEnvDetails, fixConfig) {
|
|
|
4542
4747
|
}
|
|
4543
4748
|
} catch (e) {
|
|
4544
4749
|
spinner?.stop();
|
|
4545
|
-
require$$
|
|
4546
|
-
require$$
|
|
4750
|
+
require$$8.debugFn('error', 'caught: Socket batch PURL API error');
|
|
4751
|
+
require$$8.debugDir('inspect', {
|
|
4547
4752
|
error: e
|
|
4548
4753
|
});
|
|
4549
4754
|
return {
|
|
@@ -4650,19 +4855,19 @@ async function install(pkgEnvDetails, options) {
|
|
|
4650
4855
|
const wasSpinning = !!spinner?.isSpinning;
|
|
4651
4856
|
spinner?.stop();
|
|
4652
4857
|
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4653
|
-
require$$
|
|
4858
|
+
require$$8.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4654
4859
|
try {
|
|
4655
4860
|
await utils.runAgentInstall(pkgEnvDetails, {
|
|
4656
4861
|
args,
|
|
4657
4862
|
spinner,
|
|
4658
|
-
stdio: require$$
|
|
4863
|
+
stdio: require$$8.isDebug('stdio') ? 'inherit' : 'ignore'
|
|
4659
4864
|
});
|
|
4660
4865
|
} catch (error) {
|
|
4661
4866
|
const result = {
|
|
4662
4867
|
error
|
|
4663
4868
|
};
|
|
4664
|
-
require$$
|
|
4665
|
-
require$$
|
|
4869
|
+
require$$8.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4870
|
+
require$$8.debugDir('inspect', result);
|
|
4666
4871
|
return result;
|
|
4667
4872
|
}
|
|
4668
4873
|
const treeResult = await getActualTree(cwd);
|
|
@@ -4672,8 +4877,8 @@ async function install(pkgEnvDetails, options) {
|
|
|
4672
4877
|
}
|
|
4673
4878
|
return treeResult;
|
|
4674
4879
|
}
|
|
4675
|
-
require$$
|
|
4676
|
-
require$$
|
|
4880
|
+
require$$8.debugFn('error', 'caught: await arb.loadActual() error');
|
|
4881
|
+
require$$8.debugDir('inspect', treeResult);
|
|
4677
4882
|
if (wasSpinning) {
|
|
4678
4883
|
spinner.start();
|
|
4679
4884
|
}
|
|
@@ -4726,8 +4931,8 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
|
4726
4931
|
alertsMap = purls.length ? await utils.getAlertsMapFromPurls(purls, getFixAlertsMapOptions()) : await utils.getAlertsMapFromPnpmLockfile(lockfile, getFixAlertsMapOptions());
|
|
4727
4932
|
} catch (e) {
|
|
4728
4933
|
spinner?.stop();
|
|
4729
|
-
require$$
|
|
4730
|
-
require$$
|
|
4934
|
+
require$$8.debugFn('error', 'caught: Socket batch PURL API error');
|
|
4935
|
+
require$$8.debugDir('inspect', {
|
|
4731
4936
|
error: e
|
|
4732
4937
|
});
|
|
4733
4938
|
return {
|
|
@@ -4755,7 +4960,7 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
|
4755
4960
|
revertOverrides = {
|
|
4756
4961
|
[PNPM$6]: oldPnpmSection ? {
|
|
4757
4962
|
...oldPnpmSection,
|
|
4758
|
-
[OVERRIDES$1]: require$$
|
|
4963
|
+
[OVERRIDES$1]: require$$9.hasKeys(oldOverrides) ? {
|
|
4759
4964
|
...oldOverrides,
|
|
4760
4965
|
[overrideKey]: undefined
|
|
4761
4966
|
} :
|
|
@@ -4856,8 +5061,10 @@ async function handleFix({
|
|
|
4856
5061
|
}) {
|
|
4857
5062
|
if (ghsas.length) {
|
|
4858
5063
|
await outputFixResult(await coanaFix({
|
|
5064
|
+
autoMerge,
|
|
4859
5065
|
cwd,
|
|
4860
5066
|
ghsas,
|
|
5067
|
+
limit,
|
|
4861
5068
|
orgSlug,
|
|
4862
5069
|
spinner,
|
|
4863
5070
|
unknownFlags
|
|
@@ -4865,7 +5072,7 @@ async function handleFix({
|
|
|
4865
5072
|
return;
|
|
4866
5073
|
}
|
|
4867
5074
|
const pkgEnvCResult = await utils.detectAndValidatePackageEnvironment(cwd, {
|
|
4868
|
-
cmdName: CMD_NAME$
|
|
5075
|
+
cmdName: CMD_NAME$s,
|
|
4869
5076
|
logger: logger.logger
|
|
4870
5077
|
});
|
|
4871
5078
|
if (!pkgEnvCResult.ok) {
|
|
@@ -4883,7 +5090,7 @@ async function handleFix({
|
|
|
4883
5090
|
}, outputKind);
|
|
4884
5091
|
return;
|
|
4885
5092
|
}
|
|
4886
|
-
require$$
|
|
5093
|
+
require$$8.debugDir('inspect', {
|
|
4887
5094
|
pkgEnvDetails
|
|
4888
5095
|
});
|
|
4889
5096
|
|
|
@@ -4924,24 +5131,24 @@ async function handleFix({
|
|
|
4924
5131
|
}
|
|
4925
5132
|
|
|
4926
5133
|
const {
|
|
4927
|
-
DRY_RUN_NOT_SAVING
|
|
5134
|
+
DRY_RUN_NOT_SAVING: DRY_RUN_NOT_SAVING$1
|
|
4928
5135
|
} = constants;
|
|
4929
|
-
const CMD_NAME$
|
|
5136
|
+
const CMD_NAME$r = 'fix';
|
|
4930
5137
|
const DEFAULT_LIMIT = 10;
|
|
4931
|
-
const description$
|
|
4932
|
-
const hidden$
|
|
5138
|
+
const description$x = 'Update dependencies with "fixable" Socket alerts';
|
|
5139
|
+
const hidden$q = false;
|
|
4933
5140
|
const cmdFix = {
|
|
4934
|
-
description: description$
|
|
4935
|
-
hidden: hidden$
|
|
4936
|
-
run: run$
|
|
5141
|
+
description: description$x,
|
|
5142
|
+
hidden: hidden$q,
|
|
5143
|
+
run: run$I
|
|
4937
5144
|
};
|
|
4938
|
-
async function run$
|
|
5145
|
+
async function run$I(argv, importMeta, {
|
|
4939
5146
|
parentName
|
|
4940
5147
|
}) {
|
|
4941
5148
|
const config = {
|
|
4942
|
-
commandName: CMD_NAME$
|
|
4943
|
-
description: description$
|
|
4944
|
-
hidden: hidden$
|
|
5149
|
+
commandName: CMD_NAME$r,
|
|
5150
|
+
description: description$x,
|
|
5151
|
+
hidden: hidden$q,
|
|
4945
5152
|
flags: {
|
|
4946
5153
|
...flags.commonFlags,
|
|
4947
5154
|
...flags.outputFlags,
|
|
@@ -5023,7 +5230,7 @@ Available styles:
|
|
|
5023
5230
|
$ ${command} [options] [CWD=.]
|
|
5024
5231
|
|
|
5025
5232
|
API Token Requirements
|
|
5026
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
5233
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$r}`)}
|
|
5027
5234
|
|
|
5028
5235
|
Options
|
|
5029
5236
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -5078,7 +5285,7 @@ Available styles:
|
|
|
5078
5285
|
return;
|
|
5079
5286
|
}
|
|
5080
5287
|
if (dryRun) {
|
|
5081
|
-
logger.logger.log(DRY_RUN_NOT_SAVING);
|
|
5288
|
+
logger.logger.log(DRY_RUN_NOT_SAVING$1);
|
|
5082
5289
|
return;
|
|
5083
5290
|
}
|
|
5084
5291
|
const orgSlugCResult = await utils.getDefaultOrgSlug();
|
|
@@ -5175,9 +5382,9 @@ async function setupTabCompletion(targetName) {
|
|
|
5175
5382
|
|
|
5176
5383
|
// Target dir is something like ~/.local/share/socket/settings/completion (linux)
|
|
5177
5384
|
const targetDir = path.dirname(targetPath);
|
|
5178
|
-
require$$
|
|
5385
|
+
require$$8.debugFn('notice', 'target: path + dir', targetPath, targetDir);
|
|
5179
5386
|
if (!fs$1.existsSync(targetDir)) {
|
|
5180
|
-
require$$
|
|
5387
|
+
require$$8.debugFn('notice', 'create: target dir');
|
|
5181
5388
|
fs$1.mkdirSync(targetDir, {
|
|
5182
5389
|
recursive: true
|
|
5183
5390
|
});
|
|
@@ -5289,9 +5496,9 @@ const config$h = {
|
|
|
5289
5496
|
const cmdInstallCompletion = {
|
|
5290
5497
|
description: config$h.description,
|
|
5291
5498
|
hidden: config$h.hidden,
|
|
5292
|
-
run: run$
|
|
5499
|
+
run: run$H
|
|
5293
5500
|
};
|
|
5294
|
-
async function run$
|
|
5501
|
+
async function run$H(argv, importMeta, {
|
|
5295
5502
|
parentName
|
|
5296
5503
|
}) {
|
|
5297
5504
|
const cli = utils.meowOrExit({
|
|
@@ -5309,9 +5516,9 @@ async function run$G(argv, importMeta, {
|
|
|
5309
5516
|
await handleInstallCompletion(String(targetName));
|
|
5310
5517
|
}
|
|
5311
5518
|
|
|
5312
|
-
const description$
|
|
5519
|
+
const description$w = 'Install Socket CLI tab completion';
|
|
5313
5520
|
const cmdInstall = {
|
|
5314
|
-
description: description$
|
|
5521
|
+
description: description$w,
|
|
5315
5522
|
hidden: false,
|
|
5316
5523
|
async run(argv, importMeta, {
|
|
5317
5524
|
parentName
|
|
@@ -5320,7 +5527,7 @@ const cmdInstall = {
|
|
|
5320
5527
|
completion: cmdInstallCompletion
|
|
5321
5528
|
}, {
|
|
5322
5529
|
argv,
|
|
5323
|
-
description: description$
|
|
5530
|
+
description: description$w,
|
|
5324
5531
|
importMeta,
|
|
5325
5532
|
name: `${parentName} install`
|
|
5326
5533
|
});
|
|
@@ -5372,9 +5579,9 @@ const config$g = {
|
|
|
5372
5579
|
const cmdJson = {
|
|
5373
5580
|
description: config$g.description,
|
|
5374
5581
|
hidden: config$g.hidden,
|
|
5375
|
-
run: run$
|
|
5582
|
+
run: run$G
|
|
5376
5583
|
};
|
|
5377
|
-
async function run$
|
|
5584
|
+
async function run$G(argv, importMeta, {
|
|
5378
5585
|
parentName
|
|
5379
5586
|
}) {
|
|
5380
5587
|
const cli = utils.meowOrExit({
|
|
@@ -5534,21 +5741,21 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
5534
5741
|
const {
|
|
5535
5742
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$D
|
|
5536
5743
|
} = constants;
|
|
5537
|
-
const CMD_NAME$
|
|
5538
|
-
const description$
|
|
5539
|
-
const hidden$
|
|
5744
|
+
const CMD_NAME$q = 'login';
|
|
5745
|
+
const description$v = 'Setup Socket CLI with an API token and defaults';
|
|
5746
|
+
const hidden$p = false;
|
|
5540
5747
|
const cmdLogin = {
|
|
5541
|
-
description: description$
|
|
5542
|
-
hidden: hidden$
|
|
5543
|
-
run: run$
|
|
5748
|
+
description: description$v,
|
|
5749
|
+
hidden: hidden$p,
|
|
5750
|
+
run: run$F
|
|
5544
5751
|
};
|
|
5545
|
-
async function run$
|
|
5752
|
+
async function run$F(argv, importMeta, {
|
|
5546
5753
|
parentName
|
|
5547
5754
|
}) {
|
|
5548
5755
|
const config = {
|
|
5549
|
-
commandName: CMD_NAME$
|
|
5550
|
-
description: description$
|
|
5551
|
-
hidden: hidden$
|
|
5756
|
+
commandName: CMD_NAME$q,
|
|
5757
|
+
description: description$v,
|
|
5758
|
+
hidden: hidden$p,
|
|
5552
5759
|
flags: {
|
|
5553
5760
|
...flags.commonFlags,
|
|
5554
5761
|
apiBaseUrl: {
|
|
@@ -5565,7 +5772,7 @@ async function run$E(argv, importMeta, {
|
|
|
5565
5772
|
$ ${command} [options]
|
|
5566
5773
|
|
|
5567
5774
|
API Token Requirements
|
|
5568
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
5775
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$q}`)}
|
|
5569
5776
|
|
|
5570
5777
|
Logs into the Socket API by prompting for an API token
|
|
5571
5778
|
|
|
@@ -5639,9 +5846,9 @@ const config$f = {
|
|
|
5639
5846
|
const cmdLogout = {
|
|
5640
5847
|
description: config$f.description,
|
|
5641
5848
|
hidden: config$f.hidden,
|
|
5642
|
-
run: run$
|
|
5849
|
+
run: run$E
|
|
5643
5850
|
};
|
|
5644
|
-
async function run$
|
|
5851
|
+
async function run$E(argv, importMeta, {
|
|
5645
5852
|
parentName
|
|
5646
5853
|
}) {
|
|
5647
5854
|
const cli = utils.meowOrExit({
|
|
@@ -5953,9 +6160,9 @@ const config$e = {
|
|
|
5953
6160
|
const cmdManifestCdxgen = {
|
|
5954
6161
|
description: config$e.description,
|
|
5955
6162
|
hidden: config$e.hidden,
|
|
5956
|
-
run: run$
|
|
6163
|
+
run: run$D
|
|
5957
6164
|
};
|
|
5958
|
-
async function run$
|
|
6165
|
+
async function run$D(argv, importMeta, {
|
|
5959
6166
|
parentName
|
|
5960
6167
|
}) {
|
|
5961
6168
|
const cli = utils.meowOrExit({
|
|
@@ -6052,9 +6259,9 @@ const config$d = {
|
|
|
6052
6259
|
const cmdManifestAuto = {
|
|
6053
6260
|
description: config$d.description,
|
|
6054
6261
|
hidden: config$d.hidden,
|
|
6055
|
-
run: run$
|
|
6262
|
+
run: run$C
|
|
6056
6263
|
};
|
|
6057
|
-
async function run$
|
|
6264
|
+
async function run$C(argv, importMeta, {
|
|
6058
6265
|
parentName
|
|
6059
6266
|
}) {
|
|
6060
6267
|
const cli = utils.meowOrExit({
|
|
@@ -6086,7 +6293,7 @@ async function run$B(argv, importMeta, {
|
|
|
6086
6293
|
}
|
|
6087
6294
|
const sockJson = utils.readOrDefaultSocketJson(cwd);
|
|
6088
6295
|
const detected = await detectManifestActions(sockJson, cwd);
|
|
6089
|
-
require$$
|
|
6296
|
+
require$$8.debugDir('inspect', {
|
|
6090
6297
|
detected
|
|
6091
6298
|
});
|
|
6092
6299
|
if (dryRun) {
|
|
@@ -6167,9 +6374,9 @@ const config$c = {
|
|
|
6167
6374
|
const cmdManifestConda = {
|
|
6168
6375
|
description: config$c.description,
|
|
6169
6376
|
hidden: config$c.hidden,
|
|
6170
|
-
run: run$
|
|
6377
|
+
run: run$B
|
|
6171
6378
|
};
|
|
6172
|
-
async function run$
|
|
6379
|
+
async function run$B(argv, importMeta, {
|
|
6173
6380
|
parentName
|
|
6174
6381
|
}) {
|
|
6175
6382
|
const cli = utils.meowOrExit({
|
|
@@ -6326,9 +6533,9 @@ const config$b = {
|
|
|
6326
6533
|
const cmdManifestGradle = {
|
|
6327
6534
|
description: config$b.description,
|
|
6328
6535
|
hidden: config$b.hidden,
|
|
6329
|
-
run: run$
|
|
6536
|
+
run: run$A
|
|
6330
6537
|
};
|
|
6331
|
-
async function run$
|
|
6538
|
+
async function run$A(argv, importMeta, {
|
|
6332
6539
|
parentName
|
|
6333
6540
|
}) {
|
|
6334
6541
|
const cli = utils.meowOrExit({
|
|
@@ -6350,7 +6557,7 @@ async function run$z(argv, importMeta, {
|
|
|
6350
6557
|
// If given path is absolute then cwd should not affect it.
|
|
6351
6558
|
cwd = path.resolve(process.cwd(), cwd);
|
|
6352
6559
|
const sockJson = utils.readOrDefaultSocketJson(cwd);
|
|
6353
|
-
require$$
|
|
6560
|
+
require$$8.debugFn('inspect', 'override: socket.json gradle', sockJson?.defaults?.manifest?.gradle);
|
|
6354
6561
|
let {
|
|
6355
6562
|
bin,
|
|
6356
6563
|
gradleOpts,
|
|
@@ -6485,9 +6692,9 @@ const config$a = {
|
|
|
6485
6692
|
const cmdManifestKotlin = {
|
|
6486
6693
|
description: config$a.description,
|
|
6487
6694
|
hidden: config$a.hidden,
|
|
6488
|
-
run: run$
|
|
6695
|
+
run: run$z
|
|
6489
6696
|
};
|
|
6490
|
-
async function run$
|
|
6697
|
+
async function run$z(argv, importMeta, {
|
|
6491
6698
|
parentName
|
|
6492
6699
|
}) {
|
|
6493
6700
|
const cli = utils.meowOrExit({
|
|
@@ -6509,7 +6716,7 @@ async function run$y(argv, importMeta, {
|
|
|
6509
6716
|
// If given path is absolute then cwd should not affect it.
|
|
6510
6717
|
cwd = path.resolve(process.cwd(), cwd);
|
|
6511
6718
|
const sockJson = utils.readOrDefaultSocketJson(cwd);
|
|
6512
|
-
require$$
|
|
6719
|
+
require$$8.debugFn('inspect', 'override: socket.json gradle', sockJson?.defaults?.manifest?.gradle);
|
|
6513
6720
|
let {
|
|
6514
6721
|
bin,
|
|
6515
6722
|
gradleOpts,
|
|
@@ -6651,9 +6858,9 @@ const config$9 = {
|
|
|
6651
6858
|
const cmdManifestScala = {
|
|
6652
6859
|
description: config$9.description,
|
|
6653
6860
|
hidden: config$9.hidden,
|
|
6654
|
-
run: run$
|
|
6861
|
+
run: run$y
|
|
6655
6862
|
};
|
|
6656
|
-
async function run$
|
|
6863
|
+
async function run$y(argv, importMeta, {
|
|
6657
6864
|
parentName
|
|
6658
6865
|
}) {
|
|
6659
6866
|
const cli = utils.meowOrExit({
|
|
@@ -6675,7 +6882,7 @@ async function run$x(argv, importMeta, {
|
|
|
6675
6882
|
// TODO: Implement json/md further.
|
|
6676
6883
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
6677
6884
|
const sockJson = utils.readOrDefaultSocketJson(cwd);
|
|
6678
|
-
require$$
|
|
6885
|
+
require$$8.debugFn('inspect', 'override: socket.json sbt', sockJson?.defaults?.manifest?.sbt);
|
|
6679
6886
|
let {
|
|
6680
6887
|
bin,
|
|
6681
6888
|
out,
|
|
@@ -6775,7 +6982,7 @@ async function outputManifestSetup(result) {
|
|
|
6775
6982
|
|
|
6776
6983
|
async function setupManifestConfig(cwd, defaultOnReadError = false) {
|
|
6777
6984
|
const detected = await detectManifestActions(null, cwd);
|
|
6778
|
-
require$$
|
|
6985
|
+
require$$8.debugDir('inspect', {
|
|
6779
6986
|
detected
|
|
6780
6987
|
});
|
|
6781
6988
|
|
|
@@ -7215,9 +7422,9 @@ const config$8 = {
|
|
|
7215
7422
|
const cmdManifestSetup = {
|
|
7216
7423
|
description: config$8.description,
|
|
7217
7424
|
hidden: config$8.hidden,
|
|
7218
|
-
run: run$
|
|
7425
|
+
run: run$x
|
|
7219
7426
|
};
|
|
7220
|
-
async function run$
|
|
7427
|
+
async function run$x(argv, importMeta, {
|
|
7221
7428
|
parentName
|
|
7222
7429
|
}) {
|
|
7223
7430
|
const cli = utils.meowOrExit({
|
|
@@ -7251,9 +7458,9 @@ const config$7 = {
|
|
|
7251
7458
|
const cmdManifest = {
|
|
7252
7459
|
description: config$7.description,
|
|
7253
7460
|
hidden: config$7.hidden,
|
|
7254
|
-
run: run$
|
|
7461
|
+
run: run$w
|
|
7255
7462
|
};
|
|
7256
|
-
async function run$
|
|
7463
|
+
async function run$w(argv, importMeta, {
|
|
7257
7464
|
parentName
|
|
7258
7465
|
}) {
|
|
7259
7466
|
await utils.meowWithSubcommands({
|
|
@@ -7284,21 +7491,21 @@ const require$3 = require$$5.createRequire(require('node:url').pathToFileURL(__f
|
|
|
7284
7491
|
const {
|
|
7285
7492
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$u
|
|
7286
7493
|
} = constants;
|
|
7287
|
-
const CMD_NAME$
|
|
7288
|
-
const description$
|
|
7289
|
-
const hidden$
|
|
7494
|
+
const CMD_NAME$p = 'npm';
|
|
7495
|
+
const description$u = 'Run npm with the Socket wrapper';
|
|
7496
|
+
const hidden$o = false;
|
|
7290
7497
|
const cmdNpm = {
|
|
7291
|
-
description: description$
|
|
7292
|
-
hidden: hidden$
|
|
7293
|
-
run: run$
|
|
7498
|
+
description: description$u,
|
|
7499
|
+
hidden: hidden$o,
|
|
7500
|
+
run: run$v
|
|
7294
7501
|
};
|
|
7295
|
-
async function run$
|
|
7502
|
+
async function run$v(argv, importMeta, {
|
|
7296
7503
|
parentName
|
|
7297
7504
|
}) {
|
|
7298
7505
|
const config = {
|
|
7299
|
-
commandName: CMD_NAME$
|
|
7300
|
-
description: description$
|
|
7301
|
-
hidden: hidden$
|
|
7506
|
+
commandName: CMD_NAME$p,
|
|
7507
|
+
description: description$u,
|
|
7508
|
+
hidden: hidden$o,
|
|
7302
7509
|
flags: {
|
|
7303
7510
|
...flags.commonFlags
|
|
7304
7511
|
},
|
|
@@ -7307,7 +7514,7 @@ async function run$u(argv, importMeta, {
|
|
|
7307
7514
|
$ ${command} ...
|
|
7308
7515
|
|
|
7309
7516
|
API Token Requirements
|
|
7310
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
7517
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$p}`)}
|
|
7311
7518
|
|
|
7312
7519
|
Note: Everything after "npm" is passed to the npm command.
|
|
7313
7520
|
Only the \`--dry-run\` and \`--help\` flags are caught here.
|
|
@@ -7340,21 +7547,21 @@ const require$2 = require$$5.createRequire(require('node:url').pathToFileURL(__f
|
|
|
7340
7547
|
const {
|
|
7341
7548
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$t
|
|
7342
7549
|
} = constants;
|
|
7343
|
-
const CMD_NAME$
|
|
7344
|
-
const description$
|
|
7345
|
-
const hidden$
|
|
7550
|
+
const CMD_NAME$o = 'npx';
|
|
7551
|
+
const description$t = 'Run npx with the Socket wrapper';
|
|
7552
|
+
const hidden$n = false;
|
|
7346
7553
|
const cmdNpx = {
|
|
7347
|
-
description: description$
|
|
7348
|
-
hidden: hidden$
|
|
7349
|
-
run: run$
|
|
7554
|
+
description: description$t,
|
|
7555
|
+
hidden: hidden$n,
|
|
7556
|
+
run: run$u
|
|
7350
7557
|
};
|
|
7351
|
-
async function run$
|
|
7558
|
+
async function run$u(argv, importMeta, {
|
|
7352
7559
|
parentName
|
|
7353
7560
|
}) {
|
|
7354
7561
|
const config = {
|
|
7355
|
-
commandName: CMD_NAME$
|
|
7356
|
-
description: description$
|
|
7357
|
-
hidden: hidden$
|
|
7562
|
+
commandName: CMD_NAME$o,
|
|
7563
|
+
description: description$t,
|
|
7564
|
+
hidden: hidden$n,
|
|
7358
7565
|
flags: {
|
|
7359
7566
|
...flags.commonFlags
|
|
7360
7567
|
},
|
|
@@ -7363,7 +7570,7 @@ async function run$t(argv, importMeta, {
|
|
|
7363
7570
|
$ ${command} ...
|
|
7364
7571
|
|
|
7365
7572
|
API Token Requirements
|
|
7366
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
7573
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$o}`)}
|
|
7367
7574
|
|
|
7368
7575
|
Note: Everything after "npx" is passed to the npx command.
|
|
7369
7576
|
Only the \`--dry-run\` and \`--help\` flags are caught here.
|
|
@@ -7417,9 +7624,9 @@ const config$6 = {
|
|
|
7417
7624
|
const cmdOops = {
|
|
7418
7625
|
description: config$6.description,
|
|
7419
7626
|
hidden: config$6.hidden,
|
|
7420
|
-
run: run$
|
|
7627
|
+
run: run$t
|
|
7421
7628
|
};
|
|
7422
|
-
async function run$
|
|
7629
|
+
async function run$t(argv, importMeta, {
|
|
7423
7630
|
parentName
|
|
7424
7631
|
}) {
|
|
7425
7632
|
const cli = utils.meowOrExit({
|
|
@@ -7760,7 +7967,7 @@ async function listPackages(pkgEnvDetails, options) {
|
|
|
7760
7967
|
}
|
|
7761
7968
|
}
|
|
7762
7969
|
|
|
7763
|
-
const CMD_NAME$
|
|
7970
|
+
const CMD_NAME$n = 'socket optimize';
|
|
7764
7971
|
|
|
7765
7972
|
const {
|
|
7766
7973
|
BUN,
|
|
@@ -7787,8 +7994,8 @@ function updatePkgJsonField(editablePkgJson, field, value) {
|
|
|
7787
7994
|
if (oldValue) {
|
|
7788
7995
|
// The field already exists so we simply update the field value.
|
|
7789
7996
|
if (field === PNPM$1) {
|
|
7790
|
-
const isPnpmObj = require$$
|
|
7791
|
-
if (require$$
|
|
7997
|
+
const isPnpmObj = require$$9.isObject(oldValue);
|
|
7998
|
+
if (require$$9.hasKeys(value)) {
|
|
7792
7999
|
editablePkgJson.update({
|
|
7793
8000
|
[field]: {
|
|
7794
8001
|
...(isPnpmObj ? oldValue : {}),
|
|
@@ -7800,7 +8007,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
|
|
|
7800
8007
|
});
|
|
7801
8008
|
} else {
|
|
7802
8009
|
// Properties with undefined values are deleted when saved as JSON.
|
|
7803
|
-
editablePkgJson.update(require$$
|
|
8010
|
+
editablePkgJson.update(require$$9.hasKeys(oldValue) ? {
|
|
7804
8011
|
[field]: {
|
|
7805
8012
|
...(isPnpmObj ? oldValue : {}),
|
|
7806
8013
|
overrides: undefined
|
|
@@ -7812,7 +8019,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
|
|
|
7812
8019
|
} else if (field === OVERRIDES || field === RESOLUTIONS) {
|
|
7813
8020
|
// Properties with undefined values are deleted when saved as JSON.
|
|
7814
8021
|
editablePkgJson.update({
|
|
7815
|
-
[field]: require$$
|
|
8022
|
+
[field]: require$$9.hasKeys(value) ? value : undefined
|
|
7816
8023
|
});
|
|
7817
8024
|
} else {
|
|
7818
8025
|
editablePkgJson.update({
|
|
@@ -7821,7 +8028,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
|
|
|
7821
8028
|
}
|
|
7822
8029
|
return;
|
|
7823
8030
|
}
|
|
7824
|
-
if ((field === OVERRIDES || field === PNPM$1 || field === RESOLUTIONS) && !require$$
|
|
8031
|
+
if ((field === OVERRIDES || field === PNPM$1 || field === RESOLUTIONS) && !require$$9.hasKeys(value)) {
|
|
7825
8032
|
return;
|
|
7826
8033
|
}
|
|
7827
8034
|
// Since the field doesn't exist we want to insert it into the package.json
|
|
@@ -7935,7 +8142,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
|
|
|
7935
8142
|
npmExecPath === NPM && !state.warnedPnpmWorkspaceRequiresNpm) {
|
|
7936
8143
|
state.warnedPnpmWorkspaceRequiresNpm = true;
|
|
7937
8144
|
spinner?.stop();
|
|
7938
|
-
logger?.warn(utils.cmdPrefixMessage(CMD_NAME$
|
|
8145
|
+
logger?.warn(utils.cmdPrefixMessage(CMD_NAME$n, `${agent} workspace support requires \`npm ls\`, falling back to \`${agent} list\``));
|
|
7939
8146
|
spinner?.start();
|
|
7940
8147
|
}
|
|
7941
8148
|
const overridesDataObjects = [];
|
|
@@ -7956,7 +8163,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
|
|
|
7956
8163
|
let loggedAddingText = false;
|
|
7957
8164
|
|
|
7958
8165
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7959
|
-
await require$$
|
|
8166
|
+
await require$$10.pEach(manifestEntries, async ({
|
|
7960
8167
|
1: data
|
|
7961
8168
|
}) => {
|
|
7962
8169
|
const {
|
|
@@ -7970,11 +8177,11 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
|
|
|
7970
8177
|
for (const {
|
|
7971
8178
|
1: depObj
|
|
7972
8179
|
} of depEntries) {
|
|
7973
|
-
const sockSpec = require$$
|
|
8180
|
+
const sockSpec = require$$9.hasOwn(depObj, sockRegPkgName) ? depObj[sockRegPkgName] : undefined;
|
|
7974
8181
|
if (sockSpec) {
|
|
7975
8182
|
depAliasMap.set(sockRegPkgName, sockSpec);
|
|
7976
8183
|
}
|
|
7977
|
-
const origSpec = require$$
|
|
8184
|
+
const origSpec = require$$9.hasOwn(depObj, origPkgName) ? depObj[origPkgName] : undefined;
|
|
7978
8185
|
if (origSpec) {
|
|
7979
8186
|
let thisSpec = origSpec;
|
|
7980
8187
|
// Add package aliases for direct dependencies to avoid npm EOVERRIDE
|
|
@@ -8010,11 +8217,11 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
|
|
|
8010
8217
|
npmExecPath
|
|
8011
8218
|
});
|
|
8012
8219
|
// Chunk package names to process them in parallel 3 at a time.
|
|
8013
|
-
await require$$
|
|
8220
|
+
await require$$10.pEach(overridesDataObjects, async ({
|
|
8014
8221
|
overrides,
|
|
8015
8222
|
type
|
|
8016
8223
|
}) => {
|
|
8017
|
-
const overrideExists = require$$
|
|
8224
|
+
const overrideExists = require$$9.hasOwn(overrides, origPkgName);
|
|
8018
8225
|
if (overrideExists || thingScanner(pkgEnvDetails, thingToScan, origPkgName, lockName)) {
|
|
8019
8226
|
const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
|
|
8020
8227
|
const origDepAlias = depAliasMap.get(origPkgName);
|
|
@@ -8068,7 +8275,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
|
|
|
8068
8275
|
});
|
|
8069
8276
|
if (isWorkspace) {
|
|
8070
8277
|
// Chunk package names to process them in parallel 3 at a time.
|
|
8071
|
-
await require$$
|
|
8278
|
+
await require$$10.pEach(workspacePkgJsonPaths, async workspacePkgJsonPath => {
|
|
8072
8279
|
const otherState = await addOverrides(pkgEnvDetails, path.dirname(workspacePkgJsonPath), {
|
|
8073
8280
|
logger,
|
|
8074
8281
|
pin,
|
|
@@ -8091,7 +8298,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
|
|
|
8091
8298
|
overrides,
|
|
8092
8299
|
type
|
|
8093
8300
|
} of overridesDataObjects) {
|
|
8094
|
-
updateManifest(type, pkgEnvDetails.editablePkgJson, require$$
|
|
8301
|
+
updateManifest(type, pkgEnvDetails.editablePkgJson, require$$9.toSortedObject(overrides));
|
|
8095
8302
|
}
|
|
8096
8303
|
}
|
|
8097
8304
|
await pkgEnvDetails.editablePkgJson.save();
|
|
@@ -8123,8 +8330,8 @@ async function updateLockfile(pkgEnvDetails, options) {
|
|
|
8123
8330
|
}
|
|
8124
8331
|
} catch (e) {
|
|
8125
8332
|
spinner?.stop();
|
|
8126
|
-
require$$
|
|
8127
|
-
require$$
|
|
8333
|
+
require$$8.debugFn('error', 'fail: update');
|
|
8334
|
+
require$$8.debugDir('inspect', {
|
|
8128
8335
|
error: e
|
|
8129
8336
|
});
|
|
8130
8337
|
if (wasSpinning) {
|
|
@@ -8166,7 +8373,7 @@ async function applyOptimization(pkgEnvDetails, {
|
|
|
8166
8373
|
const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
|
|
8167
8374
|
if (pkgJsonChanged || pkgEnvDetails.features.npmBuggyOverrides) {
|
|
8168
8375
|
const result = await updateLockfile(pkgEnvDetails, {
|
|
8169
|
-
cmdName: CMD_NAME$
|
|
8376
|
+
cmdName: CMD_NAME$n,
|
|
8170
8377
|
logger: logger.logger,
|
|
8171
8378
|
spinner
|
|
8172
8379
|
});
|
|
@@ -8228,7 +8435,7 @@ async function handleOptimize({
|
|
|
8228
8435
|
prod
|
|
8229
8436
|
}) {
|
|
8230
8437
|
const pkgEnvCResult = await utils.detectAndValidatePackageEnvironment(cwd, {
|
|
8231
|
-
cmdName: CMD_NAME$
|
|
8438
|
+
cmdName: CMD_NAME$n,
|
|
8232
8439
|
logger: logger.logger,
|
|
8233
8440
|
prod
|
|
8234
8441
|
});
|
|
@@ -8253,7 +8460,7 @@ async function handleOptimize({
|
|
|
8253
8460
|
await outputOptimizeResult({
|
|
8254
8461
|
ok: false,
|
|
8255
8462
|
message: 'Unsupported',
|
|
8256
|
-
cause: utils.cmdPrefixMessage(CMD_NAME$
|
|
8463
|
+
cause: utils.cmdPrefixMessage(CMD_NAME$n, `${agent} v${agentVersion} does not support overrides.`)
|
|
8257
8464
|
}, outputKind);
|
|
8258
8465
|
return;
|
|
8259
8466
|
}
|
|
@@ -8267,21 +8474,21 @@ async function handleOptimize({
|
|
|
8267
8474
|
const {
|
|
8268
8475
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$r
|
|
8269
8476
|
} = constants;
|
|
8270
|
-
const CMD_NAME$
|
|
8271
|
-
const description$
|
|
8272
|
-
const hidden$
|
|
8477
|
+
const CMD_NAME$m = 'optimize';
|
|
8478
|
+
const description$s = 'Optimize dependencies with @socketregistry overrides';
|
|
8479
|
+
const hidden$m = false;
|
|
8273
8480
|
const cmdOptimize = {
|
|
8274
|
-
description: description$
|
|
8275
|
-
hidden: hidden$
|
|
8276
|
-
run: run$
|
|
8481
|
+
description: description$s,
|
|
8482
|
+
hidden: hidden$m,
|
|
8483
|
+
run: run$s
|
|
8277
8484
|
};
|
|
8278
|
-
async function run$
|
|
8485
|
+
async function run$s(argv, importMeta, {
|
|
8279
8486
|
parentName
|
|
8280
8487
|
}) {
|
|
8281
8488
|
const config = {
|
|
8282
|
-
commandName: CMD_NAME$
|
|
8283
|
-
description: description$
|
|
8284
|
-
hidden: hidden$
|
|
8489
|
+
commandName: CMD_NAME$m,
|
|
8490
|
+
description: description$s,
|
|
8491
|
+
hidden: hidden$m,
|
|
8285
8492
|
flags: {
|
|
8286
8493
|
...flags.commonFlags,
|
|
8287
8494
|
pin: {
|
|
@@ -8300,7 +8507,7 @@ async function run$r(argv, importMeta, {
|
|
|
8300
8507
|
$ ${command} [options] [CWD=.]
|
|
8301
8508
|
|
|
8302
8509
|
API Token Requirements
|
|
8303
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
8510
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$m}`)}
|
|
8304
8511
|
|
|
8305
8512
|
Options
|
|
8306
8513
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -8446,21 +8653,21 @@ async function handleDependencies({
|
|
|
8446
8653
|
const {
|
|
8447
8654
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$q
|
|
8448
8655
|
} = constants;
|
|
8449
|
-
const CMD_NAME$
|
|
8450
|
-
const description$
|
|
8451
|
-
const hidden$
|
|
8656
|
+
const CMD_NAME$l = 'dependencies';
|
|
8657
|
+
const description$r = 'Search for any dependency that is being used in your organization';
|
|
8658
|
+
const hidden$l = false;
|
|
8452
8659
|
const cmdOrganizationDependencies = {
|
|
8453
|
-
description: description$
|
|
8454
|
-
hidden: hidden$
|
|
8455
|
-
run: run$
|
|
8660
|
+
description: description$r,
|
|
8661
|
+
hidden: hidden$l,
|
|
8662
|
+
run: run$r
|
|
8456
8663
|
};
|
|
8457
|
-
async function run$
|
|
8664
|
+
async function run$r(argv, importMeta, {
|
|
8458
8665
|
parentName
|
|
8459
8666
|
}) {
|
|
8460
8667
|
const config = {
|
|
8461
|
-
commandName: CMD_NAME$
|
|
8462
|
-
description: description$
|
|
8463
|
-
hidden: hidden$
|
|
8668
|
+
commandName: CMD_NAME$l,
|
|
8669
|
+
description: description$r,
|
|
8670
|
+
hidden: hidden$l,
|
|
8464
8671
|
flags: {
|
|
8465
8672
|
...flags.commonFlags,
|
|
8466
8673
|
limit: {
|
|
@@ -8480,7 +8687,7 @@ async function run$q(argv, importMeta, {
|
|
|
8480
8687
|
${command} [options]
|
|
8481
8688
|
|
|
8482
8689
|
API Token Requirements
|
|
8483
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
8690
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$l}`)}
|
|
8484
8691
|
|
|
8485
8692
|
Options
|
|
8486
8693
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -8503,7 +8710,7 @@ async function run$q(argv, importMeta, {
|
|
|
8503
8710
|
offset
|
|
8504
8711
|
} = cli.flags;
|
|
8505
8712
|
const dryRun = !!cli.flags['dryRun'];
|
|
8506
|
-
const hasApiToken = utils.
|
|
8713
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
8507
8714
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
8508
8715
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
8509
8716
|
nook: true,
|
|
@@ -8583,21 +8790,21 @@ async function handleLicensePolicy(orgSlug, outputKind) {
|
|
|
8583
8790
|
const {
|
|
8584
8791
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$p
|
|
8585
8792
|
} = constants;
|
|
8586
|
-
const CMD_NAME$
|
|
8587
|
-
const description$
|
|
8588
|
-
const hidden$
|
|
8793
|
+
const CMD_NAME$k = 'license';
|
|
8794
|
+
const description$q = 'Retrieve the license policy of an organization';
|
|
8795
|
+
const hidden$k = false;
|
|
8589
8796
|
const cmdOrganizationPolicyLicense = {
|
|
8590
|
-
description: description$
|
|
8591
|
-
hidden: hidden$
|
|
8592
|
-
run: run$
|
|
8797
|
+
description: description$q,
|
|
8798
|
+
hidden: hidden$k,
|
|
8799
|
+
run: run$q
|
|
8593
8800
|
};
|
|
8594
|
-
async function run$
|
|
8801
|
+
async function run$q(argv, importMeta, {
|
|
8595
8802
|
parentName
|
|
8596
8803
|
}) {
|
|
8597
8804
|
const config = {
|
|
8598
|
-
commandName: CMD_NAME$
|
|
8599
|
-
description: description$
|
|
8600
|
-
hidden: hidden$
|
|
8805
|
+
commandName: CMD_NAME$k,
|
|
8806
|
+
description: description$q,
|
|
8807
|
+
hidden: hidden$k,
|
|
8601
8808
|
flags: {
|
|
8602
8809
|
...flags.commonFlags,
|
|
8603
8810
|
...flags.outputFlags,
|
|
@@ -8616,7 +8823,7 @@ async function run$p(argv, importMeta, {
|
|
|
8616
8823
|
$ ${command} [options]
|
|
8617
8824
|
|
|
8618
8825
|
API Token Requirements
|
|
8619
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
8826
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$k}`)}
|
|
8620
8827
|
|
|
8621
8828
|
Options
|
|
8622
8829
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -8642,7 +8849,7 @@ async function run$p(argv, importMeta, {
|
|
|
8642
8849
|
} = cli.flags;
|
|
8643
8850
|
const dryRun = !!cli.flags['dryRun'];
|
|
8644
8851
|
const interactive = !!cli.flags['interactive'];
|
|
8645
|
-
const hasApiToken = utils.
|
|
8852
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
8646
8853
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
8647
8854
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
8648
8855
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -8720,21 +8927,21 @@ async function handleSecurityPolicy(orgSlug, outputKind) {
|
|
|
8720
8927
|
const {
|
|
8721
8928
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$o
|
|
8722
8929
|
} = constants;
|
|
8723
|
-
const CMD_NAME$
|
|
8724
|
-
const description$
|
|
8725
|
-
const hidden$
|
|
8930
|
+
const CMD_NAME$j = 'security';
|
|
8931
|
+
const description$p = 'Retrieve the security policy of an organization';
|
|
8932
|
+
const hidden$j = true;
|
|
8726
8933
|
const cmdOrganizationPolicySecurity = {
|
|
8727
|
-
description: description$
|
|
8728
|
-
hidden: hidden$
|
|
8729
|
-
run: run$
|
|
8934
|
+
description: description$p,
|
|
8935
|
+
hidden: hidden$j,
|
|
8936
|
+
run: run$p
|
|
8730
8937
|
};
|
|
8731
|
-
async function run$
|
|
8938
|
+
async function run$p(argv, importMeta, {
|
|
8732
8939
|
parentName
|
|
8733
8940
|
}) {
|
|
8734
8941
|
const config = {
|
|
8735
|
-
commandName: CMD_NAME$
|
|
8736
|
-
description: description$
|
|
8737
|
-
hidden: hidden$
|
|
8942
|
+
commandName: CMD_NAME$j,
|
|
8943
|
+
description: description$p,
|
|
8944
|
+
hidden: hidden$j,
|
|
8738
8945
|
flags: {
|
|
8739
8946
|
...flags.commonFlags,
|
|
8740
8947
|
...flags.outputFlags,
|
|
@@ -8753,7 +8960,7 @@ async function run$o(argv, importMeta, {
|
|
|
8753
8960
|
$ ${command} [options]
|
|
8754
8961
|
|
|
8755
8962
|
API Token Requirements
|
|
8756
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
8963
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$j}`)}
|
|
8757
8964
|
|
|
8758
8965
|
Options
|
|
8759
8966
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -8779,7 +8986,7 @@ async function run$o(argv, importMeta, {
|
|
|
8779
8986
|
} = cli.flags;
|
|
8780
8987
|
const dryRun = !!cli.flags['dryRun'];
|
|
8781
8988
|
const interactive = !!cli.flags['interactive'];
|
|
8782
|
-
const hasApiToken = utils.
|
|
8989
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
8783
8990
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
8784
8991
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
8785
8992
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -8858,21 +9065,21 @@ async function handleOrganizationList(outputKind = 'text') {
|
|
|
8858
9065
|
const {
|
|
8859
9066
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$n
|
|
8860
9067
|
} = constants;
|
|
8861
|
-
const CMD_NAME$
|
|
8862
|
-
const description$
|
|
8863
|
-
const hidden$
|
|
9068
|
+
const CMD_NAME$i = 'list';
|
|
9069
|
+
const description$o = 'List organizations associated with the Socket API token';
|
|
9070
|
+
const hidden$i = false;
|
|
8864
9071
|
const cmdOrganizationList = {
|
|
8865
|
-
description: description$
|
|
8866
|
-
hidden: hidden$
|
|
8867
|
-
run: run$
|
|
9072
|
+
description: description$o,
|
|
9073
|
+
hidden: hidden$i,
|
|
9074
|
+
run: run$o
|
|
8868
9075
|
};
|
|
8869
|
-
async function run$
|
|
9076
|
+
async function run$o(argv, importMeta, {
|
|
8870
9077
|
parentName
|
|
8871
9078
|
}) {
|
|
8872
9079
|
const config = {
|
|
8873
|
-
commandName: CMD_NAME$
|
|
8874
|
-
description: description$
|
|
8875
|
-
hidden: hidden$
|
|
9080
|
+
commandName: CMD_NAME$i,
|
|
9081
|
+
description: description$o,
|
|
9082
|
+
hidden: hidden$i,
|
|
8876
9083
|
flags: {
|
|
8877
9084
|
...flags.commonFlags,
|
|
8878
9085
|
...flags.outputFlags
|
|
@@ -8882,7 +9089,7 @@ async function run$n(argv, importMeta, {
|
|
|
8882
9089
|
$ ${command} [options]
|
|
8883
9090
|
|
|
8884
9091
|
API Token Requirements
|
|
8885
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
9092
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$i}`)}
|
|
8886
9093
|
|
|
8887
9094
|
Options
|
|
8888
9095
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -8903,7 +9110,7 @@ async function run$n(argv, importMeta, {
|
|
|
8903
9110
|
markdown
|
|
8904
9111
|
} = cli.flags;
|
|
8905
9112
|
const dryRun = !!cli.flags['dryRun'];
|
|
8906
|
-
const hasApiToken = utils.
|
|
9113
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
8907
9114
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
8908
9115
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
8909
9116
|
nook: true,
|
|
@@ -8926,9 +9133,9 @@ async function run$n(argv, importMeta, {
|
|
|
8926
9133
|
await handleOrganizationList(outputKind);
|
|
8927
9134
|
}
|
|
8928
9135
|
|
|
8929
|
-
const description$
|
|
9136
|
+
const description$n = 'Organization policy details';
|
|
8930
9137
|
const cmdOrganizationPolicy = {
|
|
8931
|
-
description: description$
|
|
9138
|
+
description: description$n,
|
|
8932
9139
|
// Hidden because it was broken all this time (nobody could be using it)
|
|
8933
9140
|
// and we're not sure if it's useful to anyone in its current state.
|
|
8934
9141
|
// Until we do, we'll hide this to keep the help tidier.
|
|
@@ -8942,7 +9149,7 @@ const cmdOrganizationPolicy = {
|
|
|
8942
9149
|
license: cmdOrganizationPolicyLicense
|
|
8943
9150
|
}, {
|
|
8944
9151
|
argv,
|
|
8945
|
-
description: description$
|
|
9152
|
+
description: description$n,
|
|
8946
9153
|
defaultSub: 'list',
|
|
8947
9154
|
// Backwards compat
|
|
8948
9155
|
importMeta,
|
|
@@ -9022,9 +9229,9 @@ const config$5 = {
|
|
|
9022
9229
|
const cmdOrganizationQuota = {
|
|
9023
9230
|
description: config$5.description,
|
|
9024
9231
|
hidden: config$5.hidden,
|
|
9025
|
-
run: run$
|
|
9232
|
+
run: run$n
|
|
9026
9233
|
};
|
|
9027
|
-
async function run$
|
|
9234
|
+
async function run$n(argv, importMeta, {
|
|
9028
9235
|
parentName
|
|
9029
9236
|
}) {
|
|
9030
9237
|
const cli = utils.meowOrExit({
|
|
@@ -9036,7 +9243,7 @@ async function run$m(argv, importMeta, {
|
|
|
9036
9243
|
const dryRun = !!cli.flags['dryRun'];
|
|
9037
9244
|
const json = Boolean(cli.flags['json']);
|
|
9038
9245
|
const markdown = Boolean(cli.flags['markdown']);
|
|
9039
|
-
const hasApiToken = utils.
|
|
9246
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
9040
9247
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
9041
9248
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
9042
9249
|
nook: true,
|
|
@@ -9059,9 +9266,9 @@ async function run$m(argv, importMeta, {
|
|
|
9059
9266
|
await handleQuota(outputKind);
|
|
9060
9267
|
}
|
|
9061
9268
|
|
|
9062
|
-
const description$
|
|
9269
|
+
const description$m = 'Manage Socket organization account details';
|
|
9063
9270
|
const cmdOrganization = {
|
|
9064
|
-
description: description$
|
|
9271
|
+
description: description$m,
|
|
9065
9272
|
hidden: false,
|
|
9066
9273
|
async run(argv, importMeta, {
|
|
9067
9274
|
parentName
|
|
@@ -9090,7 +9297,7 @@ const cmdOrganization = {
|
|
|
9090
9297
|
}
|
|
9091
9298
|
},
|
|
9092
9299
|
argv,
|
|
9093
|
-
description: description$
|
|
9300
|
+
description: description$m,
|
|
9094
9301
|
importMeta,
|
|
9095
9302
|
name: `${parentName} organization`
|
|
9096
9303
|
});
|
|
@@ -9318,21 +9525,21 @@ function parsePackageSpecifiers(ecosystem, pkgs) {
|
|
|
9318
9525
|
const {
|
|
9319
9526
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$l
|
|
9320
9527
|
} = constants;
|
|
9321
|
-
const CMD_NAME$
|
|
9322
|
-
const description$
|
|
9323
|
-
const hidden$
|
|
9528
|
+
const CMD_NAME$h = 'score';
|
|
9529
|
+
const description$l = 'Look up score for one package which reflects all of its transitive dependencies as well';
|
|
9530
|
+
const hidden$h = false;
|
|
9324
9531
|
const cmdPackageScore = {
|
|
9325
|
-
description: description$
|
|
9326
|
-
hidden: hidden$
|
|
9327
|
-
run: run$
|
|
9532
|
+
description: description$l,
|
|
9533
|
+
hidden: hidden$h,
|
|
9534
|
+
run: run$m
|
|
9328
9535
|
};
|
|
9329
|
-
async function run$
|
|
9536
|
+
async function run$m(argv, importMeta, {
|
|
9330
9537
|
parentName
|
|
9331
9538
|
}) {
|
|
9332
9539
|
const config = {
|
|
9333
|
-
commandName: CMD_NAME$
|
|
9334
|
-
description: description$
|
|
9335
|
-
hidden: hidden$
|
|
9540
|
+
commandName: CMD_NAME$h,
|
|
9541
|
+
description: description$l,
|
|
9542
|
+
hidden: hidden$h,
|
|
9336
9543
|
flags: {
|
|
9337
9544
|
...flags.commonFlags,
|
|
9338
9545
|
...flags.outputFlags
|
|
@@ -9342,7 +9549,7 @@ async function run$l(argv, importMeta, {
|
|
|
9342
9549
|
$ ${command} [options] <<ECOSYSTEM> <NAME> | <PURL>>
|
|
9343
9550
|
|
|
9344
9551
|
API Token Requirements
|
|
9345
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
9552
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$h}`)}
|
|
9346
9553
|
|
|
9347
9554
|
Options
|
|
9348
9555
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -9385,7 +9592,7 @@ async function run$l(argv, importMeta, {
|
|
|
9385
9592
|
} = cli.flags;
|
|
9386
9593
|
const dryRun = !!cli.flags['dryRun'];
|
|
9387
9594
|
const [ecosystem = '', purl] = cli.input;
|
|
9388
|
-
const hasApiToken = utils.
|
|
9595
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
9389
9596
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
9390
9597
|
const {
|
|
9391
9598
|
purls,
|
|
@@ -9492,7 +9699,7 @@ function formatReportCard(artifact, colorize) {
|
|
|
9492
9699
|
colorize
|
|
9493
9700
|
});
|
|
9494
9701
|
if (!artifact.ecosystem) {
|
|
9495
|
-
require$$
|
|
9702
|
+
require$$8.debugFn('notice', 'miss: artifact ecosystem', artifact);
|
|
9496
9703
|
}
|
|
9497
9704
|
const purl = `pkg:${artifact.ecosystem}/${artifact.name}${artifact.version ? '@' + artifact.version : ''}`;
|
|
9498
9705
|
|
|
@@ -9703,28 +9910,28 @@ async function handlePurlsShallowScore({
|
|
|
9703
9910
|
const {
|
|
9704
9911
|
DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$k
|
|
9705
9912
|
} = constants;
|
|
9706
|
-
const CMD_NAME$
|
|
9707
|
-
const description$
|
|
9708
|
-
const hidden$
|
|
9913
|
+
const CMD_NAME$g = 'shallow';
|
|
9914
|
+
const description$k = 'Look up info regarding one or more packages but not their transitives';
|
|
9915
|
+
const hidden$g = false;
|
|
9709
9916
|
const cmdPackageShallow = {
|
|
9710
|
-
description: description$
|
|
9711
|
-
hidden: hidden$
|
|
9917
|
+
description: description$k,
|
|
9918
|
+
hidden: hidden$g,
|
|
9712
9919
|
alias: {
|
|
9713
9920
|
shallowScore: {
|
|
9714
|
-
description: description$
|
|
9921
|
+
description: description$k,
|
|
9715
9922
|
hidden: true,
|
|
9716
9923
|
argv: []
|
|
9717
9924
|
}
|
|
9718
9925
|
},
|
|
9719
|
-
run: run$
|
|
9926
|
+
run: run$l
|
|
9720
9927
|
};
|
|
9721
|
-
async function run$
|
|
9928
|
+
async function run$l(argv, importMeta, {
|
|
9722
9929
|
parentName
|
|
9723
9930
|
}) {
|
|
9724
9931
|
const config = {
|
|
9725
|
-
commandName: CMD_NAME$
|
|
9726
|
-
description: description$
|
|
9727
|
-
hidden: hidden$
|
|
9932
|
+
commandName: CMD_NAME$g,
|
|
9933
|
+
description: description$k,
|
|
9934
|
+
hidden: hidden$g,
|
|
9728
9935
|
flags: {
|
|
9729
9936
|
...flags.commonFlags,
|
|
9730
9937
|
...flags.outputFlags
|
|
@@ -9734,7 +9941,7 @@ async function run$k(argv, importMeta, {
|
|
|
9734
9941
|
$ ${command} [options] <<ECOSYSTEM> <PKGNAME> [<PKGNAME> ...] | <PURL> [<PURL> ...]>
|
|
9735
9942
|
|
|
9736
9943
|
API Token Requirements
|
|
9737
|
-
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$
|
|
9944
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$g}`)}
|
|
9738
9945
|
|
|
9739
9946
|
Options
|
|
9740
9947
|
${utils.getFlagListOutput(config.flags)}
|
|
@@ -9808,9 +10015,9 @@ async function run$k(argv, importMeta, {
|
|
|
9808
10015
|
});
|
|
9809
10016
|
}
|
|
9810
10017
|
|
|
9811
|
-
const description$
|
|
10018
|
+
const description$j = 'Look up published package details';
|
|
9812
10019
|
const cmdPackage = {
|
|
9813
|
-
description: description$
|
|
10020
|
+
description: description$j,
|
|
9814
10021
|
hidden: false,
|
|
9815
10022
|
async run(argv, importMeta, {
|
|
9816
10023
|
parentName
|
|
@@ -9821,19 +10028,166 @@ const cmdPackage = {
|
|
|
9821
10028
|
}, {
|
|
9822
10029
|
aliases: {
|
|
9823
10030
|
deep: {
|
|
9824
|
-
description: description$
|
|
10031
|
+
description: description$j,
|
|
9825
10032
|
hidden: true,
|
|
9826
10033
|
argv: ['score']
|
|
9827
10034
|
}
|
|
9828
10035
|
},
|
|
9829
10036
|
argv,
|
|
9830
|
-
description: description$
|
|
10037
|
+
description: description$j,
|
|
9831
10038
|
importMeta,
|
|
9832
10039
|
name: `${parentName} package`
|
|
9833
10040
|
});
|
|
9834
10041
|
}
|
|
9835
10042
|
};
|
|
9836
10043
|
|
|
10044
|
+
async function outputPatchResult(result, outputKind) {
|
|
10045
|
+
if (!result.ok) {
|
|
10046
|
+
process.exitCode = result.code ?? 1;
|
|
10047
|
+
}
|
|
10048
|
+
if (outputKind === 'json') {
|
|
10049
|
+
logger.logger.log(utils.serializeResultJson(result));
|
|
10050
|
+
return;
|
|
10051
|
+
}
|
|
10052
|
+
if (!result.ok) {
|
|
10053
|
+
logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
|
|
10054
|
+
return;
|
|
10055
|
+
}
|
|
10056
|
+
const {
|
|
10057
|
+
patchedPackages
|
|
10058
|
+
} = result.data;
|
|
10059
|
+
if (patchedPackages.length > 0) {
|
|
10060
|
+
logger.logger.success(`Successfully processed patches for ${patchedPackages.length} package(s):`);
|
|
10061
|
+
for (const pkg of patchedPackages) {
|
|
10062
|
+
logger.logger.success(pkg);
|
|
10063
|
+
}
|
|
10064
|
+
} else {
|
|
10065
|
+
logger.logger.info('No packages found requiring patches');
|
|
10066
|
+
}
|
|
10067
|
+
logger.logger.log('');
|
|
10068
|
+
logger.logger.success('Patch command completed!');
|
|
10069
|
+
}
|
|
10070
|
+
|
|
10071
|
+
async function handlePatch({
|
|
10072
|
+
outputKind,
|
|
10073
|
+
packages,
|
|
10074
|
+
spinner
|
|
10075
|
+
}) {
|
|
10076
|
+
spinner.start('Analyzing dependencies for security patches...');
|
|
10077
|
+
try {
|
|
10078
|
+
// TODO: Implement actual patch logic
|
|
10079
|
+
// This is a stub implementation
|
|
10080
|
+
const result = {
|
|
10081
|
+
ok: true,
|
|
10082
|
+
data: {
|
|
10083
|
+
patchedPackages: packages.length > 0 ? packages : ['example-package']
|
|
10084
|
+
}
|
|
10085
|
+
};
|
|
10086
|
+
spinner.stop();
|
|
10087
|
+
logger.logger.log('');
|
|
10088
|
+
if (packages.length > 0) {
|
|
10089
|
+
logger.logger.info(`Checking patches for: ${packages.join(', ')}`);
|
|
10090
|
+
} else {
|
|
10091
|
+
logger.logger.info('Scanning all dependencies for available patches');
|
|
10092
|
+
}
|
|
10093
|
+
logger.logger.log('');
|
|
10094
|
+
await outputPatchResult(result, outputKind);
|
|
10095
|
+
} catch (e) {
|
|
10096
|
+
spinner.stop();
|
|
10097
|
+
const result = {
|
|
10098
|
+
ok: false,
|
|
10099
|
+
code: 1,
|
|
10100
|
+
message: 'Failed to apply patches',
|
|
10101
|
+
cause: e?.message || 'Unknown error'
|
|
10102
|
+
};
|
|
10103
|
+
await outputPatchResult(result, outputKind);
|
|
10104
|
+
}
|
|
10105
|
+
}
|
|
10106
|
+
|
|
10107
|
+
const {
|
|
10108
|
+
DRY_RUN_NOT_SAVING
|
|
10109
|
+
} = constants;
|
|
10110
|
+
const CMD_NAME$f = 'patch';
|
|
10111
|
+
const description$i = 'Apply CVE patches to dependencies';
|
|
10112
|
+
const hidden$f = true;
|
|
10113
|
+
const cmdPatch = {
|
|
10114
|
+
description: description$i,
|
|
10115
|
+
hidden: hidden$f,
|
|
10116
|
+
run: run$k
|
|
10117
|
+
};
|
|
10118
|
+
async function run$k(argv, importMeta, {
|
|
10119
|
+
parentName
|
|
10120
|
+
}) {
|
|
10121
|
+
const config = {
|
|
10122
|
+
commandName: CMD_NAME$f,
|
|
10123
|
+
description: description$i,
|
|
10124
|
+
hidden: hidden$f,
|
|
10125
|
+
flags: {
|
|
10126
|
+
...flags.commonFlags,
|
|
10127
|
+
...flags.outputFlags,
|
|
10128
|
+
package: {
|
|
10129
|
+
type: 'string',
|
|
10130
|
+
default: [],
|
|
10131
|
+
description: 'Specify packages to patch, as either a comma separated value or as multiple flags',
|
|
10132
|
+
isMultiple: true,
|
|
10133
|
+
shortFlag: 'p'
|
|
10134
|
+
}
|
|
10135
|
+
},
|
|
10136
|
+
help: (command, config) => `
|
|
10137
|
+
Usage
|
|
10138
|
+
$ ${command} [options] [CWD=.]
|
|
10139
|
+
|
|
10140
|
+
API Token Requirements
|
|
10141
|
+
${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$f}`)}
|
|
10142
|
+
|
|
10143
|
+
Options
|
|
10144
|
+
${utils.getFlagListOutput(config.flags)}
|
|
10145
|
+
|
|
10146
|
+
Examples
|
|
10147
|
+
$ ${command}
|
|
10148
|
+
$ ${command} --package lodash
|
|
10149
|
+
$ ${command} ./proj/tree --package lodash,react
|
|
10150
|
+
`
|
|
10151
|
+
};
|
|
10152
|
+
const cli = utils.meowOrExit({
|
|
10153
|
+
allowUnknownFlags: false,
|
|
10154
|
+
argv,
|
|
10155
|
+
config,
|
|
10156
|
+
importMeta,
|
|
10157
|
+
parentName
|
|
10158
|
+
});
|
|
10159
|
+
const dryRun = !!cli.flags['dryRun'];
|
|
10160
|
+
const outputKind = utils.getOutputKind(cli.flags['json'], cli.flags['markdown']);
|
|
10161
|
+
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
10162
|
+
nook: true,
|
|
10163
|
+
test: !cli.flags['json'] || !cli.flags['markdown'],
|
|
10164
|
+
message: 'The json and markdown flags cannot be both set, pick one',
|
|
10165
|
+
fail: 'omit one'
|
|
10166
|
+
});
|
|
10167
|
+
if (!wasValidInput) {
|
|
10168
|
+
return;
|
|
10169
|
+
}
|
|
10170
|
+
if (dryRun) {
|
|
10171
|
+
logger.logger.log(DRY_RUN_NOT_SAVING);
|
|
10172
|
+
return;
|
|
10173
|
+
}
|
|
10174
|
+
let [cwd = '.'] = cli.input;
|
|
10175
|
+
// Note: path.resolve vs .join:
|
|
10176
|
+
// If given path is absolute then cwd should not affect it.
|
|
10177
|
+
cwd = path.resolve(process.cwd(), cwd);
|
|
10178
|
+
|
|
10179
|
+
// Lazily access constants.spinner.
|
|
10180
|
+
const {
|
|
10181
|
+
spinner
|
|
10182
|
+
} = constants;
|
|
10183
|
+
const packages = Array.isArray(cli.flags['package']) ? cli.flags['package'].flatMap(p => String(p).split(',')) : String(cli.flags['package'] || '').split(',').filter(Boolean);
|
|
10184
|
+
await handlePatch({
|
|
10185
|
+
outputKind,
|
|
10186
|
+
packages,
|
|
10187
|
+
spinner
|
|
10188
|
+
});
|
|
10189
|
+
}
|
|
10190
|
+
|
|
9837
10191
|
async function runRawNpm(argv) {
|
|
9838
10192
|
const spawnPromise = spawn.spawn(utils.getNpmBinPath(), argv, {
|
|
9839
10193
|
// Lazily access constants.WIN32.
|
|
@@ -10115,7 +10469,7 @@ async function run$h(argv, importMeta, {
|
|
|
10115
10469
|
const interactive = !!cli.flags['interactive'];
|
|
10116
10470
|
const noLegacy = !cli.flags['repoName'];
|
|
10117
10471
|
const [repoName = ''] = cli.input;
|
|
10118
|
-
const hasApiToken = utils.
|
|
10472
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
10119
10473
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
10120
10474
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
10121
10475
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -10252,7 +10606,7 @@ async function run$g(argv, importMeta, {
|
|
|
10252
10606
|
const interactive = !!cli.flags['interactive'];
|
|
10253
10607
|
const noLegacy = !cli.flags['repoName'];
|
|
10254
10608
|
const [repoName = ''] = cli.input;
|
|
10255
|
-
const hasApiToken = utils.
|
|
10609
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
10256
10610
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
10257
10611
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
10258
10612
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -10545,7 +10899,7 @@ async function run$f(argv, importMeta, {
|
|
|
10545
10899
|
} = cli.flags;
|
|
10546
10900
|
const dryRun = !!cli.flags['dryRun'];
|
|
10547
10901
|
const interactive = !!cli.flags['interactive'];
|
|
10548
|
-
const hasApiToken = utils.
|
|
10902
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
10549
10903
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
10550
10904
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
10551
10905
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -10741,7 +11095,7 @@ async function run$e(argv, importMeta, {
|
|
|
10741
11095
|
const interactive = !!cli.flags['interactive'];
|
|
10742
11096
|
const noLegacy = !cli.flags['repoName'];
|
|
10743
11097
|
const [repoName = ''] = cli.input;
|
|
10744
|
-
const hasApiToken = utils.
|
|
11098
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
10745
11099
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
10746
11100
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
10747
11101
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -10904,7 +11258,7 @@ async function run$d(argv, importMeta, {
|
|
|
10904
11258
|
const interactive = !!cli.flags['interactive'];
|
|
10905
11259
|
const noLegacy = !cli.flags['repoName'];
|
|
10906
11260
|
const [repoName = ''] = cli.input;
|
|
10907
|
-
const hasApiToken = utils.
|
|
11261
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
10908
11262
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
10909
11263
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
10910
11264
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -11265,7 +11619,7 @@ async function run$c(argv, importMeta, {
|
|
|
11265
11619
|
// We're going to need an api token to suggest data because those suggestions
|
|
11266
11620
|
// must come from data we already know. Don't error on missing api token yet.
|
|
11267
11621
|
// If the api-token is not set, ignore it for the sake of suggestions.
|
|
11268
|
-
const hasApiToken = utils.
|
|
11622
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
11269
11623
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
11270
11624
|
const pendingHead = tmp ? false : pendingHeadFlag;
|
|
11271
11625
|
|
|
@@ -11481,7 +11835,7 @@ async function run$b(argv, importMeta, {
|
|
|
11481
11835
|
const dryRun = !!cli.flags['dryRun'];
|
|
11482
11836
|
const interactive = !!cli.flags['interactive'];
|
|
11483
11837
|
const [scanId = ''] = cli.input;
|
|
11484
|
-
const hasApiToken = utils.
|
|
11838
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
11485
11839
|
const [orgSlug, defaultOrgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
11486
11840
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
11487
11841
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -11636,13 +11990,15 @@ async function handleMarkdown(data) {
|
|
|
11636
11990
|
logger.logger.log(` ... and ${data.artifacts.updated.length - 10} more`);
|
|
11637
11991
|
}
|
|
11638
11992
|
}
|
|
11639
|
-
|
|
11640
|
-
|
|
11641
|
-
|
|
11993
|
+
const unchanged = data.artifacts.unchanged ?? [];
|
|
11994
|
+
logger.logger.log(`- Unchanged packages: ${unchanged.length}`);
|
|
11995
|
+
if (unchanged.length > 0) {
|
|
11996
|
+
const firstUpToTen = unchanged.slice(0, 10);
|
|
11997
|
+
for (const artifact of firstUpToTen) {
|
|
11642
11998
|
logger.logger.log(` - ${artifact.type} ${artifact.name}@${artifact.version}`);
|
|
11643
|
-
}
|
|
11644
|
-
if (
|
|
11645
|
-
logger.logger.log(` ... and ${
|
|
11999
|
+
}
|
|
12000
|
+
if (unchanged.length > 10) {
|
|
12001
|
+
logger.logger.log(` ... and ${unchanged.length - 10} more`);
|
|
11646
12002
|
}
|
|
11647
12003
|
}
|
|
11648
12004
|
logger.logger.log('');
|
|
@@ -11789,7 +12145,7 @@ async function run$a(argv, importMeta, {
|
|
|
11789
12145
|
if (id2.startsWith(SOCKET_SBOM_URL_PREFIX)) {
|
|
11790
12146
|
id2 = id2.slice(SOCKET_SBOM_URL_PREFIX_LENGTH);
|
|
11791
12147
|
}
|
|
11792
|
-
const hasApiToken = utils.
|
|
12148
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
11793
12149
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
11794
12150
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
11795
12151
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -11968,7 +12324,7 @@ async function scanOneRepo(repoSlug, {
|
|
|
11968
12324
|
};
|
|
11969
12325
|
}
|
|
11970
12326
|
const tmpDir = fs$1.mkdtempSync(path.join(os.tmpdir(), repoSlug));
|
|
11971
|
-
require$$
|
|
12327
|
+
require$$8.debugFn('notice', 'init: temp dir for scan root', tmpDir);
|
|
11972
12328
|
const downloadResult = await testAndDownloadManifestFiles({
|
|
11973
12329
|
files,
|
|
11974
12330
|
tmpDir,
|
|
@@ -12089,11 +12445,11 @@ async function testAndDownloadManifestFile({
|
|
|
12089
12445
|
repoApiUrl,
|
|
12090
12446
|
tmpDir
|
|
12091
12447
|
}) {
|
|
12092
|
-
require$$
|
|
12448
|
+
require$$8.debugFn('notice', 'testing: file', file);
|
|
12093
12449
|
const supportedFilesCResult = await fetchSupportedScanFileNames();
|
|
12094
12450
|
const supportedFiles = supportedFilesCResult.ok ? supportedFilesCResult.data : undefined;
|
|
12095
12451
|
if (!supportedFiles || !utils.isReportSupportedFile(file, supportedFiles)) {
|
|
12096
|
-
require$$
|
|
12452
|
+
require$$8.debugFn('notice', 'skip: not a known pattern');
|
|
12097
12453
|
// Not an error.
|
|
12098
12454
|
return {
|
|
12099
12455
|
ok: true,
|
|
@@ -12102,7 +12458,7 @@ async function testAndDownloadManifestFile({
|
|
|
12102
12458
|
}
|
|
12103
12459
|
};
|
|
12104
12460
|
}
|
|
12105
|
-
require$$
|
|
12461
|
+
require$$8.debugFn('notice', 'found: manifest file, going to attempt to download it;', file);
|
|
12106
12462
|
const result = await downloadManifestFile({
|
|
12107
12463
|
file,
|
|
12108
12464
|
tmpDir,
|
|
@@ -12124,9 +12480,9 @@ async function downloadManifestFile({
|
|
|
12124
12480
|
repoApiUrl,
|
|
12125
12481
|
tmpDir
|
|
12126
12482
|
}) {
|
|
12127
|
-
require$$
|
|
12483
|
+
require$$8.debugFn('notice', 'request: download url from GitHub');
|
|
12128
12484
|
const fileUrl = `${repoApiUrl}/contents/${file}?ref=${defaultBranch}`;
|
|
12129
|
-
require$$
|
|
12485
|
+
require$$8.debugDir('inspect', {
|
|
12130
12486
|
fileUrl
|
|
12131
12487
|
});
|
|
12132
12488
|
const downloadUrlResponse = await fetch(fileUrl, {
|
|
@@ -12135,9 +12491,9 @@ async function downloadManifestFile({
|
|
|
12135
12491
|
Authorization: `Bearer ${githubToken}`
|
|
12136
12492
|
}
|
|
12137
12493
|
});
|
|
12138
|
-
require$$
|
|
12494
|
+
require$$8.debugFn('notice', 'complete: request');
|
|
12139
12495
|
const downloadUrlText = await downloadUrlResponse.text();
|
|
12140
|
-
require$$
|
|
12496
|
+
require$$8.debugFn('inspect', 'response: raw download url', downloadUrlText);
|
|
12141
12497
|
let downloadUrl;
|
|
12142
12498
|
try {
|
|
12143
12499
|
downloadUrl = JSON.parse(downloadUrlText).download_url;
|
|
@@ -12150,7 +12506,7 @@ async function downloadManifestFile({
|
|
|
12150
12506
|
};
|
|
12151
12507
|
}
|
|
12152
12508
|
const localPath = path.join(tmpDir, file);
|
|
12153
|
-
require$$
|
|
12509
|
+
require$$8.debugFn('notice', 'download: manifest file started', downloadUrl, '->', localPath);
|
|
12154
12510
|
|
|
12155
12511
|
// Now stream the file to that file...
|
|
12156
12512
|
const result = await streamDownloadWithFetch(localPath, downloadUrl);
|
|
@@ -12159,7 +12515,7 @@ async function downloadManifestFile({
|
|
|
12159
12515
|
logger.logger.fail(`Failed to download manifest file, skipping to next file. File: ${file}`);
|
|
12160
12516
|
return result;
|
|
12161
12517
|
}
|
|
12162
|
-
require$$
|
|
12518
|
+
require$$8.debugFn('notice', 'download: manifest file completed');
|
|
12163
12519
|
return {
|
|
12164
12520
|
ok: true,
|
|
12165
12521
|
data: undefined
|
|
@@ -12211,7 +12567,7 @@ async function streamDownloadWithFetch(localPath, downloadUrl) {
|
|
|
12211
12567
|
};
|
|
12212
12568
|
} catch (error) {
|
|
12213
12569
|
logger.logger.fail('An error was thrown while trying to download a manifest file... url:', downloadUrl);
|
|
12214
|
-
require$$
|
|
12570
|
+
require$$8.debugDir('inspect', {
|
|
12215
12571
|
error
|
|
12216
12572
|
});
|
|
12217
12573
|
|
|
@@ -12235,7 +12591,7 @@ async function streamDownloadWithFetch(localPath, downloadUrl) {
|
|
|
12235
12591
|
// If error was due to bad HTTP status
|
|
12236
12592
|
detailedError += ` (HTTP Status: ${response.status} ${response.statusText})`;
|
|
12237
12593
|
}
|
|
12238
|
-
require$$
|
|
12594
|
+
require$$8.debugFn('error', detailedError);
|
|
12239
12595
|
return {
|
|
12240
12596
|
ok: false,
|
|
12241
12597
|
message: 'Download Failed',
|
|
@@ -12252,14 +12608,14 @@ async function getLastCommitDetails({
|
|
|
12252
12608
|
}) {
|
|
12253
12609
|
logger.logger.info(`Requesting last commit for default branch ${defaultBranch} for ${orgGithub}/${repoSlug}...`);
|
|
12254
12610
|
const commitApiUrl = `${repoApiUrl}/commits?sha=${defaultBranch}&per_page=1`;
|
|
12255
|
-
require$$
|
|
12611
|
+
require$$8.debugFn('inspect', 'url: commit', commitApiUrl);
|
|
12256
12612
|
const commitResponse = await fetch(commitApiUrl, {
|
|
12257
12613
|
headers: {
|
|
12258
12614
|
Authorization: `Bearer ${githubToken}`
|
|
12259
12615
|
}
|
|
12260
12616
|
});
|
|
12261
12617
|
const commitText = await commitResponse.text();
|
|
12262
|
-
require$$
|
|
12618
|
+
require$$8.debugFn('inspect', 'response: commit', commitText);
|
|
12263
12619
|
let lastCommit;
|
|
12264
12620
|
try {
|
|
12265
12621
|
lastCommit = JSON.parse(commitText)?.[0];
|
|
@@ -12346,7 +12702,7 @@ async function getRepoDetails({
|
|
|
12346
12702
|
repoSlug
|
|
12347
12703
|
}) {
|
|
12348
12704
|
const repoApiUrl = `${githubApiUrl}/repos/${orgGithub}/${repoSlug}`;
|
|
12349
|
-
require$$
|
|
12705
|
+
require$$8.debugDir('inspect', {
|
|
12350
12706
|
repoApiUrl
|
|
12351
12707
|
});
|
|
12352
12708
|
const repoDetailsResponse = await fetch(repoApiUrl, {
|
|
@@ -12357,7 +12713,7 @@ async function getRepoDetails({
|
|
|
12357
12713
|
});
|
|
12358
12714
|
logger.logger.success(`Request completed.`);
|
|
12359
12715
|
const repoDetailsText = await repoDetailsResponse.text();
|
|
12360
|
-
require$$
|
|
12716
|
+
require$$8.debugFn('inspect', 'response: repo', repoDetailsText);
|
|
12361
12717
|
let repoDetails;
|
|
12362
12718
|
try {
|
|
12363
12719
|
repoDetails = JSON.parse(repoDetailsText);
|
|
@@ -12396,7 +12752,7 @@ async function getRepoBranchTree({
|
|
|
12396
12752
|
}) {
|
|
12397
12753
|
logger.logger.info(`Requesting default branch file tree; branch \`${defaultBranch}\`, repo \`${orgGithub}/${repoSlug}\`...`);
|
|
12398
12754
|
const treeApiUrl = `${repoApiUrl}/git/trees/${defaultBranch}?recursive=1`;
|
|
12399
|
-
require$$
|
|
12755
|
+
require$$8.debugFn('inspect', 'url: tree', treeApiUrl);
|
|
12400
12756
|
const treeResponse = await fetch(treeApiUrl, {
|
|
12401
12757
|
method: 'GET',
|
|
12402
12758
|
headers: {
|
|
@@ -12404,7 +12760,7 @@ async function getRepoBranchTree({
|
|
|
12404
12760
|
}
|
|
12405
12761
|
});
|
|
12406
12762
|
const treeText = await treeResponse.text();
|
|
12407
|
-
require$$
|
|
12763
|
+
require$$8.debugFn('inspect', 'response: tree', treeText);
|
|
12408
12764
|
let treeDetails;
|
|
12409
12765
|
try {
|
|
12410
12766
|
treeDetails = JSON.parse(treeText);
|
|
@@ -12433,7 +12789,7 @@ async function getRepoBranchTree({
|
|
|
12433
12789
|
};
|
|
12434
12790
|
}
|
|
12435
12791
|
if (!treeDetails.tree || !Array.isArray(treeDetails.tree)) {
|
|
12436
|
-
require$$
|
|
12792
|
+
require$$8.debugDir('inspect', {
|
|
12437
12793
|
treeDetails: {
|
|
12438
12794
|
tree: treeDetails.tree
|
|
12439
12795
|
}
|
|
@@ -12627,7 +12983,7 @@ async function run$9(argv, importMeta, {
|
|
|
12627
12983
|
// We're going to need an api token to suggest data because those suggestions
|
|
12628
12984
|
// must come from data we already know. Don't error on missing api token yet.
|
|
12629
12985
|
// If the api-token is not set, ignore it for the sake of suggestions.
|
|
12630
|
-
const hasSocketApiToken = utils.
|
|
12986
|
+
const hasSocketApiToken = utils.hasDefaultApiToken();
|
|
12631
12987
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
12632
12988
|
|
|
12633
12989
|
// If the current cwd is unknown and is used as a repo slug anyways, we will
|
|
@@ -12905,7 +13261,7 @@ async function run$8(argv, importMeta, {
|
|
|
12905
13261
|
const noLegacy = !cli.flags['repo'];
|
|
12906
13262
|
const [repo = '', branchArg = ''] = cli.input;
|
|
12907
13263
|
const branch = String(branchFlag || branchArg || '');
|
|
12908
|
-
const hasApiToken = utils.
|
|
13264
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
12909
13265
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
12910
13266
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
12911
13267
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -13065,7 +13421,7 @@ async function run$7(argv, importMeta, {
|
|
|
13065
13421
|
const dryRun = !!cli.flags['dryRun'];
|
|
13066
13422
|
const interactive = !!cli.flags['interactive'];
|
|
13067
13423
|
const [scanId = ''] = cli.input;
|
|
13068
|
-
const hasApiToken = utils.
|
|
13424
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
13069
13425
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
13070
13426
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
13071
13427
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -13277,7 +13633,7 @@ async function run$6(argv, importMeta, {
|
|
|
13277
13633
|
targets = await suggestTarget();
|
|
13278
13634
|
}
|
|
13279
13635
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
13280
|
-
const hasApiToken = utils.
|
|
13636
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
13281
13637
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
13282
13638
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
13283
13639
|
nook: true,
|
|
@@ -13426,7 +13782,7 @@ async function run$5(argv, importMeta, {
|
|
|
13426
13782
|
const dryRun = !!cli.flags['dryRun'];
|
|
13427
13783
|
const interactive = !!cli.flags['interactive'];
|
|
13428
13784
|
const [scanId = '', file = ''] = cli.input;
|
|
13429
|
-
const hasApiToken = utils.
|
|
13785
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
13430
13786
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
13431
13787
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
13432
13788
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -13848,8 +14204,8 @@ async function fetchScan(orgSlug, scanId) {
|
|
|
13848
14204
|
return JSON.parse(line);
|
|
13849
14205
|
} catch (e) {
|
|
13850
14206
|
ok = false;
|
|
13851
|
-
require$$
|
|
13852
|
-
require$$
|
|
14207
|
+
require$$8.debugFn('error', 'caught: JSON.parse error');
|
|
14208
|
+
require$$8.debugDir('inspect', {
|
|
13853
14209
|
error: e,
|
|
13854
14210
|
line
|
|
13855
14211
|
});
|
|
@@ -14036,7 +14392,7 @@ async function run$3(argv, importMeta, {
|
|
|
14036
14392
|
const dryRun = !!cli.flags['dryRun'];
|
|
14037
14393
|
const interactive = !!cli.flags['interactive'];
|
|
14038
14394
|
const [scanId = '', file = ''] = cli.input;
|
|
14039
|
-
const hasApiToken = utils.
|
|
14395
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
14040
14396
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
14041
14397
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
14042
14398
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -14475,7 +14831,7 @@ async function run$2(argv, importMeta, {
|
|
|
14475
14831
|
if (argSet.size) {
|
|
14476
14832
|
logger.logger.info(`Warning: ignoring these excessive args: ${Array.from(argSet).join(', ')}`);
|
|
14477
14833
|
}
|
|
14478
|
-
const hasApiToken = utils.
|
|
14834
|
+
const hasApiToken = utils.hasDefaultApiToken();
|
|
14479
14835
|
const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
|
|
14480
14836
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
14481
14837
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
@@ -14740,8 +15096,8 @@ Do you want to install "safe npm" (this will create an alias to the socket-npm c
|
|
|
14740
15096
|
}
|
|
14741
15097
|
}
|
|
14742
15098
|
} catch (e) {
|
|
14743
|
-
require$$
|
|
14744
|
-
require$$
|
|
15099
|
+
require$$8.debugFn('error', 'caught: tab completion setup error');
|
|
15100
|
+
require$$8.debugDir('inspect', {
|
|
14745
15101
|
error: e
|
|
14746
15102
|
});
|
|
14747
15103
|
// Ignore. Skip tab completion setup.
|
|
@@ -14934,6 +15290,7 @@ const rootCommands = {
|
|
|
14934
15290
|
optimize: cmdOptimize,
|
|
14935
15291
|
organization: cmdOrganization,
|
|
14936
15292
|
package: cmdPackage,
|
|
15293
|
+
patch: cmdPatch,
|
|
14937
15294
|
'raw-npm': cmdRawNpm,
|
|
14938
15295
|
'raw-npx': cmdRawNpx,
|
|
14939
15296
|
repository: cmdRepository,
|
|
@@ -15048,8 +15405,8 @@ void (async () => {
|
|
|
15048
15405
|
});
|
|
15049
15406
|
} catch (e) {
|
|
15050
15407
|
process.exitCode = 1;
|
|
15051
|
-
require$$
|
|
15052
|
-
require$$
|
|
15408
|
+
require$$8.debugFn('error', 'Uncaught error (BAD!):');
|
|
15409
|
+
require$$8.debugDir('inspect', {
|
|
15053
15410
|
error: e
|
|
15054
15411
|
});
|
|
15055
15412
|
let errorBody;
|
|
@@ -15095,7 +15452,7 @@ void (async () => {
|
|
|
15095
15452
|
logger.logger.error('\n');
|
|
15096
15453
|
logger.logger.fail(utils.failMsgWithBadge(errorTitle, errorMessage));
|
|
15097
15454
|
if (errorBody) {
|
|
15098
|
-
require$$
|
|
15455
|
+
require$$8.debugDir('inspect', {
|
|
15099
15456
|
errorBody
|
|
15100
15457
|
});
|
|
15101
15458
|
}
|
|
@@ -15103,5 +15460,5 @@ void (async () => {
|
|
|
15103
15460
|
await utils.captureException(e);
|
|
15104
15461
|
}
|
|
15105
15462
|
})();
|
|
15106
|
-
//# debugId=
|
|
15463
|
+
//# debugId=293e0fae-5f8d-4051-915d-b3c213feafed
|
|
15107
15464
|
//# sourceMappingURL=cli.js.map
|