npm - socket - Versions diffs - 1.1.0 → 1.1.2 - Mend

socket 1.1.0 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

package/dist/cli.js +465 -404
package/dist/cli.js.map +1 -1
package/dist/constants.js +3 -3
package/dist/constants.js.map +1 -1
package/dist/flags.js +5 -6
package/dist/flags.js.map +1 -1
package/dist/shadow-npm-bin.js +4 -4
package/dist/shadow-npm-bin.js.map +1 -1
package/dist/shadow-npm-inject.js +5 -8
package/dist/shadow-npm-inject.js.map +1 -1
package/dist/socket-completion.bash +1 -1
package/dist/tsconfig.dts.tsbuildinfo +1 -1
package/dist/types/commands/fix/cmd-fix.d.mts.map +1 -1
package/dist/types/commands/fix/coana-fix.d.mts.map +1 -1
package/dist/types/commands/fix/{fix-env-helpers.d.mts → env-helpers.d.mts} +1 -1
package/dist/types/commands/fix/env-helpers.d.mts.map +1 -0
package/dist/types/commands/fix/git.d.mts +13 -0
package/dist/types/commands/fix/git.d.mts.map +1 -0
package/dist/types/commands/fix/pull-request.d.mts +10 -53
package/dist/types/commands/fix/pull-request.d.mts.map +1 -1
package/dist/types/commands/patch/cmd-patch.d.mts.map +1 -1
package/dist/types/commands/patch/handle-patch.d.mts +1 -1
package/dist/types/commands/patch/handle-patch.d.mts.map +1 -1
package/dist/types/commands/patch/manifest-schema.d.mts +34 -0
package/dist/types/commands/patch/manifest-schema.d.mts.map +1 -0
package/dist/types/commands/scan/fetch-supported-scan-file-names.d.mts +2 -0
package/dist/types/commands/scan/fetch-supported-scan-file-names.d.mts.map +1 -1
package/dist/types/flags.d.mts +9 -8
package/dist/types/flags.d.mts.map +1 -1
package/dist/types/shadow/npm/arborist/lib/arborist/index.d.mts.map +1 -1
package/dist/types/shadow/npm/paths.d.mts +0 -1
package/dist/types/shadow/npm/paths.d.mts.map +1 -1
package/dist/types/utils/fs.d.mts +0 -1
package/dist/types/utils/fs.d.mts.map +1 -1
package/dist/types/utils/github.d.mts +38 -0
package/dist/types/utils/github.d.mts.map +1 -0
package/dist/types/utils/glob.d.mts +0 -1
package/dist/types/utils/glob.d.mts.map +1 -1
package/dist/utils.js +205 -18
package/dist/utils.js.map +1 -1
package/dist/vendor.js +3460 -140
package/external/@socketsecurity/registry/external/libnpmpack.js +96569 -41361
package/external/@socketsecurity/registry/external/pacote.js +77357 -68133
package/external/@socketsecurity/registry/lib/fs.js +13 -27
package/external/@socketsecurity/registry/lib/json.js +42 -0
package/external/@socketsecurity/registry/manifest.json +4 -4
package/package.json +8 -7
package/dist/types/commands/fix/fix-branch-helpers.d.mts +0 -4
package/dist/types/commands/fix/fix-branch-helpers.d.mts.map +0 -1
package/dist/types/commands/fix/fix-env-helpers.d.mts.map +0 -1
package/dist/types/commands/fix/socket-git.d.mts +0 -32
package/dist/types/commands/fix/socket-git.d.mts.map +0 -1

package/external/@socketsecurity/registry/lib/fs.js CHANGED Viewed

@@ -3,9 +3,9 @@
 const { freeze: ObjectFreeze } = Object
 const { defaultIgnore, getGlobMatcher } = /*@__PURE__*/ require('./globs')
+const { jsonParse } = /*@__PURE__*/ require('./json')
 const { naturalCompare } = /*@__PURE__*/ require('./sorts')
 const { pathLikeToString } = /*@__PURE__*/ require('./path')
-const { stripBom } = /*@__PURE__*/ require('./strings')
 const defaultRemoveOptions = ObjectFreeze({
   __proto__: null,
@@ -94,22 +94,6 @@ function isSymLinkSync(filepath) {
   return false
 }
-/*@__NO_SIDE_EFFECTS__*/
-function parse(filepath, content, reviver, shouldThrow) {
-  const jsonStr = Buffer.isBuffer(content) ? content.toString('utf8') : content
-  try {
-    return JSON.parse(stripBom(jsonStr), reviver)
-  } catch (e) {
-    if (shouldThrow) {
-      if (e) {
-        e.message = `${filepath}: ${e.message}`
-      }
-      throw e
-    }
-  }
-  return null
-}
 /*@__NO_SIDE_EFFECTS__*/
 async function readDirNames(dirname, options) {
   const fs = getFs()
@@ -164,16 +148,17 @@ async function readJson(filepath, options) {
   }
   const { reviver, throws, ...fsOptions } = { __proto__: null, ...options }
   const fs = getFs()
-  const shouldThrow = throws === undefined || !!throws
-  return parse(
-    filepath,
+  return jsonParse(
     await fs.promises.readFile(filepath, {
       __proto__: null,
       encoding: 'utf8',
       ...fsOptions
     }),
-    reviver,
-    shouldThrow
+    {
+      filepath,
+      reviver,
+      throws
+    }
   )
 }
@@ -184,16 +169,17 @@ function readJsonSync(filepath, options) {
   }
   const { reviver, throws, ...fsOptions } = { __proto__: null, ...options }
   const fs = getFs()
-  const shouldThrow = throws === undefined || !!throws
-  return parse(
-    filepath,
+  return jsonParse(
     fs.readFileSync(filepath, {
       __proto__: null,
       encoding: 'utf8',
       ...fsOptions
     }),
-    reviver,
-    shouldThrow
+    {
+      filepath,
+      reviver,
+      throws
+    }
   )
 }

package/external/@socketsecurity/registry/lib/json.js ADDED Viewed

@@ -0,0 +1,42 @@
+'use strict'
+const { parse: JSONParse } = JSON
+const { stripBom } = /*@__PURE__*/ require('./strings')
+/*@__NO_SIDE_EFFECTS__*/
+function isBuffer(x) {
+  if (!x || typeof x !== 'object' || typeof x.length !== 'number') {
+    return false
+  }
+  if (typeof x.copy !== 'function' || typeof x.slice !== 'function') {
+    return false
+  }
+  if (x.length > 0 && typeof x[0] !== 'number') {
+    return false
+  }
+  const Ctor = x.constructor
+  return !!(typeof Ctor?.isBuffer === 'function' && Ctor.isBuffer(x))
+}
+/*@__NO_SIDE_EFFECTS__*/
+function jsonParse(content, options) {
+  const { filepath, reviver, throws } = { __proto__: null, ...options }
+  const shouldThrow = throws === undefined || !!throws
+  const jsonStr = isBuffer(content) ? content.toString('utf8') : content
+  try {
+    return JSONParse(stripBom(jsonStr), reviver)
+  } catch (e) {
+    if (shouldThrow) {
+      if (e && typeof filepath === 'string') {
+        e.message = `${filepath}: ${e.message}`
+      }
+      throw e
+    }
+  }
+  return null
+}
+module.exports = {
+  jsonParse
+}

package/external/@socketsecurity/registry/manifest.json CHANGED Viewed

@@ -297,7 +297,7 @@
       }
     ],
     [
-      "pkg:npm/%40socketregistry/assert@1.0.18",
+      "pkg:npm/%40socketregistry/assert@1.0.19",
       {
         "categories": ["cleanup"],
         "engines": {
@@ -307,7 +307,7 @@
         "license": "MIT",
         "name": "@socketregistry/assert",
         "package": "assert",
-        "version": "1.0.18"
+        "version": "1.0.19"
       }
     ],
     [
@@ -354,7 +354,7 @@
       }
     ],
     [
-      "pkg:npm/%40socketregistry/deep-equal@1.0.17",
+      "pkg:npm/%40socketregistry/deep-equal@1.0.18",
       {
         "categories": ["cleanup"],
         "engines": {
@@ -364,7 +364,7 @@
         "license": "MIT",
         "name": "@socketregistry/deep-equal",
         "package": "deep-equal",
-        "version": "1.0.17"
+        "version": "1.0.18"
       }
     ],
     [

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "socket",
-  "version": "1.1.0",
+  "version": "1.1.2",
   "description": "CLI for Socket.dev",
   "homepage": "https://github.com/SocketDev/socket-cli",
   "license": "MIT",
@@ -106,20 +106,20 @@
     "@rollup/plugin-json": "6.1.0",
     "@rollup/plugin-node-resolve": "16.0.1",
     "@rollup/plugin-replace": "6.0.2",
-    "@rollup/pluginutils": "5.2.0",
+    "@rollup/pluginutils": "5.3.0",
     "@socketregistry/hyrious__bun.lockb": "1.0.18",
     "@socketregistry/indent-string": "1.0.13",
     "@socketregistry/is-interactive": "1.0.6",
     "@socketregistry/packageurl-js": "1.0.9",
     "@socketsecurity/config": "3.0.1",
-    "@socketsecurity/registry": "1.0.279",
-    "@socketsecurity/sdk": "1.4.84",
+    "@socketsecurity/registry": "1.0.281",
+    "@socketsecurity/sdk": "1.4.85",
     "@types/blessed": "0.1.25",
     "@types/cmd-shim": "5.0.2",
     "@types/js-yaml": "4.0.9",
     "@types/micromatch": "4.0.9",
     "@types/mock-fs": "4.13.4",
-    "@types/node": "24.3.0",
+    "@types/node": "24.3.1",
     "@types/npmcli__arborist": "6.3.1",
     "@types/npmcli__config": "6.0.3",
     "@types/proc-log": "3.0.4",
@@ -127,7 +127,7 @@
     "@types/which": "3.0.4",
     "@types/yargs-parser": "21.0.3",
     "@typescript-eslint/parser": "8.42.0",
-    "@typescript/native-preview": "7.0.0-dev.20250903.1",
+    "@typescript/native-preview": "7.0.0-dev.20250904.1",
     "@vitest/coverage-v8": "3.2.4",
     "blessed": "0.1.81",
     "blessed-contrib": "4.11.0",
@@ -176,7 +176,8 @@
     "which": "5.0.0",
     "yaml": "2.8.1",
     "yargs-parser": "22.0.0",
-    "yoctocolors-cjs": "2.1.3"
+    "yoctocolors-cjs": "2.1.3",
+    "zod": "4.1.5"
   },
   "overrides": {
     "@octokit/graphql": "$@octokit/graphql",

package/dist/types/commands/fix/fix-branch-helpers.d.mts DELETED Viewed

@@ -1,4 +0,0 @@
-import type { FixEnv } from './fix-env-helpers.mts';
-import type { PrMatch } from './pull-request.mts';
-export declare function getPrsForPurl(fixEnv: FixEnv | null | undefined, partialPurl: string): PrMatch[];
-//# sourceMappingURL=fix-branch-helpers.d.mts.map

package/dist/types/commands/fix/fix-branch-helpers.d.mts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"fix-branch-helpers.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/fix-branch-helpers.mts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,uBAAuB,CAAA;AACnD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AAEjD,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACjC,WAAW,EAAE,MAAM,GAClB,OAAO,EAAE,CA+BX"}

package/dist/types/commands/fix/fix-env-helpers.d.mts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"fix-env-helpers.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/fix-env-helpers.mts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAkBnD,MAAM,WAAW,MAAM;IACrB,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,OAAO,CAAA;IACb,GAAG,EAAE,OAAO,EAAE,CAAA;IACd,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;CAC1B;AAED,wBAAsB,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAuDjD"}

package/dist/types/commands/fix/socket-git.d.mts DELETED Viewed

@@ -1,32 +0,0 @@
-import { PackageURL } from '@socketregistry/packageurl-js';
-import type { SocketArtifact } from '../../utils/alert/artifact.mts';
-export type GitCreateAndPushBranchOptions = {
-    cwd?: string | undefined;
-    email?: string | undefined;
-    user?: string | undefined;
-};
-export type SocketBranchParser = (branch: string) => SocketBranchParseResult | null;
-export type SocketBranchParseResult = {
-    fullName: string;
-    newVersion: string;
-    type: string;
-    workspace: string;
-    version: string;
-};
-export type SocketBranchPatternOptions = {
-    newVersion?: string | undefined;
-    purl?: string | undefined;
-    workspace?: string | undefined;
-};
-export declare function createSocketBranchParser(options?: SocketBranchPatternOptions | undefined): SocketBranchParser;
-export declare const genericSocketBranchParser: SocketBranchParser;
-export declare function getSocketBranchFullNameComponent(pkgName: string | PackageURL | SocketArtifact): string;
-export declare function getSocketBranchName(purl: string | PackageURL | SocketArtifact, newVersion: string, workspace?: string | undefined): string;
-export declare function getSocketBranchPackageVersionComponent(version: string | PackageURL | SocketArtifact): string;
-export declare function getSocketBranchPattern(options?: SocketBranchPatternOptions | undefined): RegExp;
-export declare function getSocketBranchPurlTypeComponent(purl: string | PackageURL | SocketArtifact): string;
-export declare function getSocketBranchWorkspaceComponent(workspace: string | undefined): string;
-export declare function getSocketCommitMessage(purl: string | PackageURL | SocketArtifact, newVersion: string, workspace?: string | undefined): string;
-export declare function getSocketPullRequestBody(purl: string | PackageURL | SocketArtifact, newVersion: string, workspace?: string | undefined): string;
-export declare function getSocketPullRequestTitle(purl: string | PackageURL | SocketArtifact, newVersion: string, workspace?: string | undefined): string;
-//# sourceMappingURL=socket-git.d.mts.map

package/dist/types/commands/fix/socket-git.d.mts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"socket-git.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/socket-git.mts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAS1D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAA;AAEpE,MAAM,MAAM,6BAA6B,GAAG;IAC1C,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC1B,IAAI,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC1B,CAAA;AAMD,MAAM,MAAM,kBAAkB,GAAG,CAC/B,MAAM,EAAE,MAAM,KACX,uBAAuB,GAAG,IAAI,CAAA;AAEnC,MAAM,MAAM,uBAAuB,GAAG;IACpC,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,IAAI,EAAE,MAAM,CAAA;IACZ,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,IAAI,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACzB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC/B,CAAA;AAED,wBAAgB,wBAAwB,CACtC,OAAO,CAAC,EAAE,0BAA0B,GAAG,SAAS,GAC/C,kBAAkB,CAwBpB;AAED,eAAO,MAAM,yBAAyB,oBAA6B,CAAA;AAEnE,wBAAgB,gCAAgC,CAC9C,OAAO,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,GAC5C,MAAM,CAUR;AAED,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,EAC1C,UAAU,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,GAC7B,MAAM,CAQR;AAED,wBAAgB,sCAAsC,CACpD,OAAO,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,GAC5C,MAAM,CAOR;AAED,wBAAgB,sBAAsB,CACpC,OAAO,CAAC,EAAE,0BAA0B,GAAG,SAAS,GAC/C,MAAM,CAyBR;AAED,wBAAgB,gCAAgC,CAC9C,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,GACzC,MAAM,CAGR;AAED,wBAAgB,iCAAiC,CAC/C,SAAS,EAAE,MAAM,GAAG,SAAS,GAC5B,MAAM,CAER;AAED,wBAAgB,sBAAsB,CACpC,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,EAC1C,UAAU,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,GAC7B,MAAM,CAIR;AAED,wBAAgB,wBAAwB,CACtC,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,EAC1C,UAAU,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,GAC7B,MAAM,CAKR;AAED,wBAAgB,yBAAyB,CACvC,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,EAC1C,UAAU,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,GAC7B,MAAM,CAIR"}