npm - socket - Versions diffs - 1.1.21 → 1.1.22 - Mend

socket 1.1.21 → 1.1.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/CHANGELOG.md +9 -0
package/dist/cli.js +16 -15
package/dist/cli.js.map +1 -1
package/dist/constants.js +6 -3
package/dist/constants.js.map +1 -1
package/dist/npm-cli.js +6 -2
package/dist/npm-cli.js.map +1 -1
package/dist/pnpm-cli.js +6 -2
package/dist/pnpm-cli.js.map +1 -1
package/dist/shadow-npm-bin2.js +7 -3
package/dist/shadow-npm-bin2.js.map +1 -1
package/dist/shadow-pnpm-bin2.js +40 -36
package/dist/shadow-pnpm-bin2.js.map +1 -1
package/dist/shadow-yarn-bin.js +14 -7
package/dist/shadow-yarn-bin.js.map +1 -1
package/dist/tsconfig.dts.tsbuildinfo +1 -1
package/dist/types/commands/fix/cmd-fix.d.mts.map +1 -1
package/dist/types/commands/fix/handle-fix.d.mts +2 -2
package/dist/types/commands/fix/handle-fix.d.mts.map +1 -1
package/dist/types/commands/fix/types.d.mts +1 -1
package/dist/types/commands/fix/types.d.mts.map +1 -1
package/dist/types/commands/scan/suggest_branch_slug.d.mts.map +1 -1
package/dist/types/constants.d.mts +3 -1
package/dist/types/constants.d.mts.map +1 -1
package/dist/types/shadow/common.d.mts +0 -8
package/dist/types/shadow/common.d.mts.map +1 -1
package/dist/types/shadow/npm-base.d.mts.map +1 -1
package/dist/types/shadow/pnpm/bin.d.mts.map +1 -1
package/dist/types/shadow/yarn/bin.d.mts.map +1 -1
package/dist/types/utils/agent.d.mts.map +1 -1
package/dist/types/utils/cmd.d.mts +25 -4
package/dist/types/utils/cmd.d.mts.map +1 -1
package/dist/types/utils/extract-names.d.mts +15 -0
package/dist/types/utils/extract-names.d.mts.map +1 -0
package/dist/types/utils/git.d.mts.map +1 -1
package/dist/utils.js +88 -26
package/dist/utils.js.map +1 -1
package/dist/yarn-cli.js +6 -2
package/dist/yarn-cli.js.map +1 -1
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,15 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
+## [1.1.22](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.22) - 2025-09-20
+### Changed
+- Rename `--only-compute` flag to `--dont-apply-fixes` for `socket fix`, but keep old flag as an alias.
+### Fixed
+- Resolved interactive prompts in `socket optimize` when using pnpm
+- Sanitize extracted git repository names to be compatible with the Socket API.
 ## [1.1.21](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.22) - 2025-09-20
 ### Added

package/dist/cli.js CHANGED Viewed

@@ -3546,10 +3546,10 @@ async function coanaFix(fixConfig) {
   const {
     autopilot,
     cwd,
+    dontApplyFixes,
     ghsas,
     glob,
     limit,
-    onlyCompute,
     orgSlug,
     outputFile,
     spinner
@@ -3594,7 +3594,7 @@ async function coanaFix(fixConfig) {
   const shouldOpenPrs = fixEnv.isCi && fixEnv.repoInfo;
   if (!shouldOpenPrs) {
     // Inform user about local mode when fixes will be applied.
-    if (!onlyCompute && ghsas.length) {
+    if (!dontApplyFixes && ghsas.length) {
       const envCheck = checkCiEnvVars();
       if (envCheck.present.length) {
         // Some CI vars are set but not all - show what's missing.
@@ -3616,7 +3616,7 @@ async function coanaFix(fixConfig) {
         }
       };
     }
-    const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...(isAll ? ['all'] : ghsas), ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(glob ? ['--glob', glob] : []), ...(onlyCompute ? [constants.FLAG_DRY_RUN] : []), ...(outputFile ? ['--output-file', outputFile] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
+    const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...(isAll ? ['all'] : ghsas), ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(glob ? ['--glob', glob] : []), ...(dontApplyFixes ? [constants.FLAG_DRY_RUN] : []), ...(outputFile ? ['--output-file', outputFile] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
       cwd,
       spinner,
       stdio: 'inherit'
@@ -3905,11 +3905,11 @@ async function convertIdsToGhsas(ids) {
 async function handleFix({
   autopilot,
   cwd,
+  dontApplyFixes,
   ghsas,
   glob,
   limit,
   minSatisfying,
-  onlyCompute,
   orgSlug,
   outputFile,
   outputKind,
@@ -3926,7 +3926,7 @@ async function handleFix({
     glob,
     limit,
     minSatisfying,
-    onlyCompute,
+    dontApplyFixes,
     outputFile,
     outputKind,
     prCheck,
@@ -3935,6 +3935,7 @@ async function handleFix({
   });
   await outputFixResult(await coanaFix({
     autopilot,
+    dontApplyFixes,
     cwd,
     // Convert mixed CVE/GHSA/PURL inputs to GHSA IDs only
     ghsas: await convertIdsToGhsas(ghsas),
@@ -3944,7 +3945,6 @@ async function handleFix({
     rangeStyle,
     spinner,
     unknownFlags,
-    onlyCompute,
     outputFile
   }), outputKind);
 }
@@ -3964,6 +3964,12 @@ const generalFlags$2 = {
     default: false,
     description: `Enable auto-merge for pull requests that Socket opens.\nSee ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
   },
+  dontApplyFixes: {
+    aliases: ['onlyCompute'],
+    type: 'boolean',
+    default: false,
+    description: 'Compute fixes only, do not apply them. Logs what upgrades would be applied. If combined with --output-file, the output file will contain the upgrades that would be applied.'
+  },
   id: {
     type: 'string',
     default: [],
@@ -3989,11 +3995,6 @@ Available styles:
   * preserve - Retain the existing version range style as-is
       `.trim()
   },
-  onlyCompute: {
-    type: 'boolean',
-    default: false,
-    description: 'Compute fixes only, do not apply them. Logs what upgrades would be applied. If combined with --output-file, the output file will contain the upgrades that would be applied.'
-  },
   outputFile: {
     type: 'string',
     default: '',
@@ -4099,12 +4100,12 @@ async function run$K(argv, importMeta, {
   });
   const {
     autopilot,
+    dontApplyFixes,
     glob,
     json,
     limit,
     markdown,
     maxSatisfying,
-    onlyCompute,
     outputFile,
     prCheck,
     rangeStyle,
@@ -4149,6 +4150,7 @@ async function run$K(argv, importMeta, {
   const ghsas = arrays.arrayUnique([...utils.cmdFlagValueToArray(cli.flags['id']), ...utils.cmdFlagValueToArray(cli.flags['ghsa']), ...utils.cmdFlagValueToArray(cli.flags['purl'])]);
   await handleFix({
     autopilot,
+    dontApplyFixes,
     cwd,
     ghsas,
     glob,
@@ -4160,7 +4162,6 @@ async function run$K(argv, importMeta, {
     rangeStyle,
     spinner,
     unknownFlags,
-    onlyCompute,
     outputFile
   });
 }
@@ -4361,7 +4362,7 @@ const cmdInstall = {
 async function outputCmdJson(cwd) {
   logger.logger.info('Target cwd:', constants.default.ENV.VITEST ? constants.REDACTED : utils.tildify(cwd));
   const sockJsonPath = path.join(cwd, constants.SOCKET_JSON);
-  const tildeSockJsonPath = constants.default.ENV.VITEST ? '<redacted>' : utils.tildify(sockJsonPath);
+  const tildeSockJsonPath = constants.default.ENV.VITEST ? constants.REDACTED : utils.tildify(sockJsonPath);
   if (!fs$1.existsSync(sockJsonPath)) {
     logger.logger.fail(`Not found: ${tildeSockJsonPath}`);
     process.exitCode = 1;
@@ -14944,5 +14945,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=506030ac-6b44-42d9-8af7-b61f2468318b
+//# debugId=4aa44248-7031-4a9e-8cad-1c9fbaa730ef
 //# sourceMappingURL=cli.js.map