socket 1.1.82 → 1.1.84
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +11 -0
- package/dist/cli.js +21 -5
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +4 -4
- package/dist/constants.js.map +1 -1
- package/dist/tsconfig.dts.tsbuildinfo +1 -1
- package/dist/types/commands/fix/cmd-fix.d.mts.map +1 -1
- package/package.json +2 -2
package/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,17 @@ All notable changes to this project will be documented in this file.
|
|
|
4
4
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
|
|
6
6
|
|
|
7
|
+
## [1.1.84](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.84) - 2026-04-17
|
|
8
|
+
|
|
9
|
+
### Changed
|
|
10
|
+
- Updated the Coana CLI to v `14.12.218`.
|
|
11
|
+
|
|
12
|
+
## [1.1.83](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.83) - 2026-04-14
|
|
13
|
+
|
|
14
|
+
### Fixed
|
|
15
|
+
- `socket fix` now shows a clear error when a vulnerability ID (GHSA, CVE, or PURL) is passed as a positional argument instead of with `--id`, with a helpful "Did you mean" suggestion
|
|
16
|
+
- `socket fix` now shows a clear error when the target directory does not exist, instead of a confusing API error about missing files
|
|
17
|
+
|
|
7
18
|
## [1.1.82](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.82) - 2026-04-13
|
|
8
19
|
|
|
9
20
|
### Changed
|
package/dist/cli.js
CHANGED
|
@@ -4717,6 +4717,26 @@ async function run$K(argv, importMeta, {
|
|
|
4717
4717
|
if (!wasValidInput) {
|
|
4718
4718
|
return;
|
|
4719
4719
|
}
|
|
4720
|
+
|
|
4721
|
+
// Check if a positional argument looks like a vulnerability ID (GHSA, CVE,
|
|
4722
|
+
// or PURL) that was likely intended to be passed with --id.
|
|
4723
|
+
const rawInput = cli.input[0];
|
|
4724
|
+
if (rawInput && (/^GHSA-/i.test(rawInput) || /^CVE-/i.test(rawInput) || rawInput.startsWith('pkg:'))) {
|
|
4725
|
+
logger.logger.fail(`"${rawInput}" looks like a vulnerability identifier, not a directory path.\nDid you mean: socket fix ${constants.FLAG_ID} ${rawInput}`);
|
|
4726
|
+
process.exitCode = 1;
|
|
4727
|
+
return;
|
|
4728
|
+
}
|
|
4729
|
+
let [cwd = '.'] = cli.input;
|
|
4730
|
+
// Note: path.resolve vs .join:
|
|
4731
|
+
// If given path is absolute then cwd should not affect it.
|
|
4732
|
+
cwd = path.resolve(process.cwd(), cwd);
|
|
4733
|
+
|
|
4734
|
+
// Validate the target directory exists.
|
|
4735
|
+
if (!fs$1.existsSync(cwd)) {
|
|
4736
|
+
logger.logger.fail(`Target directory does not exist: ${cwd}`);
|
|
4737
|
+
process.exitCode = 1;
|
|
4738
|
+
return;
|
|
4739
|
+
}
|
|
4720
4740
|
if (dryRun) {
|
|
4721
4741
|
logger.logger.log(constants.default.DRY_RUN_NOT_SAVING);
|
|
4722
4742
|
return;
|
|
@@ -4728,10 +4748,6 @@ async function run$K(argv, importMeta, {
|
|
|
4728
4748
|
return;
|
|
4729
4749
|
}
|
|
4730
4750
|
const orgSlug = orgSlugCResult.data;
|
|
4731
|
-
let [cwd = '.'] = cli.input;
|
|
4732
|
-
// Note: path.resolve vs .join:
|
|
4733
|
-
// If given path is absolute then cwd should not affect it.
|
|
4734
|
-
cwd = path.resolve(process.cwd(), cwd);
|
|
4735
4751
|
const {
|
|
4736
4752
|
spinner
|
|
4737
4753
|
} = constants.default;
|
|
@@ -15539,5 +15555,5 @@ process.on('unhandledRejection', async (reason, promise) => {
|
|
|
15539
15555
|
// eslint-disable-next-line n/no-process-exit
|
|
15540
15556
|
process.exit(1);
|
|
15541
15557
|
});
|
|
15542
|
-
//# debugId=
|
|
15558
|
+
//# debugId=74ad19c5-bbe4-4587-bb79-5a9bb77194f
|
|
15543
15559
|
//# sourceMappingURL=cli.js.map
|