varlock 0.0.5 → 0.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/dist/auto-load.js +5 -5
  2. package/dist/{chunk-LU2R63B4.js → chunk-2AA6IZBK.js} +3 -3
  3. package/dist/chunk-2AA6IZBK.js.map +1 -0
  4. package/dist/{chunk-365YVT72.js → chunk-2H7TDBLD.js} +3 -3
  5. package/dist/chunk-2H7TDBLD.js.map +1 -0
  6. package/dist/chunk-33ROL4J5.js.map +1 -1
  7. package/dist/{chunk-Z5KNSSLC.js → chunk-4D3QUGGJ.js} +6 -6
  8. package/dist/chunk-4D3QUGGJ.js.map +1 -0
  9. package/dist/{chunk-C2ZQAQUU.js → chunk-67DF2S4X.js} +3 -3
  10. package/dist/chunk-67DF2S4X.js.map +1 -0
  11. package/dist/{chunk-GCUCCUG5.js → chunk-7NCUE6IU.js} +14 -5
  12. package/dist/chunk-7NCUE6IU.js.map +1 -0
  13. package/dist/{chunk-VVKXMIKQ.js → chunk-BDA3K24R.js} +26 -13
  14. package/dist/chunk-BDA3K24R.js.map +1 -0
  15. package/dist/chunk-DAZNZPLN.js.map +1 -1
  16. package/dist/chunk-FGMXIEFA.js.map +1 -1
  17. package/dist/{chunk-GAQWSZCY.js → chunk-HQ3K6KKC.js} +3 -3
  18. package/dist/chunk-HQ3K6KKC.js.map +1 -0
  19. package/dist/chunk-ITXNRGOJ.js +14 -0
  20. package/dist/{chunk-PZE4KJJW.js.map → chunk-ITXNRGOJ.js.map} +1 -1
  21. package/dist/chunk-LHTLO65N.js.map +1 -1
  22. package/dist/{chunk-K2N2TG4M.js → chunk-LJKKUJMC.js} +7 -4
  23. package/dist/chunk-LJKKUJMC.js.map +1 -0
  24. package/dist/chunk-PUGFIZE3.js.map +1 -1
  25. package/dist/{chunk-EVHLEWHL.js → chunk-QDGAWJPB.js} +3 -3
  26. package/dist/chunk-QDGAWJPB.js.map +1 -0
  27. package/dist/chunk-RZT65DRA.js.map +1 -1
  28. package/dist/{chunk-Y7WD33L3.js → chunk-WOHPERDH.js} +3 -3
  29. package/dist/chunk-WOHPERDH.js.map +1 -0
  30. package/dist/{chunk-UFAGBKYG.js → chunk-WRLSFZTQ.js} +3 -3
  31. package/dist/chunk-WRLSFZTQ.js.map +1 -0
  32. package/dist/{chunk-VVJO4FC3.js → chunk-X52WCHVG.js} +6 -6
  33. package/dist/chunk-X52WCHVG.js.map +1 -0
  34. package/dist/{chunk-7SCZ3YWG.js → chunk-XCHNL72R.js} +4 -4
  35. package/dist/chunk-XCHNL72R.js.map +1 -0
  36. package/dist/{chunk-HMRN5QZL.js → chunk-YZ2H2QXX.js} +3 -3
  37. package/dist/chunk-YZ2H2QXX.js.map +1 -0
  38. package/dist/{chunk-GVAD672U.js → chunk-Z52EXRDT.js} +4 -4
  39. package/dist/chunk-Z52EXRDT.js.map +1 -0
  40. package/dist/{chunk-WFN3ZXGS.js → chunk-ZDGB2ZFV.js} +4 -4
  41. package/dist/chunk-ZDGB2ZFV.js.map +1 -0
  42. package/dist/cli/cli-executable.js +19 -19
  43. package/dist/cli/cli-executable.js.map +1 -1
  44. package/dist/doctor.command-TKHDKSUY.js +7 -0
  45. package/dist/{doctor.command-NUG3BYDQ.js.map → doctor.command-TKHDKSUY.js.map} +1 -1
  46. package/dist/dotenv-compat.js +5 -5
  47. package/dist/en-US-TSGNDI2P.js.map +1 -1
  48. package/dist/{env-B8lQt2sl.d.ts → env-k8iRuXIH.d.ts} +2 -2
  49. package/dist/index.d.ts +1 -1
  50. package/dist/index.js +10 -10
  51. package/dist/index.js.map +1 -1
  52. package/dist/init.command-NWFSUQWW.js +13 -0
  53. package/dist/{init.command-DHE2Q6FX.js.map → init.command-NWFSUQWW.js.map} +1 -1
  54. package/dist/ja-JP-UBPCQAAD.js.map +1 -1
  55. package/dist/load.command-U3ZEZYEV.js +12 -0
  56. package/dist/{load.command-GGE4OANH.js.map → load.command-U3ZEZYEV.js.map} +1 -1
  57. package/dist/login.command-SWBJENRF.js +10 -0
  58. package/dist/{login.command-25PKQUGR.js.map → login.command-SWBJENRF.js.map} +1 -1
  59. package/dist/run.command-WNANCLWN.js +12 -0
  60. package/dist/{run.command-BLL6AL52.js.map → run.command-WNANCLWN.js.map} +1 -1
  61. package/dist/runtime/env.d.ts +1 -1
  62. package/dist/runtime/env.js +1 -1
  63. package/dist/runtime/patch-console.js +2 -2
  64. package/dist/runtime/patch-response.js +2 -2
  65. package/dist/runtime/patch-server-response.js +2 -2
  66. package/dist/telemetry.command-QMUHAB3Z.js +10 -0
  67. package/dist/{telemetry.command-MVL3E366.js.map → telemetry.command-QMUHAB3Z.js.map} +1 -1
  68. package/package.json +3 -3
  69. package/dist/chunk-365YVT72.js.map +0 -1
  70. package/dist/chunk-7SCZ3YWG.js.map +0 -1
  71. package/dist/chunk-C2ZQAQUU.js.map +0 -1
  72. package/dist/chunk-EVHLEWHL.js.map +0 -1
  73. package/dist/chunk-GAQWSZCY.js.map +0 -1
  74. package/dist/chunk-GCUCCUG5.js.map +0 -1
  75. package/dist/chunk-GVAD672U.js.map +0 -1
  76. package/dist/chunk-HMRN5QZL.js.map +0 -1
  77. package/dist/chunk-K2N2TG4M.js.map +0 -1
  78. package/dist/chunk-LU2R63B4.js.map +0 -1
  79. package/dist/chunk-PZE4KJJW.js +0 -14
  80. package/dist/chunk-UFAGBKYG.js.map +0 -1
  81. package/dist/chunk-VVJO4FC3.js.map +0 -1
  82. package/dist/chunk-VVKXMIKQ.js.map +0 -1
  83. package/dist/chunk-WFN3ZXGS.js.map +0 -1
  84. package/dist/chunk-Y7WD33L3.js.map +0 -1
  85. package/dist/chunk-Z5KNSSLC.js.map +0 -1
  86. package/dist/doctor.command-NUG3BYDQ.js +0 -7
  87. package/dist/init.command-DHE2Q6FX.js +0 -13
  88. package/dist/load.command-GGE4OANH.js +0 -12
  89. package/dist/login.command-25PKQUGR.js +0 -10
  90. package/dist/run.command-BLL6AL52.js +0 -12
  91. package/dist/telemetry.command-MVL3E366.js +0 -10
package/dist/chunk-67DF2S4X.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/runtime/patch-server-response.ts"],"names":[],"mappings":";;;;;AAUA,IAAM,UAAA,GAAa,mBAAA;AACZ,SAAS,0BAA0B,IAAA,EAGvC;AACD,EAAA,KAAA,CAAM,6CAAmC,CAAA;AACzC,EAAA,IAAI,MAAA,CAAO,wBAAA,CAAyB,cAAA,CAAe,SAAA,EAAW,UAAU,CAAA,EAAG;AACzE,IAAA,KAAA,CAAM,mBAAmB,CAAA;AACzB,IAAA;AAAA,EACF;AACA,EAAA,IAAI,eAAA,CAAgB,iBAAiB,KAAA,EAAO;AAC1C,IAAA,KAAA,CAAM,wBAAwB,CAAA;AAC9B,IAAA;AAAA,EACF;AAEA,EAAA,MAAA,CAAO,eAAe,cAAA,CAAe,SAAA,EAAW,YAAY,EAAE,KAAA,EAAO,MAAM,CAAA;AAE3E,EAAA,MAAM,mBAAA,GAAsB,eAAe,SAAA,CAAU,KAAA;AAGrD,EAAA,cAAA,CAAe,SAAA,CAAU,KAAA,mBAAQ,MAAA,CAAA,SAAS,iCAAA,CAAA,GAAqC,IAAA,EAAM;AAInF,IAAA,MAAM,QAAA,GAAW,KAAK,CAAC,CAAA;AAIvB,IAAA,MAAM,cAAc,IAAA,CAAK,SAAA,CAAU,cAAc,CAAA,EAAG,UAAS,IAAK,EAAA;AAElE,IAAA,IAAI,UACF,WAAA,CAAY,UAAA,CAAW,OAAO,CAAA,IAC3B,WAAA,CAAY,WAAW,kBAAkB,CAAA;AAI9C,IAAA,MAAM,MAAA,GAAU,KAAa,GAAA,CAAI,GAAA;AAEjC,IAAA,IAAI,OAAA,IAAW,MAAA,IAAU,IAAA,EAAM,iBAAA,EAAmB,IAAA,CAAK,CAAC,OAAA,KAAY,OAAA,CAAQ,IAAA,CAAK,MAAM,CAAC,CAAA,EAAG;AACzF,MAAA,OAAA,GAAU,KAAA;AAAA,IACZ;AAIA,IAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,MAAA,OAAO,mBAAA,CAAoB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,IAC7C;AAGA,IAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,SAAA,CAAU,kBAAkB,CAAA;AACzD,IAAA,IAAI,QAAA;AACJ,IAAA,IAAI,SAAA,GAAkD,IAAA;AACtD,IAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,MAAA,SAAA,GAAY,QAAA;AACZ,MAAA,QAAA,GAAW,QAAA;AAAA,IACb,CAAA,MAAA,IAAW,CAAC,eAAA,EAAiB;AAC3B,MAAA,SAAA,GAAY,SAAA;AACZ,MAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,MAAA,QAAA,GAAW,OAAA,CAAQ,OAAO,QAAQ,CAAA;AAAA,IACpC,CAAA,MAAA,IAAW,oBAAoB,MAAA,EAAQ;AACrC,MAAA,SAAA,GAAY,MAAA;AAEZ,MAAA,IAAI,CAAE,KAAa,WAAA,EAAa;AAE9B,QAAC,IAAA,CAAa,WAAA,GAAc,CAAC,QAAQ,CAAA;AAAA,MACvC,CAAA,MAAO;AAEL,QAAC,IAAA,CAAa,WAAA,EAAa,IAAA,CAAK,QAAQ,CAAA;AACxC,QAAA,IAAI;AACF,UAAA,MAAM,aAAA,GAAgB,KAAK,SAAA,CAAU,MAAA,CAAO,OAAQ,IAAA,CAAa,WAAA,IAAe,EAAE,CAAA,EAAG;AAAA,YACnF,KAAA,EAAO,KAAK,SAAA,CAAU,YAAA;AAAA,YACtB,WAAA,EAAa,KAAK,SAAA,CAAU;AAAA,WAC7B,CAAA;AACD,UAAA,MAAM,gBAAA,GAAmB,aAAA,CAAc,QAAA,CAAS,OAAO,CAAA;AACvD,UAAA,QAAA,GAAW,gBAAA,CAAiB,SAAA,CAAW,IAAA,CAAa,kBAAA,IAAsB,CAAC,CAAA;AAC3E,UAAC,IAAA,CAAa,qBAAqB,gBAAA,CAAiB,MAAA;AAAA,QACtD,SAAS,GAAA,EAAK;AAAA,QAEd;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,QAAA,EAAU;AAIZ,MAAA,IAAI;AACF,QAAA,YAAA,CAAa,QAAA,EAAU,EAAE,MAAA,EAAQ,8BAAA,EAAgC,MAAO,IAAA,CAAa,GAAA,CAAI,KAAK,CAAA;AAAA,MAChG,SAAS,GAAA,EAAK;AAGZ,QAAA,IAAI,MAAM,oBAAA,EAAsB;AAC9B,UAAA,QAAA,GAAW,sBAAsB,QAAQ,CAAA;AACzC,UAAA,IAAI,cAAc,QAAA,EAAU;AAC1B,YAAA,IAAA,CAAK,CAAC,CAAA,GAAI,QAAA;AAAA,UACZ,CAAA,MAAA,IAAW,cAAc,SAAA,EAAW;AAClC,YAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,YAAA,IAAA,CAAK,CAAC,CAAA,GAAI,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AAAA,UACnC,CAAA,MAAA,IAAW,cAAc,MAAA,EAAQ,CAQjC,MAAO;AACL,YAAA,MAAM,IAAI,KAAA,CAAM,CAAA,qCAAA,EAAwC,SAAS,CAAA,CAAE,CAAA;AAAA,UACrE;AAAA,QACF,CAAA,MAAO;AACL,UAAA,MAAM,GAAA;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAGA,IAAA,OAAO,mBAAA,CAAoB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC7C,CAAA,EAlGiC,mCAAA,CAAA;AAsGjC,EAAA,MAAM,iBAAA,GAAoB,eAAe,SAAA,CAAU,GAAA;AAEnD,EAAA,cAAA,CAAe,SAAA,CAAU,GAAA,mBAAM,MAAA,CAAA,SAAS,wBAAA,CAAA,GAA4B,IAAA,EAAM;AAExE,IAAA,MAAM,QAAA,GAAW,KAAK,CAAC,CAAA;AAGvB,IAAA,IAAI,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAE5C,MAAA,YAAA,CAAa,QAAA,EAAU,EAAE,MAAA,EAAQ,4BAAA,EAA8B,CAAA;AAAA,IACjE;AAEA,IAAA,OAAO,iBAAA,CAAkB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC3C,CAAA,EAX+B,0BAAA,CAAA;AAYjC;AAvIgB,MAAA,CAAA,yBAAA,EAAA,2BAAA,CAAA","file":"chunk-67DF2S4X.js","sourcesContent":["/*\n This patches the global ServerResponse object to scan for secret leaks - currently used for next.js and remix\n*/\n\nimport zlib from 'node:zlib';\nimport { ServerResponse } from 'node:http';\nimport { redactSensitiveConfig, scanForLeaks, varlockSettings } from './env';\nimport { debug } from './lib/debug';\n\n// NOTE - previously was using a symbol but got weird because of multiple builds and contexts...\nconst patchedKey = '_patchedByVarlock';\nexport function patchGlobalServerResponse(opts?: {\n ignoreUrlPatterns?: Array<RegExp>,\n redactInsteadOfThrow?: boolean,\n}) {\n debug('⚡️ PATCHING global ServerResponse');\n if (Object.getOwnPropertyDescriptor(ServerResponse.prototype, patchedKey)) {\n debug('> already patched');\n return;\n }\n if (varlockSettings.preventLeaks === false) {\n debug('> disabled by settings');\n return;\n }\n\n Object.defineProperty(ServerResponse.prototype, patchedKey, { value: true });\n\n const serverResponseWrite = ServerResponse.prototype.write;\n\n // @ts-ignore\n ServerResponse.prototype.write = function varlockPatchedServerResponseWrite(...args) {\n // console.log('⚡️ patched ServerResponse.write');\n // TODO: do we want to filter out some requests here? maybe based on the file type?\n\n const rawChunk = args[0];\n\n // for now, we only scan rendered html... may need to change this though for server components?\n // so we bail if it looks like this response does not contain html\n const contentType = this.getHeader('content-type')?.toString() || '';\n // console.log('patched ServerResponse.write', contentType);\n let runScan = (\n contentType.startsWith('text/')\n || contentType.startsWith('application/json')\n // || contentType.startsWith('application/javascript')\n );\n\n const reqUrl = (this as any).req.url;\n // console.log('> scan ServerResponse.write', contentType, reqUrl);\n if (runScan && reqUrl && opts?.ignoreUrlPatterns?.some((pattern) => pattern.test(reqUrl))) {\n runScan = false;\n }\n\n // we want to run the scanner on text/html and text/x-component (server actions)\n // TODO: anything else?\n if (!runScan) {\n // @ts-ignore\n return serverResponseWrite.apply(this, args);\n }\n\n // have to deal with compressed data, which is awkward but possible\n const compressionType = this.getHeader('Content-Encoding');\n let chunkStr;\n let chunkType: 'string' | 'encoded' | 'gzip' | null = null;\n if (typeof rawChunk === 'string') {\n chunkType = 'string';\n chunkStr = rawChunk;\n } else if (!compressionType) {\n chunkType = 'encoded';\n const decoder = new TextDecoder();\n chunkStr = decoder.decode(rawChunk);\n } else if (compressionType === 'gzip') {\n chunkType = 'gzip';\n // first chunk of data contains only compression headers\n if (!(this as any)._zlibChunks) {\n // (this as any)._zlibHeadersChunk = rawChunk;\n (this as any)._zlibChunks = [rawChunk];\n } else {\n // TODO: figure out how we can unzip one chunk at a time instead of storing everything\n (this as any)._zlibChunks?.push(rawChunk);\n try {\n const unzippedChunk = zlib.unzipSync(Buffer.concat((this as any)._zlibChunks || []), {\n flush: zlib.constants.Z_SYNC_FLUSH,\n finishFlush: zlib.constants.Z_SYNC_FLUSH,\n });\n const fullUnzippedData = unzippedChunk.toString('utf-8');\n chunkStr = fullUnzippedData.substring((this as any)._lastChunkEndIndex || 0);\n (this as any)._lastChunkEndIndex = fullUnzippedData.length;\n } catch (err) {\n // console.log('error unzipping chunk', err);\n }\n }\n }\n // TODO: we may want to support other compression schemes? but currently only used in nextjs which is using gzip\n if (chunkStr) {\n // console.log('scanning!', chunkStr.substring(0, 1000));\n\n\n try {\n scanForLeaks(chunkStr, { method: 'patched ServerResponse.write', file: (this as any).req.url });\n } catch (err) {\n // console.log('found secret in chunk', chunkType, chunkStr);\n // console.log(this)\n if (opts?.redactInsteadOfThrow) {\n chunkStr = redactSensitiveConfig(chunkStr);\n if (chunkType === 'string') {\n args[0] = chunkStr;\n } else if (chunkType === 'encoded') {\n const encoder = new TextEncoder();\n args[0] = encoder.encode(chunkStr);\n } else if (chunkType === 'gzip') {\n // currently unable to scrub gzip chunks\n // this works sometimes, but othertimes causes decoding error\n // we'll need to pass through chunks from a new gzip stream, because we don't have access to the underlying one\n // args[0] = zlib.gzipSync(chunkStr, {\n // flush: zlib.constants.Z_SYNC_FLUSH,\n // finishFlush: zlib.constants.Z_SYNC_FLUSH,\n // });\n } else {\n throw new Error(`unable to scrub - unknown chunk type ${chunkType}`);\n }\n } else {\n throw err;\n }\n }\n }\n\n // @ts-ignore\n return serverResponseWrite.apply(this, args);\n };\n\n\n // calling `res.json()` in the api routes on pages router calls `res.end` without called `res.write`\n const serverResponseEnd = ServerResponse.prototype.end;\n // @ts-ignore\n ServerResponse.prototype.end = function patchedServerResponseEnd(...args) {\n // console.log('⚡️ patched ServerResponse.end');\n const endChunk = args[0];\n // console.log('patched ServerResponse.end', endChunk);\n // this just needs to work (so far) for nextjs sending json bodies, so does not need to handle all cases...\n if (endChunk && typeof endChunk === 'string') {\n // TODO: currently this throws the error and then things just hang... do we want to try to return an error type response instead?\n scanForLeaks(endChunk, { method: 'patched ServerResponse.end' });\n }\n // @ts-ignore\n return serverResponseEnd.apply(this, args);\n };\n}\n\n// ---\n// patchGlobalServerResponse();\n"]}
package/dist/{chunk-GCUCCUG5.js → chunk-7NCUE6IU.js} RENAMED
@@ -72,6 +72,7 @@ function revealSensitiveConfig(secretStr) {
72
72
  }
73
73
  __name(revealSensitiveConfig, "revealSensitiveConfig");
74
74
  function scanForLeaks(toScan, meta) {
75
+ if (!toScan) return toScan;
75
76
  function scanStrForLeaks(strToScan) {
76
77
  for (const sensitiveValue in sensitiveSecretsMap) {
77
78
  if (strToScan.includes(sensitiveValue)) {
@@ -118,7 +119,10 @@ var envValues = {};
118
119
  var varlockSettings = {};
119
120
  function initVarlockEnv(opts) {
120
121
  try {
121
- const serializedEnvData = JSON.parse(process.env.__VARLOCK_ENV || "{}");
122
+ const serializedEnvData = (
123
+ // when we inject resolved config at build time, we store it here
124
+ globalThis.__varlockLoadedEnv || JSON.parse(process.env.__VARLOCK_ENV || "{}")
125
+ );
122
126
  Object.assign(varlockSettings, serializedEnvData.settings);
123
127
  resetRedactionMap(serializedEnvData);
124
128
  for (const itemKey in serializedEnvData.config) {
@@ -133,14 +137,19 @@ function initVarlockEnv(opts) {
133
137
  }
134
138
  __name(initVarlockEnv, "initVarlockEnv");
135
139
  try {
136
- if (process.env.__VARLOCK_ENV && !initializedEnv) {
140
+ if (!initializedEnv && (globalThis.__varlockLoadedEnv || process.env.__VARLOCK_ENV)) {
137
141
  initVarlockEnv({ setProcessEnv: false });
138
142
  }
139
143
  } catch (err) {
140
144
  }
145
+ var IGNORED_PROXY_KEYS = [
146
+ // vue - see https://github.com/vuejs/core/blob/70773d00985135a50556c61fb9855ed6b930cb82/packages/reactivity/src/ref.ts#L101
147
+ "__v_isRef"
148
+ ];
141
149
  var EnvProxy = new Proxy({}, {
142
150
  get(target, prop) {
143
- if (typeof prop !== "string") throw new Error("ENV prop key must be a string");
151
+ if (typeof prop === "symbol") return;
152
+ if (IGNORED_PROXY_KEYS.includes(prop)) return;
144
153
  if (prop in envValues) return envValues[prop];
145
154
  if (globalThis.__varlockThrowOnMissingKeys) {
146
155
  if (globalThis.__varlockValidKeys && globalThis.__varlockValidKeys.includes(prop)) {
@@ -155,5 +164,5 @@ var EnvProxy = new Proxy({}, {
155
164
  var ENV = EnvProxy;
156
165
 
157
166
  export { ENV, debug, initVarlockEnv, redactSensitiveConfig, resetRedactionMap, revealSensitiveConfig, scanForLeaks, varlockSettings };
158
- //# sourceMappingURL=chunk-GCUCCUG5.js.map
159
- //# sourceMappingURL=chunk-GCUCCUG5.js.map
167
+ //# sourceMappingURL=chunk-7NCUE6IU.js.map
168
+ //# sourceMappingURL=chunk-7NCUE6IU.js.map
package/dist/chunk-7NCUE6IU.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/runtime/lib/debug.ts","../src/runtime/env.ts"],"names":[],"mappings":";;;;AAAO,SAAS,SAAS,IAAA,EAAkB;AACzC,EAAA,IAAI,CAAC,OAAA,CAAQ,GAAA,CAAI,aAAA,EAAe;AAChC,EAAA,OAAA,CAAQ,GAAA,CAAI,GAAG,IAAI,CAAA;AACrB;AAHgB,MAAA,CAAA,KAAA,EAAA,OAAA,CAAA;;;ACWhB,SAAS,SAAS,CAAA,EAAQ;AACxB,EAAA,OAAO,MAAA,CAAO,SAAA,CAAU,QAAA,CAAS,IAAA,CAAK,CAAC,CAAA,KAAM,iBAAA;AAC/C;AAFS,MAAA,CAAA,QAAA,EAAA,UAAA,CAAA;AAIT,IAAM,UAAA,GAAa,WAAA;AAInB,IAAI,sBAAyE,EAAC;AAG9E,IAAI,mBAAA;AAEG,SAAS,kBAAkB,KAAA,EAA2B;AAE3D,EAAA,mBAAA,GAAsB,EAAC;AACvB,EAAA,KAAA,MAAW,OAAA,IAAW,MAAM,MAAA,EAAQ;AAClC,IAAA,MAAM,IAAA,GAAO,KAAA,CAAM,MAAA,CAAO,OAAO,CAAA;AACjC,IAAA,IAAI,KAAK,WAAA,IAAe,IAAA,CAAK,SAAS,QAAA,CAAS,IAAA,CAAK,KAAK,CAAA,EAAG;AAE1D,MAAA,MAAM,QAAA,GAAW,YAAA,CAAa,IAAA,CAAK,KAAK,CAAA;AACxC,MAAA,IAAI,QAAA,sBAA8B,IAAA,CAAK,KAAK,IAAI,EAAE,GAAA,EAAK,SAAS,QAAA,EAAS;AAAA,IAC3E;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,MAAA,CAAO,IAAA,CAAK,mBAAmB,EAAE,MAAA,EAAQ;AAC5C,IAAA,mBAAA,GAAsB,MAAA;AACtB,IAAA;AAAA,EACF;AAGA,EAAA,MAAM,YAAY,IAAI,MAAA;AAAA,IACpB;AAAA,MACE,IAAI,UAAU,CAAA,GAAA,CAAA;AAAA,MACd,GAAA;AAAA,MACA,MAAA,CAAO,KAAK,mBAAmB,CAAA,CAE5B,IAAI,CAAC,CAAA,KAAM,CAAA,CAAE,OAAA,CAAQ,2BAAA,EAA6B,MAAM,CAAC,CAAA,CAEzD,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,CAAA,CAAE,SAAS,CAAA,CAAE,MAAM,CAAA,CAClC,IAAA,CAAK,GAAG,CAAA;AAAA,MACX,GAAA;AAAA,MACA,KAAK,UAAU,CAAA,EAAA;AAAA,KACjB,CAAE,KAAK,EAAE,CAAA;AAAA,IACT;AAAA,GACF;AAEA,EAAA,MAAM,SAAA,mBAAuB,MAAA,CAAA,CAAC,KAAA,EAAO,GAAA,EAAK,KAAK,IAAA,KAAS;AAGtD,IAAA,IAAI,GAAA,IAAO,MAAM,OAAO,KAAA;AACxB,IAAA,OAAO,mBAAA,CAAoB,GAAG,CAAA,CAAE,QAAA;AAAA,EAClC,CAAA,EAL6B,WAAA,CAAA;AAM7B,EAAA,mBAAA,GAAsB,EAAE,IAAA,EAAM,SAAA,EAAW,OAAA,EAAS,SAAA,EAAU;AAC9D;AAzCgB,MAAA,CAAA,iBAAA,EAAA,mBAAA,CAAA;AAqDT,SAAS,sBAAsB,CAAA,EAAa;AACjD,EAAA,IAAI,CAAC,qBAAqB,OAAO,CAAA;AACjC,EAAA,IAAI,CAAC,GAAG,OAAO,CAAA;AAKf,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,CAAC,CAAA,EAAG;AACpB,IAAA,OAAO,CAAA,CAAE,IAAI,qBAAqB,CAAA;AAAA,EACpC;AAEA,EAAA,IAAI,CAAA,IAAK,OAAQ,CAAA,KAAO,QAAA,IAAY,OAAO,cAAA,CAAe,CAAC,CAAA,KAAM,MAAA,CAAO,SAAA,EAAW;AACjF,IAAA,IAAI;AACF,MAAA,OAAO,KAAK,KAAA,CAAM,qBAAA,CAAsB,KAAK,SAAA,CAAU,CAAC,CAAC,CAAC,CAAA;AAAA,IAC5D,SAAS,GAAA,EAAK;AACZ,MAAA,OAAO,CAAA;AAAA,IACT;AAAA,EACF;AAEA,EAAA,MAAM,OAAO,OAAO,CAAA;AACpB,EAAA,IAAI,IAAA,KAAS,QAAA,IAAa,IAAA,KAAS,QAAA,IAAY,MAAA,CAAO,UAAU,QAAA,CAAS,IAAA,CAAK,CAAC,CAAA,KAAM,iBAAA,EAAoB;AACvG,IAAA,OAAQ,CAAA,CAAa,UAAA,CAAW,mBAAA,CAAoB,IAAA,EAAM,oBAAoB,OAAO,CAAA;AAAA,EACvF;AAEA,EAAA,OAAO,CAAA;AACT;AAzBgB,MAAA,CAAA,qBAAA,EAAA,uBAAA,CAAA;AA+BT,SAAS,sBAAsB,SAAA,EAAmB;AAEvD,EAAA,IAAI,CAAE,UAAA,CAAmB,4BAAA,EAA8B,OAAO,SAAA;AAE9D,EAAA,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA,EAAI,SAAS,IAAI,UAAU,CAAA,CAAA;AACjD;AALgB,MAAA,CAAA,qBAAA,EAAA,uBAAA,CAAA;AAYT,SAAS,YAAA,CACd,QAEA,IAAA,EAIA;AACA,EAAA,IAAI,CAAC,QAAQ,OAAO,MAAA;AAEpB,EAAA,SAAS,gBAAgB,SAAA,EAAmB;AAI1C,IAAA,KAAA,MAAW,kBAAkB,mBAAA,EAAqB;AAChD,MAAA,IAAI,SAAA,CAAU,QAAA,CAAS,cAAc,CAAA,EAAG;AACtC,QAAA,MAAM,OAAA,GAAU,mBAAA,CAAoB,cAAc,CAAA,CAAE,GAAA;AAIpD,QAAA,OAAA,CAAQ,KAAA,CAAM;AAAA,UACZ,EAAA;AAAA,UACA,aAAM,kCAAkC,CAAA,UAAA,CAAA;AAAA,UACxC,sBAAsB,OAAO,CAAA,CAAA;AAAA,UAC7B,GAAG,MAAM,MAAA,GAAS,CAAC,kBAAkB,IAAA,CAAK,MAAM,CAAA,CAAE,CAAA,GAAI,EAAC;AAAA,UACvD,GAAG,MAAM,IAAA,GAAO,CAAC,WAAW,IAAA,CAAK,IAAI,CAAA,CAAE,CAAA,GAAI,EAAC;AAAA,UAC5C;AAAA,SACF,CAAE,IAAA,CAAK,IAAI,CAAC,CAAA;AAEZ,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6CAAA,EAAyC,OAAO,CAAA,CAAE,CAAA;AAAA,MACpE;AAAA,IACF;AAAA,EACF;AAtBS,EAAA,MAAA,CAAA,eAAA,EAAA,iBAAA,CAAA;AAyBT,EAAA,IAAI,QAAA,CAAS,MAAM,CAAA,EAAG;AACpB,IAAA,eAAA,CAAgB,MAAgB,CAAA;AAChC,IAAA,OAAO,MAAA;AAAA,EACT,CAAA,MAAA,IAAW,kBAAkB,MAAA,EAAQ;AACnC,IAAA,eAAA,CAAgB,MAAA,CAAO,UAAU,CAAA;AACjC,IAAA,OAAO,MAAA;AAAA,EAET,CAAA,MAAA,IAAW,kBAAkB,cAAA,EAAgB;AAC3C,IAAA,IAAI,OAAO,MAAA,EAAQ;AAEjB,MAAA,OAAO,MAAA;AAAA,IACT;AAGA,IAAA,MAAM,YAAA,GAAe,IAAI,WAAA,EAAY;AACrC,IAAA,OAAO,MAAA,CAAO,WAAA;AAAA,MACZ,IAAI,eAAA,CAAgB;AAAA,QAClB,SAAA,CAAU,OAAO,UAAA,EAAY;AAC3B,UAAA,MAAM,QAAA,GAAW,YAAA,CAAa,MAAA,CAAO,KAAK,CAAA;AAC1C,UAAA,eAAA,CAAgB,QAAQ,CAAA;AACxB,UAAA,UAAA,CAAW,QAAQ,KAAK,CAAA;AAAA,QAC1B;AAAA,OACD;AAAA,KACH;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AA9DgB,MAAA,CAAA,YAAA,EAAA,cAAA,CAAA;AAuEhB,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAM,YAAY,EAAC;AACZ,IAAM,kBAAkB;AAExB,SAAS,eAAe,IAAA,EAE5B;AAED,EAAA,IAAI;AACF,IAAA,MAAM,iBAAA;AAAA;AAAA,MAEH,WAAmB,kBAAA,IAEjB,IAAA,CAAK,MAAM,OAAA,CAAQ,GAAA,CAAI,iBAAiB,IAAI;AAAA,KAAA;AAEjD,IAAA,MAAA,CAAO,MAAA,CAAO,eAAA,EAAiB,iBAAA,CAAkB,QAAQ,CAAA;AACzD,IAAA,iBAAA,CAAkB,iBAAiB,CAAA;AACnC,IAAA,KAAA,MAAW,OAAA,IAAW,kBAAkB,MAAA,EAAQ;AAC9C,MAAA,MAAM,SAAA,GAAY,iBAAA,CAAkB,MAAA,CAAO,OAAO,CAAA,CAAE,KAAA;AACpD,MAAA,SAAA,CAAU,OAAO,CAAA,GAAI,SAAA;AACrB,MAAA,IAAI,IAAA,EAAM,aAAA,KAAkB,KAAA,IAAS,SAAA,KAAc,KAAA,CAAA,UAAmB,GAAA,CAAI,OAAO,CAAA,GAAI,MAAA,CAAO,SAAS,CAAA;AAAA,IACvG;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,KAAA,CAAM,4BAAA,EAA8B,GAAA,EAAK,OAAA,CAAQ,IAAI,aAAa,CAAA;AAAA,EAC5E;AACA,EAAA,cAAA,GAAiB,IAAA;AACnB;AAtBgB,MAAA,CAAA,cAAA,EAAA,gBAAA,CAAA;AA0BhB,IAAI;AACF,EAAA,IACE,CAAC,cAAA,KACI,UAAA,CAAmB,kBAAA,IAAsB,OAAA,CAAQ,IAAI,aAAA,CAAA,EAC1D;AAGA,IAAA,cAAA,CAAe,EAAE,aAAA,EAAe,KAAA,EAAO,CAAA;AAAA,EACzC;AACF,CAAA,CAAA,OAAS,GAAA,EAAK;AAGd;AAQA,IAAM,kBAAA,GAAqB;AAAA;AAAA,EAEzB;AACF,CAAA;AAUA,IAAM,QAAA,GAAW,IAAI,KAAA,CAAsB,EAAC,EAAG;AAAA,EAC7C,GAAA,CAAI,QAAQ,IAAA,EAAM;AAEhB,IAAA,IAAI,OAAO,SAAS,QAAA,EAAU;AAE9B,IAAA,IAAI,kBAAA,CAAmB,QAAA,CAAS,IAAI,CAAA,EAAG;AAEvC,IAAA,IAAI,IAAA,IAAQ,SAAA,EAAW,OAAO,SAAA,CAAU,IAAI,CAAA;AAC5C,IAAA,IAAK,WAAmB,2BAAA,EAA6B;AAEnD,MAAA,IAAK,WAAmB,kBAAA,IAAuB,UAAA,CAAmB,kBAAA,CAAmB,QAAA,CAAS,IAAI,CAAA,EAAG;AACnG,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,IAAI,CAAA,mDAAA,CAAqD,CAAA;AAAA,MACpF,CAAA,MAAO;AACL,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,IAAI,CAAA,iBAAA,CAAmB,CAAA;AAAA,MAClD;AAAA,IACF;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AACF,CAAC,CAAA;AAEM,IAAM,GAAA,GAAM","file":"chunk-7NCUE6IU.js","sourcesContent":["export function debug(...args: Array<any>) {\n if (!process.env.DEBUG_VARLOCK) return;\n console.log(...args);\n}\n","import { debug } from './lib/debug';\nimport { redactString } from './lib/redaction';\n\nimport type { SerializedEnvGraph } from '../serialized-env-graph';\n\n\n// TODO: would like to move all of the redaction utils out of this file\n// but its complicated since it is imported by code that may be run in the backend and frontend\n// but the patching code (which only runs in the backend) use these helper functions\n\n// this does not cover all cases, but serves our needs so far for Next.js\nfunction isString(s: any) {\n return Object.prototype.toString.call(s) === '[object String]';\n}\n\nconst UNMASK_STR = '👁';\n\n\n/** key value lookup of sensitive values to their redacted version */\nlet sensitiveSecretsMap: Record<string, { key: string, redacted: string }> = {};\n\ntype ReplaceFn = (match: string, pre: string, val: string, post: string) => string;\nlet redactorFindReplace: undefined | { find: RegExp, replace: ReplaceFn };\n\nexport function resetRedactionMap(graph: SerializedEnvGraph) {\n // reset map of { [sensitive] => redacted }\n sensitiveSecretsMap = {};\n for (const itemKey in graph.config) {\n const item = graph.config[itemKey];\n if (item.isSensitive && item.value && isString(item.value)) {\n // TODO: we want to respect masking settings from the schema (once added)\n const redacted = redactString(item.value);\n if (redacted) sensitiveSecretsMap[item.value] = { key: itemKey, redacted };\n }\n }\n // if no sensitive items exist, we dont need to do any redaction, but the redact fn is checking for undefined\n if (!Object.keys(sensitiveSecretsMap).length) {\n redactorFindReplace = undefined;\n return;\n }\n\n // reset find/replace regex+fn used for redacting secrets in strings\n const findRegex = new RegExp(\n [\n `(${UNMASK_STR} )?`,\n '(',\n Object.keys(sensitiveSecretsMap)\n // Escape special characters\n .map((s) => s.replace(/[()[\\]{}*+?^$|#.,/\\\\\\s-]/g, '\\\\$&'))\n // Sort for maximal munch\n .sort((a, b) => b.length - a.length)\n .join('|'),\n ')',\n `( ${UNMASK_STR})?`,\n ].join(''),\n 'g',\n );\n\n const replaceFn: ReplaceFn = (match, pre, val, post) => {\n // the pre and post matches only will be populated if they were present\n // and they are used to unmask the secret - so we do not want to replace in this case\n if (pre && post) return match;\n return sensitiveSecretsMap[val].redacted;\n };\n redactorFindReplace = { find: findRegex, replace: replaceFn };\n}\n\n\n// While the module itself acts as a singleton to hold the current map of redacted values\n// we expose only the below const to end users\n\n\n/**\n * Redacts senstive config values from any string/array/object/etc\n *\n * NOTE - must be used only after varlock has loaded config\n * */\nexport function redactSensitiveConfig(o: any): any {\n if (!redactorFindReplace) return o;\n if (!o) return o;\n\n // TODO: handle more cases?\n // we can probably redact safely from a few other datatypes - like set,map,etc?\n // objects are a bit tougher\n if (Array.isArray(o)) {\n return o.map(redactSensitiveConfig);\n }\n // try to redact if it's a plain object - not necessarily great for perf...\n if (o && typeof (o) === 'object' && Object.getPrototypeOf(o) === Object.prototype) {\n try {\n return JSON.parse(redactSensitiveConfig(JSON.stringify(o)));\n } catch (err) {\n return o;\n }\n }\n\n const type = typeof o;\n if (type === 'string' || (type === 'object' && Object.prototype.toString.call(o) === '[object String]')) {\n return (o as string).replaceAll(redactorFindReplace.find, redactorFindReplace.replace);\n }\n\n return o;\n}\n\n/**\n * utility to unmask a secret/sensitive value when logging to the console\n * currently this only works on a single secret, not objects or aggregated strings\n * */\nexport function revealSensitiveConfig(secretStr: string) {\n // if redaction not enabled, we just return the secret itself\n if (!(globalThis as any)._varlockOrigWriteToConsoleFn) return secretStr;\n // otherwise we add some wrapper characters which will be removed by the patched console behaviour\n return `${UNMASK_STR} ${secretStr} ${UNMASK_STR}`;\n}\n\n\n\n\n\n// reusable leak scanning helper function, used by various integrations\nexport function scanForLeaks(\n toScan: string | ReadableStream | null,\n // optional additional information about what is being scanned to be used in error messages\n meta?: {\n method?: string,\n file?: string,\n },\n) {\n if (!toScan) return toScan;\n\n function scanStrForLeaks(strToScan: string) {\n // console.log('[varlock leak scanner] ', strToScan.substr(0, 100));\n\n // TODO: probably should use a single regex\n for (const sensitiveValue in sensitiveSecretsMap) {\n if (strToScan.includes(sensitiveValue)) {\n const itemKey = sensitiveSecretsMap[sensitiveValue].key;\n\n // error stack can gets awkwardly buried since we're so deep in the internals\n // so we'll write a nicer error message to help the user debug\n console.error([\n '',\n `🚨 ${'DETECTED LEAKED SENSITIVE CONFIG'} 🚨`,\n `> Config item key: ${itemKey}`,\n ...meta?.method ? [`> Scan method: ${meta.method}`] : [],\n ...meta?.file ? [`> File: ${meta.file}`] : [],\n '',\n ].join('\\n'));\n\n throw new Error(`🚨 DETECTED LEAKED SENSITIVE CONFIG - ${itemKey}`);\n }\n }\n }\n\n // scan a string\n if (isString(toScan)) {\n scanStrForLeaks(toScan as string);\n return toScan;\n } else if (toScan instanceof Buffer) {\n scanStrForLeaks(toScan.toString());\n return toScan;\n // scan a ReadableStream by piping it through a scanner\n } else if (toScan instanceof ReadableStream) {\n if (toScan.locked) {\n // console.log('> stream already locked');\n return toScan;\n } else {\n // console.log('> stream will be scanned!');\n }\n const chunkDecoder = new TextDecoder();\n return toScan.pipeThrough(\n new TransformStream({\n transform(chunk, controller) {\n const chunkStr = chunkDecoder.decode(chunk);\n scanStrForLeaks(chunkStr);\n controller.enqueue(chunk);\n },\n }),\n );\n }\n // other things may be passed in like Buffer... but we'll ignore for now\n return toScan;\n}\n\n// -----------\n\n\n\n\n// --------------\n\nlet initializedEnv = false;\nconst envValues = {} as Record<string, any>;\nexport const varlockSettings = {} as Record<string, any>;\n\nexport function initVarlockEnv(opts?: {\n setProcessEnv?: boolean,\n}) {\n // console.log('⚡️ INIT VARLOCK ENV!', initializedEnv, !!process.env.__VARLOCK_ENV);\n try {\n const serializedEnvData: SerializedEnvGraph = (\n // when we inject resolved config at build time, we store it here\n (globalThis as any).__varlockLoadedEnv\n // otherwise if we inject via `varlock run` or have already loaded, it will be in process.env\n || JSON.parse(process.env.__VARLOCK_ENV || '{}')\n );\n Object.assign(varlockSettings, serializedEnvData.settings);\n resetRedactionMap(serializedEnvData);\n for (const itemKey in serializedEnvData.config) {\n const itemValue = serializedEnvData.config[itemKey].value;\n envValues[itemKey] = itemValue;\n if (opts?.setProcessEnv !== false && itemValue !== undefined) process.env[itemKey] = String(itemValue);\n }\n } catch (err) {\n console.error('failed to load varlock env', err, process.env.__VARLOCK_ENV);\n }\n initializedEnv = true;\n}\n\n// we will attempt to call initVarlockEnv automatically, but in most cases it should be called explicitly\n// note that if this is being imported in the browser, process.env may not exist, so we do this in a try/catch\ntry {\n if (\n !initializedEnv\n && ((globalThis as any).__varlockLoadedEnv || process.env.__VARLOCK_ENV)\n ) {\n // if we are automatically loading because __VARLOCK_ENV is already set\n // then we assume process.env vars have also already been set (although might not harm anything?)\n initVarlockEnv({ setProcessEnv: false });\n }\n} catch (err) {\n // expected that this will fail when process.env does not exist\n // but we may want to look for specific errors\n}\n\n\n\n// some object keys are checked by various tools when handling arbitrary data, especially in templates\n// because our proxy objects throw errors when unknown keys are accessed, this causes problems\n// for now we can just filter out a these keys and it should be fairly harmless\n// TODO: ideally this could be customized by the user, and not specific to vue\nconst IGNORED_PROXY_KEYS = [\n // vue - see https://github.com/vuejs/core/blob/70773d00985135a50556c61fb9855ed6b930cb82/packages/reactivity/src/ref.ts#L101\n '__v_isRef',\n];\n\n\n// this gets exported and then augmented by our type generation\n// ideally we'd start with a loose type `Record<string,any>` and then override it with the actual schema\n// so that if type generation was disabled, a user could still use `ENV`\n// but TS wont let us, so instead we start with it being empty, which will cause type errors\n// unless type generation is enabled\nexport interface TypedEnvSchema {}\n\nconst EnvProxy = new Proxy<TypedEnvSchema>({}, {\n get(target, prop) {\n // ignore symbols, as it likely an external tool checking something\n if (typeof prop === 'symbol') return;\n // special cases to avoid throwing on invalid keys\n if (IGNORED_PROXY_KEYS.includes(prop)) return;\n\n if (prop in envValues) return envValues[prop];\n if ((globalThis as any).__varlockThrowOnMissingKeys) {\n // during development, we can feed in extra metadata and show more helpful errors\n if ((globalThis as any).__varlockValidKeys && (globalThis as any).__varlockValidKeys.includes(prop)) {\n throw new Error(`\\`ENV.${prop}\\` exists, but is not available in this environment`);\n } else {\n throw new Error(`\\`ENV.${prop}\\` does not exist`);\n }\n }\n return undefined;\n },\n});\n\nexport const ENV = EnvProxy;\n"]}
package/dist/{chunk-VVKXMIKQ.js → chunk-BDA3K24R.js} RENAMED
@@ -1,9 +1,10 @@
1
- import { ansis_default, joinAndCompact } from './chunk-365YVT72.js';
2
- import { my_dash_default } from './chunk-K2N2TG4M.js';
1
+ import { ansis_default, joinAndCompact } from './chunk-2H7TDBLD.js';
2
+ import { my_dash_default } from './chunk-LJKKUJMC.js';
3
3
  import { __name } from './chunk-XN24GZXQ.js';
4
4
  import fs, { accessSync, existsSync } from 'node:fs';
5
5
  import { access } from 'node:fs/promises';
6
6
  import path from 'node:path';
7
+ import Debug from 'debug';
7
8
  import { execSync } from 'node:child_process';
8
9
 
9
10
  // src/cli/helpers/exit-error.ts
@@ -50,6 +51,7 @@ function pathExistsSync(p) {
50
51
  }
51
52
  }
52
53
  __name(pathExistsSync, "pathExistsSync");
54
+ var debug = Debug("varlock:js-package-manager-utils");
53
55
  var JS_PACKAGE_MANAGERS = Object.freeze({
54
56
  npm: {
55
57
  name: "npm",
@@ -91,9 +93,10 @@ var JS_PACKAGE_MANAGERS = Object.freeze({
91
93
  }
92
94
  });
93
95
  function detectJsPackageManager(opts) {
96
+ debug("Detecting js package manager");
94
97
  let cwd = opts?.cwd || process.cwd();
95
- const cwdParts = cwd.split(path.sep);
96
98
  do {
99
+ debug(`> scanning ${cwd}`);
97
100
  let pm;
98
101
  let detectedPm;
99
102
  for (pm in JS_PACKAGE_MANAGERS) {
@@ -108,21 +111,28 @@ function detectJsPackageManager(opts) {
108
111
  forceExit: true
109
112
  });
110
113
  }
114
+ debug(`> found ${JS_PACKAGE_MANAGERS[pm].lockfile}`);
111
115
  detectedPm = pm;
112
116
  }
113
117
  }
114
118
  if (detectedPm) return JS_PACKAGE_MANAGERS[detectedPm];
115
- cwdParts.pop();
116
- cwd = path.join(...cwdParts);
119
+ cwd = path.join(cwd, "..");
117
120
  if (opts?.workspaceRootPath) {
118
- if (opts.workspaceRootPath === cwd) break;
121
+ if (opts.workspaceRootPath === cwd) {
122
+ debug("> found workspace root");
123
+ break;
124
+ }
119
125
  } else {
120
- if (pathExistsSync(path.join(cwd, ".git"))) break;
126
+ if (pathExistsSync(path.join(cwd, ".git"))) {
127
+ debug("> found git root");
128
+ break;
129
+ }
121
130
  }
122
- } while (cwd);
131
+ } while (cwd && cwd !== "." && cwd !== "/");
123
132
  if (process.env.npm_config_user_agent) {
124
133
  const pmFromAgent = process.env.npm_config_user_agent.split("/")[0];
125
134
  if (Object.keys(JS_PACKAGE_MANAGERS).includes(pmFromAgent)) {
135
+ debug(`> found ${pmFromAgent} using npm_config_user_agent`);
126
136
  return JS_PACKAGE_MANAGERS[pmFromAgent];
127
137
  }
128
138
  }
@@ -140,11 +150,14 @@ function installJsDependency(opts) {
140
150
  const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, "utf8"));
141
151
  if (packageJson.dependencies?.varlock) return false;
142
152
  execSync([
143
- opts.packagePath ? `cd ${opts.packagePath} &&` : "",
153
+ // move to the correct directory if needed
154
+ opts.packagePath && `cd ${opts.packagePath} &&`,
144
155
  // `add` works in all of them
145
156
  `${opts.packageManager} add ${opts.packageName}`,
146
- opts.isMonoRepoRoot && opts.packageManager === "pnpm" ? "-w" : ""
147
- ].join(" "));
157
+ // tells pnpm to either install in the workspace root explicitly
158
+ // or to not check if we are the in the root
159
+ opts.packageManager === "pnpm" && (opts.isMonoRepoRoot ? "-w" : "--ignore-workspace-root-check")
160
+ ].filter(Boolean).join(" "));
148
161
  return true;
149
162
  }
150
163
  __name(installJsDependency, "installJsDependency");
@@ -176,5 +189,5 @@ var logLines = /* @__PURE__ */ __name((lines) => {
176
189
  }, "logLines");
177
190
 
178
191
  export { CliExitError, detectJsPackageManager, fmt, installJsDependency, logLines, pathExists };
179
- //# sourceMappingURL=chunk-VVKXMIKQ.js.map
180
- //# sourceMappingURL=chunk-VVKXMIKQ.js.map
192
+ //# sourceMappingURL=chunk-BDA3K24R.js.map
193
+ //# sourceMappingURL=chunk-BDA3K24R.js.map
package/dist/chunk-BDA3K24R.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/cli/helpers/exit-error.ts","../../utils/src/fs-utils.ts","../src/cli/helpers/js-package-manager-utils.ts","../src/cli/helpers/pretty-format.ts"],"names":[],"mappings":";;;;;;;;;;AAIO,IAAM,YAAA,GAAN,cAA2B,KAAA,CAAM;AAAA,EACtC,WAAA,CACE,SACQ,IAAA,EAMR;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAPL,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAAA,EAQV;AAAA,EAfF;AAIwC,IAAA,MAAA,CAAA,IAAA,EAAA,cAAA,CAAA;AAAA;AAAA,EAatC,IAAI,SAAA,GAAY;AAAE,IAAA,OAAO,CAAC,CAAC,IAAA,CAAK,IAAA,EAAM,SAAA;AAAA,EAAW;AAAA,EAEjD,kBAAA,GAAqB;AACnB,IAAA,IAAI,GAAA,GAAM;AAAA,UAAA,EAAQ,aAAA,CAAM,GAAA,CAAI,IAAA,CAAK,OAAO,CAAC,CAAA;AAAA,CAAA;AAEzC,IAAA,IAAI,IAAA,CAAK,MAAM,OAAA,EAAS;AACtB,MAAA,GAAA,IAAO,eAAe,eAAA,CAAE,SAAA,CAAU,KAAK,IAAA,EAAM,OAAO,GAAG,IAAI,CAAA;AAAA,IAC7D;AAEA,IAAA,IAAI,IAAA,CAAK,MAAM,UAAA,EAAY;AACzB,MAAA,GAAA,IAAO,eAAe,eAAA,CAAE,SAAA,CAAU,KAAK,IAAA,EAAM,UAAU,GAAG,IAAI,CAAA;AAAA,IAChE;AAEA,IAAA,GAAA,IAAO,IAAA;AACP,IAAA,OAAO,GAAA;AAAA,EACT;AACF;AC9BA,eAAsB,WAAW,CAAA,EAAW;AAC1C,EAAA,IAAI;AACF,IAAA,MAAM,OAAO,CAAC,CAAA;AACd,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAPsB,MAAA,CAAA,UAAA,EAAA,YAAA,CAAA;AASf,SAAS,eAAe,CAAA,EAAU;AACvC,EAAA,IAAI;AACF,IAAA,UAAA,CAAW,CAAC,CAAA;AACZ,IAAA,OAAO,IAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF;AAPgB,MAAA,CAAA,cAAA,EAAA,gBAAA,CAAA;ACJhB,IAAM,KAAA,GAAQ,MAAM,kCAAkC,CAAA;AAY/C,IAAM,mBAAA,GAAsE,OAAO,MAAA,CAAO;AAAA,EAC/F,GAAA,EAAK;AAAA,IACH,IAAA,EAAM,KAAA;AAAA,IACN,QAAA,EAAU,mBAAA;AAAA,IACV,GAAA,EAAK,aAAA;AAAA;AAAA,IACL,IAAA,EAAM,aAAA;AAAA,IACN,GAAA,EAAK;AAAA,GACP;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,IAAA,EAAM,MAAA;AAAA,IACN,QAAA,EAAU,gBAAA;AAAA,IACV,GAAA,EAAK,UAAA;AAAA,IACL,IAAA,EAAM,WAAA;AAAA,IACN,GAAA,EAAK;AAAA,GACP;AAAA,EACA,IAAA,EAAM;AAAA,IACJ,IAAA,EAAM,MAAA;AAAA,IACN,QAAA,EAAU,WAAA;AAAA,IACV,GAAA,EAAK,UAAA;AAAA,IACL,IAAA,EAAM,cAAA;AAAA,IACN,GAAA,EAAK;AAAA,GACP;AAAA,EACA,GAAA,EAAK;AAAA,IACH,IAAA,EAAM,KAAA;AAAA,IACN,QAAA,EAAU,WAAA;AAAA,IACV,GAAA,EAAK,SAAA;AAAA,IACL,IAAA,EAAM,SAAA;AAAA,IACN,GAAA,EAAK;AAAA,GACP;AAAA,EACA,IAAA,EAAM;AAAA;AAAA,IACJ,IAAA,EAAM,MAAA;AAAA,IACN,QAAA,EAAU,WAAA;AAAA,IACV,GAAA,EAAK,UAAA;AAAA;AAAA,IAEL,IAAA,EAAM,UAAA;AAAA,IACN,GAAA,EAAK;AAAA;AAET,CAAC,CAAA;AAQM,SAAS,uBAAuB,IAAA,EAIpC;AACD,EAAA,KAAA,CAAM,8BAA8B,CAAA;AACpC,EAAA,IAAI,GAAA,GAAM,IAAA,EAAM,GAAA,IAAO,OAAA,CAAQ,GAAA,EAAI;AACnC,EAAA,GAAG;AACD,IAAA,KAAA,CAAM,CAAA,WAAA,EAAc,GAAG,CAAA,CAAE,CAAA;AACzB,IAAA,IAAI,EAAA;AACJ,IAAA,IAAI,UAAA;AACJ,IAAA,KAAK,MAAM,mBAAA,EAAqB;AAC9B,MAAA,MAAM,eAAe,IAAA,CAAK,IAAA;AAAA,QACxB,GAAA;AAAA,QACA,mBAAA,CAAoB,EAAE,CAAA,CAAE;AAAA,OAC1B;AAEA,MAAA,IAAI,cAAA,CAAe,YAAY,CAAA,EAAG;AAEhC,QAAA,IAAI,UAAA,EAAY;AACd,UAAA,MAAM,IAAI,aAAa,6CAAA,EAA+C;AAAA,YACpE,OAAA,EAAS,CAAA,EAAG,mBAAA,CAAoB,EAAE,CAAA,CAAE,QAAQ,CAAA,KAAA,EAAQ,mBAAA,CAAoB,UAAU,CAAA,CAAE,QAAQ,CAAA,CAAA;AAAA,YAC5F,SAAA,EAAW;AAAA,WACZ,CAAA;AAAA,QACH;AACA,QAAA,KAAA,CAAM,CAAA,QAAA,EAAW,mBAAA,CAAoB,EAAE,CAAA,CAAE,QAAQ,CAAA,CAAE,CAAA;AACnD,QAAA,UAAA,GAAa,EAAA;AAAA,MACf;AAAA,IACF;AACA,IAAA,IAAI,UAAA,EAAY,OAAO,mBAAA,CAAoB,UAAU,CAAA;AAErD,IAAA,GAAA,GAAM,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,IAAI,CAAA;AACzB,IAAA,IAAI,MAAM,iBAAA,EAAmB;AAC3B,MAAA,IAAI,IAAA,CAAK,sBAAsB,GAAA,EAAK;AAClC,QAAA,KAAA,CAAM,wBAAwB,CAAA;AAC9B,QAAA;AAAA,MACF;AAAA,IACF,CAAA,MAAO;AAEL,MAAA,IAAI,eAAe,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,MAAM,CAAC,CAAA,EAAG;AAC1C,QAAA,KAAA,CAAM,kBAAkB,CAAA;AACxB,QAAA;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAA,QAAS,GAAA,IAAO,GAAA,KAAQ,GAAA,IAAO,GAAA,KAAQ,GAAA;AAGvC,EAAA,IAAI,OAAA,CAAQ,IAAI,qBAAA,EAAuB;AACrC,IAAA,MAAM,cAAc,OAAA,CAAQ,GAAA,CAAI,sBAAsB,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AAClE,IAAA,IAAI,OAAO,IAAA,CAAK,mBAAmB,CAAA,CAAE,QAAA,CAAS,WAAW,CAAA,EAAG;AAC1D,MAAA,KAAA,CAAM,CAAA,QAAA,EAAW,WAAW,CAAA,4BAAA,CAA8B,CAAA;AAC1D,MAAA,OAAO,oBAAoB,WAA+B,CAAA;AAAA,IAC5D;AAAA,EACF;AAEA,EAAA,IAAI,MAAM,cAAA,EAAgB;AAExB,IAAA,MAAM,IAAI,aAAa,wDAAA,EAA0D;AAAA,MAC/E,UAAA,EAAY,oHAAA;AAAA,MACZ,SAAA,EAAW;AAAA,KACZ,CAAA;AAAA,EACH;AACF;AA9DgB,MAAA,CAAA,sBAAA,EAAA,wBAAA,CAAA;AAmET,SAAS,oBAAoB,IAAA,EAKjC;AACD,EAAA,MAAM,eAAA,GAAkB,KAAK,IAAA,CAAK,IAAA,CAAK,eAAe,OAAA,CAAQ,GAAA,IAAO,cAAc,CAAA;AAGnF,EAAA,IAAI,CAAC,UAAA,CAAW,eAAe,CAAA,EAAG,OAAO,KAAA;AAEzC,EAAA,MAAM,cAAc,IAAA,CAAK,KAAA,CAAM,GAAG,YAAA,CAAa,eAAA,EAAiB,MAAM,CAAC,CAAA;AAEvE,EAAA,IAAI,WAAA,CAAY,YAAA,EAAc,OAAA,EAAS,OAAO,KAAA;AAG9C,EAAA,QAAA,CAAS;AAAA;AAAA,IAEP,IAAA,CAAK,WAAA,IAAe,CAAA,GAAA,EAAM,IAAA,CAAK,WAAW,CAAA,GAAA,CAAA;AAAA;AAAA,IAE1C,CAAA,EAAG,IAAA,CAAK,cAAc,CAAA,KAAA,EAAQ,KAAK,WAAW,CAAA,CAAA;AAAA;AAAA;AAAA,IAG9C,IAAA,CAAK,cAAA,KAAmB,MAAA,KAAW,IAAA,CAAK,iBAAiB,IAAA,GAAO,+BAAA;AAAA,IAChE,MAAA,CAAO,OAAO,CAAA,CAAE,IAAA,CAAK,GAAG,CAAC,CAAA;AAE3B,EAAA,OAAO,IAAA;AACT;AA3BgB,MAAA,CAAA,mBAAA,EAAA,qBAAA,CAAA;;;AChIT,IAAM,GAAA,GAAM;AAAA,EACjB,2BAAW,MAAA,CAAA,CAAC,CAAA,KAAc,aAAA,CAAM,OAAA,CAAQ,CAAC,CAAA,EAA9B,WAAA,CAAA;AAAA,EACX,QAAA,0BAAW,CAAA,KAAc,CAAA,UAAA,EAAM,cAAM,IAAA,CAAK,MAAA,CAAO,CAAC,CAAC,CAAA,CAAA,EAAzC,UAAA,CAAA;AAAA,EACV,QAAA,0BAAW,CAAA,KAAc,CAAA,EAAG,cAAM,IAAA,CAAK,MAAA,CAAO,CAAC,CAAC,CAAA,CAAA,EAAtC,UAAA,CAAA;AAAA,EACV,OAAA,kBAAS,MAAA,CAAA,CAAC,CAAA,EAAW,IAAA,KAA8D;AACjF,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,IAAA,EAAM,qBAAqB,IAAA,EAAM;AACnC,MAAA,gBAAA,GAAmB,sBAAA,EAAuB;AAAA,IAC5C,CAAA,MAAA,IAAW,MAAM,gBAAA,EAAkB;AACjC,MAAA,gBAAA,GAAmB,IAAA,CAAK,gBAAA;AAAA,IAC1B;AACA,IAAA,IAAI,gBAAA,EAAkB;AACpB,MAAA,CAAA,GAAI,CAAA,EAAG,gBAAA,CAAiB,IAAI,CAAA,CAAA,EAAI,CAAC,CAAA,CAAA;AAAA,IACnC;AACA,IAAA,OAAO,aAAA,CAAM,KAAA,CAAM,MAAA,CAAO,CAAC,CAAA;AAAA,EAC7B,CAAA,EAXS,SAAA,CAAA;AAAA,EAYT,6BAAa,MAAA,CAAA,CAAC,CAAA,KAAc,cAAM,KAAA,CAAM,MAAA,CAAO,CAAC,CAAA,EAAnC,aAAA;AACf;AAEO,IAAM,QAAA,2BAAY,KAAA,KAA6C;AACpE,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AAExB,IAAA,IAAI,CAAC,IAAA,IAAQ,IAAA,KAAS,EAAA,EAAI;AAC1B,IAAA,OAAA,CAAQ,IAAI,IAAI,CAAA;AAAA,EAClB;AACF,CAAA,EANwB,UAAA","file":"chunk-BDA3K24R.js","sourcesContent":["import ansis from 'ansis';\nimport _ from '@env-spec/utils/my-dash';\nimport { joinAndCompact } from '../../lib/formatting';\n\nexport class CliExitError extends Error {\n constructor(\n message: string,\n private more?: {\n details?: string | Array<string>,\n suggestion?: string | Array<string>,\n /** always triggers a full exit, even in watch mode - useful if problem is irrecoverable */\n forceExit?: boolean,\n },\n ) {\n super(message);\n }\n\n get forceExit() { return !!this.more?.forceExit; }\n\n getFormattedOutput() {\n let msg = `\\n💥 ${ansis.red(this.message)} 💥\\n`;\n\n if (this.more?.details) {\n msg += joinAndCompact(_.castArray(this.more?.details), '\\n');\n }\n\n if (this.more?.suggestion) {\n msg += joinAndCompact(_.castArray(this.more?.suggestion), '\\n');\n }\n\n msg += '\\n';\n return msg;\n }\n}\n","import { accessSync } from 'node:fs';\nimport { access } from 'node:fs/promises';\n\nexport async function pathExists(p: string) {\n try {\n await access(p);\n return true;\n } catch {\n return false;\n }\n}\n\nexport function pathExistsSync(p:string) {\n try {\n accessSync(p);\n return true;\n } catch {\n return false;\n }\n}\n","import path from 'node:path';\nimport fs, { existsSync } from 'node:fs';\nimport { pathExistsSync } from '@env-spec/utils/fs-utils';\nimport Debug from 'debug';\n\nimport { CliExitError } from './exit-error';\nimport { execSync } from 'node:child_process';\n\nconst debug = Debug('varlock:js-package-manager-utils');\n\nexport type JsPackageManager = 'npm' | 'pnpm' | 'yarn' | 'bun' | 'deno';\n\nexport type JsPackageManagerMeta = {\n name: JsPackageManager;\n lockfile: string;\n add: string;\n exec: string;\n dlx: string;\n};\n\nexport const JS_PACKAGE_MANAGERS: Record<JsPackageManager, JsPackageManagerMeta> = Object.freeze({\n npm: {\n name: 'npm',\n lockfile: 'package-lock.json',\n add: 'npm install', // add also works\n exec: 'npm exec --',\n dlx: 'npx',\n },\n pnpm: {\n name: 'pnpm',\n lockfile: 'pnpm-lock.yaml',\n add: 'pnpm add',\n exec: 'pnpm exec',\n dlx: 'pnpm dlx',\n },\n yarn: {\n name: 'yarn',\n lockfile: 'yarn.lock',\n add: 'yarn add',\n exec: 'yarn exec --',\n dlx: 'yarn dlx',\n },\n bun: {\n name: 'bun',\n lockfile: 'bun.lockb',\n add: 'bun add',\n exec: 'bun run',\n dlx: 'bunx',\n },\n deno: { //! deno not fully supported yet\n name: 'deno',\n lockfile: 'deno.lock',\n add: 'deno add',\n // TODO: don't think these are quite right...\n exec: 'deno run',\n dlx: 'deno run',\n },\n});\n\n/**\n * detect js package manager\n *\n * currently go up the folder tree looking for lockfiles (ex: package-lock.json, pnpm-lock.yaml)\n * if nothing found, we'll look at process.env.npm_config_user_agent\n * */\nexport function detectJsPackageManager(opts?: {\n cwd?: string,\n workspaceRootPath?: string,\n exitIfNotFound?: boolean,\n}) {\n debug('Detecting js package manager');\n let cwd = opts?.cwd || process.cwd();\n do {\n debug(`> scanning ${cwd}`);\n let pm: JsPackageManager;\n let detectedPm: JsPackageManager | undefined;\n for (pm in JS_PACKAGE_MANAGERS) {\n const lockFilePath = path.join(\n cwd,\n JS_PACKAGE_MANAGERS[pm].lockfile,\n );\n\n if (pathExistsSync(lockFilePath)) {\n // if we find 2 lockfiles at the same level, we throw an error\n if (detectedPm) {\n throw new CliExitError('Found multiple js package manager lockfiles', {\n details: `${JS_PACKAGE_MANAGERS[pm].lockfile} and ${JS_PACKAGE_MANAGERS[detectedPm].lockfile}`,\n forceExit: true,\n });\n }\n debug(`> found ${JS_PACKAGE_MANAGERS[pm].lockfile}`);\n detectedPm = pm;\n }\n }\n if (detectedPm) return JS_PACKAGE_MANAGERS[detectedPm];\n\n cwd = path.join(cwd, '..');\n if (opts?.workspaceRootPath) {\n if (opts.workspaceRootPath === cwd) {\n debug('> found workspace root');\n break;\n }\n } else {\n // if we don't have a workspace root path, we'll break if we hit the git repo root\n if (pathExistsSync(path.join(cwd, '.git'))) {\n debug('> found git root');\n break;\n }\n }\n } while (cwd && cwd !== '.' && cwd !== '/');\n\n // if we did not find a lockfile, we'll look at env vars for other hints\n if (process.env.npm_config_user_agent) {\n const pmFromAgent = process.env.npm_config_user_agent.split('/')[0];\n if (Object.keys(JS_PACKAGE_MANAGERS).includes(pmFromAgent)) {\n debug(`> found ${pmFromAgent} using npm_config_user_agent`);\n return JS_PACKAGE_MANAGERS[pmFromAgent as JsPackageManager];\n }\n }\n\n if (opts?.exitIfNotFound) {\n // show some hopefully useful error messaging if we hit the root folder without finding anything\n throw new CliExitError('Unable to find detect your JavaScript package manager!', {\n suggestion: 'We look for lock files (ex: package-lock.json) so you may just need to run a dependency install (ie `npm install`)',\n forceExit: true,\n });\n }\n}\n\n\n\n\nexport function installJsDependency(opts: {\n packageName: string,\n packageManager: JsPackageManager,\n packagePath?: string,\n isMonoRepoRoot?: boolean,\n}) {\n const packageJsonPath = path.join(opts.packagePath || process.cwd(), 'package.json');\n\n // for now, we'll just bail if we dont see a package.json\n if (!existsSync(packageJsonPath)) return false;\n\n const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));\n // bail if already installed\n if (packageJson.dependencies?.varlock) return false;\n\n // TODO: might want to check first if it's already installed?\n execSync([\n // move to the correct directory if needed\n opts.packagePath && `cd ${opts.packagePath} &&`,\n // `add` works in all of them\n `${opts.packageManager} add ${opts.packageName}`,\n // tells pnpm to either install in the workspace root explicitly\n // or to not check if we are the in the root\n opts.packageManager === 'pnpm' && (opts.isMonoRepoRoot ? '-w' : '--ignore-workspace-root-check'),\n ].filter(Boolean).join(' '));\n\n return true;\n}\n\n","import ansis from 'ansis';\nimport { detectJsPackageManager, JsPackageManagerMeta } from './js-package-manager-utils';\n\n\nexport const fmt = {\n decorator: (s: string) => ansis.magenta(s),\n filePath: (s: string) => `📂 ${ansis.cyan.italic(s)}`,\n fileName: (s: string) => `${ansis.cyan.italic(s)}`,\n command: (s: string, opts?: { jsPackageManager?: JsPackageManagerMeta | true }) => {\n let jsPackageManager: JsPackageManagerMeta | undefined;\n if (opts?.jsPackageManager === true) {\n jsPackageManager = detectJsPackageManager();\n } else if (opts?.jsPackageManager) {\n jsPackageManager = opts.jsPackageManager;\n }\n if (jsPackageManager) {\n s = `${jsPackageManager.exec} ${s}`;\n }\n return ansis.green.italic(s);\n },\n packageName: (s: string) => ansis.green.italic(s),\n};\n\nexport const logLines = (lines: Array<string | false | undefined>) => {\n for (const line of lines) {\n // skip false, null, undefined, but not empty strings\n if (!line && line !== '') continue;\n console.log(line);\n }\n};\n"]}