varlock 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. package/dist/auto-load.js +6 -6
  2. package/dist/{chunk-LIIRL4NK.js → chunk-22IQ3KIQ.js} +4 -4
  3. package/dist/{chunk-LIIRL4NK.js.map → chunk-22IQ3KIQ.js.map} +1 -1
  4. package/dist/{chunk-OM3JCP4E.js → chunk-45I4KZVI.js} +3 -3
  5. package/dist/{chunk-OM3JCP4E.js.map → chunk-45I4KZVI.js.map} +1 -1
  6. package/dist/{chunk-C5BEZMSO.js → chunk-4J42SJDB.js} +3 -3
  7. package/dist/{chunk-C5BEZMSO.js.map → chunk-4J42SJDB.js.map} +1 -1
  8. package/dist/{chunk-NGDIT6C3.js → chunk-AC7XNDNI.js} +3 -3
  9. package/dist/chunk-AC7XNDNI.js.map +1 -0
  10. package/dist/{chunk-7L3IF2MK.js → chunk-EKBUU5TW.js} +7 -7
  11. package/dist/chunk-EKBUU5TW.js.map +1 -0
  12. package/dist/{chunk-QT5E2RY6.js → chunk-FUDH2TTI.js} +6 -3
  13. package/dist/chunk-FUDH2TTI.js.map +1 -0
  14. package/dist/{chunk-GY623P3W.js → chunk-IE6XJ6ZT.js} +4 -4
  15. package/dist/{chunk-GY623P3W.js.map → chunk-IE6XJ6ZT.js.map} +1 -1
  16. package/dist/{chunk-DTNPJJH4.js → chunk-JD35HZ4B.js} +3 -3
  17. package/dist/{chunk-DTNPJJH4.js.map → chunk-JD35HZ4B.js.map} +1 -1
  18. package/dist/{chunk-2SPIWTVE.js → chunk-JNQQJ3GM.js} +5 -4
  19. package/dist/chunk-JNQQJ3GM.js.map +1 -0
  20. package/dist/{chunk-MLIGQWID.js → chunk-L7EDMUWK.js} +76 -35
  21. package/dist/chunk-L7EDMUWK.js.map +1 -0
  22. package/dist/{chunk-7JMYT62X.js → chunk-LP2TZNLG.js} +3 -3
  23. package/dist/{chunk-7JMYT62X.js.map → chunk-LP2TZNLG.js.map} +1 -1
  24. package/dist/{chunk-MITVWKKH.js → chunk-MCI6K4Z5.js} +4 -4
  25. package/dist/{chunk-MITVWKKH.js.map → chunk-MCI6K4Z5.js.map} +1 -1
  26. package/dist/chunk-N2OUB4BD.js +18 -0
  27. package/dist/{chunk-NMJ5YL5I.js.map → chunk-N2OUB4BD.js.map} +1 -1
  28. package/dist/cli/cli-executable.js +124 -58
  29. package/dist/cli/cli-executable.js.map +1 -1
  30. package/dist/dotenv-compat.js +6 -6
  31. package/dist/index.js +7 -7
  32. package/dist/index.js.map +1 -1
  33. package/dist/init.command-SN75V3QA.js +8 -0
  34. package/dist/{init.command-ASK74XBV.js.map → init.command-SN75V3QA.js.map} +1 -1
  35. package/dist/lib/exec-sync-varlock.js +1 -1
  36. package/dist/load.command-TARAAWET.js +8 -0
  37. package/dist/{load.command-VUKBSBEV.js.map → load.command-TARAAWET.js.map} +1 -1
  38. package/dist/run.command-AINTNA4H.js +8 -0
  39. package/dist/{run.command-XQ64Z2TN.js.map → run.command-AINTNA4H.js.map} +1 -1
  40. package/dist/runtime/env.js +1 -1
  41. package/dist/runtime/patch-console.js +2 -2
  42. package/dist/runtime/patch-response.js +2 -2
  43. package/dist/runtime/patch-server-response.js +2 -2
  44. package/dist/telemetry.command-KRV5EY2Z.js +8 -0
  45. package/dist/{telemetry.command-HHZVBFC7.js.map → telemetry.command-KRV5EY2Z.js.map} +1 -1
  46. package/package.json +2 -1
  47. package/dist/chunk-2SPIWTVE.js.map +0 -1
  48. package/dist/chunk-7L3IF2MK.js.map +0 -1
  49. package/dist/chunk-MLIGQWID.js.map +0 -1
  50. package/dist/chunk-NGDIT6C3.js.map +0 -1
  51. package/dist/chunk-NMJ5YL5I.js +0 -18
  52. package/dist/chunk-QT5E2RY6.js.map +0 -1
  53. package/dist/init.command-ASK74XBV.js +0 -8
  54. package/dist/load.command-VUKBSBEV.js +0 -8
  55. package/dist/run.command-XQ64Z2TN.js +0 -8
  56. package/dist/telemetry.command-HHZVBFC7.js +0 -8
package/dist/{chunk-7JMYT62X.js → chunk-LP2TZNLG.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { debug, varlockSettings, scanForLeaks, redactSensitiveConfig } from './chunk-2SPIWTVE.js';
1
+ import { debug, varlockSettings, scanForLeaks, redactSensitiveConfig } from './chunk-JNQQJ3GM.js';
2
2
  import { __name } from './chunk-XN24GZXQ.js';
3
3
  import zlib from 'zlib';
4
4
  import { ServerResponse } from 'http';
@@ -88,5 +88,5 @@ function patchGlobalServerResponse(opts) {
88
88
  __name(patchGlobalServerResponse, "patchGlobalServerResponse");
89
89
 
90
90
  export { patchGlobalServerResponse };
91
- //# sourceMappingURL=chunk-7JMYT62X.js.map
92
- //# sourceMappingURL=chunk-7JMYT62X.js.map
91
+ //# sourceMappingURL=chunk-LP2TZNLG.js.map
92
+ //# sourceMappingURL=chunk-LP2TZNLG.js.map
package/dist/{chunk-7JMYT62X.js.map → chunk-LP2TZNLG.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/runtime/patch-server-response.ts"],"names":[],"mappings":";;;;;AAUA,IAAM,UAAA,GAAa,mBAAA;AACZ,SAAS,0BAA0B,IAAA,EAGvC;AACD,EAAA,KAAA,CAAM,6CAAmC,CAAA;AACzC,EAAA,IAAI,MAAA,CAAO,wBAAA,CAAyB,cAAA,CAAe,SAAA,EAAW,UAAU,CAAA,EAAG;AACzE,IAAA,KAAA,CAAM,mBAAmB,CAAA;AACzB,IAAA;AAAA,EACF;AACA,EAAA,IAAI,eAAA,CAAgB,iBAAiB,KAAA,EAAO;AAC1C,IAAA,KAAA,CAAM,wBAAwB,CAAA;AAC9B,IAAA;AAAA,EACF;AAEA,EAAA,MAAA,CAAO,eAAe,cAAA,CAAe,SAAA,EAAW,YAAY,EAAE,KAAA,EAAO,MAAM,CAAA;AAE3E,EAAA,MAAM,mBAAA,GAAsB,eAAe,SAAA,CAAU,KAAA;AAGrD,EAAA,cAAA,CAAe,SAAA,CAAU,KAAA,mBAAQ,MAAA,CAAA,SAAS,iCAAA,CAAA,GAAqC,IAAA,EAAM;AAGnF,IAAA,MAAM,QAAA,GAAW,KAAK,CAAC,CAAA;AAKvB,IAAA,MAAM,cAAc,IAAA,CAAK,SAAA,CAAU,cAAc,CAAA,EAAG,UAAS,IAAK,EAAA;AAElE,IAAA,IAAI,OAAA,GACF,WAAA,CAAY,UAAA,CAAW,OAAO,CAAA,IAC3B,WAAA,CAAY,UAAA,CAAW,kBAAkB,CAAA,IACxC,CAAC,WAAA,IAAe,OAAO,QAAA,KAAa,QAAA;AAI1C,IAAA,MAAM,MAAA,GAAU,KAAa,GAAA,CAAI,GAAA;AAEjC,IAAA,IAAI,OAAA,IAAW,MAAA,IAAU,IAAA,EAAM,iBAAA,EAAmB,IAAA,CAAK,CAAC,OAAA,KAAY,OAAA,CAAQ,IAAA,CAAK,MAAM,CAAC,CAAA,EAAG;AACzF,MAAA,OAAA,GAAU,KAAA;AAAA,IACZ;AAIA,IAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,MAAA,OAAO,mBAAA,CAAoB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,IAC7C;AAGA,IAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,SAAA,CAAU,kBAAkB,CAAA;AACzD,IAAA,IAAI,QAAA;AACJ,IAAA,IAAI,SAAA,GAAkD,IAAA;AACtD,IAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,MAAA,SAAA,GAAY,QAAA;AACZ,MAAA,QAAA,GAAW,QAAA;AAAA,IACb,CAAA,MAAA,IAAW,CAAC,eAAA,EAAiB;AAC3B,MAAA,SAAA,GAAY,SAAA;AACZ,MAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,MAAA,QAAA,GAAW,OAAA,CAAQ,OAAO,QAAQ,CAAA;AAAA,IACpC,CAAA,MAAA,IAAW,oBAAoB,MAAA,EAAQ;AACrC,MAAA,SAAA,GAAY,MAAA;AAEZ,MAAA,IAAI,CAAE,KAAa,WAAA,EAAa;AAE9B,QAAC,IAAA,CAAa,WAAA,GAAc,CAAC,QAAQ,CAAA;AAAA,MACvC,CAAA,MAAO;AAEL,QAAC,IAAA,CAAa,WAAA,EAAa,IAAA,CAAK,QAAQ,CAAA;AACxC,QAAA,IAAI;AACF,UAAA,MAAM,aAAA,GAAgB,KAAK,SAAA,CAAU,MAAA,CAAO,OAAQ,IAAA,CAAa,WAAA,IAAe,EAAE,CAAA,EAAG;AAAA,YACnF,KAAA,EAAO,KAAK,SAAA,CAAU,YAAA;AAAA,YACtB,WAAA,EAAa,KAAK,SAAA,CAAU;AAAA,WAC7B,CAAA;AACD,UAAA,MAAM,gBAAA,GAAmB,aAAA,CAAc,QAAA,CAAS,OAAO,CAAA;AACvD,UAAA,QAAA,GAAW,gBAAA,CAAiB,SAAA,CAAW,IAAA,CAAa,kBAAA,IAAsB,CAAC,CAAA;AAC3E,UAAC,IAAA,CAAa,qBAAqB,gBAAA,CAAiB,MAAA;AAAA,QACtD,SAAS,GAAA,EAAK;AAAA,QAEd;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,QAAA,EAAU;AAIZ,MAAA,IAAI;AACF,QAAA,YAAA,CAAa,QAAA,EAAU,EAAE,MAAA,EAAQ,8BAAA,EAAgC,MAAO,IAAA,CAAa,GAAA,CAAI,KAAK,CAAA;AAAA,MAChG,SAAS,GAAA,EAAK;AAGZ,QAAA,IAAI,MAAM,oBAAA,EAAsB;AAC9B,UAAA,QAAA,GAAW,sBAAsB,QAAQ,CAAA;AACzC,UAAA,IAAI,cAAc,QAAA,EAAU;AAC1B,YAAA,IAAA,CAAK,CAAC,CAAA,GAAI,QAAA;AAAA,UACZ,CAAA,MAAA,IAAW,cAAc,SAAA,EAAW;AAClC,YAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,YAAA,IAAA,CAAK,CAAC,CAAA,GAAI,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AAAA,UACnC,CAAA,MAAA,IAAW,cAAc,MAAA,EAAQ,CAQjC,MAAO;AACL,YAAA,MAAM,IAAI,KAAA,CAAM,CAAA,qCAAA,EAAwC,SAAS,CAAA,CAAE,CAAA;AAAA,UACrE;AAAA,QACF,CAAA,MAAO;AACL,UAAA,MAAM,GAAA;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAGA,IAAA,OAAO,mBAAA,CAAoB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC7C,CAAA,EAnGiC,mCAAA,CAAA;AAsGjC,EAAA,MAAM,iBAAA,GAAoB,eAAe,SAAA,CAAU,GAAA;AAEnD,EAAA,cAAA,CAAe,SAAA,CAAU,GAAA,mBAAM,MAAA,CAAA,SAAS,wBAAA,CAAA,GAA4B,IAAA,EAAM;AAExE,IAAA,MAAM,QAAA,GAAW,KAAK,CAAC,CAAA;AAEvB,IAAA,IAAI,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAE5C,MAAA,YAAA,CAAa,QAAA,EAAU,EAAE,MAAA,EAAQ,4BAAA,EAA8B,CAAA;AAAA,IACjE;AAEA,IAAA,OAAO,iBAAA,CAAkB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC3C,CAAA,EAV+B,0BAAA,CAAA;AAWjC;AAtIgB,MAAA,CAAA,yBAAA,EAAA,2BAAA,CAAA","file":"chunk-7JMYT62X.js","sourcesContent":["/*\n This patches the global ServerResponse object to scan for secret leaks - currently used for next.js and remix\n*/\n\nimport zlib from 'node:zlib';\nimport { ServerResponse } from 'node:http';\nimport { redactSensitiveConfig, scanForLeaks, varlockSettings } from './env';\nimport { debug } from './lib/debug';\n\n// NOTE - previously was using a symbol but got weird because of multiple builds and contexts...\nconst patchedKey = '_patchedByVarlock';\nexport function patchGlobalServerResponse(opts?: {\n ignoreUrlPatterns?: Array<RegExp>,\n redactInsteadOfThrow?: boolean,\n}) {\n debug('⚡️ PATCHING global ServerResponse');\n if (Object.getOwnPropertyDescriptor(ServerResponse.prototype, patchedKey)) {\n debug('> already patched');\n return;\n }\n if (varlockSettings.preventLeaks === false) {\n debug('> disabled by settings');\n return;\n }\n\n Object.defineProperty(ServerResponse.prototype, patchedKey, { value: true });\n\n const serverResponseWrite = ServerResponse.prototype.write;\n\n // @ts-ignore\n ServerResponse.prototype.write = function varlockPatchedServerResponseWrite(...args) {\n // TODO: do we want to filter out some requests here? maybe based on the file type?\n\n const rawChunk = args[0];\n // console.log('⚡️ patched ServerResponse.write', rawChunk);\n\n // for now, we only scan rendered html... may need to change this though for server components?\n // so we bail if it looks like this response does not contain html\n const contentType = this.getHeader('content-type')?.toString() || '';\n // console.log('patched ServerResponse.write', contentType);\n let runScan = (\n contentType.startsWith('text/')\n || contentType.startsWith('application/json')\n || (!contentType && typeof rawChunk === 'string')\n // || contentType.startsWith('application/javascript')\n );\n\n const reqUrl = (this as any).req.url;\n // console.log('> scan ServerResponse.write', contentType, reqUrl);\n if (runScan && reqUrl && opts?.ignoreUrlPatterns?.some((pattern) => pattern.test(reqUrl))) {\n runScan = false;\n }\n\n // we want to run the scanner on text/html and text/x-component (server actions)\n // TODO: anything else?\n if (!runScan) {\n // @ts-ignore\n return serverResponseWrite.apply(this, args);\n }\n\n // have to deal with compressed data, which is awkward but possible\n const compressionType = this.getHeader('Content-Encoding');\n let chunkStr;\n let chunkType: 'string' | 'encoded' | 'gzip' | null = null;\n if (typeof rawChunk === 'string') {\n chunkType = 'string';\n chunkStr = rawChunk;\n } else if (!compressionType) {\n chunkType = 'encoded';\n const decoder = new TextDecoder();\n chunkStr = decoder.decode(rawChunk);\n } else if (compressionType === 'gzip') {\n chunkType = 'gzip';\n // first chunk of data contains only compression headers\n if (!(this as any)._zlibChunks) {\n // (this as any)._zlibHeadersChunk = rawChunk;\n (this as any)._zlibChunks = [rawChunk];\n } else {\n // TODO: figure out how we can unzip one chunk at a time instead of storing everything\n (this as any)._zlibChunks?.push(rawChunk);\n try {\n const unzippedChunk = zlib.unzipSync(Buffer.concat((this as any)._zlibChunks || []), {\n flush: zlib.constants.Z_SYNC_FLUSH,\n finishFlush: zlib.constants.Z_SYNC_FLUSH,\n });\n const fullUnzippedData = unzippedChunk.toString('utf-8');\n chunkStr = fullUnzippedData.substring((this as any)._lastChunkEndIndex || 0);\n (this as any)._lastChunkEndIndex = fullUnzippedData.length;\n } catch (err) {\n // console.log('error unzipping chunk', err);\n }\n }\n }\n // TODO: we may want to support other compression schemes? but currently only used in nextjs which is using gzip\n if (chunkStr) {\n // console.log('scanning!', chunkStr.substring(0, 1000));\n\n\n try {\n scanForLeaks(chunkStr, { method: 'patched ServerResponse.write', file: (this as any).req.url });\n } catch (err) {\n // console.log('found secret in chunk', chunkType, chunkStr);\n // console.log(this)\n if (opts?.redactInsteadOfThrow) {\n chunkStr = redactSensitiveConfig(chunkStr);\n if (chunkType === 'string') {\n args[0] = chunkStr;\n } else if (chunkType === 'encoded') {\n const encoder = new TextEncoder();\n args[0] = encoder.encode(chunkStr);\n } else if (chunkType === 'gzip') {\n // currently unable to scrub gzip chunks\n // this works sometimes, but othertimes causes decoding error\n // we'll need to pass through chunks from a new gzip stream, because we don't have access to the underlying one\n // args[0] = zlib.gzipSync(chunkStr, {\n // flush: zlib.constants.Z_SYNC_FLUSH,\n // finishFlush: zlib.constants.Z_SYNC_FLUSH,\n // });\n } else {\n throw new Error(`unable to scrub - unknown chunk type ${chunkType}`);\n }\n } else {\n throw err;\n }\n }\n }\n\n // @ts-ignore\n return serverResponseWrite.apply(this, args);\n };\n\n // calling `res.json()` in the api routes on pages router calls `res.end` without called `res.write`\n const serverResponseEnd = ServerResponse.prototype.end;\n // @ts-ignore\n ServerResponse.prototype.end = function patchedServerResponseEnd(...args) {\n // console.log('⚡️ patched ServerResponse.end');\n const endChunk = args[0];\n // this just needs to work (so far) for nextjs sending json bodies, so does not need to handle all cases...\n if (endChunk && typeof endChunk === 'string') {\n // TODO: currently this throws the error and then things just hang... do we want to try to return an error type response instead?\n scanForLeaks(endChunk, { method: 'patched ServerResponse.end' });\n }\n // @ts-ignore\n return serverResponseEnd.apply(this, args);\n };\n}\n\n"]}
1
+ {"version":3,"sources":["../src/runtime/patch-server-response.ts"],"names":[],"mappings":";;;;;AAUA,IAAM,UAAA,GAAa,mBAAA;AACZ,SAAS,0BAA0B,IAAA,EAGvC;AACD,EAAA,KAAA,CAAM,6CAAmC,CAAA;AACzC,EAAA,IAAI,MAAA,CAAO,wBAAA,CAAyB,cAAA,CAAe,SAAA,EAAW,UAAU,CAAA,EAAG;AACzE,IAAA,KAAA,CAAM,mBAAmB,CAAA;AACzB,IAAA;AAAA,EACF;AACA,EAAA,IAAI,eAAA,CAAgB,iBAAiB,KAAA,EAAO;AAC1C,IAAA,KAAA,CAAM,wBAAwB,CAAA;AAC9B,IAAA;AAAA,EACF;AAEA,EAAA,MAAA,CAAO,eAAe,cAAA,CAAe,SAAA,EAAW,YAAY,EAAE,KAAA,EAAO,MAAM,CAAA;AAE3E,EAAA,MAAM,mBAAA,GAAsB,eAAe,SAAA,CAAU,KAAA;AAGrD,EAAA,cAAA,CAAe,SAAA,CAAU,KAAA,mBAAQ,MAAA,CAAA,SAAS,iCAAA,CAAA,GAAqC,IAAA,EAAM;AAGnF,IAAA,MAAM,QAAA,GAAW,KAAK,CAAC,CAAA;AAKvB,IAAA,MAAM,cAAc,IAAA,CAAK,SAAA,CAAU,cAAc,CAAA,EAAG,UAAS,IAAK,EAAA;AAElE,IAAA,IAAI,OAAA,GACF,WAAA,CAAY,UAAA,CAAW,OAAO,CAAA,IAC3B,WAAA,CAAY,UAAA,CAAW,kBAAkB,CAAA,IACxC,CAAC,WAAA,IAAe,OAAO,QAAA,KAAa,QAAA;AAI1C,IAAA,MAAM,MAAA,GAAU,KAAa,GAAA,CAAI,GAAA;AAEjC,IAAA,IAAI,OAAA,IAAW,MAAA,IAAU,IAAA,EAAM,iBAAA,EAAmB,IAAA,CAAK,CAAC,OAAA,KAAY,OAAA,CAAQ,IAAA,CAAK,MAAM,CAAC,CAAA,EAAG;AACzF,MAAA,OAAA,GAAU,KAAA;AAAA,IACZ;AAIA,IAAA,IAAI,CAAC,OAAA,EAAS;AAEZ,MAAA,OAAO,mBAAA,CAAoB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,IAC7C;AAGA,IAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,SAAA,CAAU,kBAAkB,CAAA;AACzD,IAAA,IAAI,QAAA;AACJ,IAAA,IAAI,SAAA,GAAkD,IAAA;AACtD,IAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,MAAA,SAAA,GAAY,QAAA;AACZ,MAAA,QAAA,GAAW,QAAA;AAAA,IACb,CAAA,MAAA,IAAW,CAAC,eAAA,EAAiB;AAC3B,MAAA,SAAA,GAAY,SAAA;AACZ,MAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,MAAA,QAAA,GAAW,OAAA,CAAQ,OAAO,QAAQ,CAAA;AAAA,IACpC,CAAA,MAAA,IAAW,oBAAoB,MAAA,EAAQ;AACrC,MAAA,SAAA,GAAY,MAAA;AAEZ,MAAA,IAAI,CAAE,KAAa,WAAA,EAAa;AAE9B,QAAC,IAAA,CAAa,WAAA,GAAc,CAAC,QAAQ,CAAA;AAAA,MACvC,CAAA,MAAO;AAEL,QAAC,IAAA,CAAa,WAAA,EAAa,IAAA,CAAK,QAAQ,CAAA;AACxC,QAAA,IAAI;AACF,UAAA,MAAM,aAAA,GAAgB,KAAK,SAAA,CAAU,MAAA,CAAO,OAAQ,IAAA,CAAa,WAAA,IAAe,EAAE,CAAA,EAAG;AAAA,YACnF,KAAA,EAAO,KAAK,SAAA,CAAU,YAAA;AAAA,YACtB,WAAA,EAAa,KAAK,SAAA,CAAU;AAAA,WAC7B,CAAA;AACD,UAAA,MAAM,gBAAA,GAAmB,aAAA,CAAc,QAAA,CAAS,OAAO,CAAA;AACvD,UAAA,QAAA,GAAW,gBAAA,CAAiB,SAAA,CAAW,IAAA,CAAa,kBAAA,IAAsB,CAAC,CAAA;AAC3E,UAAC,IAAA,CAAa,qBAAqB,gBAAA,CAAiB,MAAA;AAAA,QACtD,SAAS,GAAA,EAAK;AAAA,QAEd;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI,QAAA,EAAU;AAIZ,MAAA,IAAI;AACF,QAAA,YAAA,CAAa,QAAA,EAAU,EAAE,MAAA,EAAQ,8BAAA,EAAgC,MAAO,IAAA,CAAa,GAAA,CAAI,KAAK,CAAA;AAAA,MAChG,SAAS,GAAA,EAAK;AAGZ,QAAA,IAAI,MAAM,oBAAA,EAAsB;AAC9B,UAAA,QAAA,GAAW,sBAAsB,QAAQ,CAAA;AACzC,UAAA,IAAI,cAAc,QAAA,EAAU;AAC1B,YAAA,IAAA,CAAK,CAAC,CAAA,GAAI,QAAA;AAAA,UACZ,CAAA,MAAA,IAAW,cAAc,SAAA,EAAW;AAClC,YAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,YAAA,IAAA,CAAK,CAAC,CAAA,GAAI,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AAAA,UACnC,CAAA,MAAA,IAAW,cAAc,MAAA,EAAQ,CAQjC,MAAO;AACL,YAAA,MAAM,IAAI,KAAA,CAAM,CAAA,qCAAA,EAAwC,SAAS,CAAA,CAAE,CAAA;AAAA,UACrE;AAAA,QACF,CAAA,MAAO;AACL,UAAA,MAAM,GAAA;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAGA,IAAA,OAAO,mBAAA,CAAoB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC7C,CAAA,EAnGiC,mCAAA,CAAA;AAsGjC,EAAA,MAAM,iBAAA,GAAoB,eAAe,SAAA,CAAU,GAAA;AAEnD,EAAA,cAAA,CAAe,SAAA,CAAU,GAAA,mBAAM,MAAA,CAAA,SAAS,wBAAA,CAAA,GAA4B,IAAA,EAAM;AAExE,IAAA,MAAM,QAAA,GAAW,KAAK,CAAC,CAAA;AAEvB,IAAA,IAAI,QAAA,IAAY,OAAO,QAAA,KAAa,QAAA,EAAU;AAE5C,MAAA,YAAA,CAAa,QAAA,EAAU,EAAE,MAAA,EAAQ,4BAAA,EAA8B,CAAA;AAAA,IACjE;AAEA,IAAA,OAAO,iBAAA,CAAkB,KAAA,CAAM,IAAA,EAAM,IAAI,CAAA;AAAA,EAC3C,CAAA,EAV+B,0BAAA,CAAA;AAWjC;AAtIgB,MAAA,CAAA,yBAAA,EAAA,2BAAA,CAAA","file":"chunk-LP2TZNLG.js","sourcesContent":["/*\n This patches the global ServerResponse object to scan for secret leaks - currently used for next.js and remix\n*/\n\nimport zlib from 'node:zlib';\nimport { ServerResponse } from 'node:http';\nimport { redactSensitiveConfig, scanForLeaks, varlockSettings } from './env';\nimport { debug } from './lib/debug';\n\n// NOTE - previously was using a symbol but got weird because of multiple builds and contexts...\nconst patchedKey = '_patchedByVarlock';\nexport function patchGlobalServerResponse(opts?: {\n ignoreUrlPatterns?: Array<RegExp>,\n redactInsteadOfThrow?: boolean,\n}) {\n debug('⚡️ PATCHING global ServerResponse');\n if (Object.getOwnPropertyDescriptor(ServerResponse.prototype, patchedKey)) {\n debug('> already patched');\n return;\n }\n if (varlockSettings.preventLeaks === false) {\n debug('> disabled by settings');\n return;\n }\n\n Object.defineProperty(ServerResponse.prototype, patchedKey, { value: true });\n\n const serverResponseWrite = ServerResponse.prototype.write;\n\n // @ts-ignore\n ServerResponse.prototype.write = function varlockPatchedServerResponseWrite(...args) {\n // TODO: do we want to filter out some requests here? maybe based on the file type?\n\n const rawChunk = args[0];\n // console.log('⚡️ patched ServerResponse.write', rawChunk);\n\n // for now, we only scan rendered html... may need to change this though for server components?\n // so we bail if it looks like this response does not contain html\n const contentType = this.getHeader('content-type')?.toString() || '';\n // console.log('patched ServerResponse.write', contentType);\n let runScan = (\n contentType.startsWith('text/')\n || contentType.startsWith('application/json')\n || (!contentType && typeof rawChunk === 'string')\n // || contentType.startsWith('application/javascript')\n );\n\n const reqUrl = (this as any).req.url;\n // console.log('> scan ServerResponse.write', contentType, reqUrl);\n if (runScan && reqUrl && opts?.ignoreUrlPatterns?.some((pattern) => pattern.test(reqUrl))) {\n runScan = false;\n }\n\n // we want to run the scanner on text/html and text/x-component (server actions)\n // TODO: anything else?\n if (!runScan) {\n // @ts-ignore\n return serverResponseWrite.apply(this, args);\n }\n\n // have to deal with compressed data, which is awkward but possible\n const compressionType = this.getHeader('Content-Encoding');\n let chunkStr;\n let chunkType: 'string' | 'encoded' | 'gzip' | null = null;\n if (typeof rawChunk === 'string') {\n chunkType = 'string';\n chunkStr = rawChunk;\n } else if (!compressionType) {\n chunkType = 'encoded';\n const decoder = new TextDecoder();\n chunkStr = decoder.decode(rawChunk);\n } else if (compressionType === 'gzip') {\n chunkType = 'gzip';\n // first chunk of data contains only compression headers\n if (!(this as any)._zlibChunks) {\n // (this as any)._zlibHeadersChunk = rawChunk;\n (this as any)._zlibChunks = [rawChunk];\n } else {\n // TODO: figure out how we can unzip one chunk at a time instead of storing everything\n (this as any)._zlibChunks?.push(rawChunk);\n try {\n const unzippedChunk = zlib.unzipSync(Buffer.concat((this as any)._zlibChunks || []), {\n flush: zlib.constants.Z_SYNC_FLUSH,\n finishFlush: zlib.constants.Z_SYNC_FLUSH,\n });\n const fullUnzippedData = unzippedChunk.toString('utf-8');\n chunkStr = fullUnzippedData.substring((this as any)._lastChunkEndIndex || 0);\n (this as any)._lastChunkEndIndex = fullUnzippedData.length;\n } catch (err) {\n // console.log('error unzipping chunk', err);\n }\n }\n }\n // TODO: we may want to support other compression schemes? but currently only used in nextjs which is using gzip\n if (chunkStr) {\n // console.log('scanning!', chunkStr.substring(0, 1000));\n\n\n try {\n scanForLeaks(chunkStr, { method: 'patched ServerResponse.write', file: (this as any).req.url });\n } catch (err) {\n // console.log('found secret in chunk', chunkType, chunkStr);\n // console.log(this)\n if (opts?.redactInsteadOfThrow) {\n chunkStr = redactSensitiveConfig(chunkStr);\n if (chunkType === 'string') {\n args[0] = chunkStr;\n } else if (chunkType === 'encoded') {\n const encoder = new TextEncoder();\n args[0] = encoder.encode(chunkStr);\n } else if (chunkType === 'gzip') {\n // currently unable to scrub gzip chunks\n // this works sometimes, but othertimes causes decoding error\n // we'll need to pass through chunks from a new gzip stream, because we don't have access to the underlying one\n // args[0] = zlib.gzipSync(chunkStr, {\n // flush: zlib.constants.Z_SYNC_FLUSH,\n // finishFlush: zlib.constants.Z_SYNC_FLUSH,\n // });\n } else {\n throw new Error(`unable to scrub - unknown chunk type ${chunkType}`);\n }\n } else {\n throw err;\n }\n }\n }\n\n // @ts-ignore\n return serverResponseWrite.apply(this, args);\n };\n\n // calling `res.json()` in the api routes on pages router calls `res.end` without called `res.write`\n const serverResponseEnd = ServerResponse.prototype.end;\n // @ts-ignore\n ServerResponse.prototype.end = function patchedServerResponseEnd(...args) {\n // console.log('⚡️ patched ServerResponse.end');\n const endChunk = args[0];\n // this just needs to work (so far) for nextjs sending json bodies, so does not need to handle all cases...\n if (endChunk && typeof endChunk === 'string') {\n // TODO: currently this throws the error and then things just hang... do we want to try to return an error type response instead?\n scanForLeaks(endChunk, { method: 'patched ServerResponse.end' });\n }\n // @ts-ignore\n return serverResponseEnd.apply(this, args);\n };\n}\n\n"]}
package/dist/{chunk-MITVWKKH.js → chunk-MCI6K4Z5.js} RENAMED
@@ -1,6 +1,6 @@
1
1
  import { define } from './chunk-33ROL4J5.js';
2
- import { loadVarlockEnvGraph, checkForSchemaErrors, checkForConfigErrors } from './chunk-NGDIT6C3.js';
3
- import { gracefulExit } from './chunk-MLIGQWID.js';
2
+ import { loadVarlockEnvGraph, checkForSchemaErrors, checkForConfigErrors } from './chunk-AC7XNDNI.js';
3
+ import { gracefulExit } from './chunk-L7EDMUWK.js';
4
4
  import { __name } from './chunk-XN24GZXQ.js';
5
5
  import { execa } from 'execa';
6
6
  import which from 'which';
@@ -81,5 +81,5 @@ var commandFn = /* @__PURE__ */ __name(async (ctx) => {
81
81
  }, "commandFn");
82
82
 
83
83
  export { commandFn, commandSpec };
84
- //# sourceMappingURL=chunk-MITVWKKH.js.map
85
- //# sourceMappingURL=chunk-MITVWKKH.js.map
84
+ //# sourceMappingURL=chunk-MCI6K4Z5.js.map
85
+ //# sourceMappingURL=chunk-MCI6K4Z5.js.map
package/dist/{chunk-MITVWKKH.js.map → chunk-MCI6K4Z5.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/cli/commands/run.command.ts"],"names":[],"mappings":";;;;;;;AAUO,IAAM,cAAc,MAAA,CAAO;AAAA,EAChC,IAAA,EAAM,KAAA;AAAA,EACN,WAAA,EAAa,wDAAA;AAAA,EACb,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAOR,CAAC;AAED,IAAI,cAAA;AACJ,IAAI,6BAAA,GAAgC,KAAA;AAG7B,IAAM,SAAA,iCAA6D,GAAA,KAAQ;AAEhF,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA;AACjC,EAAA,IAAI,kBAAiC,EAAC;AACtC,EAAA,IAAI,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA,EAAG;AACvB,IAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAA;AACzC,IAAA,eAAA,GAAkB,IAAA,CAAK,KAAA,CAAM,eAAA,GAAkB,CAAC,CAAA;AAAA,EAClD,CAAA,MAAO;AACL,IAAA,MAAM,IAAI,MAAM,kFAAkF,CAAA;AAAA,EACpG;AACA,EAAA,MAAM,kBAAA,GAAqB,eAAA;AAC3B,EAAA,MAAM,eAAA,GAAkB,eAAA,CAAgB,IAAA,CAAK,GAAG,CAAA;AAEhD,EAAA,MAAM,UAAA,GAAa,mBAAmB,CAAC,CAAA;AACvC,EAAA,MAAM,eAAA,GAAkB,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAA;AAClD,EAAA,MAAM,mBAAmB,KAAA,CAAM,IAAA,CAAK,YAAY,EAAE,OAAA,EAAS,MAAM,CAAA;AAQjE,EAAA,MAAM,QAAA,GAAW,MAAM,mBAAA,EAAoB;AAC3C,EAAA,oBAAA,CAAqB,QAAQ,CAAA;AAC7B,EAAA,MAAM,SAAS,gBAAA,EAAiB;AAChC,EAAA,oBAAA,CAAqB,QAAQ,CAAA;AAI7B,EAAA,MAAM,WAAA,GAAc,SAAS,oBAAA,EAAqB;AAIlD,EAAA,MAAM,eAAA,GAAkB;AAAA,IACtB,GAAG,OAAA,CAAQ,GAAA;AAAA,IACX,GAAG,WAAA;AAAA,IACH,aAAA,EAAe,GAAA;AAAA;AAAA,IACf,aAAA,EAAe,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,oBAAoB;AAAA,GAC7D;AAEA,EAAA,cAAA,GAAiB,KAAA,CAAM,gBAAA,IAAoB,UAAA,EAAY,eAAA,EAAiB;AAAA,IACtE,KAAA,EAAO,SAAA;AAAA,IACP,GAAA,EAAK;AAAA,GACN,CAAA;AAKD,EAAyB;AAEvB,IAAA,OAAA,CAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,EAAY,OAAA,KAAiB;AAM/C,MAAA,cAAA,EAAgB,KAAK,CAAC,CAAA;AAAA,IACxB,CAAC,CAAA;AAED,IAAA,CAAC,SAAA,EAAW,QAAQ,CAAA,CAAE,OAAA,CAAQ,CAAC,MAAA,KAAW;AACxC,MAAA,OAAA,CAAQ,EAAA,CAAG,QAAQ,MAAM;AAEvB,QAAA,cAAA,EAAgB,KAAK,CAAC,CAAA;AACtB,QAAA,YAAA,CAAa,CAAC,CAAA;AAAA,MAChB,CAAC,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EAEH;AAGA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,gBAAgB,MAAM,cAAA;AAC5B,IAAA,QAAA,GAAW,aAAA,CAAc,QAAA;AAAA,EAC3B,SAAS,KAAA,EAAO;AAEd,IAAA,IAAK,KAAA,CAAc,MAAA,KAAW,QAAA,IAAY,6BAAA,EAA+B;AAOzE,IAAA,IAAK,KAAA,CAAc,MAAA,KAAW,QAAA,IAAa,KAAA,CAAc,WAAW,SAAA,EAAW;AAC7E,MAAA,YAAA,CAAa,CAAC,CAAA;AAAA,IAChB,CAAA,MAAO;AACL,MAAA,OAAA,CAAQ,GAAA,CAAK,MAAgB,OAAO,CAAA;AACpC,MAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,SAAA,EAAY,eAAe,CAAA,QAAA,CAAU,CAAA;AACjD,MAAA,OAAA,CAAQ,IAAI,2CAA2C,CAAA;AACvD,MAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AAAA,IAEzE;AACA,IAAA,QAAA,GAAY,MAAc,QAAA,IAAY,CAAA;AAAA,EACxC;AAYA,EAAqB;AACnB,IAAA,OAAO,aAAa,QAAQ,CAAA;AAAA,EAC9B;AAGF,CAAA,EA/GmE,WAAA","file":"chunk-MITVWKKH.js","sourcesContent":["import { execa, type ResultPromise } from 'execa';\nimport which from 'which';\nimport { define } from 'gunshi';\n\nimport { loadVarlockEnvGraph } from '../../lib/load-graph';\nimport { checkForConfigErrors, checkForSchemaErrors } from '../helpers/error-checks';\nimport { type TypedGunshiCommandFn } from '../helpers/gunshi-type-utils';\nimport { gracefulExit } from 'exit-hook';\n\n\nexport const commandSpec = define({\n name: 'run',\n description: 'Run a command with your environment variables injected',\n args: {\n // watch: {\n // type: 'boolean',\n // short: 'w',\n // description: 'Watch mode',\n // },\n },\n});\n\nlet commandProcess: ResultPromise | undefined;\nlet childCommandKilledFromRestart = false;\nconst isWatchModeRestart = false; // TODO: re-enable watch mode\n\nexport const commandFn: TypedGunshiCommandFn<typeof commandSpec> = async (ctx) => {\n // if \"--\" is present, split the args into our command and the rest, which will be another external command\n const argv = process.argv.slice(2);\n let restCommandArgs: Array<string> = [];\n if (argv.includes('--')) {\n const doubleDashIndex = argv.indexOf('--');\n restCommandArgs = argv.slice(doubleDashIndex + 1);\n } else {\n throw new Error('No command to run! Your command should look like `varlock run -- <your-command>`');\n }\n const commandToRunAsArgs = restCommandArgs;\n const commandToRunStr = restCommandArgs.join(' ');\n\n const rawCommand = commandToRunAsArgs[0];\n const commandArgsOnly = commandToRunAsArgs.slice(1);\n const pathAwareCommand = which.sync(rawCommand, { nothrow: true });\n\n // const isWatchEnabled = ctx.values.watch;\n const isWatchEnabled = false;\n\n // console.log('running command', pathAwareCommand || rawCommand, commandArgsOnly);\n\n\n const envGraph = await loadVarlockEnvGraph();\n checkForSchemaErrors(envGraph);\n await envGraph.resolveEnvValues();\n checkForConfigErrors(envGraph);\n\n // will fail above if there are any errors\n\n const resolvedEnv = envGraph.getResolvedEnvObject();\n // console.log(resolvedEnv);\n\n // needs more thought here\n const fullInjectedEnv = {\n ...process.env,\n ...resolvedEnv,\n __VARLOCK_RUN: '1', // flag for a child process to detect it is runnign via `varlock run`\n __VARLOCK_ENV: JSON.stringify(envGraph.getSerializedGraph()),\n };\n\n commandProcess = execa(pathAwareCommand || rawCommand, commandArgsOnly, {\n stdio: 'inherit',\n env: fullInjectedEnv,\n });\n // console.log('PARENT PID = ', process.pid);\n // console.log('CHILD PID = ', commandProcess.pid);\n\n // if first run, we need to attach some extra exit handling\n if (!isWatchModeRestart) {\n // try to make sure we shut down cleanly and kill the child process\n process.on('exit', (_code: any, _signal: any) => {\n // if (childCommandKilledFromRestart) {\n // childCommandKilledFromRestart = false;\n // return;\n // }\n // console.log('exit!', code, signal);\n commandProcess?.kill(9);\n });\n\n ['SIGTERM', 'SIGINT'].forEach((signal) => {\n process.on(signal, () => {\n // console.log('SIGNAL = ', signal);\n commandProcess?.kill(9);\n gracefulExit(1);\n });\n });\n // TODO: handle other signals?\n }\n\n\n let exitCode: any; // TODO: fix this any\n try {\n const commandResult = await commandProcess;\n exitCode = commandResult.exitCode;\n } catch (error) {\n // console.log('child command error!', error);\n if ((error as any).signal === 'SIGINT' && childCommandKilledFromRestart) {\n // console.log('child command failed due to being killed form restart');\n childCommandKilledFromRestart = false;\n return;\n }\n\n // console.log('child command result error', error);\n if ((error as any).signal === 'SIGINT' || (error as any).signal === 'SIGKILL') {\n gracefulExit(1);\n } else {\n console.log((error as Error).message);\n console.log(`command [${commandToRunStr}] failed`);\n console.log('try running the same command without dmno');\n console.log('if you get a different result, dmno may be the problem...');\n // console.log(`Please report issue here: <${REPORT_ISSUE_LINK}>`);\n }\n exitCode = (error as any).exitCode || 1;\n }\n\n if (isWatchEnabled) {\n if (!childCommandKilledFromRestart) {\n if (exitCode === 0) {\n console.log('\\n✅ command completed successfully');\n } else {\n console.log(`\\n💥 command failed - exit code = ${exitCode}`);\n }\n }\n }\n\n if (!isWatchEnabled) {\n return gracefulExit(exitCode);\n } else {\n console.log('... watching for changes ...');\n }\n};\n"]}
1
+ {"version":3,"sources":["../src/cli/commands/run.command.ts"],"names":[],"mappings":";;;;;;;AAUO,IAAM,cAAc,MAAA,CAAO;AAAA,EAChC,IAAA,EAAM,KAAA;AAAA,EACN,WAAA,EAAa,wDAAA;AAAA,EACb,IAAA,EAAM;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAOR,CAAC;AAED,IAAI,cAAA;AACJ,IAAI,6BAAA,GAAgC,KAAA;AAG7B,IAAM,SAAA,iCAA6D,GAAA,KAAQ;AAEhF,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,IAAA,CAAK,KAAA,CAAM,CAAC,CAAA;AACjC,EAAA,IAAI,kBAAiC,EAAC;AACtC,EAAA,IAAI,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA,EAAG;AACvB,IAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAA;AACzC,IAAA,eAAA,GAAkB,IAAA,CAAK,KAAA,CAAM,eAAA,GAAkB,CAAC,CAAA;AAAA,EAClD,CAAA,MAAO;AACL,IAAA,MAAM,IAAI,MAAM,kFAAkF,CAAA;AAAA,EACpG;AACA,EAAA,MAAM,kBAAA,GAAqB,eAAA;AAC3B,EAAA,MAAM,eAAA,GAAkB,eAAA,CAAgB,IAAA,CAAK,GAAG,CAAA;AAEhD,EAAA,MAAM,UAAA,GAAa,mBAAmB,CAAC,CAAA;AACvC,EAAA,MAAM,eAAA,GAAkB,kBAAA,CAAmB,KAAA,CAAM,CAAC,CAAA;AAClD,EAAA,MAAM,mBAAmB,KAAA,CAAM,IAAA,CAAK,YAAY,EAAE,OAAA,EAAS,MAAM,CAAA;AAQjE,EAAA,MAAM,QAAA,GAAW,MAAM,mBAAA,EAAoB;AAC3C,EAAA,oBAAA,CAAqB,QAAQ,CAAA;AAC7B,EAAA,MAAM,SAAS,gBAAA,EAAiB;AAChC,EAAA,oBAAA,CAAqB,QAAQ,CAAA;AAI7B,EAAA,MAAM,WAAA,GAAc,SAAS,oBAAA,EAAqB;AAIlD,EAAA,MAAM,eAAA,GAAkB;AAAA,IACtB,GAAG,OAAA,CAAQ,GAAA;AAAA,IACX,GAAG,WAAA;AAAA,IACH,aAAA,EAAe,GAAA;AAAA;AAAA,IACf,aAAA,EAAe,IAAA,CAAK,SAAA,CAAU,QAAA,CAAS,oBAAoB;AAAA,GAC7D;AAEA,EAAA,cAAA,GAAiB,KAAA,CAAM,gBAAA,IAAoB,UAAA,EAAY,eAAA,EAAiB;AAAA,IACtE,KAAA,EAAO,SAAA;AAAA,IACP,GAAA,EAAK;AAAA,GACN,CAAA;AAKD,EAAyB;AAEvB,IAAA,OAAA,CAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,KAAA,EAAY,OAAA,KAAiB;AAM/C,MAAA,cAAA,EAAgB,KAAK,CAAC,CAAA;AAAA,IACxB,CAAC,CAAA;AAED,IAAA,CAAC,SAAA,EAAW,QAAQ,CAAA,CAAE,OAAA,CAAQ,CAAC,MAAA,KAAW;AACxC,MAAA,OAAA,CAAQ,EAAA,CAAG,QAAQ,MAAM;AAEvB,QAAA,cAAA,EAAgB,KAAK,CAAC,CAAA;AACtB,QAAA,YAAA,CAAa,CAAC,CAAA;AAAA,MAChB,CAAC,CAAA;AAAA,IACH,CAAC,CAAA;AAAA,EAEH;AAGA,EAAA,IAAI,QAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAM,gBAAgB,MAAM,cAAA;AAC5B,IAAA,QAAA,GAAW,aAAA,CAAc,QAAA;AAAA,EAC3B,SAAS,KAAA,EAAO;AAEd,IAAA,IAAK,KAAA,CAAc,MAAA,KAAW,QAAA,IAAY,6BAAA,EAA+B;AAOzE,IAAA,IAAK,KAAA,CAAc,MAAA,KAAW,QAAA,IAAa,KAAA,CAAc,WAAW,SAAA,EAAW;AAC7E,MAAA,YAAA,CAAa,CAAC,CAAA;AAAA,IAChB,CAAA,MAAO;AACL,MAAA,OAAA,CAAQ,GAAA,CAAK,MAAgB,OAAO,CAAA;AACpC,MAAA,OAAA,CAAQ,GAAA,CAAI,CAAA,SAAA,EAAY,eAAe,CAAA,QAAA,CAAU,CAAA;AACjD,MAAA,OAAA,CAAQ,IAAI,2CAA2C,CAAA;AACvD,MAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AAAA,IAEzE;AACA,IAAA,QAAA,GAAY,MAAc,QAAA,IAAY,CAAA;AAAA,EACxC;AAYA,EAAqB;AACnB,IAAA,OAAO,aAAa,QAAQ,CAAA;AAAA,EAC9B;AAGF,CAAA,EA/GmE,WAAA","file":"chunk-MCI6K4Z5.js","sourcesContent":["import { execa, type ResultPromise } from 'execa';\nimport which from 'which';\nimport { define } from 'gunshi';\n\nimport { loadVarlockEnvGraph } from '../../lib/load-graph';\nimport { checkForConfigErrors, checkForSchemaErrors } from '../helpers/error-checks';\nimport { type TypedGunshiCommandFn } from '../helpers/gunshi-type-utils';\nimport { gracefulExit } from 'exit-hook';\n\n\nexport const commandSpec = define({\n name: 'run',\n description: 'Run a command with your environment variables injected',\n args: {\n // watch: {\n // type: 'boolean',\n // short: 'w',\n // description: 'Watch mode',\n // },\n },\n});\n\nlet commandProcess: ResultPromise | undefined;\nlet childCommandKilledFromRestart = false;\nconst isWatchModeRestart = false; // TODO: re-enable watch mode\n\nexport const commandFn: TypedGunshiCommandFn<typeof commandSpec> = async (ctx) => {\n // if \"--\" is present, split the args into our command and the rest, which will be another external command\n const argv = process.argv.slice(2);\n let restCommandArgs: Array<string> = [];\n if (argv.includes('--')) {\n const doubleDashIndex = argv.indexOf('--');\n restCommandArgs = argv.slice(doubleDashIndex + 1);\n } else {\n throw new Error('No command to run! Your command should look like `varlock run -- <your-command>`');\n }\n const commandToRunAsArgs = restCommandArgs;\n const commandToRunStr = restCommandArgs.join(' ');\n\n const rawCommand = commandToRunAsArgs[0];\n const commandArgsOnly = commandToRunAsArgs.slice(1);\n const pathAwareCommand = which.sync(rawCommand, { nothrow: true });\n\n // const isWatchEnabled = ctx.values.watch;\n const isWatchEnabled = false;\n\n // console.log('running command', pathAwareCommand || rawCommand, commandArgsOnly);\n\n\n const envGraph = await loadVarlockEnvGraph();\n checkForSchemaErrors(envGraph);\n await envGraph.resolveEnvValues();\n checkForConfigErrors(envGraph);\n\n // will fail above if there are any errors\n\n const resolvedEnv = envGraph.getResolvedEnvObject();\n // console.log(resolvedEnv);\n\n // needs more thought here\n const fullInjectedEnv = {\n ...process.env,\n ...resolvedEnv,\n __VARLOCK_RUN: '1', // flag for a child process to detect it is runnign via `varlock run`\n __VARLOCK_ENV: JSON.stringify(envGraph.getSerializedGraph()),\n };\n\n commandProcess = execa(pathAwareCommand || rawCommand, commandArgsOnly, {\n stdio: 'inherit',\n env: fullInjectedEnv,\n });\n // console.log('PARENT PID = ', process.pid);\n // console.log('CHILD PID = ', commandProcess.pid);\n\n // if first run, we need to attach some extra exit handling\n if (!isWatchModeRestart) {\n // try to make sure we shut down cleanly and kill the child process\n process.on('exit', (_code: any, _signal: any) => {\n // if (childCommandKilledFromRestart) {\n // childCommandKilledFromRestart = false;\n // return;\n // }\n // console.log('exit!', code, signal);\n commandProcess?.kill(9);\n });\n\n ['SIGTERM', 'SIGINT'].forEach((signal) => {\n process.on(signal, () => {\n // console.log('SIGNAL = ', signal);\n commandProcess?.kill(9);\n gracefulExit(1);\n });\n });\n // TODO: handle other signals?\n }\n\n\n let exitCode: any; // TODO: fix this any\n try {\n const commandResult = await commandProcess;\n exitCode = commandResult.exitCode;\n } catch (error) {\n // console.log('child command error!', error);\n if ((error as any).signal === 'SIGINT' && childCommandKilledFromRestart) {\n // console.log('child command failed due to being killed form restart');\n childCommandKilledFromRestart = false;\n return;\n }\n\n // console.log('child command result error', error);\n if ((error as any).signal === 'SIGINT' || (error as any).signal === 'SIGKILL') {\n gracefulExit(1);\n } else {\n console.log((error as Error).message);\n console.log(`command [${commandToRunStr}] failed`);\n console.log('try running the same command without dmno');\n console.log('if you get a different result, dmno may be the problem...');\n // console.log(`Please report issue here: <${REPORT_ISSUE_LINK}>`);\n }\n exitCode = (error as any).exitCode || 1;\n }\n\n if (isWatchEnabled) {\n if (!childCommandKilledFromRestart) {\n if (exitCode === 0) {\n console.log('\\n✅ command completed successfully');\n } else {\n console.log(`\\n💥 command failed - exit code = ${exitCode}`);\n }\n }\n }\n\n if (!isWatchEnabled) {\n return gracefulExit(exitCode);\n } else {\n console.log('... watching for changes ...');\n }\n};\n"]}
package/dist/chunk-N2OUB4BD.js ADDED
@@ -0,0 +1,18 @@
1
+ import { patchGlobalResponse } from './chunk-45I4KZVI.js';
2
+ import { patchGlobalServerResponse } from './chunk-LP2TZNLG.js';
3
+ import { execSyncVarlock } from './chunk-FUDH2TTI.js';
4
+ import { patchGlobalConsole } from './chunk-4J42SJDB.js';
5
+ import { initVarlockEnv } from './chunk-JNQQJ3GM.js';
6
+
7
+ // src/auto-load.ts
8
+ var execResult = execSyncVarlock("load --format json-full-compact", {
9
+ exitOnError: true,
10
+ showLogsOnError: true
11
+ });
12
+ process.env.__VARLOCK_ENV = execResult;
13
+ initVarlockEnv();
14
+ patchGlobalConsole();
15
+ patchGlobalServerResponse();
16
+ patchGlobalResponse();
17
+ //# sourceMappingURL=chunk-N2OUB4BD.js.map
18
+ //# sourceMappingURL=chunk-N2OUB4BD.js.map
package/dist/{chunk-NMJ5YL5I.js.map → chunk-N2OUB4BD.js.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/auto-load.ts"],"names":[],"mappings":";;;;;;;AAaA,IAAM,UAAA,GAAa,gBAAgB,yBAAA,EAA2B;AAAA,EAC5D,WAAA,EAAa,IAAA;AAAA,EACb,eAAA,EAAiB;AACnB,CAAC,CAAA;AACD,OAAA,CAAQ,IAAI,aAAA,GAAgB,UAAA;AAG5B,cAAA,EAAe;AAEf,kBAAA,EAAmB;AACnB,yBAAA,EAA0B;AAC1B,mBAAA,EAAoB","file":"chunk-NMJ5YL5I.js","sourcesContent":["import { execSyncVarlock } from './lib/exec-sync-varlock';\n\nimport { initVarlockEnv } from './runtime/env';\nimport { patchGlobalConsole } from './runtime/patch-console';\nimport { patchGlobalServerResponse } from './runtime/patch-server-response';\nimport { patchGlobalResponse } from './runtime/patch-response';\n\n// The varlock loading process uses async calls, but we need this to run synchronously.\n// because even with top level await, we run into hoisting issues where things happen out of order\n// so we call out to the CLI using execSync\n// this also isolates the varlock loading process from the end user process\n\n\nconst execResult = execSyncVarlock('load --format json-full', {\n exitOnError: true,\n showLogsOnError: true,\n});\nprocess.env.__VARLOCK_ENV = execResult;\n\n// initialize varlock and patch globals as necessary\ninitVarlockEnv();\n// these will be no-ops if these are disabled by settings\npatchGlobalConsole();\npatchGlobalServerResponse();\npatchGlobalResponse();\n\n"]}
1
+ {"version":3,"sources":["../src/auto-load.ts"],"names":[],"mappings":";;;;;;;AAaA,IAAM,UAAA,GAAa,gBAAgB,iCAAA,EAAmC;AAAA,EACpE,WAAA,EAAa,IAAA;AAAA,EACb,eAAA,EAAiB;AACnB,CAAC,CAAA;AACD,OAAA,CAAQ,IAAI,aAAA,GAAgB,UAAA;AAG5B,cAAA,EAAe;AAEf,kBAAA,EAAmB;AACnB,yBAAA,EAA0B;AAC1B,mBAAA,EAAoB","file":"chunk-N2OUB4BD.js","sourcesContent":["import { execSyncVarlock } from './lib/exec-sync-varlock';\n\nimport { initVarlockEnv } from './runtime/env';\nimport { patchGlobalConsole } from './runtime/patch-console';\nimport { patchGlobalServerResponse } from './runtime/patch-server-response';\nimport { patchGlobalResponse } from './runtime/patch-response';\n\n// The varlock loading process uses async calls, but we need this to run synchronously.\n// because even with top level await, we run into hoisting issues where things happen out of order\n// so we call out to the CLI using execSync\n// this also isolates the varlock loading process from the end user process\n\n\nconst execResult = execSyncVarlock('load --format json-full-compact', {\n exitOnError: true,\n showLogsOnError: true,\n});\nprocess.env.__VARLOCK_ENV = execResult;\n\n// initialize varlock and patch globals as necessary\ninitVarlockEnv();\n// these will be no-ops if these are disabled by settings\npatchGlobalConsole();\npatchGlobalServerResponse();\npatchGlobalResponse();\n\n"]}
package/dist/cli/cli-executable.js CHANGED
@@ -1,18 +1,18 @@
1
- import { commandSpec as commandSpec$4 } from '../chunk-LIIRL4NK.js';
2
- import { commandSpec } from '../chunk-GY623P3W.js';
3
- import { CliExitError, fmt } from '../chunk-DTNPJJH4.js';
4
- import { commandSpec as commandSpec$1 } from '../chunk-7L3IF2MK.js';
5
- import { commandSpec as commandSpec$2 } from '../chunk-MITVWKKH.js';
1
+ import { commandSpec as commandSpec$4 } from '../chunk-22IQ3KIQ.js';
2
+ import { commandSpec } from '../chunk-IE6XJ6ZT.js';
3
+ import { CliExitError, fmt } from '../chunk-JD35HZ4B.js';
4
+ import { commandSpec as commandSpec$1 } from '../chunk-EKBUU5TW.js';
5
+ import { commandSpec as commandSpec$2 } from '../chunk-MCI6K4Z5.js';
6
6
  import { commandSpec as commandSpec$3 } from '../chunk-RZT65DRA.js';
7
7
  import { cli } from '../chunk-33ROL4J5.js';
8
- import { InvalidEnvError } from '../chunk-NGDIT6C3.js';
9
- import { ansis_default, gracefulExit, asyncExitHook } from '../chunk-MLIGQWID.js';
8
+ import { InvalidEnvError } from '../chunk-AC7XNDNI.js';
9
+ import { ansis_default, gracefulExit, asyncExitHook } from '../chunk-L7EDMUWK.js';
10
10
  import '../chunk-FGMXIEFA.js';
11
11
  import { __commonJS, __name, __toESM } from '../chunk-XN24GZXQ.js';
12
12
  import os2 from 'os';
13
13
  import crypto, { createHash } from 'crypto';
14
14
  import { join, dirname } from 'path';
15
- import fs, { readFileSync, existsSync, mkdirSync, writeFileSync } from 'fs';
15
+ import fs, { existsSync, readFileSync, mkdirSync, writeFileSync } from 'fs';
16
16
  import Debug from 'debug';
17
17
  import process2 from 'process';
18
18
 
@@ -572,7 +572,7 @@ var is_wsl_default = process2.env.__IS_WSL_TEST__ ? isWsl : isWsl();
572
572
 
573
573
  // package.json
574
574
  var package_default = {
575
- version: "0.1.0"};
575
+ version: "0.1.2"};
576
576
 
577
577
  // src/config.ts
578
578
  var CONFIG = {
@@ -584,53 +584,130 @@ var CONFIG = {
584
584
  // src/cli/helpers/telemetry.ts
585
585
  var debug = Debug("varlock:telemetry");
586
586
  var TRUE_ENV_VAR_VALUES = ["true", "1", "t"];
587
- var varlockConfigDirPath = join(os2.homedir(), ".varlock");
588
- var varlockConfigFilePath = join(varlockConfigDirPath, "config.json");
589
- var varlockConfigFileContents;
590
- function getConfigFileContents() {
591
- if (varlockConfigFileContents) return varlockConfigFileContents;
587
+ var userVarlockDirPath = join(os2.homedir(), ".varlock");
588
+ var userVarlockConfigFilePath = join(userVarlockDirPath, "config.json");
589
+ var userVarlockConfig;
590
+ var projectVarlockConfig;
591
+ var mergedVarlockConfigFileContents;
592
+ var _gitDirPath;
593
+ var _varlockDirPath;
594
+ var _projectRootDirPath;
595
+ var _foundProjectRoot = false;
596
+ function findProjectDirs() {
597
+ if (!_foundProjectRoot) {
598
+ let currentDir = process.cwd();
599
+ while (currentDir) {
600
+ const possibleGitDirPath = join(currentDir, ".git");
601
+ if (!_gitDirPath && existsSync(possibleGitDirPath)) {
602
+ _gitDirPath = possibleGitDirPath;
603
+ }
604
+ const possibleVarlockDirPath = join(currentDir, ".varlock");
605
+ if (!_varlockDirPath && possibleVarlockDirPath !== userVarlockDirPath && existsSync(possibleVarlockDirPath)) {
606
+ _varlockDirPath = possibleVarlockDirPath;
607
+ }
608
+ const parentDir = dirname(currentDir);
609
+ if (parentDir === currentDir) break;
610
+ currentDir = parentDir;
611
+ }
612
+ if (_gitDirPath) _projectRootDirPath = dirname(_gitDirPath);
613
+ else if (_varlockDirPath) _projectRootDirPath = dirname(_varlockDirPath);
614
+ else _projectRootDirPath = process.cwd();
615
+ _foundProjectRoot = true;
616
+ }
617
+ return {
618
+ gitDirPath: _gitDirPath,
619
+ varlockDirPath: _varlockDirPath,
620
+ projectRootDirPath: _projectRootDirPath
621
+ };
622
+ }
623
+ __name(findProjectDirs, "findProjectDirs");
624
+ function loadVarlockConfig() {
625
+ if (mergedVarlockConfigFileContents) return mergedVarlockConfigFileContents;
592
626
  try {
593
- const configContent = readFileSync(varlockConfigFilePath, "utf-8");
594
- varlockConfigFileContents = JSON.parse(configContent);
595
- return varlockConfigFileContents;
596
- } catch (error) {
597
- debug("Failed to read varlock config:", error);
598
- return {};
627
+ const userConfigStr = readFileSync(userVarlockConfigFilePath, "utf-8");
628
+ userVarlockConfig = userConfigStr.trim() ? JSON.parse(userConfigStr) : void 0;
629
+ } catch (err) {
630
+ if (err instanceof Error && "code" in err && err.code === "ENOENT") {
631
+ debug(`User varlock config file not found - ${userVarlockConfigFilePath}`);
632
+ } else if (err instanceof SyntaxError) {
633
+ throw new Error(`Invalid JSON in project varlock config - ${userVarlockConfigFilePath}`, { cause: err });
634
+ } else {
635
+ throw new Error(`Problem reading project varlock config - ${userVarlockConfigFilePath}`, { cause: err });
636
+ }
599
637
  }
638
+ const { varlockDirPath } = findProjectDirs();
639
+ if (varlockDirPath) {
640
+ const projectVarlockConfigPath = join(varlockDirPath, "config.json");
641
+ try {
642
+ const projectConfigStr = readFileSync(projectVarlockConfigPath, "utf-8");
643
+ projectVarlockConfig = projectConfigStr.trim() ? JSON.parse(projectConfigStr) : void 0;
644
+ } catch (err) {
645
+ if (err instanceof Error && "code" in err && err.code === "ENOENT") {
646
+ debug(`Project varlock config file not found - ${projectVarlockConfigPath}`);
647
+ } else if (err instanceof SyntaxError) {
648
+ throw new Error(`Invalid JSON in project varlock config - ${projectVarlockConfigPath}`, { cause: err });
649
+ } else {
650
+ throw new Error(`Problem reading project varlock config - ${projectVarlockConfigPath}`, { cause: err });
651
+ }
652
+ }
653
+ if (projectVarlockConfig?.anonymousId) throw new Error("Anonymous ID should not be set in project varlock config");
654
+ }
655
+ mergedVarlockConfigFileContents = {
656
+ ...userVarlockConfig,
657
+ ...projectVarlockConfig
658
+ };
659
+ return mergedVarlockConfigFileContents;
600
660
  }
601
- __name(getConfigFileContents, "getConfigFileContents");
661
+ __name(loadVarlockConfig, "loadVarlockConfig");
602
662
  var cachedAnonymousId;
603
663
  function getAnonymousId() {
604
664
  if (cachedAnonymousId) return cachedAnonymousId;
605
- const configFileContents = getConfigFileContents();
606
- if (configFileContents?.anonymousId) {
607
- cachedAnonymousId = configFileContents.anonymousId;
608
- return configFileContents.anonymousId;
665
+ const varlockConfig = loadVarlockConfig();
666
+ if (varlockConfig?.anonymousId) {
667
+ cachedAnonymousId = varlockConfig.anonymousId;
668
+ return varlockConfig.anonymousId;
609
669
  }
610
670
  const newAnonymousId = `${import_ci_info.isCI ? "ci-" : ""}${crypto.randomUUID()}`;
611
- if (!existsSync(varlockConfigDirPath)) {
612
- mkdirSync(varlockConfigDirPath, { recursive: true });
671
+ try {
672
+ if (!existsSync(userVarlockDirPath)) {
673
+ mkdirSync(userVarlockDirPath, { recursive: true });
674
+ }
675
+ writeFileSync(
676
+ userVarlockConfigFilePath,
677
+ JSON.stringify({
678
+ ...userVarlockConfig,
679
+ anonymousId: newAnonymousId
680
+ }, null, 2),
681
+ { flag: "w" }
682
+ );
683
+ } catch (err) {
684
+ if (os2.homedir() === "/dev/null") {
685
+ console.error([
686
+ "Your HOME directory is not set - probably because you are running within Docker.",
687
+ "Please set HOME within your Dockerfile to a writable directory.",
688
+ "For example: `ENV HOME=/app/.home` (or whatever directory you want to use)."
689
+ ].join("\n"));
690
+ } else {
691
+ console.error([
692
+ "There was a problem writing to the ~/.varlock folder",
693
+ err.message,
694
+ "Please ensure your home folder (or at least the ~/.varlock folder) is writable"
695
+ ].join("\n"));
696
+ }
697
+ gracefulExit(1);
613
698
  }
614
- writeFileSync(
615
- varlockConfigFilePath,
616
- JSON.stringify({
617
- ...configFileContents,
618
- anonymousId: newAnonymousId
619
- }, null, 2),
620
- { flag: "w" }
621
- );
622
699
  cachedAnonymousId = newAnonymousId;
623
700
  return newAnonymousId;
624
701
  }
625
702
  __name(getAnonymousId, "getAnonymousId");
626
703
  function checkIsOptedOut() {
627
- if (process.env.PH_OPT_OUT === "true" || TRUE_ENV_VAR_VALUES.includes((process.env.VARLOCK_TELEMETRY_DISABLED || "").toLowerCase())) {
704
+ if (process.env.PH_OPT_OUT === "true" || process.env.VARLOCK_TELEMETRY_DISABLED && TRUE_ENV_VAR_VALUES.includes(process.env.VARLOCK_TELEMETRY_DISABLED.toLowerCase())) {
628
705
  debug("telemetry opted out - env var");
629
706
  return true;
630
707
  }
631
- const varlockConfigFile = getConfigFileContents();
632
- if (varlockConfigFile?.analytics_opt_out || varlockConfigFile?.telemetryDisabled) {
633
- debug("telemetry opted out - config file");
708
+ const varlockConfig = loadVarlockConfig();
709
+ if (varlockConfig?.analytics_opt_out || varlockConfig?.telemetryDisabled) {
710
+ debug(`telemetry opted out - config file (${projectVarlockConfig?.telemetryDisabled ? "project" : "user"} config)`);
634
711
  return true;
635
712
  }
636
713
  return false;
@@ -646,21 +723,10 @@ function anonymizeValue(payload) {
646
723
  }
647
724
  __name(anonymizeValue, "anonymizeValue");
648
725
  function getProjectGitRemoteUrl() {
726
+ findProjectDirs();
727
+ if (!_gitDirPath) return void 0;
649
728
  try {
650
- let gitDirPath;
651
- let currentDir = process.cwd();
652
- while (currentDir) {
653
- const possibleGitDirPath = join(currentDir, ".git");
654
- if (existsSync(possibleGitDirPath)) {
655
- gitDirPath = possibleGitDirPath;
656
- break;
657
- }
658
- const parentDir = dirname(currentDir);
659
- if (parentDir === currentDir) break;
660
- currentDir = parentDir;
661
- }
662
- if (!gitDirPath) return void 0;
663
- const gitConfigContents = readFileSync(join(gitDirPath, "config"), "utf-8");
729
+ const gitConfigContents = readFileSync(join(_gitDirPath, "config"), "utf-8");
664
730
  const remoteUpstreamPos = gitConfigContents.indexOf('[remote "upstream"]');
665
731
  if (remoteUpstreamPos !== -1) {
666
732
  const remoteUpstreamUrl = gitConfigContents.slice(remoteUpstreamPos).match(/url = (.+)/)?.[1];
@@ -720,7 +786,7 @@ async function posthogCapture(event, properties) {
720
786
  ...telemetryMeta,
721
787
  ...properties
722
788
  },
723
- distinct_id: getAnonymousId()
789
+ distinct_id: isOptedOut ? "---" : getAnonymousId()
724
790
  };
725
791
  debug(`track${isOptedOut ? " (disabled)" : ""}`, payload);
726
792
  if (isOptedOut) return;
@@ -766,11 +832,11 @@ function buildLazyCommand(commandSpec6, loadCommandFn) {
766
832
  }
767
833
  __name(buildLazyCommand, "buildLazyCommand");
768
834
  var subCommands = /* @__PURE__ */ new Map();
769
- subCommands.set("init", buildLazyCommand(commandSpec, async () => await import('../init.command-ASK74XBV.js')));
770
- subCommands.set("load", buildLazyCommand(commandSpec$1, async () => await import('../load.command-VUKBSBEV.js')));
771
- subCommands.set("run", buildLazyCommand(commandSpec$2, async () => await import('../run.command-XQ64Z2TN.js')));
835
+ subCommands.set("init", buildLazyCommand(commandSpec, async () => await import('../init.command-SN75V3QA.js')));
836
+ subCommands.set("load", buildLazyCommand(commandSpec$1, async () => await import('../load.command-TARAAWET.js')));
837
+ subCommands.set("run", buildLazyCommand(commandSpec$2, async () => await import('../run.command-AINTNA4H.js')));
772
838
  subCommands.set("help", buildLazyCommand(commandSpec$3, async () => await import('../help.command-B7VWA53B.js')));
773
- subCommands.set("telemetry", buildLazyCommand(commandSpec$4, async () => await import('../telemetry.command-HHZVBFC7.js')));
839
+ subCommands.set("telemetry", buildLazyCommand(commandSpec$4, async () => await import('../telemetry.command-KRV5EY2Z.js')));
774
840
  (/* @__PURE__ */ __name(async function go() {
775
841
  try {
776
842
  let args = process.argv.slice(2);