From 05930eadcc08a953bc22ecf1b3c5582cd2bb448c Mon Sep 17 00:00:00 2001 From: jdalton Date: Mon, 15 Sep 2025 23:10:02 -0400 Subject: [PATCH 1/5] Bump to v1.1.12 --- CHANGELOG.md | 15 +++++++++++++++ package.json | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fa5fe9f76..292031ebf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,21 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). +## [1.1.12](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.12) - 2025-09-15 + +### Fixed +- Resolved runtime error when processing security alerts + +## [1.1.11](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.11) - 2025-09-12 + +### Fixed +- Updated Socket SDK to resolve issues with multipart uploads + +## [1.1.10](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.10) - 2025-09-11 + +### Changed +- Enhanced command argument filtering for improved compatibility with npm and cdxgen integrations + ## [1.1.9](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.9) - 2025-09-11 ### Added diff --git a/package.json b/package.json index a798acc9c..a18327c1a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "socket", - "version": "1.1.11", + "version": "1.1.12", "description": "CLI for Socket.dev", "homepage": "https://github.com/SocketDev/socket-cli", "license": "MIT AND OFL-1.1", From ec638417322c134fcbea5ec26a1f5648b883fbd8 Mon Sep 17 00:00:00 2001 From: barslev Date: Tue, 16 Sep 2025 05:38:37 +0200 Subject: [PATCH 2/5] Add --output-file and --compute-fixes-only to socket fix --- src/commands/fix/cmd-fix.mts | 17 +++++++++++++++++ src/commands/fix/coana-fix.mts | 13 ++++++++++++- src/commands/fix/handle-fix.mts | 6 ++++++ src/commands/fix/types.mts | 2 ++ 4 files changed, 37 insertions(+), 1 deletion(-) diff --git a/src/commands/fix/cmd-fix.mts b/src/commands/fix/cmd-fix.mts index 150d9386e..599f0cfa2 100644 --- a/src/commands/fix/cmd-fix.mts +++ b/src/commands/fix/cmd-fix.mts @@ -83,6 +83,17 @@ Available styles: * preserve - Retain the existing version range style as-is `.trim(), }, + outputFile: { + type: 'string', + default: '', + description: 'Path to store result as json.', + }, + computeFixesOnly: { + type: 'boolean', + default: false, + description: + 'Compute fixes only, do not apply them. Logs what upgrades would be applied. If combined with --output-file, the output file will contain the upgrades that would be applied.', + }, } const hiddenFlags: MeowFlags = { @@ -188,6 +199,8 @@ async function run( // We patched in this feature with `npx custompatch meow` at // socket-cli/patches/meow#13.2.0.patch. unknownFlags = [], + outputFile, + computeFixesOnly, } = cli.flags as { autopilot: boolean limit: number @@ -198,6 +211,8 @@ async function run( prCheck: boolean rangeStyle: RangeStyle unknownFlags?: string[] + outputFile: string + computeFixesOnly: boolean } const dryRun = !!cli.flags['dryRun'] @@ -266,5 +281,7 @@ async function run( rangeStyle, spinner, unknownFlags, + computeFixesOnly, + outputFile, }) } diff --git a/src/commands/fix/coana-fix.mts b/src/commands/fix/coana-fix.mts index 635907b67..4bdf1b0d4 100644 --- a/src/commands/fix/coana-fix.mts +++ b/src/commands/fix/coana-fix.mts @@ -37,7 +37,16 @@ import type { CResult } from '../../types.mts' export async function coanaFix( fixConfig: FixConfig, ): Promise> { - const { autopilot, cwd, ghsas, limit, orgSlug, spinner } = fixConfig + const { + autopilot, + cwd, + ghsas, + limit, + orgSlug, + spinner, + computeFixesOnly, + outputFile, + } = fixConfig const fixEnv = await getFixEnv() debugDir('inspect', { fixEnv }) @@ -108,6 +117,8 @@ export async function coanaFix( ? ['--range-style', fixConfig.rangeStyle] : []), ...fixConfig.unknownFlags, + ...(computeFixesOnly ? ['--dry-run'] : []), + ...(outputFile ? ['--output-file', outputFile] : []), ], fixConfig.orgSlug, { cwd, spinner, stdio: 'inherit' }, diff --git a/src/commands/fix/handle-fix.mts b/src/commands/fix/handle-fix.mts index 6b4abdc28..5993ac2df 100644 --- a/src/commands/fix/handle-fix.mts +++ b/src/commands/fix/handle-fix.mts @@ -18,6 +18,8 @@ export type HandleFixConfig = Remap< orgSlug: string outputKind: OutputKind unknownFlags: string[] + computeFixesOnly: boolean + outputFile: string } > @@ -97,6 +99,8 @@ export async function handleFix({ rangeStyle, spinner, unknownFlags, + computeFixesOnly, + outputFile, }: HandleFixConfig) { await outputFixResult( await coanaFix({ @@ -111,6 +115,8 @@ export async function handleFix({ rangeStyle, spinner, unknownFlags, + computeFixesOnly, + outputFile, }), outputKind, ) diff --git a/src/commands/fix/types.mts b/src/commands/fix/types.mts index 789711f73..325365fdf 100644 --- a/src/commands/fix/types.mts +++ b/src/commands/fix/types.mts @@ -12,4 +12,6 @@ export type FixConfig = { rangeStyle: RangeStyle spinner: Spinner | undefined unknownFlags: string[] + computeFixesOnly: boolean + outputFile: string } From 0c8c83f8f62ca8f67427825658b964242b85459e Mon Sep 17 00:00:00 2001 From: Benjamin Barslev Nielsen Date: Tue, 16 Sep 2025 11:10:45 +0200 Subject: [PATCH 3/5] Update outputFile description for clarity Signed-off-by: Benjamin Barslev Nielsen --- src/commands/fix/cmd-fix.mts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/commands/fix/cmd-fix.mts b/src/commands/fix/cmd-fix.mts index 599f0cfa2..5d3bc5e1d 100644 --- a/src/commands/fix/cmd-fix.mts +++ b/src/commands/fix/cmd-fix.mts @@ -86,7 +86,7 @@ Available styles: outputFile: { type: 'string', default: '', - description: 'Path to store result as json.', + description: 'Path to store upgrades as a JSON file at this path.', }, computeFixesOnly: { type: 'boolean', From d4a14e69fd0bd882c084b11dfd7ed9395a5535d2 Mon Sep 17 00:00:00 2001 From: barslev Date: Tue, 16 Sep 2025 13:05:28 +0200 Subject: [PATCH 4/5] Fix linting issues --- src/commands/fix/cmd-fix.mts | 4 ++-- src/commands/fix/coana-fix.mts | 4 ++-- src/commands/fix/handle-fix.mts | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/commands/fix/cmd-fix.mts b/src/commands/fix/cmd-fix.mts index 5d3bc5e1d..69e2f295a 100644 --- a/src/commands/fix/cmd-fix.mts +++ b/src/commands/fix/cmd-fix.mts @@ -190,17 +190,17 @@ async function run( const { autopilot, + computeFixesOnly, json, limit, markdown, maxSatisfying, + outputFile, prCheck, rangeStyle, // We patched in this feature with `npx custompatch meow` at // socket-cli/patches/meow#13.2.0.patch. unknownFlags = [], - outputFile, - computeFixesOnly, } = cli.flags as { autopilot: boolean limit: number diff --git a/src/commands/fix/coana-fix.mts b/src/commands/fix/coana-fix.mts index 4bdf1b0d4..18b6a9549 100644 --- a/src/commands/fix/coana-fix.mts +++ b/src/commands/fix/coana-fix.mts @@ -39,13 +39,13 @@ export async function coanaFix( ): Promise> { const { autopilot, + computeFixesOnly, cwd, ghsas, limit, orgSlug, - spinner, - computeFixesOnly, outputFile, + spinner, } = fixConfig const fixEnv = await getFixEnv() diff --git a/src/commands/fix/handle-fix.mts b/src/commands/fix/handle-fix.mts index 5993ac2df..52df5412d 100644 --- a/src/commands/fix/handle-fix.mts +++ b/src/commands/fix/handle-fix.mts @@ -89,18 +89,18 @@ export async function convertIdsToGhsas(ids: string[]): Promise { export async function handleFix({ autopilot, + computeFixesOnly, cwd, ghsas, limit, minSatisfying, orgSlug, + outputFile, outputKind, prCheck, rangeStyle, spinner, unknownFlags, - computeFixesOnly, - outputFile, }: HandleFixConfig) { await outputFixResult( await coanaFix({ From b63c0d4937028c22d774c43d136c7bb5a03afbd9 Mon Sep 17 00:00:00 2001 From: barslev Date: Tue, 16 Sep 2025 13:41:56 +0200 Subject: [PATCH 5/5] Rename --compute-fixes-only to --only-compute and fix tests --- src/commands/fix/cmd-fix.mts | 18 +++++++++--------- src/commands/fix/cmd-fix.test.mts | 2 ++ src/commands/fix/coana-fix.mts | 4 ++-- src/commands/fix/handle-fix.mts | 6 +++--- src/commands/fix/types.mts | 2 +- 5 files changed, 17 insertions(+), 15 deletions(-) diff --git a/src/commands/fix/cmd-fix.mts b/src/commands/fix/cmd-fix.mts index 69e2f295a..11de6f43e 100644 --- a/src/commands/fix/cmd-fix.mts +++ b/src/commands/fix/cmd-fix.mts @@ -83,17 +83,17 @@ Available styles: * preserve - Retain the existing version range style as-is `.trim(), }, - outputFile: { - type: 'string', - default: '', - description: 'Path to store upgrades as a JSON file at this path.', - }, - computeFixesOnly: { + onlyCompute: { type: 'boolean', default: false, description: 'Compute fixes only, do not apply them. Logs what upgrades would be applied. If combined with --output-file, the output file will contain the upgrades that would be applied.', }, + outputFile: { + type: 'string', + default: '', + description: 'Path to store upgrades as a JSON file at this path.', + }, } const hiddenFlags: MeowFlags = { @@ -190,11 +190,11 @@ async function run( const { autopilot, - computeFixesOnly, json, limit, markdown, maxSatisfying, + onlyCompute, outputFile, prCheck, rangeStyle, @@ -212,7 +212,7 @@ async function run( rangeStyle: RangeStyle unknownFlags?: string[] outputFile: string - computeFixesOnly: boolean + onlyCompute: boolean } const dryRun = !!cli.flags['dryRun'] @@ -281,7 +281,7 @@ async function run( rangeStyle, spinner, unknownFlags, - computeFixesOnly, + onlyCompute, outputFile, }) } diff --git a/src/commands/fix/cmd-fix.test.mts b/src/commands/fix/cmd-fix.test.mts index 016011cb1..9104babf8 100644 --- a/src/commands/fix/cmd-fix.test.mts +++ b/src/commands/fix/cmd-fix.test.mts @@ -72,6 +72,8 @@ describe('socket fix', async () => { --json Output result as json --limit The number of fixes to attempt at a time (default 10) --markdown Output result as markdown + --only-compute Compute fixes only, do not apply them. Logs what upgrades would be applied. If combined with --output-file, the output file will contain the upgrades that would be applied. + --output-file Path to store upgrades as a JSON file at this path. --range-style Define how dependency version ranges are updated in package.json (default 'preserve'). Available styles: * pin - Use the exact version (e.g. 1.2.3) diff --git a/src/commands/fix/coana-fix.mts b/src/commands/fix/coana-fix.mts index 18b6a9549..4da699412 100644 --- a/src/commands/fix/coana-fix.mts +++ b/src/commands/fix/coana-fix.mts @@ -39,10 +39,10 @@ export async function coanaFix( ): Promise> { const { autopilot, - computeFixesOnly, cwd, ghsas, limit, + onlyCompute, orgSlug, outputFile, spinner, @@ -117,7 +117,7 @@ export async function coanaFix( ? ['--range-style', fixConfig.rangeStyle] : []), ...fixConfig.unknownFlags, - ...(computeFixesOnly ? ['--dry-run'] : []), + ...(onlyCompute ? ['--dry-run'] : []), ...(outputFile ? ['--output-file', outputFile] : []), ], fixConfig.orgSlug, diff --git a/src/commands/fix/handle-fix.mts b/src/commands/fix/handle-fix.mts index 52df5412d..9d2a2b702 100644 --- a/src/commands/fix/handle-fix.mts +++ b/src/commands/fix/handle-fix.mts @@ -18,7 +18,7 @@ export type HandleFixConfig = Remap< orgSlug: string outputKind: OutputKind unknownFlags: string[] - computeFixesOnly: boolean + onlyCompute: boolean outputFile: string } > @@ -89,11 +89,11 @@ export async function convertIdsToGhsas(ids: string[]): Promise { export async function handleFix({ autopilot, - computeFixesOnly, cwd, ghsas, limit, minSatisfying, + onlyCompute, orgSlug, outputFile, outputKind, @@ -115,7 +115,7 @@ export async function handleFix({ rangeStyle, spinner, unknownFlags, - computeFixesOnly, + onlyCompute, outputFile, }), outputKind, diff --git a/src/commands/fix/types.mts b/src/commands/fix/types.mts index 325365fdf..3a92152dd 100644 --- a/src/commands/fix/types.mts +++ b/src/commands/fix/types.mts @@ -12,6 +12,6 @@ export type FixConfig = { rangeStyle: RangeStyle spinner: Spinner | undefined unknownFlags: string[] - computeFixesOnly: boolean + onlyCompute: boolean outputFile: string }