-
Notifications
You must be signed in to change notification settings - Fork 44
Expand file tree
/
Copy pathcmd-pnpm.mts
More file actions
114 lines (91 loc) · 2.94 KB
/
cmd-pnpm.mts
File metadata and controls
114 lines (91 loc) · 2.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
import { createRequire } from 'node:module'
import { logger } from '@socketsecurity/registry/lib/logger'
import constants, { FLAG_DRY_RUN, FLAG_HELP, PNPM } from '../../constants.mts'
import { commonFlags } from '../../flags.mts'
import { filterFlags } from '../../utils/cmd.mts'
import { meowOrExit } from '../../utils/meow-with-subcommands.mts'
import { getFlagApiRequirementsOutput } from '../../utils/output-formatting.mts'
import {
trackSubprocessExit,
trackSubprocessStart,
} from '../../utils/telemetry/integration.mts'
import type {
CliCommandConfig,
CliCommandContext,
} from '../../utils/meow-with-subcommands.mts'
const require = createRequire(import.meta.url)
export const CMD_NAME = PNPM
const description = 'Wraps pnpm with Socket security scanning'
const hidden = true
export const cmdPnpm = {
description,
hidden,
run,
}
async function run(
argv: string[] | readonly string[],
importMeta: ImportMeta,
context: CliCommandContext,
): Promise<void> {
const { parentName } = { __proto__: null, ...context } as CliCommandContext
const config: CliCommandConfig = {
commandName: CMD_NAME,
description,
hidden,
flags: {
...commonFlags,
},
help: command => `
Usage
$ ${command} ...
API Token Requirements
${getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME}`)}
Note: Everything after "${PNPM}" is passed to the ${PNPM} command.
Only the \`${FLAG_DRY_RUN}\` and \`${FLAG_HELP}\` flags are caught here.
Use \`socket wrapper on\` to alias this command as \`${PNPM}\`.
Examples
$ ${command}
$ ${command} install
$ ${command} add package-name
$ ${command} dlx package-name
`,
}
const cli = meowOrExit({
argv,
config,
parentName,
importMeta,
})
const dryRun = !!cli.flags['dryRun']
if (dryRun) {
logger.log(constants.DRY_RUN_BAILING_NOW)
return
}
const shadowPnpmBin = /*@__PURE__*/ require(constants.shadowPnpmBinPath)
process.exitCode = 1
// Filter Socket flags from argv.
const filteredArgv = filterFlags(argv, config.flags)
// Track subprocess start.
const subprocessStartTime = await trackSubprocessStart(PNPM)
const { spawnPromise } = await shadowPnpmBin(filteredArgv, {
stdio: 'inherit',
})
// Handle exit codes and signals using event-based pattern.
// See https://nodejs.org/api/child_process.html#event-exit.
spawnPromise.process.on(
'exit',
(code: number | null, signalName: NodeJS.Signals | null) => {
// Track subprocess exit and flush telemetry before exiting.
// Use .then() to ensure telemetry completes before process.exit().
void trackSubprocessExit(PNPM, subprocessStartTime, code).then(() => {
if (signalName) {
process.kill(process.pid, signalName)
} else if (typeof code === 'number') {
// eslint-disable-next-line n/no-process-exit
process.exit(code)
}
})
},
)
await spawnPromise
}