chore: bump to 2.7.0

jdalton · jdalton · commit 668f754ac784 · 2025-10-28T23:00:04.000-04:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,17 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.7.0](https://github.com/SocketDev/socket-lib/releases/tag/v2.7.0) - 2025-10-28
+
+### Added
+
+- **DLX cache locking for concurrent installation protection**: Added process-lock protection to dlx-package installation operations
+  - Lock file created at `~/.socket/_dlx/<hash>/.lock` (similar to npm npx's `concurrency.lock`)
+  - Prevents concurrent installations from corrupting the same package cache
+  - Uses 5-second stale timeout and 2-second periodic touching (aligned with npm npx)
+  - Double-check pattern verifies installation after acquiring lock to avoid redundant work
+  - Completes 100% alignment with npm's npx locking strategy
+
 ## [2.6.0](https://github.com/SocketDev/socket-lib/releases/tag/v2.6.0) - 2025-10-28
 
 ### Changed
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/lib",
-  "version": "2.6.0",
+  "version": "2.7.0",
   "license": "MIT",
   "description": "Core utilities and infrastructure for Socket.dev security tools",
   "keywords": [

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@socketsecurity/lib",`
`3`		`- "version": "2.6.0",`
	`3`	`+ "version": "2.7.0",`
`4`	`4`	`"license": "MIT",`
`5`	`5`	`"description": "Core utilities and infrastructure for Socket.dev security tools",`
`6`	`6`	`"keywords": [`