Add socket patch stub

Author: jdalton

src/commands.mts

@@ -20,6 +20,7 @@ import { cmdOrganizationPolicyLicense } from './commands/organization/cmd-organi
 import { cmdOrganizationPolicySecurity } from './commands/organization/cmd-organization-policy-security.mts'
 import { cmdOrganization } from './commands/organization/cmd-organization.mts'
 import { cmdPackage } from './commands/package/cmd-package.mts'
+import { cmdPatch } from './commands/patch/cmd-patch.mts'
 import { cmdRawNpm } from './commands/raw-npm/cmd-raw-npm.mts'
 import { cmdRawNpx } from './commands/raw-npx/cmd-raw-npx.mts'
 import { cmdRepository } from './commands/repository/cmd-repository.mts'
@@ -48,6 +49,7 @@ export const rootCommands = {
   optimize: cmdOptimize,
   organization: cmdOrganization,
   package: cmdPackage,
+  patch: cmdPatch,
   'raw-npm': cmdRawNpm,
   'raw-npx': cmdRawNpx,
   repository: cmdRepository,

src/commands/fix/pull-request.mts

@@ -187,7 +187,7 @@ export async function cleanupPrs(
           debugFn(
             'error',
             `pr: failed to close ${prRef} for ${prToVersion}\n`,
-            (e as Error)?.message || 'unknown error',
+            (e as Error)?.message || 'Unknown error',
           )
         }
       }

src/commands/patch/cmd-patch.mts

@@ -0,0 +1,116 @@
+import path from 'node:path'
+
+import { logger } from '@socketsecurity/registry/lib/logger'
+
+import { handlePatch } from './handle-patch.mts'
+import constants from '../../constants.mts'
+import { commonFlags, outputFlags } from '../../flags.mts'
+import { checkCommandInput } from '../../utils/check-input.mts'
+import { getOutputKind } from '../../utils/get-output-kind.mts'
+import { meowOrExit } from '../../utils/meow-with-subcommands.mts'
+import {
+  getFlagApiRequirementsOutput,
+  getFlagListOutput,
+} from '../../utils/output-formatting.mts'
+
+import type { CliCommandConfig } from '../../utils/meow-with-subcommands.mts'
+
+const { DRY_RUN_NOT_SAVING } = constants
+
+export const CMD_NAME = 'patch'
+
+const description = 'Apply security patches to dependencies'
+
+const hidden = false
+
+export const cmdPatch = {
+  description,
+  hidden,
+  run,
+}
+
+async function run(
+  argv: string[] | readonly string[],
+  importMeta: ImportMeta,
+  { parentName }: { parentName: string },
+): Promise<void> {
+  const config: CliCommandConfig = {
+    commandName: CMD_NAME,
+    description,
+    hidden,
+    flags: {
+      ...commonFlags,
+      ...outputFlags,
+      package: {
+        type: 'string',
+        default: [],
+        description:
+          'Specify packages to patch, as either a comma separated value or as multiple flags',
+        isMultiple: true,
+        shortFlag: 'p',
+      },
+    },
+    help: (command, config) => `
+    Usage
+      $ ${command} [options] [CWD=.]
+
+    API Token Requirements
+      ${getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME}`)}
+
+    Options
+      ${getFlagListOutput(config.flags)}
+
+    Examples
+      $ ${command}
+      $ ${command} --package lodash
+      $ ${command} ./proj/tree --package lodash,react
+    `,
+  }
+
+  const cli = meowOrExit({
+    allowUnknownFlags: false,
+    argv,
+    config,
+    importMeta,
+    parentName,
+  })
+
+  const dryRun = !!cli.flags['dryRun']
+  const outputKind = getOutputKind(cli.flags['json'], cli.flags['markdown'])
+
+  const wasValidInput = checkCommandInput(outputKind, {
+    nook: true,
+    test: !cli.flags['json'] || !cli.flags['markdown'],
+    message: 'The json and markdown flags cannot be both set, pick one',
+    fail: 'omit one',
+  })
+  if (!wasValidInput) {
+    return
+  }
+
+  if (dryRun) {
+    logger.log(DRY_RUN_NOT_SAVING)
+    return
+  }
+
+  let [cwd = '.'] = cli.input
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
+  cwd = path.resolve(process.cwd(), cwd)
+
+  // Lazily access constants.spinner.
+  const { spinner } = constants
+
+  const packages = Array.isArray(cli.flags['package'])
+    ? cli.flags['package'].flatMap(p => String(p).split(','))
+    : String(cli.flags['package'] || '')
+        .split(',')
+        .filter(Boolean)
+
+  await handlePatch({
+    cwd,
+    outputKind,
+    packages,
+    spinner,
+  })
+}

src/commands/patch/handle-patch.mts

@@ -0,0 +1,55 @@
+import { logger } from '@socketsecurity/registry/lib/logger'
+
+import { outputPatchResult } from './output-patch-result.mts'
+import constants from '../../constants.mts'
+
+import type { CResult, OutputKind } from '../../types.mts'
+
+export interface HandlePatchConfig {
+  cwd: string
+  outputKind: OutputKind
+  packages: string[]
+  spinner: typeof constants.spinner
+}
+
+export async function handlePatch({
+  outputKind,
+  packages,
+  spinner,
+}: HandlePatchConfig): Promise<void> {
+  spinner.start('Analyzing dependencies for security patches...')
+
+  try {
+    // TODO: Implement actual patch logic
+    // This is a stub implementation
+    const result: CResult<{ patchedPackages: string[] }> = {
+      ok: true,
+      data: {
+        patchedPackages: packages.length > 0 ? packages : ['example-package'],
+      },
+    }
+
+    spinner.stop()
+
+    logger.log('')
+    if (packages.length > 0) {
+      logger.info(`Checking patches for: ${packages.join(', ')}`)
+    } else {
+      logger.info('Scanning all dependencies for available patches')
+    }
+    logger.log('')
+
+    await outputPatchResult(result, outputKind)
+  } catch (e) {
+    spinner.stop()
+
+    const result: CResult<never> = {
+      ok: false,
+      code: 1,
+      message: 'Failed to apply patches',
+      cause: (e as Error)?.message || 'Unknown error',
+    }
+
+    await outputPatchResult(result, outputKind)
+  }
+}

src/commands/patch/output-patch-result.mts

@@ -0,0 +1,41 @@
+import { logger } from '@socketsecurity/registry/lib/logger'
+
+import { failMsgWithBadge } from '../../utils/fail-msg-with-badge.mts'
+import { serializeResultJson } from '../../utils/serialize-result-json.mts'
+
+import type { CResult, OutputKind } from '../../types.mts'
+
+export async function outputPatchResult(
+  result: CResult<{ patchedPackages: string[] }>,
+  outputKind: OutputKind,
+) {
+  if (!result.ok) {
+    process.exitCode = result.code ?? 1
+  }
+
+  if (outputKind === 'json') {
+    logger.log(serializeResultJson(result))
+    return
+  }
+
+  if (!result.ok) {
+    logger.fail(failMsgWithBadge(result.message, result.cause))
+    return
+  }
+
+  const { patchedPackages } = result.data
+
+  if (patchedPackages.length > 0) {
+    logger.success(
+      `Successfully processed patches for ${patchedPackages.length} package(s):`,
+    )
+    for (const pkg of patchedPackages) {
+      logger.success(pkg)
+    }
+  } else {
+    logger.info('No packages found requiring patches')
+  }
+
+  logger.log('')
+  logger.success('Patch command completed!')
+}

src/utils/meow-with-subcommands.mts

@@ -355,6 +355,7 @@ export async function meowWithSubcommands(
       'optimize',
       'organization',
       'package',
+      'patch',
       'raw-npm',
       'raw-npx',
       'repository',
@@ -371,10 +372,7 @@ export async function meowWithSubcommands(
         if (commands.has(name)) {
           commands.delete(name)
         } else {
-          logger.fail(
-            'Received a visible command that was not added to the list here:',
-            name,
-          )
+          logger.fail('Received an unknown command:', name)
         }
       })
     if (commands.size) {