Add SOCKET_IS_LEGACY_BUILD

Author: jdalton

.config/rollup.base.config.mjs

@@ -37,7 +37,6 @@ const {
   ROLLUP_ENTRY_SUFFIX,
   ROLLUP_EXTERNAL_SUFFIX,
   SLASH_NODE_MODULES_SLASH,
-  SOCKET_WITH_SENTRY,
   VENDOR,
   babelConfigPath,
   rootPackageJsonPath,

.config/rollup.dist.config.mjs

@@ -8,6 +8,7 @@ import util from 'node:util'
 import replacePlugin from '@rollup/plugin-replace'
 import { glob as tinyGlob } from 'tinyglobby'
 
+import { readJson, writeJson } from '@socketsecurity/registry/lib/fs'
 import { toSortedObject } from '@socketsecurity/registry/lib/objects'
 import {
   fetchPackageManifest,
@@ -20,7 +21,6 @@ import { naturalCompare } from '@socketsecurity/registry/lib/sorts'
 
 import baseConfig from './rollup.base.config.mjs'
 import constants from '../scripts/constants.js'
-import { readJson } from '../scripts/utils/fs.js'
 import { formatObject } from '../scripts/utils/objects.js'
 import {
   getPackageName,
@@ -34,8 +34,9 @@ const {
   MODULE_SYNC,
   REQUIRE,
   ROLLUP_EXTERNAL_SUFFIX,
-  SOCKET_IS_PUBLISHED,
-  SOCKET_WITH_SENTRY,
+  SOCKET_IS_LEGACY_BUILD,
+  SOCKET_IS_PUBLISHED_BUILD,
+  SOCKET_IS_SENTRY_BUILD,
   TAP,
   VENDOR,
   depStatsPath,
@@ -45,6 +46,7 @@ const {
   rootSrcPath
 } = constants
 
+const SENTRY_NODE = '@sentry/node'
 const INSTRUMENT_WITH_SENTRY = 'instrument-with-sentry'
 const VENDOR_JS = `${VENDOR}.js`
 
@@ -85,7 +87,7 @@ function getSocketVersionHash() {
     // Mostly for development: confirms the build refreshed. For prod
     // builds the git hash should suffice to identify the build.
     _socketVersionHash = JSON.stringify(
-      `${version}:${gitHash}:${randomUUID().split('-')[0]}${constants.ENV[SOCKET_IS_PUBLISHED] ? ':pub' : ''}`
+      `${version}:${gitHash}:${randomUUID().split('-')[0]}${constants.ENV[SOCKET_IS_PUBLISHED_BUILD] ? ':pub' : ''}`
     )
   }
   return _socketVersionHash
@@ -119,6 +121,33 @@ async function removeJsFiles(namePattern, srcPath) {
   }
 }
 
+function resetBin(bin) {
+  const tmpBin = {
+    socket: bin?.socket ?? bin?.['socket-with-sentry'],
+    'socket-npm': bin?.['socket-npm'] ?? bin?.['socket-npm-with-sentry'],
+    'socket-npx': bin?.['socket-npx'] ?? bin?.['socket-npx-with-sentry']
+  }
+  const newBin = {
+    ...(tmpBin.socket ? { socket: tmpBin.socket } : {}),
+    ...(tmpBin['socket-npm'] ? { 'socket-npm': tmpBin['socket-npm'] } : {}),
+    ...(tmpBin['socket-npx'] ? { 'socket-npx': tmpBin['socket-npx'] } : {})
+  }
+  assert(
+    util.isDeepStrictEqual(Object.keys(newBin).sort(naturalCompare), [
+      'socket',
+      'socket-npm',
+      'socket-npx'
+    ]),
+    "Update the rollup Legacy and Sentry build's .bin to match the default build."
+  )
+  return newBin
+}
+
+function resetDependencies(deps) {
+  const { [SENTRY_NODE]: _ignored, ...newDeps } = { ...deps }
+  return newDeps
+}
+
 async function updateDepStats(depStats) {
   const editablePkgJson = await readPackageJson(rootPath, { editable: true })
   const { content: pkgJson } = editablePkgJson
@@ -149,12 +178,12 @@ async function updateDepStats(depStats) {
   depStats.esm = toSortedObject(depStats.esm)
   depStats.external = toSortedObject(depStats.external)
   depStats.transitives = toSortedObject(depStats.transitives)
-  // Lazily access constants.ENV[SOCKET_WITH_SENTRY].
-  if (constants.ENV[SOCKET_WITH_SENTRY]) {
+  // Lazily access constants.ENV[SOCKET_IS_SENTRY_BUILD].
+  if (constants.ENV[SOCKET_IS_SENTRY_BUILD]) {
     // Add Sentry as a regular dep for this build.
-    depStats.dependencies['@sentry/node'] = (await getSentryManifest()).version
+    depStats.dependencies[SENTRY_NODE] = (await getSentryManifest()).version
   } else {
-    delete depStats.dependencies['@sentry/node']
+    delete depStats.dependencies[SENTRY_NODE]
   }
   // Write dep stats.
   await fs.writeFile(depStatsPath, `${formatObject(depStats)}\n`, 'utf8')
@@ -171,35 +200,30 @@ async function updateDepStats(depStats) {
 async function updatePackageJson() {
   const editablePkgJson = await readPackageJson(rootPath, { editable: true })
   const { content: pkgJson } = editablePkgJson
-  const dependencies = { ...pkgJson.dependencies }
-  const rawBin = pkgJson.bin ?? {}
-  const tmpBin = {
-    socket: rawBin.socket ?? rawBin['socket-with-sentry'],
-    'socket-npm': rawBin['socket-npm'] ?? rawBin['socket-npm-with-sentry'],
-    'socket-npx': rawBin['socket-npx'] ?? rawBin['socket-npx-with-sentry']
-  }
-  const bin = {
-    ...(tmpBin.socket ? { socket: tmpBin.socket } : {}),
-    ...(tmpBin['socket-npm'] ? { 'socket-npm': tmpBin['socket-npm'] } : {}),
-    ...(tmpBin['socket-npx'] ? { 'socket-npx': tmpBin['socket-npx'] } : {})
-  }
-  assert(
-    util.isDeepStrictEqual(Object.keys(bin).sort(naturalCompare), [
-      'socket',
-      'socket-npm',
-      'socket-npx'
-    ]),
-    'If this fails, make sure to update the rollup sentry override for .bin to match the regular build!'
-  )
-  delete dependencies['@sentry/node']
+  const bin = resetBin(pkgJson.bin)
+  const dependencies = resetDependencies(pkgJson.dependencies)
   editablePkgJson.update({
     name: 'socket',
     description: 'CLI tool for Socket.dev',
     bin,
     dependencies
   })
-  // Lazily access constants.ENV[SOCKET_WITH_SENTRY].
-  if (constants.ENV[SOCKET_WITH_SENTRY]) {
+  // Lazily access constants.ENV[SOCKET_IS_LEGACY_BUILD].
+  if (constants.ENV[SOCKET_IS_LEGACY_BUILD]) {
+    editablePkgJson.update({
+      name: '@socketsecurity/cli',
+      bin: {
+        cli: bin.socket,
+        ...bin
+      },
+      dependencies: {
+        ...dependencies,
+        [SENTRY_NODE]: (await getSentryManifest()).version
+      }
+    })
+  }
+  // Lazily access constants.ENV[SOCKET_IS_SENTRY_BUILD].
+  else if (constants.ENV[SOCKET_IS_SENTRY_BUILD]) {
     editablePkgJson.update({
       name: '@socketsecurity/socket-with-sentry',
       description:
@@ -211,7 +235,7 @@ async function updatePackageJson() {
       },
       dependencies: {
         ...dependencies,
-        '@sentry/node': (await getSentryManifest()).version
+        [SENTRY_NODE]: (await getSentryManifest()).version
       }
     })
   }
@@ -222,20 +246,37 @@ async function updatePackageLockFile() {
   if (!existsSync(rootPackageLockPath)) {
     return
   }
-  // Note: This should just replace the first occurrence, even if there are more.
-  const lockSrc = await fs.readFile(rootPackageLockPath, 'utf8')
-  let updatedLockSrc = lockSrc.replace(
-    '"name": "@socketsecurity/socket-with-sentry",',
-    '"name": "socket",'
-  )
-  // Lazily access constants.ENV[SOCKET_WITH_SENTRY].
-  if (constants.ENV[SOCKET_WITH_SENTRY]) {
-    updatedLockSrc = lockSrc.replace(
-      '"name": "socket",',
-      '"name": "@socketsecurity/socket-with-sentry",'
-    )
+  const lockJson = await readJson(rootPackageLockPath)
+  const rootPkg = lockJson.packages['']
+  const bin = resetBin(rootPkg.bin)
+  const dependencies = resetDependencies(rootPkg.dependencies)
+  const defaultName = 'socket'
+
+  lockJson.name = defaultName
+  rootPkg.name = defaultName
+  rootPkg.bin = bin
+  rootPkg.dependencies = dependencies
+  // Lazily access constants.ENV[SOCKET_IS_LEGACY_BUILD].
+  if (constants.ENV[SOCKET_IS_LEGACY_BUILD]) {
+    const name = '@socketsecurity/cli'
+    lockJson.name = name
+    rootPkg.name = name
+    rootPkg.bin = toSortedObject({
+      cli: bin.socket,
+      ...bin
+    })
   }
-  await fs.writeFile(rootPackageLockPath, updatedLockSrc, 'utf8')
+  // Lazily access constants.ENV[SOCKET_IS_SENTRY_BUILD].
+  else if (constants.ENV[SOCKET_IS_SENTRY_BUILD]) {
+    const name = '@socketsecurity/socket-with-sentry'
+    lockJson.name = name
+    rootPkg.name = name
+    rootPkg.dependencies = toSortedObject({
+      ...dependencies,
+      [SENTRY_NODE]: (await getSentryManifest()).version
+    })
+  }
+  await writeJson(rootPackageLockPath, lockJson, { spaces: 2 })
 }
 
 export default () => {
@@ -245,8 +286,8 @@ export default () => {
       constants: `${rootSrcPath}/constants.ts`,
       'shadow-bin': `${rootSrcPath}/shadow/shadow-bin.ts`,
       'npm-injection': `${rootSrcPath}/shadow/npm-injection.ts`,
-      // Lazily access constants.ENV[SOCKET_WITH_SENTRY].
-      ...(constants.ENV[SOCKET_WITH_SENTRY]
+      // Lazily access constants.ENV[SOCKET_IS_SENTRY_BUILD].
+      ...(constants.ENV[SOCKET_IS_SENTRY_BUILD]
         ? {
             [INSTRUMENT_WITH_SENTRY]: `${rootSrcPath}/${INSTRUMENT_WITH_SENTRY}.ts`
           }
@@ -296,13 +337,17 @@ export default () => {
           "process.env['SOCKET_CLI_VERSION']"() {
             return JSON.stringify(getSocketVersionHash())
           },
-          "process.env['SOCKET_IS_PUBLISHED']": JSON.stringify(
-            // Lazily access constants.ENV[SOCKET_IS_PUBLISHED].
-            !!constants.ENV[SOCKET_IS_PUBLISHED]
+          "process.env['SOCKET_IS_LEGACY_BUILD']": JSON.stringify(
+            // Lazily access constants.ENV[SOCKET_IS_LEGACY_BUILD].
+            !!constants.ENV[SOCKET_IS_LEGACY_BUILD]
+          ),
+          "process.env['SOCKET_IS_PUBLISHED_BUILD']": JSON.stringify(
+            // Lazily access constants.ENV[SOCKET_IS_PUBLISHED_BUILD].
+            !!constants.ENV[SOCKET_IS_PUBLISHED_BUILD]
           ),
-          "process.env['SOCKET_WITH_SENTRY']": JSON.stringify(
-            // Lazily access constants.ENV[SOCKET_WITH_SENTRY].
-            !!constants.ENV[SOCKET_WITH_SENTRY]
+          "process.env['SOCKET_IS_SENTRY_BUILD']": JSON.stringify(
+            // Lazily access constants.ENV[SOCKET_IS_SENTRY_BUILD].
+            !!constants.ENV[SOCKET_IS_SENTRY_BUILD]
           ),
           "process.env['TAP']": JSON.stringify(
             // Lazily access constants.ENV[TAP].
@@ -379,8 +424,8 @@ export default () => {
           ])
           await Promise.all([
             removeDtsAndMapFiles(CONSTANTS, distModuleSyncPath),
-            // Lazily access constants.ENV[SOCKET_WITH_SENTRY].
-            ...(constants.ENV[SOCKET_WITH_SENTRY]
+            // Lazily access constants.ENV[SOCKET_IS_SENTRY_BUILD].
+            ...(constants.ENV[SOCKET_IS_SENTRY_BUILD]
               ? [
                   moveDtsAndMapFiles(
                     INSTRUMENT_WITH_SENTRY,

.github/workflows/provenance.yml

@@ -21,11 +21,15 @@ jobs:
           scope: "@socketsecurity"
       - run: npm install -g npm@latest
       - run: npm ci
-      - run: SOCKET_IS_PUBLISHED=1 npm run build:dist
+      - run: SOCKET_IS_PUBLISHED_BUILD=1 npm run build:dist
       - run: npm publish --provenance --access public
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
-      - run: SOCKET_IS_PUBLISHED=1 SOCKET_WITH_SENTRY=1 npm run build:dist
+      - run: SOCKET_IS_PUBLISHED_BUILD=1 SOCKET_IS_LEGACY_BUILD=1 npm run build:dist
+      - run: npm publish --provenance --access public
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - run: SOCKET_IS_PUBLISHED_BUILD=1 SOCKET_IS_SENTRY_BUILD=1 npm run build:dist
       - run: npm publish --provenance --access public
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

bin/cli.js

@@ -9,8 +9,8 @@ const { DIST_TYPE } = constants
 
 if (
   DIST_TYPE === 'require' &&
-  // The '@rollup/plugin-replace' will replace 'process.env.SOCKET_WITH_SENTRY'.
-  !process.env['SOCKET_WITH_SENTRY']
+  // The '@rollup/plugin-replace' will replace 'process.env.SOCKET_IS_SENTRY_BUILD'.
+  !process.env['SOCKET_IS_SENTRY_BUILD']
 ) {
   // Lazily access constants.distPath.
   require(`${constants.distPath}/cli.js`)
@@ -26,8 +26,8 @@ if (
     [
       // Lazily access constants.nodeNoWarningsFlags.
       ...constants.nodeNoWarningsFlags,
-      // The '@rollup/plugin-replace' will replace 'process.env.SOCKET_WITH_SENTRY'.
-      ...(process.env['SOCKET_WITH_SENTRY']
+      // The '@rollup/plugin-replace' will replace 'process.env.SOCKET_IS_SENTRY_BUILD'.
+      ...(process.env['SOCKET_IS_SENTRY_BUILD']
         ? [
             '--require',
             // Lazily access constants.instrumentWithSentryPath.

scripts/constants.js

@@ -17,23 +17,28 @@ const MODULE_SYNC = 'module-sync'
 const REQUIRE = 'require'
 const ROLLUP_ENTRY_SUFFIX = '?commonjs-entry'
 const ROLLUP_EXTERNAL_SUFFIX = '?commonjs-external'
-const SOCKET_IS_PUBLISHED = 'SOCKET_IS_PUBLISHED'
-const SOCKET_WITH_SENTRY = 'SOCKET_WITH_SENTRY'
+const SOCKET_IS_LEGACY_BUILD = 'SOCKET_IS_LEGACY_BUILD'
+const SOCKET_IS_PUBLISHED_BUILD = 'SOCKET_IS_PUBLISHED_BUILD'
+const SOCKET_IS_SENTRY_BUILD = 'SOCKET_IS_SENTRY_BUILD'
 const SLASH_NODE_MODULES_SLASH = '/node_modules/'
 const TAP = 'TAP'
 const VENDOR = 'vendor'
 
-const LAZY_ENV = () =>
-  Object.freeze({
+const LAZY_ENV = () => {
+  const { env } = process
+  return Object.freeze({
     // Lazily access registryConstants.ENV.
     ...registryConstants.ENV,
-    // Flag set to determine if this is the published package build.
-    [SOCKET_IS_PUBLISHED]: envAsBoolean(process.env[SOCKET_IS_PUBLISHED]),
+    // Flag set to determine if this is the Legacy build.
+    [SOCKET_IS_LEGACY_BUILD]: envAsBoolean(env[SOCKET_IS_LEGACY_BUILD]),
+    // Flag set to determine if this is a published build.
+    [SOCKET_IS_PUBLISHED_BUILD]: envAsBoolean(env[SOCKET_IS_PUBLISHED_BUILD]),
     // Flag set to determine if this is the Sentry build.
-    [SOCKET_WITH_SENTRY]: envAsBoolean(process.env[SOCKET_WITH_SENTRY]),
+    [SOCKET_IS_SENTRY_BUILD]: envAsBoolean(env[SOCKET_IS_SENTRY_BUILD]),
     // Flag set when running in Node-tap.
-    [TAP]: envAsBoolean(process.env[TAP])
+    [TAP]: envAsBoolean(env[TAP])
   })
+}
 
 const lazyBabelConfigPath = () =>
   // Lazily access constants.rootConfigPath.
@@ -78,8 +83,9 @@ const constants = createConstantsObject(
     ROLLUP_ENTRY_SUFFIX,
     ROLLUP_EXTERNAL_SUFFIX,
     SLASH_NODE_MODULES_SLASH,
-    SOCKET_IS_PUBLISHED,
-    SOCKET_WITH_SENTRY,
+    SOCKET_IS_LEGACY_BUILD,
+    SOCKET_IS_PUBLISHED_BUILD,
+    SOCKET_IS_SENTRY_BUILD,
     TAP,
     VENDOR,
     babelConfigPath: undefined,

scripts/utils/fs.js

@@ -1,6 +1,6 @@
 'use strict'
 
-const { promises: fs, statSync } = require('node:fs')
+const { statSync } = require('node:fs')
 const path = require('node:path')
 
 function findUpSync(name, { cwd = process.cwd() }) {
@@ -22,11 +22,6 @@ function findUpSync(name, { cwd = process.cwd() }) {
   return undefined
 }
 
-async function readJson(filepath) {
-  return JSON.parse(await fs.readFile(filepath, 'utf8'))
-}
-
 module.exports = {
-  findUpSync,
-  readJson
+  findUpSync
 }

src/instrument-with-sentry.ts

@@ -13,8 +13,8 @@ const {
 
 const debugging = constants.ENV.SOCKET_CLI_DEBUG
 
-// The '@rollup/plugin-replace' will replace 'process.env.SOCKET_WITH_SENTRY'.
-if (process.env['SOCKET_WITH_SENTRY']) {
+// The '@rollup/plugin-replace' will replace 'process.env.SOCKET_IS_SENTRY_BUILD'.
+if (process.env['SOCKET_IS_SENTRY_BUILD']) {
   setSentry(Sentry)
   if (debugging) {
     console.log('[DEBUG] Setting up Sentry...')
@@ -31,8 +31,8 @@ if (process.env['SOCKET_WITH_SENTRY']) {
   })
   Sentry.setTag(
     'environment',
-    // The '@rollup/plugin-replace' will replace 'process.env.SOCKET_IS_PUBLISHED'.
-    process.env['SOCKET_IS_PUBLISHED'] ? 'pub' : process.env['NODE_ENV']
+    // The '@rollup/plugin-replace' will replace 'process.env.SOCKET_IS_PUBLISHED_BUILD'.
+    process.env['SOCKET_IS_PUBLISHED_BUILD'] ? 'pub' : process.env['NODE_ENV']
   )
   Sentry.setTag('debugging', debugging)
   Sentry.setTag(