chore(ci+deps): cascade socket-registry to 51f34ffb + drift updates#1302
Merged
John-David Dalton (jdalton) merged 2 commits intomainfrom May 5, 2026
Merged
chore(ci+deps): cascade socket-registry to 51f34ffb + drift updates#1302John-David Dalton (jdalton) merged 2 commits intomainfrom
John-David Dalton (jdalton) merged 2 commits intomainfrom
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix prepared a fix for the issue found in the latest run.
- ✅ Fixed: Path check script is missing
- Added an existsSync guard around the check-paths.mts spawn so the check runner skips the path-hygiene step gracefully when the script is not present in the repository.
Or push these changes by commenting:
@cursor push 18c979b883
Preview (18c979b883)
diff --git a/scripts/check.mts b/scripts/check.mts
--- a/scripts/check.mts
+++ b/scripts/check.mts
@@ -3,6 +3,7 @@
* Runs code quality checks: Oxlint and TypeScript type checking across packages.
*/
+import { existsSync } from 'node:fs'
import path from 'node:path'
import process from 'node:process'
@@ -382,14 +383,12 @@
// Run path-hygiene check (1 path, 1 reference). See
// .claude/skills/path-guard/ + .claude/hooks/path-guard/.
- if (runAll) {
+ const gatePath = path.join(scriptsDir, 'check-paths.mts')
+ if (runAll && existsSync(gatePath)) {
if (!quiet) {
logger.log('')
logger.progress('Running path-hygiene check (1 path, 1 reference)')
}
- // Resolve the gate path against scripts/ so this runner works
- // when invoked from any cwd (root or a workspace package dir).
- const gatePath = path.join(scriptsDir, 'check-paths.mts')
const repoRoot = path.dirname(scriptsDir)
const pathHygieneResult = await spawn('node', [gatePath, '--quiet'], {
cwd: repoRoot,You can send follow-ups to the cloud agent here.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit b82fc09. Configure here.
John-David Dalton (jdalton)
force-pushed
the
chore/split-cascade-deps
branch
from
bef1b08 to
d837225
Compare
Synced from socket-repo-template / fleet-canonical drift work. - package.json + pnpm-lock.yaml + pnpm-workspace.yaml — catalog alignment with @socketsecurity/lib + @socketregistry/* fleet - packages/cli/src/cli-entry.mts — lib import refresh - packages/cli/src/utils/terminal/ascii-header.mts — drift sync - packages/cli/test/unit/constants/paths.test.mts — paths-test drift - packages/package-builder/templates/socketaddon-main/index.mjs — template drift - scripts/check.mts — adopt shared check pipeline - scripts/power-state.mts — fleet-canonical helper sync from socket-repo-template@c23dfef Splits content out of #1286, paired with the cascade SHA bump in the commit before this one.
John-David Dalton (jdalton)
force-pushed
the
chore/split-cascade-deps
branch
from
d837225 to
15c8872
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
socket-registry@51f34ffb(was@ea1986b8from chore(ci): cascade socket-registry pin to ea1986b8 #1278). Includes:4c4b12cc— pnpm 11.0.6 GA + Rust toolchain pin for Node 26Temporal + SRI integrity migration
e5f83c31— wireupdating-xportinto the umbrella drift flow51f34ffb—release-workflow-guardquote-mask false-positive fixpackage.json/pnpm-lock.yaml/pnpm-workspace.yamlcatalog alignment, cli lib refreshes, scriptsdrift,
scripts/power-state.mtssync from socket-repo-template.Scope
This is the deps + SHA cascade slice split out of #1286, combined
with closing the stale #1285 cascade branch (which had gone stale at
@0fc1abfdwhile@ea1986b8merged via #1278).Companion splits:
After all three splits + #1285 closure land, #1286 closes.
Test plan
setup-and-install@51f34ffb)pnpm installfrom a fresh clone resolves the catalognode scripts/power-state.mts)scripts/check.mtsruns viapnpm checkNote
Medium Risk
Medium risk because it updates CI/action pins and upgrades
@socketsecurity/lib, andscripts/check.mtsnow invokes acheck-paths.mtsgate that must exist in the repo to avoid breakingpnpm check.Overview
CI and supply-chain/tooling drift updates. Workflows (
ci.yml,provenance.yml,weekly-update.yml) are re-pinned toSocketDev/socket-registryactions at51f34ffb….Dependency + workspace policy refresh. Bumps
@socketsecurity/libto5.26.1, adds@sinclair/typeboxto root dev deps, removes the rootpreinstallbootstrap step, and enablespnpmblockExoticSubdeps: trueinpnpm-workspace.yaml.CLI/build behavior adjustments. Switches CLI theme initialization to
@socketsecurity/lib/themes/context, rewires the ASCII header shimmer rendering to the new shimmer APIs (preserving the dual-wave look), updates a unit test for thedist/index.jsentry rename, expands dev fallback resolution for the@socketaddon/iocraftnative addon, adds a newscripts/power-state.mtshelper, and extendsscripts/check.mtsto run a path-hygiene gate viacheck-paths.mts.Reviewed by Cursor Bugbot for commit b82fc09. Configure here.