From 79f3713f2a3ed5a339f95c5e14873ea234fb3f04 Mon Sep 17 00:00:00 2001 From: jdalton Date: Thu, 26 Mar 2026 12:32:54 -0400 Subject: [PATCH] chore: bump @socketsecurity/lib to 5.11.3 --- .claude/skills/updating/reference.md | 80 ++++++++++++++++++++++++++++ package.json | 2 +- pnpm-lock.yaml | 16 +++--- pnpm-workspace.yaml | 2 +- 4 files changed, 90 insertions(+), 10 deletions(-) create mode 100644 .claude/skills/updating/reference.md diff --git a/.claude/skills/updating/reference.md b/.claude/skills/updating/reference.md new file mode 100644 index 00000000..f7e471ab --- /dev/null +++ b/.claude/skills/updating/reference.md @@ -0,0 +1,80 @@ +# updating Reference Documentation + +## Table of Contents + +1. [How the Update Script Works](#how-the-update-script-works) +2. [Files Changed After Update](#files-changed-after-update) +3. [Validation Commands](#validation-commands) +4. [Troubleshooting](#troubleshooting) + +--- + +## How the Update Script Works + +`pnpm run update` runs `scripts/update.mjs` which performs: + +```bash +# 1. Run taze recursively with write mode +pnpm exec taze -r -w + +# 2. Force-update Socket scoped packages (bypasses taze maturity period) +pnpm update @socketsecurity/* @socketregistry/* @socketbin/* --latest -r + +# 3. pnpm install runs automatically to reconcile lockfile +``` + +### Repo Structure + +- **Monorepo** with pnpm workspaces: `packages/npm/*`, `perf/*`, `registry`, `scripts` +- Uses `pnpm-workspace.yaml` catalog for centralized version management +- Dependencies use `catalog:` references in package.json files +- Has `pnpm.overrides` mapping many packages to `@socketregistry/*` replacements +- Has `pnpm.patchedDependencies` for brace-expansion, iconv-lite, minimatch + +--- + +## Files Changed After Update + +- `package.json` - Root dependency version pins +- `pnpm-workspace.yaml` - Catalog version entries +- `packages/npm/*/package.json` - Workspace package dependencies +- `pnpm-lock.yaml` - Lock file + +--- + +## Validation Commands + +```bash +# Fix lint issues +pnpm run fix --all + +# Run all checks (lint + type check) +pnpm run check --all + +# Run tests +pnpm test +``` + +--- + +## Troubleshooting + +### taze Fails to Detect Updates + +**Cause:** taze has a maturity period for new releases. +**Solution:** Socket packages are force-updated separately via `pnpm update --latest`. + +### Catalog Version Mismatches + +**Symptom:** Workspace packages reference `catalog:` but version differs from +what taze wrote to root `package.json`. +**Solution:** Ensure `pnpm-workspace.yaml` catalog entries match. taze updates +catalog entries directly when using `-r -w`. + +### Lock File Conflicts + +**Solution:** +```bash +rm pnpm-lock.yaml +pnpm install +``` diff --git a/package.json b/package.json index 5d7038d8..c0b6b994 100644 --- a/package.json +++ b/package.json @@ -63,7 +63,7 @@ "@socketregistry/is-unicode-supported": "workspace:*", "@socketregistry/packageurl-js": "catalog:", "@socketregistry/scripts": "file:scripts", - "@socketsecurity/lib": "5.11.2", + "@socketsecurity/lib": "5.11.3", "@types/fs-extra": "catalog:", "@types/node": "catalog:", "@types/normalize-package-data": "catalog:", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e147ebd7..bfe31990 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -43,8 +43,8 @@ catalogs: specifier: 1.3.5 version: 1.3.5 '@socketsecurity/lib': - specifier: 5.11.2 - version: 5.11.2 + specifier: 5.11.3 + version: 5.11.3 '@types/fs-extra': specifier: 11.0.4 version: 11.0.4 @@ -313,8 +313,8 @@ importers: specifier: file:scripts version: scripts@file:scripts '@socketsecurity/lib': - specifier: 5.11.2 - version: 5.11.2(typescript@5.9.2) + specifier: 5.11.3 + version: 5.11.3(typescript@5.9.2) '@types/fs-extra': specifier: 'catalog:' version: 11.0.4 @@ -852,7 +852,7 @@ importers: devDependencies: '@socketsecurity/lib': specifier: 'catalog:' - version: 5.11.2(typescript@5.9.2) + version: 5.11.3(typescript@5.9.2) '@types/node': specifier: 24.9.2 version: 24.9.2 @@ -1876,8 +1876,8 @@ packages: resolution: {integrity: sha512-SHikmWH1JumHKinsPLg0/kg/qKNNQH4fdYe/dd4mZ2NHP5wWGDcZyNCS7KaTnKWFi3/XZOR1iLYzo0I4QnHOQw==} engines: {node: '>=18'} - '@socketsecurity/lib@5.11.2': - resolution: {integrity: sha512-TS6oTeakMCbOrz73mSin/0lOhAyAr6+tlvzAvaASnMhjhrcQ9tPP816be1ZgtDRYolvQHMT+WPSmajlTHTQHjw==} + '@socketsecurity/lib@5.11.3': + resolution: {integrity: sha512-Jp6TSn8ATHrTtw/kTFXmVr+cZwZVuX9wqym/FQ3n8GSAgByUPJJdzWMLzHVFK1HaQRK4kVdB5Db3IKXdFkpQ2Q==} engines: {node: '>=22', pnpm: '>=10.25.0'} peerDependencies: typescript: 5.9.2 @@ -4295,7 +4295,7 @@ snapshots: '@socketregistry/which-typed-array@1.0.9': {} - '@socketsecurity/lib@5.11.2(typescript@5.9.2)': + '@socketsecurity/lib@5.11.3(typescript@5.9.2)': optionalDependencies: typescript: 5.9.2 diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index 55f06f33..d35e36c0 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -22,7 +22,7 @@ catalog: '@npmcli/package-json': 7.0.0 '@npmcli/promise-spawn': 8.0.3 '@socketregistry/packageurl-js': 1.3.5 - '@socketsecurity/lib': 5.11.2 + '@socketsecurity/lib': 5.11.3 '@types/fs-extra': 11.0.4 '@types/node': 24.9.2 '@types/normalize-package-data': 2.4.4