@socketsecurity/registry - npm Package Compare versions

Comparing version 1.0.73 to 1.0.74

lib/constants.d.ts

@@ -0,1 +1,3 @@
+/// <reference types="node" />
+import { Serializable } from 'node:child_process'
 import { IFastSort } from 'fast-sort'
@@ -109,2 +111,3 @@
   readonly GIT_IGNORE: '.gitignore'
+  readonly IPC: { [key: string]: Serializable }
   readonly LATEST: 'latest'
@@ -141,2 +144,3 @@ readonly LICENSE: 'LICENSE'
   readonly RESOLUTIONS: 'resolutions'
+  readonly SOCKET_IPC_HANDSHAKE: 'SOCKET_IPC_HANDSHAKE'
   readonly SOCKET_PUBLIC_API_KEY: string
@@ -149,2 +153,3 @@ readonly SOCKET_PUBLIC_API_TOKEN: string
   readonly SUPPORTS_NODE_RUN: boolean
+  readonly SUPPORTS_PROCESS_SEND: boolean
   readonly TEMPLATE_CJS: 'cjs'
@@ -151,0 +156,0 @@ readonly TEMPLATE_CJS_BROWSER: 'cjs-browser'

lib/constants.js

@@ -360,2 +360,3 @@ 'use strict'
 const RESOLUTIONS = 'resolutions'
+const SOCKET_IPC_HANDSHAKE = 'SOCKET_IPC_HANDSHAKE'
 const SOCKET_PUBLIC_API_TOKEN =
@@ -377,2 +378,22 @@ 'sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api'
 
+// https://nodejs.org/api/all.html#all_cli_--disable-warningcode-or-type
+const LAZY_SUPPORTS_NODE_DISABLE_WARNING_FLAG = () =>
+  // Lazily access constants.NODE_VERSION.
+  getSemver().satisfies(constants.NODE_VERSION, '>=21.3.0||^20.11.0')
+
+// https://nodejs.org/api/all.html#all_cli_--run
+const LAZY_SUPPORTS_NODE_RUN = () =>
+  // Lazily access constants.NODE_VERSION.
+  getSemver().satisfies(constants.NODE_VERSION, '>=22.3.0')
+
+// https://nodejs.org/docs/latest-v22.x/api/all.html#all_cli_--experimental-require-module
+const LAZY_SUPPORTS_NODE_REQUIRE_MODULE = () =>
+  // Lazily access constants.NODE_VERSION.
+  getSemver().satisfies(constants.NODE_VERSION, '>=22.12')
+
+const LAZY_SUPPORTS_PROCESS_SEND = () =>
+  // Forked subprocesses have the process.send method.
+  // https://nodejs.org/api/child_process.html#subprocesssendmessage-sendhandle-options-callback
+  typeof getProcess().send === 'function'
+
 const LAZY_ENV = () => {
@@ -404,17 +425,63 @@ const {
 
-// https://nodejs.org/api/all.html#all_cli_--disable-warningcode-or-type
-const LAZY_SUPPORTS_NODE_DISABLE_WARNING_FLAG = () =>
-  // Lazily access constants.NODE_VERSION.
-  getSemver().satisfies(constants.NODE_VERSION, '>=21.3.0||^20.11.0')
+const LAZY_IPC = (() => {
+  // Initialize and wire-up immediately.
+  const target = { __proto__: null }
+  // Simulate a frozen target.
+  const handler = {
+    __proto__: null,
+    defineProperty: () => true,
+    deleteProperty: () => false,
+    preventExtensions() {
+      // Prevent a proxy trap invariant error.
+      // https://tc39.es/ecma262/#sec-proxy-object-internal-methods-and-internal-slots-isextensible
+      Object.preventExtensions(target)
+      return true
+    },
+    set: () => false,
+    setPrototypeOf: () => false
+  }
+  const proxy = new Proxy(target, handler)
+  void new Promise(
+    // The Promise executor is immediately executed.
+    resolve => {
+      if (
+        !(typeof process === 'object' && process !== null) ||
+        // Manually check instead of lazily accessing constants.SUPPORTS_PROCESS_SEND
+        // because constants is not initialized yet.
+        process.send !== 'function'
+      ) {
+        resolve()
+        return
+      }
+      const onmessage = rawData => {
+        finish()
+        if (rawData !== null && typeof rawData === 'object') {
+          const { [SOCKET_IPC_HANDSHAKE]: source } = {
+            __proto__: null,
+            ...rawData
+          }
+          Object.assign(target, source)
+          Object.freeze(target)
+          // The handler of a Proxy is mutable after proxy instantiation.
+          // We delete the traps to defer to native behavior.
+          for (const trapName in handler) {
+            delete handler[trapName]
+          }
+        }
+      }
+      const finish = () => {
+        abortSignal.removeEventListener('abort', finish)
+        process.removeListener('message', onmessage)
+        resolve()
+      }
+      abortSignal.addEventListener('abort', finish, { once: true })
+      process.on('message', onmessage)
+      // The timeout of 100ms is to prevent an unresolved promised. It should be
+      // more than enough time for the IPC handshake.
+      setTimeout(finish, 100)
+    }
+  )
+  return () => proxy
+})()
 
-// https://nodejs.org/api/all.html#all_cli_--run
-const LAZY_SUPPORTS_NODE_RUN = () =>
-  // Lazily access constants.NODE_VERSION.
-  getSemver().satisfies(constants.NODE_VERSION, '>=22.3.0')
-
-// https://nodejs.org/docs/latest-v22.x/api/all.html#all_cli_--experimental-require-module
-const LAZY_SUPPORTS_NODE_REQUIRE_MODULE = () =>
-  // Lazily access constants.NODE_VERSION.
-  getSemver().satisfies(constants.NODE_VERSION, '>=22.12')
-
 const LAZY_WIN32 = () => getProcess().platform === 'win32'
@@ -705,2 +772,3 @@
     GIT_IGNORE,
+    IPC: undefined,
     LATEST,
@@ -738,2 +806,3 @@ LICENSE,
     RESOLUTIONS,
+    SOCKET_IPC_HANDSHAKE,
     SOCKET_PUBLIC_API_KEY,
@@ -746,2 +815,3 @@ SOCKET_PUBLIC_API_TOKEN,
     SUPPORTS_NODE_RUN: undefined,
+    SUPPORTS_PROCESS_SEND: undefined,
     TEMPLATE_CJS,
@@ -779,2 +849,3 @@ TEMPLATE_CJS_BROWSER,
       ENV: LAZY_ENV,
+      IPC: LAZY_IPC,
       NODE_VERSION: LAZY_NODE_VERSION,
@@ -786,2 +857,3 @@ PACKAGE_DEFAULT_NODE_RANGE: LAZY_PACKAGE_DEFAULT_NODE_RANGE,
       SUPPORTS_NODE_RUN: LAZY_SUPPORTS_NODE_RUN,
+      SUPPORTS_PROCESS_SEND: LAZY_SUPPORTS_PROCESS_SEND,
       WIN32: LAZY_WIN32,
@@ -788,0 +860,0 @@ execPath: lazyExecPath,

package.json

 {
   "name": "@socketsecurity/registry",
-  "version": "1.0.73",
+  "version": "1.0.74",
   "license": "MIT",
@@ -5,0 +5,0 @@ "description": "Socket.dev registry helpers methods and metadata",

No alert changes

Improved metrics

Total package byte prevSize

146731

increased by1.86%

Lines of code

4861

increased by1.57%

No dependency changes