@socketsecurity/lib
Version:
Core utilities and infrastructure for Socket.dev security tools
103 lines (102 loc) • 3.66 kB
TypeScript
import type { SpawnOptions } from './spawn';
/**
* Execute npm commands with optimized flags and settings.
*
* SECURITY: Uses array-based arguments to prevent command injection. All elements
* in the args array are properly escaped by Node.js when passed to spawn().
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function execNpm(args: string[], options?: SpawnOptions | undefined): import("./spawn").PromiseSpawnResult;
export interface PnpmOptions extends SpawnOptions {
allowLockfileUpdate?: boolean;
}
/**
* Execute pnpm commands with optimized flags and settings.
*
* SECURITY: Uses array-based arguments to prevent command injection. All elements
* in the args array are properly escaped by Node.js when passed to execBin().
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function execPnpm(args: string[], options?: PnpmOptions | undefined): Promise<{
cmd: string;
args: string[] | readonly string[];
code: number;
signal: NodeJS.Signals;
stdout: string | Buffer<ArrayBufferLike>;
stderr: string | Buffer<ArrayBufferLike>;
}>;
/**
* Execute yarn commands with optimized flags and settings.
*
* SECURITY: Uses array-based arguments to prevent command injection. All elements
* in the args array are properly escaped by Node.js when passed to execBin().
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function execYarn(args: string[], options?: import('./spawn').SpawnOptions): Promise<{
cmd: string;
args: string[] | readonly string[];
code: number;
signal: NodeJS.Signals;
stdout: string | Buffer<ArrayBufferLike>;
stderr: string | Buffer<ArrayBufferLike>;
}>;
/**
* Check if a command argument is an npm audit flag.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isNpmAuditFlag(cmdArg: string): boolean;
/**
* Check if a command argument is an npm fund flag.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isNpmFundFlag(cmdArg: string): boolean;
/**
* Check if a command argument is an npm loglevel flag.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isNpmLoglevelFlag(cmdArg: string): boolean;
/**
* Check if a command argument is an npm node-options flag.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isNpmNodeOptionsFlag(cmdArg: string): boolean;
/**
* Check if a command argument is an npm progress flag.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isNpmProgressFlag(cmdArg: string): boolean;
/**
* Check if a command argument is a pnpm ignore-scripts flag.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isPnpmIgnoreScriptsFlag(cmdArg: string): boolean;
/**
* Check if a command argument is a pnpm frozen-lockfile flag.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isPnpmFrozenLockfileFlag(cmdArg: string): boolean;
/**
* Check if a command argument is a pnpm install command.
*/
/*@__NO_SIDE_EFFECTS__*/
export declare function isPnpmInstallCommand(cmdArg: string): boolean;
/**
* Alias for isNpmLoglevelFlag for pnpm usage.
*/
export declare const isPnpmLoglevelFlag: typeof isNpmLoglevelFlag;
/**
* Execute a package.json script using the appropriate package manager.
* Automatically detects pnpm, yarn, or npm based on lockfiles.
*/
export interface ExecScriptOptions extends SpawnOptions {
prepost?: boolean | undefined;
}
/*@__NO_SIDE_EFFECTS__*/
export declare function execScript(scriptName: string, args?: string[] | readonly string[] | ExecScriptOptions | undefined, options?: ExecScriptOptions | undefined): Promise<{
cmd: string;
args: string[] | readonly string[];
code: number;
signal: NodeJS.Signals;
stdout: string | Buffer<ArrayBufferLike>;
stderr: string | Buffer<ArrayBufferLike>;
}>;