patch for new settings endpoint

Author: 101arrowz

lib/commands/login/index.js

@@ -57,22 +57,22 @@ export const login = {
 
     const spinner = ora('Verifying API key...').start()
 
-    /** @type {import('@socketsecurity/sdk').SocketSdkReturnType<'getSettings'>['data']} */
-    let settings
+    /** @type {import('@socketsecurity/sdk').SocketSdkReturnType<'getOrganizations'>['data']} */
+    let orgs
 
     try {
       const sdk = await setupSdk(apiKey)
-      const result = await sdk.getSettings()
+      const result = await sdk.getOrganizations()
       if (!result.success) throw new AuthError()
-      settings = result.data
+      orgs = result.data
       spinner.succeed('API key verified\n')
     } catch (e) {
       spinner.fail('Invalid API key')
       return
     }
 
     /** @type {prompts.Choice[]} */
-    const enforcedChoices = Object.values(settings.organizations)
+    const enforcedChoices = Object.values(orgs.organizations)
       .filter(org => org.plan.tier === 'enterprise')
       .map(org => ({
         title: org.name,

lib/shadow/npm-injection.cjs

@@ -37,15 +37,21 @@ try {
 const pubTokenPromise = sdkPromise.then(({ getDefaultKey, FREE_API_KEY }) => getDefaultKey() || FREE_API_KEY)
 const apiKeySettingsPromise = sdkPromise.then(async ({ setupSdk }) => {
   const sdk = await setupSdk()
-  const result = await sdk.getSettings()
+  const orgResult = await sdk.getOrganizations()
+  if (!orgResult.success) throw new Error('failed to fetch organizations info')
+  const orgs = Object.values(orgResult.data.organizations)
+  const result = await sdk.postSettings(orgs.map(id => ({ organization: id })))
   if (!result.success) throw new Error('failed to fetch API key settings')
-  return result.data
+  return {
+    orgs,
+    settings: result.data
+  }
 })
 
 /** @type {Promise<{ defaultRules: import('../utils/settings.js').IssueRules, orgRules: { id: string, issueRules: import('../utils/settings.js').IssueRules }[] }>} */
-const orgSettingsPromise = settingsPromise.then(async ({ getSetting, updateSetting }) => {
+const orgSettingsPromise = settingsPromise.then(async ({ getSetting }) => {
   const enforcedOrgs = getSetting('enforcedOrgs')
-  const settings = await apiKeySettingsPromise
+  const { orgs, settings } = await apiKeySettingsPromise
 
   /**
    * @param {import('../utils/settings.js').IssueRules[string]} rule
@@ -80,32 +86,50 @@ const orgSettingsPromise = settingsPromise.then(async ({ getSetting, updateSetti
     return merged
   }
 
-  const mergeDefaults = (rules) => {
-    const out = { ...rules }
-    for (const rule in settings.defaultIssueRules) {
-      const defaultedRule = out[rule]
-      if (
-          !(rule in out) || (
-          typeof defaultedRule === 'object' &&
-          defaultedRule.action === 'defer'
-      )) {
-        out[rule] = settings.defaultIssueRules[rule]
-      }
+  const mergeDefaults = (a, b) => {
+    const merged = { ...a }
+    for (const rule in b) {
+        const defaultedRule = merged[rule]
+        if (
+            !(rule in merged) || (
+            typeof defaultedRule === 'object' &&
+            defaultedRule.action === 'defer'
+        )) {
+            merged[rule] = b[rule]
+        }
+    }
+    return merged
+  }
+
+  /** @type {Record<string, import('../utils/settings.js').IssueRules>} */
+  const baseOrgRules = {}
+  for (let i = 0; i < orgs.length; ++i) {
+    const orgID = orgs[i].id
+    const entry = settings.entries[i]
+    /** @type {import('../utils/settings.js').IssueRules} */
+    let issueRules = {}
+    let target = entry.start
+    while (target !== null) {
+      issueRules = mergeDefaults(issueRules, entry.settings[target].issueRules)
+      target = entry.settings[target].deferTo
     }
-    return out
+    baseOrgRules[orgID] = issueRules
   }
 
+  const defaults = settings.defaults.issueRules
+
   const enforcedRules = enforcedOrgs
-    .map(org => settings.organizations[org])
+    .map(org => baseOrgRules[org])
+    .filter(rules => rules)
     .reduce((a, b) => mergeRules(a, b))
 
   return {
-    defaultRules: mergeDefaults(enforcedRules),
-    orgRules: Object.values(settings.organizations).map(({ id, name, issueRules }) => {
+    defaultRules: mergeDefaults(enforcedRules, defaults),
+    orgRules: orgs.map(({ id, name }) => {
       return {
         id,
         name,
-        issueRules: mergeDefaults(mergeRules(issueRules, enforcedRules))
+        issueRules: mergeDefaults(mergeRules(baseOrgRules[id], enforcedRules), defaults)
       }
     })
   }
@@ -450,13 +474,13 @@ async function packagesHaveRiskyIssues (registry, pkgs, ora = null, input, outpu
     const pkgDatas = []
     try {
       const orgSettings = await orgSettingsPromise
-      if (orgSettings.length > 1) {
+      if (orgSettings.orgRules.length > 1) {
         throw new Error('multi-organization API keys not supported')
       }
       // TODO: determine org based on cwd
-      const rules = orgSettings.length
-        ? orgSettings[0].issueRules
-        : (await apiKeySettingsPromise).defaultIssueRules
+      const rules = orgSettings.orgRules.length
+        ? orgSettings.orgRules[0].issueRules
+        : orgSettings.defaultRules
 
       for await (const pkgData of batchScan(pkgs.map(pkg => pkg.pkgid))) {
         let failures = []

lib/utils/settings.js

@@ -20,7 +20,7 @@ if (!dataHome) {
 const settingsPath = path.join(dataHome, 'socket', 'settings')
 
 /**
- * @typedef {import('@socketsecurity/sdk').SocketSdkReturnType<'getSettings'>['data']['organizations'][string]['issueRules']} IssueRules
+ * @typedef {Record<string, boolean | {action: 'error' | 'warn' | 'ignore' | 'defer'}>} IssueRules
  */
 
 /** @type {{apiKey?: string | null, enforcedOrgs?: string[] | null}} */