chore(deps): update dependencies and package management

- Update @socketsecurity/lib from 3.2.1 to 4.2.0
- Upgrade pnpm to 10.22.0 with engine requirement >=10.22.0
- Migrate dependencies to pnpm catalog protocol
- Add trust policy to .npmrc to prevent downgrade attacks
- Normalize package.json property order and packageManager fields
- Remove unused dependencies: c8, @yarnpkg/extensions, dotenvx, npm-run-all2

Author: jdalton

.npmrc

@@ -2,6 +2,9 @@
 ignore-scripts=true
 
 # Suppress pnpm workspace warnings
-link-workspace-packages=true
+link-workspace-packages=false
 loglevel=error
-prefer-workspace-packages=true
+prefer-workspace-packages=false
+
+# Trust policy - prevent downgrade attacks
+trust-policy=no-downgrade

package.json

@@ -1,10 +1,11 @@
 {
   "name": "@socketregistry/monorepo",
   "version": "1.0.0",
+  "packageManager": "[email protected]",
   "private": true,
+  "license": "MIT",
   "description": "Monorepo for Socket.dev optimized package overrides",
   "homepage": "http://github.com/SocketDev/socket-registry",
-  "license": "MIT",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/SocketDev/socket-registry.git"
@@ -14,141 +15,137 @@
     "email": "[email protected]",
     "url": "https://socket.dev"
   },
+  "engines": {
+    "node": ">=18",
+    "pnpm": ">=10.22.0"
+  },
   "scripts": {
     "analyze-ci-failures": "node scripts/testing/analyze-ci-failures.mjs",
     "build": "node scripts/build.mjs",
     "check": "node scripts/check.mjs",
     "check-registry-package-types": "node --experimental-strip-types scripts/check-registry-package-types.mjs",
-    "check-trusted": "node scripts/check-trusted-packages.mjs",
+    "check-trusted": "node scripts/npm/check-trusted-packages.mjs",
     "clean": "node scripts/clean.mjs",
     "claude": "node scripts/claude.mjs",
     "cover": "node scripts/cover.mjs",
     "fix": "node scripts/lint.mjs --fix",
-    "generate-actions-allow-list": "node scripts/generate-actions-allow-list.mjs",
-    "generate-actions-tree": "node scripts/show-actions-tree.mjs",
-    "inline-action-shas": "node scripts/inline-action-versions-as-shas.mjs",
+    "generate-actions-allow-list": "node scripts/ci/generate-actions-allow-list.mjs",
+    "generate-actions-tree": "node scripts/ci/show-actions-tree.mjs",
+    "inline-action-shas": "node scripts/ci/inline-action-versions-as-shas.mjs",
     "lint": "node scripts/lint.mjs",
-    "make-npm-override": "node scripts/make-npm-override.mjs",
-    "package-npm-access": "node scripts/set-npm-package-access.mjs",
-    "package-npm-publish": "node scripts/publish-npm-packages.mjs",
+    "make-npm-override": "node scripts/npm/make-npm-override.mjs",
+    "package-npm-access": "node scripts/npm/set-npm-package-access.mjs",
+    "package-npm-publish": "node scripts/npm/publish-npm-packages.mjs",
     "perf": "node scripts/perf.mjs",
     "precommit": "pnpm run check --lint --staged",
     "prepare": "husky && pnpm run build",
-    "release-npm": "node scripts/release-npm-packages.mjs",
+    "release-npm": "node scripts/npm/release-npm-packages.mjs",
     "test": "node scripts/test.mjs",
     "update": "node scripts/update.mjs",
     "validate-ci": "node scripts/testing/reproduce-ci-locally.mjs",
     "validate-packages": "node scripts/testing/validate-package-tests.mjs"
   },
   "devDependencies": {
-    "@babel/core": "7.28.4",
-    "@babel/generator": "7.28.3",
-    "@babel/parser": "7.28.4",
-    "@babel/traverse": "7.28.4",
-    "@babel/types": "7.28.4",
-    "@biomejs/biome": "2.2.4",
-    "@biomejs/js-api": "3.0.0",
-    "@biomejs/wasm-nodejs": "2.2.4",
-    "@dotenvx/dotenvx": "1.49.0",
-    "@eslint/compat": "1.3.2",
-    "@eslint/js": "9.35.0",
-    "@inquirer/checkbox": "4.2.4",
-    "@inquirer/core": "10.2.2",
-    "@inquirer/prompts": "7.8.6",
-    "@mdn/browser-compat-data": "7.1.5",
-    "@npmcli/package-json": "7.0.0",
-    "@npmcli/promise-spawn": "8.0.3",
+    "@babel/core": "catalog:",
+    "@babel/generator": "catalog:",
+    "@babel/parser": "catalog:",
+    "@babel/traverse": "catalog:",
+    "@babel/types": "catalog:",
+    "@biomejs/biome": "catalog:",
+    "@biomejs/js-api": "catalog:",
+    "@biomejs/wasm-nodejs": "catalog:",
+    "@eslint/compat": "catalog:",
+    "@eslint/js": "catalog:",
+    "@inquirer/checkbox": "catalog:",
+    "@inquirer/core": "catalog:",
+    "@inquirer/prompts": "catalog:",
+    "@mdn/browser-compat-data": "catalog:",
+    "@npmcli/package-json": "catalog:",
+    "@npmcli/promise-spawn": "catalog:",
     "@socketregistry/is-unicode-supported": "workspace:*",
-    "@socketregistry/packageurl-js": "1.3.5",
+    "@socketregistry/packageurl-js": "catalog:",
     "@socketregistry/scripts": "file:scripts",
-    "@socketsecurity/lib": "3.1.3",
-    "@types/fs-extra": "11.0.4",
-    "@types/node": "24.9.2",
-    "@types/normalize-package-data": "2.4.4",
-    "@types/npm-package-arg": "6.1.4",
-    "@types/npmcli__package-json": "4.0.4",
-    "@types/npmcli__promise-spawn": "6.0.3",
-    "@types/picomatch": "4.0.2",
-    "@types/semver": "7.7.1",
-    "@types/spdx-correct": "3.1.3",
-    "@types/spdx-expression-parse": "3.0.5",
-    "@types/validate-npm-package-name": "4.0.2",
-    "@types/which": "3.0.4",
-    "@typescript/native-preview": "7.0.0-dev.20250920.1",
-    "@vitest/coverage-v8": "4.0.3",
-    "@vitest/ui": "4.0.3",
-    "@yarnpkg/extensions": "2.0.6",
-    "@zkochan/js-yaml": "0.0.10",
-    "browserslist": "4.26.3",
-    "c8": "10.1.3",
-    "cacache": "20.0.1",
-    "clipboardy": "4.0.0",
-    "debug": "^4.4.3",
-    "del": "8.0.1",
-    "del-cli": "6.0.0",
-    "dev-null-cli": "2.0.0",
-    "didyoumean2": "7.0.4",
-    "esbuild": "0.25.11",
-    "eslint": "9.35.0",
-    "eslint-import-resolver-typescript": "4.4.4",
-    "eslint-plugin-import-x": "4.16.1",
-    "eslint-plugin-n": "17.23.1",
-    "eslint-plugin-sort-destructure-keys": "2.0.0",
-    "eslint-plugin-unicorn": "56.0.1",
-    "eta": "3.5.0",
-    "fast-glob": "3.3.3",
-    "fast-sort": "3.4.1",
-    "fs-extra": "11.3.1",
-    "get-east-asian-width": "1.3.0",
-    "globals": "16.4.0",
-    "husky": "9.1.7",
-    "js-yaml": "npm:@zkochan/[email protected]",
-    "libnpmpack": "9.0.9",
-    "magic-string": "0.30.17",
-    "make-fetch-happen": "15.0.2",
-    "minimatch": "9.0.5",
-    "normalize-package-data": "8.0.0",
-    "npm-package-arg": "13.0.0",
-    "npm-run-all2": "8.0.4",
-    "out-url": "1.2.2",
-    "pacote": "21.0.1",
-    "read-yaml-file": "2.1.0",
-    "semver": "7.7.2",
-    "source-map-support": "0.5.21",
-    "spdx-correct": "3.2.0",
-    "spdx-expression-parse": "4.0.0",
-    "streaming-iterables": "8.0.1",
-    "tar": "7.5.1",
-    "taze": "19.6.0",
-    "trash": "10.0.0",
-    "tsx": "4.20.5",
-    "type-coverage": "2.29.7",
-    "typescript": "5.9.2",
-    "typescript-eslint": "8.44.1",
-    "update-browserslist-db": "1.1.3",
-    "validate-npm-package-name": "6.0.2",
-    "vitest": "4.0.3",
-    "which": "5.0.0",
-    "yargs-parser": "22.0.0",
-    "yoctocolors-cjs": "2.1.3",
-    "zod": "4.1.12"
-  },
-  "engines": {
-    "pnpm": ">=10.16.0",
-    "node": ">=18"
+    "@socketsecurity/lib": "4.2.0",
+    "@types/fs-extra": "catalog:",
+    "@types/node": "catalog:",
+    "@types/normalize-package-data": "catalog:",
+    "@types/npm-package-arg": "catalog:",
+    "@types/npmcli__package-json": "catalog:",
+    "@types/npmcli__promise-spawn": "catalog:",
+    "@types/picomatch": "catalog:",
+    "@types/semver": "catalog:",
+    "@types/spdx-correct": "catalog:",
+    "@types/spdx-expression-parse": "catalog:",
+    "@types/validate-npm-package-name": "catalog:",
+    "@types/which": "catalog:",
+    "@typescript/native-preview": "catalog:",
+    "@vitest/coverage-v8": "catalog:",
+    "@vitest/ui": "catalog:",
+    "@zkochan/js-yaml": "catalog:",
+    "browserslist": "catalog:",
+    "cacache": "catalog:",
+    "clipboardy": "catalog:",
+    "debug": "catalog:",
+    "del": "catalog:",
+    "del-cli": "catalog:",
+    "dev-null-cli": "catalog:",
+    "didyoumean2": "catalog:",
+    "esbuild": "catalog:",
+    "eslint": "catalog:",
+    "eslint-import-resolver-typescript": "catalog:",
+    "eslint-plugin-import-x": "catalog:",
+    "eslint-plugin-n": "catalog:",
+    "eslint-plugin-sort-destructure-keys": "catalog:",
+    "eslint-plugin-unicorn": "catalog:",
+    "eta": "catalog:",
+    "fast-glob": "catalog:",
+    "fast-sort": "catalog:",
+    "fs-extra": "catalog:",
+    "get-east-asian-width": "catalog:",
+    "globals": "catalog:",
+    "husky": "catalog:",
+    "js-yaml": "catalog:",
+    "libnpmpack": "catalog:",
+    "magic-string": "catalog:",
+    "make-fetch-happen": "catalog:",
+    "minimatch": "catalog:",
+    "normalize-package-data": "catalog:",
+    "npm-package-arg": "catalog:",
+    "out-url": "catalog:",
+    "pacote": "catalog:",
+    "read-yaml-file": "catalog:",
+    "semver": "catalog:",
+    "source-map-support": "catalog:",
+    "spdx-correct": "catalog:",
+    "spdx-expression-parse": "catalog:",
+    "streaming-iterables": "catalog:",
+    "tar": "catalog:",
+    "taze": "catalog:",
+    "trash": "catalog:",
+    "tsx": "catalog:",
+    "type-coverage": "catalog:",
+    "typescript": "catalog:",
+    "typescript-eslint": "catalog:",
+    "update-browserslist-db": "catalog:",
+    "validate-npm-package-name": "catalog:",
+    "vitest": "catalog:",
+    "which": "catalog:",
+    "yargs-parser": "catalog:",
+    "yoctocolors-cjs": "catalog:",
+    "zod": "catalog:"
   },
   "pnpm": {
     "ignoredBuiltDependencies": [
       "esbuild",
       "unrs-resolver"
     ],
     "overrides": {
-      "@types/node": "24.9.2",
-      "typescript": "5.9.2",
+      "@types/node": "catalog:",
+      "typescript": "catalog:",
       "aggregate-error": "npm:@socketregistry/[email protected]",
       "array-buffer-byte-length": "npm:@socketregistry/[email protected]",
       "available-typed-arrays": "npm:@socketregistry/[email protected]",
-      "brace-expansion": "2.0.2",
+      "brace-expansion": "catalog:",
       "es-define-property": "npm:@socketregistry/[email protected]",
       "es-get-iterator": "npm:@socketregistry/[email protected]",
       "es-set-tostringtag": "npm:@socketregistry/[email protected]",
@@ -159,7 +156,7 @@
       "has-symbols": "npm:@socketregistry/[email protected]",
       "has-tostringtag": "npm:@socketregistry/[email protected]",
       "hasown": "npm:@socketregistry/[email protected]",
-      "iconv-lite": "0.6.3",
+      "iconv-lite": "catalog:",
       "indent-string": "npm:@socketregistry/[email protected]",
       "is-arguments": "npm:@socketregistry/[email protected]",
       "is-array-buffer": "npm:@socketregistry/[email protected]",
@@ -173,7 +170,7 @@
       "isarray": "npm:@socketregistry/[email protected]",
       "json-stable-stringify": "npm:@socketregistry/[email protected]",
       "jsonify": "npm:@socketregistry/[email protected]",
-      "minimatch": "9.0.5",
+      "minimatch": "catalog:",
       "object-is": "npm:@socketregistry/[email protected]",
       "object-keys": "npm:@socketregistry/[email protected]",
       "object.assign": "npm:@socketregistry/[email protected]",
@@ -185,29 +182,29 @@
       "shell-quote": "npm:[email protected]",
       "side-channel": "npm:@socketregistry/[email protected]",
       "which-boxed-primitive": "npm:@socketregistry/[email protected]",
-      "vite": "7.1.12",
+      "vite": "catalog:",
       "which-collection": "npm:@socketregistry/[email protected]",
       "which-typed-array": "npm:@socketregistry/[email protected]"
     },
     "patchedDependencies": {
       "[email protected]": "patches/[email protected]",
       "[email protected]": "patches/[email protected]"
-    },
-    "peerDependencyRules": {
-      "ignoreMissing": [
-        "@yarnpkg/core"
-      ]
     }
   },
   "typeCoverage": {
     "cache": true,
-    "atLeast": 70,
+    "atLeast": 99,
     "ignoreAsAssertion": true,
     "ignoreCatch": true,
     "ignoreEmptyType": true,
     "ignore-non-null-assertion": true,
     "ignore-type-assertion": true,
-    "ignore-files": "test/*",
+    "ignoreFiles": [
+      "test/**/*.{ts,mts}",
+      "perf/**/*.{ts,mts}",
+      "scripts/**/*.{ts,mts,d.mts}",
+      "packages/**/*.{ts,d.ts}"
+    ],
     "strict": true
   }
 }