SocketDev · cursor · Sep 16, 2025 · Sep 16, 2025 · Sep 16, 2025 · Sep 16, 2025
diff --git a/.config/babel.config.js b/.config/babel.config.js
@@ -0,0 +1,27 @@
+'use strict'
+
+const path = require('node:path')
+
+const rootPath = path.join(__dirname, '..')
+const scriptsPath = path.join(rootPath, 'scripts')
+const babelPluginsPath = path.join(scriptsPath, 'babel')
+
+module.exports = {
+  presets: ['@babel/preset-typescript'],
+  plugins: [
+    '@babel/plugin-proposal-export-default-from',
+    '@babel/plugin-transform-export-namespace-from',
+    [
+      '@babel/plugin-transform-runtime',
+      {
+        absoluteRuntime: false,
+        corejs: false,
+        helpers: true,
+        regenerator: false,
+        version: '^7.27.1',
+      },
+    ],
+    path.join(babelPluginsPath, 'transform-set-proto-plugin.js'),
+    path.join(babelPluginsPath, 'transform-url-parse-plugin.js'),
+  ],
+}
diff --git a/.config/rollup.base.config.mjs b/.config/rollup.base.config.mjs
@@ -0,0 +1,302 @@
+import { randomUUID } from 'node:crypto'
+import { builtinModules } from 'node:module'
+import path from 'node:path'
+
+import { babel as babelPlugin } from '@rollup/plugin-babel'
+import commonjsPlugin from '@rollup/plugin-commonjs'
+import jsonPlugin from '@rollup/plugin-json'
+import { nodeResolve } from '@rollup/plugin-node-resolve'
+import replacePlugin from '@rollup/plugin-replace'
+import { purgePolyfills } from 'unplugin-purge-polyfills'
+
+import { readPackageJsonSync } from '@socketsecurity/registry/lib/packages'
+import { escapeRegExp } from '@socketsecurity/registry/lib/regexps'
+import { spawnSync } from '@socketsecurity/registry/lib/spawn'
+import { stripAnsi } from '@socketsecurity/registry/lib/strings'
+
+import constants from '../scripts/constants.js'
+import socketModifyPlugin from '../scripts/rollup/socket-modify-plugin.js'
+import {
+  getPackageName,
+  isBuiltin,
+  normalizeId,
+} from '../scripts/utils/packages.js'
+
+const {
+  INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION,
+  INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION,
+  INLINED_SOCKET_CLI_HOMEPAGE,
+  INLINED_SOCKET_CLI_LEGACY_BUILD,
+  INLINED_SOCKET_CLI_NAME,
+  INLINED_SOCKET_CLI_PUBLISHED_BUILD,
+  INLINED_SOCKET_CLI_SENTRY_BUILD,
+  INLINED_SOCKET_CLI_SYNP_VERSION,
+  INLINED_SOCKET_CLI_VERSION,
+  INLINED_SOCKET_CLI_VERSION_HASH,
+  NODE_MODULES,
+  ROLLUP_EXTERNAL_SUFFIX,
+  UTF8,
+  VITEST,
+} = constants
+
+export const EXTERNAL_PACKAGES = [
+  '@socketsecurity/registry',
+  'blessed',
+  'blessed-contrib',
+]
+
+const builtinAliases = builtinModules.reduce((o, n) => {
+  if (!n.startsWith('node:')) {
+    o[n] = `node:${n}`
+  }
+  return o
+}, {})
+
+let _rootPkgJson
+function getRootPkgJsonSync() {
+  if (_rootPkgJson === undefined) {
+    _rootPkgJson = readPackageJsonSync(constants.rootPath, { normalize: true })
+  }
+  return _rootPkgJson
+}
+
+let _socketVersionHash
+function getSocketCliVersionHash() {
+  if (_socketVersionHash === undefined) {
+    const randUuidSegment = randomUUID().split('-')[0]
+    const { version } = getRootPkgJsonSync()
+    let gitHash = ''
+    try {
+      gitHash = stripAnsi(
+        spawnSync('git', ['rev-parse', '--short', 'HEAD'], {
+          encoding: UTF8,
+        }).stdout.trim(),
+      )
+    } catch {}
+    // Make each build generate a unique version id, regardless.
+    // Mostly for development: confirms the build refreshed. For prod builds
+    // the git hash should suffice to identify the build.
+    _socketVersionHash = `${version}:${gitHash}:${randUuidSegment}${
+      constants.ENV[INLINED_SOCKET_CLI_PUBLISHED_BUILD] ? '' : ':dev'
+    }`
+  }
+  return _socketVersionHash
+}
+
+const requiredToVarName = new Map()
+function getVarNameForRequireId(filename, id, lookbehindContent) {
+  const key = `${filename}:${id}`
+  let varName = requiredToVarName.get(key)
+  if (varName) {
+    return varName
+  }
+  const varNameRegExp = new RegExp(
+    `(?<=var +)[$\\w]+(?=\\s*=\\s*require[$\\w]*\\(["']${escapeRegExp(id)}["']\\))`,
+  )
+  varName = varNameRegExp.exec(lookbehindContent)?.[0] ?? ''
+  if (varName) {
+    requiredToVarName.set(key, varName)
+  }
+  return varName
+}
+
+export default function baseConfig(extendConfig = {}) {
+  const { configPath, rootPath } = constants
+
+  const nmPath = path.join(rootPath, NODE_MODULES)
+
+  const extendPlugins = Array.isArray(extendConfig.plugins)
+    ? extendConfig.plugins.slice()
+    : []
+
+  const extractedPlugins = { __proto__: null }
+  if (extendPlugins.length) {
+    for (const pluginName of [
+      'babel',
+      'commonjs',
+      'json',
+      'node-resolve',
+      'unplugin-purge-polyfills',
+    ]) {
+      for (let i = 0, { length } = extendPlugins; i < length; i += 1) {
+        const p = extendPlugins[i]
+        if (p?.name === pluginName) {
+          extractedPlugins[pluginName] = p
+          // Remove from extendPlugins array.
+          extendPlugins.splice(i, 1)
+          length -= 1
+          i -= 1
+        }
+      }
+    }
+  }
+
+  return {
+    external(rawId) {
+      const id = normalizeId(rawId)
+      const pkgName = getPackageName(
+        id,
+        path.isAbsolute(id) ? nmPath.length + 1 : 0,
+      )
+      return (
+        id.endsWith('.d.cts') ||
+        id.endsWith('.d.mts') ||
+        id.endsWith('.d.ts') ||
+        EXTERNAL_PACKAGES.includes(pkgName) ||
+        rawId.endsWith(ROLLUP_EXTERNAL_SUFFIX) ||
+        isBuiltin(rawId)
+      )
+    },
+    onwarn(warning, warn) {
+      // Suppress warnings.
+      if (
+        warning.code === 'INVALID_ANNOTATION' ||
+        warning.code === 'THIS_IS_UNDEFINED'
+      ) {
+        return
+      }
+      // Forward other warnings.
+      warn(warning)
+    },
+    ...extendConfig,
+    plugins: [
+      extractedPlugins['node-resolve'] ??
+        nodeResolve({
+          exportConditions: ['node'],
+          extensions: ['.mjs', '.js', '.json', '.ts', '.mts'],
+          preferBuiltins: true,
+        }),
+      extractedPlugins['json'] ?? jsonPlugin(),
+      extractedPlugins['commonjs'] ??
+        commonjsPlugin({
+          defaultIsModuleExports: true,
+          extensions: ['.cjs', '.js'],
+          ignoreDynamicRequires: true,
+          ignoreGlobal: true,
+          ignoreTryCatch: true,
+          strictRequires: true,
+        }),
+      extractedPlugins['babel'] ??
+        babelPlugin({
+          babelHelpers: 'runtime',
+          babelrc: false,
+          configFile: path.join(configPath, 'babel.config.js'),
+          extensions: ['.mjs', '.js', '.ts', '.mts'],
+        }),
+      extractedPlugins['unplugin-purge-polyfills'] ??
+        purgePolyfills.rollup({
+          replacements: {},
+        }),
+      // Inline process.env values.
+      replacePlugin({
+        delimiters: ['(?<![\'"])\\b', '(?![\'"])'],
+        preventAssignment: true,
+        values: [
+          [
+            INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION,
+            () =>
+              JSON.stringify(
+                getRootPkgJsonSync().devDependencies['@coana-tech/cli'],
+              ),
+          ],
+          [
+            INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION,
+            () =>
+              JSON.stringify(
+                getRootPkgJsonSync().devDependencies['@cyclonedx/cdxgen'],
+              ),
+          ],
+          [
+            INLINED_SOCKET_CLI_HOMEPAGE,
+            () => JSON.stringify(getRootPkgJsonSync().homepage),
+          ],
+          [
+            INLINED_SOCKET_CLI_LEGACY_BUILD,
+            () =>
+              JSON.stringify(!!constants.ENV[INLINED_SOCKET_CLI_LEGACY_BUILD]),
+          ],
+          [
+            INLINED_SOCKET_CLI_NAME,
+            () => JSON.stringify(getRootPkgJsonSync().name),
+          ],
+          [
+            INLINED_SOCKET_CLI_PUBLISHED_BUILD,
+            () =>
+              JSON.stringify(
+                !!constants.ENV[INLINED_SOCKET_CLI_PUBLISHED_BUILD],
+              ),
+          ],
+          [
+            INLINED_SOCKET_CLI_SENTRY_BUILD,
+            () =>
+              JSON.stringify(!!constants.ENV[INLINED_SOCKET_CLI_SENTRY_BUILD]),
+          ],
+          [
+            INLINED_SOCKET_CLI_SYNP_VERSION,
+            () => JSON.stringify(getRootPkgJsonSync().devDependencies['synp']),
+          ],
+          [
+            INLINED_SOCKET_CLI_VERSION,
+            () => JSON.stringify(getRootPkgJsonSync().version),
+          ],
+          [
+            INLINED_SOCKET_CLI_VERSION_HASH,
+            () => JSON.stringify(getSocketCliVersionHash()),
+          ],
+          [VITEST, () => !!constants.ENV[VITEST]],
+        ].reduce((obj, { 0: name, 1: value }) => {
+          obj[`process.env.${name}`] = value
+          obj[`process.env['${name}']`] = value
+          obj[`process.env[${name}]`] = value
+          return obj
+        }, {}),
+      }),
+      // Remove dangling require calls, e.g. require calls not associated with
+      // an import binding:
+      //   require('node:util')
+      //   require('graceful-fs')
+      socketModifyPlugin({
+        find: /^\s*require[$\w]*\(["'].+?["']\);?\r?\n/gm,
+        replace: '',
+      }),
+      // Replace require calls to ESM 'tiny-colors' with CJS 'yoctocolors-cjs'
+      // because we npm override 'tiny-colors' with 'yoctocolors-cjs' for dist
+      // builds which causes 'tiny-colors' to be treated as an external, not bundled,
+      // require.
+      socketModifyPlugin({
+        find: /require[$\w]*\(["']tiny-colors["']\)/g,
+        replace: "require('yoctocolors-cjs')",
+      }),
+      // Try to convert `require('u' + 'rl')` into something like `require$$2$3`.
+      socketModifyPlugin({
+        find: /require[$\w]*\(["']u["']\s*\+\s*["']rl["']\)/g,
+        replace(match, index) {
+          const { fileName } = this.chunk
+          const beforeMatch = this.input.slice(0, index)
+          return (
+            getVarNameForRequireId(fileName, 'node:url', beforeMatch) || match
+          )
+        },
+      }),
+      // Convert un-prefixed built-in imports into "node:"" prefixed forms.
+      replacePlugin({
+        delimiters: ['(?<=(?:require[$\\w]*\\(|from\\s*)["\'])', '(?=["\'])'],
+        preventAssignment: false,
+        values: builtinAliases,
+      }),
+      // Reduce duplicate require('node:...') variable assignments.
+      socketModifyPlugin({
+        find: /var +([$\w]+)\s*=\s*require[$\w]*\(["'](node:.+?)["']\)/g,
+        replace(match, currVarName, id, index) {
+          const { fileName } = this.chunk
+          const beforeMatch = this.input.slice(0, index)
+          const prevVarName = getVarNameForRequireId(fileName, id, beforeMatch)
+          return !prevVarName || currVarName === prevVarName
+            ? match
+            : `var ${currVarName} = ${prevVarName}`
+        },
+      }),
+      ...extendPlugins,
+    ],
+  }
+}