From eab2d080f8afc3423d4588ff088e3a1533c0c0df Mon Sep 17 00:00:00 2001 From: Mikola Lysenko Date: Tue, 10 Mar 2026 19:06:09 -0400 Subject: [PATCH] fix: use npx @socketsecurity/socket-patch for postinstall command Change SOCKET_PATCH_COMMAND from 'socket patch apply' to 'npx @socketsecurity/socket-patch apply' so it works without the socket CLI being globally installed. Co-Authored-By: Claude Opus 4.6 (1M context) --- .../src/package_json/detect.rs | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/crates/socket-patch-core/src/package_json/detect.rs b/crates/socket-patch-core/src/package_json/detect.rs index f898dcd..807d417 100644 --- a/crates/socket-patch-core/src/package_json/detect.rs +++ b/crates/socket-patch-core/src/package_json/detect.rs @@ -1,5 +1,5 @@ /// The command to run for applying patches via socket CLI. -const SOCKET_PATCH_COMMAND: &str = "socket patch apply --silent --ecosystems npm"; +const SOCKET_PATCH_COMMAND: &str = "npx @socketsecurity/socket-patch apply --silent --ecosystems npm"; /// Legacy command patterns to detect existing configurations. const LEGACY_PATCH_PATTERNS: &[&str] = &[ @@ -140,7 +140,7 @@ mod tests { let pkg: serde_json::Value = serde_json::json!({ "name": "test", "scripts": { - "postinstall": "socket patch apply --silent --ecosystems npm" + "postinstall": "npx @socketsecurity/socket-patch apply --silent --ecosystems npm" } }); let status = is_postinstall_configured(&pkg); @@ -152,7 +152,7 @@ mod tests { fn test_generate_empty() { assert_eq!( generate_updated_postinstall(""), - "socket patch apply --silent --ecosystems npm" + "npx @socketsecurity/socket-patch apply --silent --ecosystems npm" ); } @@ -160,7 +160,7 @@ mod tests { fn test_generate_prepend() { assert_eq!( generate_updated_postinstall("echo done"), - "socket patch apply --silent --ecosystems npm && echo done" + "npx @socketsecurity/socket-patch apply --silent --ecosystems npm && echo done" ); } @@ -220,7 +220,7 @@ mod tests { let mut pkg: serde_json::Value = serde_json::json!({"name": "test"}); let (modified, new_script) = update_package_json_object(&mut pkg); assert!(modified); - assert!(new_script.contains("socket patch apply")); + assert!(new_script.contains("socket-patch apply")); assert!(pkg.get("scripts").is_some()); assert!(pkg["scripts"]["postinstall"].is_string()); } @@ -229,12 +229,12 @@ mod tests { fn test_update_object_noop_when_configured() { let mut pkg: serde_json::Value = serde_json::json!({ "scripts": { - "postinstall": "socket patch apply --silent --ecosystems npm" + "postinstall": "npx @socketsecurity/socket-patch apply --silent --ecosystems npm" } }); let (modified, existing) = update_package_json_object(&mut pkg); assert!(!modified); - assert!(existing.contains("socket patch apply")); + assert!(existing.contains("socket-patch apply")); } #[test] @@ -244,7 +244,7 @@ mod tests { update_package_json_content(content).unwrap(); assert!(modified); assert!(old_script.is_empty()); - assert!(new_script.contains("socket patch apply")); + assert!(new_script.contains("socket-patch apply")); // new_content should be valid JSON let parsed: serde_json::Value = serde_json::from_str(&new_content).unwrap(); assert!(parsed["scripts"]["postinstall"].is_string()); @@ -252,7 +252,7 @@ mod tests { #[test] fn test_update_content_already_configured() { - let content = r#"{"scripts":{"postinstall":"socket patch apply --silent --ecosystems npm"}}"#; + let content = r#"{"scripts":{"postinstall":"npx @socketsecurity/socket-patch apply --silent --ecosystems npm"}}"#; let (modified, _new_content, _old, _new) = update_package_json_content(content).unwrap(); assert!(!modified); @@ -269,6 +269,6 @@ mod tests { fn test_generate_whitespace_only() { // Whitespace-only string should be treated as empty after trim let result = generate_updated_postinstall(" \t "); - assert_eq!(result, "socket patch apply --silent --ecosystems npm"); + assert_eq!(result, "npx @socketsecurity/socket-patch apply --silent --ecosystems npm"); } }