@socketsecurity/cli-with-sentry 0.14.48 → 0.14.50

package/dist/module-sync/cli.js

@@ -54,12 +54,14 @@ var index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs');
 var sorts = require('@socketsecurity/registry/lib/sorts');
 var strings = require('@socketsecurity/registry/lib/strings');
 var yaml = _socketInterop(require('yaml'));
-var npm$1 = require('./npm.js');
 var npmPaths = require('./npm-paths.js');
+var npm$1 = require('./npm.js');
 var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
 var config$A = require('@socketsecurity/config');
+var assert = require('node:assert');
 var readline = require('node:readline/promises');
 var open = _socketInterop(require('open'));
+var node_child_process = require('node:child_process');
 var TableWidget = _socketInterop(require('blessed-contrib/lib/widget/table'));
 var readline$1 = require('node:readline');
 
@@ -1285,6 +1287,51 @@ async function runAction(githubEventBefore, githubEventAfter) {
   }
 }
 
+const {
+  API_V0_URL
+} = constants;
+function handleUnsuccessfulApiResponse(_name, result, spinner) {
+  // SocketSdkErrorType['error'] is not typed.
+  const resultErrorMessage = result.error?.message;
+  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
+  if (result.status === 401 || result.status === 403) {
+    spinner.stop();
+    throw new index.AuthError(message);
+  }
+  spinner.errorAndStop(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
+  process$1.exit(1);
+}
+async function handleApiCall(value, description) {
+  let result;
+  try {
+    result = await value;
+  } catch (cause) {
+    throw new Error(`Failed ${description}`, {
+      cause
+    });
+  }
+  return result;
+}
+async function handleAPIError(code) {
+  if (code === 400) {
+    return 'One of the options passed might be incorrect.';
+  } else if (code === 403) {
+    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
+  }
+}
+function getLastFiveOfApiToken(token) {
+  // Get the last 5 characters of the API token before the trailing "_api".
+  return token.slice(-9, -4);
+}
+async function queryAPI(path, apiToken) {
+  return await fetch(`${API_V0_URL}/${path}`, {
+    method: 'GET',
+    headers: {
+      Authorization: `Basic ${btoa(`${apiToken}:${apiToken}`)}`
+    }
+  });
+}
+
 function getFlagListOutput(list, indent, {
   keyPrefix = '--',
   padName
@@ -1452,6 +1499,7 @@ function meowOrExit({
   if (constants.ENV[SOCKET_CLI_SHOW_BANNER]) {
     console.log(getAsciiHeader(command));
   }
+
   // This exits if .printHelp() is called either by meow itself or by us.
   const cli = meow({
     argv,
@@ -1469,15 +1517,15 @@ function meowOrExit({
 }
 function getAsciiHeader(command) {
   const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['SOCKET_CLI_VERSION_HASH']".
-  "0.14.48:61ff8dc:d16eb84e:pub";
+  "0.14.50:c8e152a:9126d091:pub";
   const nodeVersion = process.version;
-  // Get the last 5 characters of the API token before the trailing "_api".
-  const lastFiveCharsOfApiToken = index.getSetting('apiToken')?.slice(-9, -4) || 'no';
+  const apiToken = index.getSetting('apiToken');
+  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
   const relCwd = process.cwd().replace(new RegExp(`^${regexps.escapeRegExp(constants.homePath)}`, 'i'), '~/');
   const body = `
    _____         _       _        /---------------
   |   __|___ ___| |_ ___| |_      | Socket.dev CLI ver ${cliVersion}
-  |__   | . |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token set: ${lastFiveCharsOfApiToken}
+  |__   | . |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token set: ${shownToken}
   |_____|___|___|_,_|___|_|.dev   | Command: \`${command}\`, cwd: ${relCwd}`.trimStart();
   return `   ${body}\n`;
 }
@@ -1533,49 +1581,10 @@ async function run$z(argv, importMeta, {
   });
   const githubEventBefore = String(cli.flags['githubEventBefore'] || '');
   const githubEventAfter = String(cli.flags['githubEventAfter'] || '');
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
-  await runAction(githubEventBefore, githubEventAfter);
-}
-
-const {
-  API_V0_URL
-} = constants;
-function handleUnsuccessfulApiResponse(_name, result, spinner) {
-  // SocketSdkErrorType['error'] is not typed.
-  const resultErrorMessage = result.error?.message;
-  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
-  if (result.status === 401 || result.status === 403) {
-    spinner.stop();
-    throw new index.AuthError(message);
-  }
-  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
-  process$1.exit(1);
-}
-async function handleApiCall(value, description) {
-  let result;
-  try {
-    result = await value;
-  } catch (cause) {
-    throw new Error(`Failed ${description}`, {
-      cause
-    });
-  }
-  return result;
-}
-async function handleAPIError(code) {
-  if (code === 400) {
-    return 'One of the options passed might be incorrect.';
-  } else if (code === 403) {
-    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
   }
-}
-async function queryAPI(path, apiToken) {
-  return await fetch(`${API_V0_URL}/${path}`, {
-    method: 'GET',
-    headers: {
-      Authorization: `Basic ${btoa(`${apiToken}:${apiToken}`)}`
-    }
-  });
+  await runAction(githubEventBefore, githubEventAfter);
 }
 
 // Note: Widgets does not seem to actually work as code :'(
@@ -1850,7 +1859,9 @@ async function run$y(argv, importMeta, {
       - Repository name using --repo when scope is "repo" ${badRepo ? colors.red('(bad!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API token.');
@@ -1978,7 +1989,9 @@ async function run$x(argv, importMeta, {
     - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -2200,7 +2213,9 @@ async function run$w(argv, importMeta, {
   if (yargv.output === undefined) {
     yargv.output = 'socket-cdx.json';
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runCycloneDX(yargv);
 }
 
@@ -2303,7 +2318,9 @@ async function run$v(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
 
   // TODO: markdown flag is ignored
   await findDependencies({
@@ -2328,7 +2345,7 @@ async function getDiffScan({
   const data = await response.json();
   if (!response.ok) {
     const err = await handleAPIError(response.status);
-    spinner$1.error(`${colors.bgRed(colors.white(response.statusText))}: ${err}`);
+    spinner$1.errorAndStop(`${colors.bgRed(colors.white(response.statusText))}: ${err}`);
     return;
   }
   spinner$1.stop();
@@ -2425,7 +2442,9 @@ async function run$u(argv, importMeta, {
       - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -2458,7 +2477,7 @@ const cmdDiffScan = {
   }
 };
 
-// import { detect } from '../../utils/package-manager-detector'
+// import { detect } from '../../utils/package-environment-detector'
 
 const {
   NPM: NPM$d
@@ -2542,7 +2561,7 @@ async function runFix() {
                 // eslint-disable-next-line no-await-in-loop
                 await editablePkgJson.save();
               } catch {
-                spinner$1.error(`Reverting ${name} to ${oldVersion}`);
+                spinner$1.errorAndStop(`Reverting ${name} to ${oldVersion}`);
                 spinner$1.start();
                 arb.idealTree = revertToIdealTree;
               }
@@ -2593,7 +2612,9 @@ async function run$t(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runFix();
 }
 
@@ -2720,7 +2741,7 @@ function formatPackageInfo({
       spinner[strict ? 'error' : 'success'](`Package has these issues: ${formatSeverityCount(severityCount)}`);
       formatPackageIssuesDetails(data, outputMarkdown);
     } else {
-      spinner.success('Package has no issues');
+      spinner.successAndStop('Package has no issues');
     }
     const format = new index.ColorOrMarkdown(!!outputMarkdown);
     const url = index.getSocketDevPackageOverviewUrl(NPM$c, pkgName, pkgVersion);
@@ -2856,7 +2877,9 @@ async function run$s(argv, importMeta, {
   const versionSeparator = rawPkgName.lastIndexOf('@');
   const pkgName = versionSeparator < 1 ? rawPkgName : rawPkgName.slice(0, versionSeparator);
   const pkgVersion = versionSeparator < 1 ? 'latest' : rawPkgName.slice(versionSeparator + 1);
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await getPackageInfo({
     commandName: `${parentName} ${config$s.commandName}`,
     includeAllIssues: Boolean(cli.flags['all']),
@@ -2899,7 +2922,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
     orgs = result.data;
     spinner$1.success('API key verified');
   } catch {
-    spinner$1.error('Invalid API key');
+    spinner$1.errorAndStop('Invalid API key');
     return;
   }
   const enforcedChoices = Object.values(orgs.organizations).filter(org => org?.plan === 'enterprise').map(org => ({
@@ -2934,9 +2957,9 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
   const oldToken = index.getSetting('apiToken');
   try {
     applyLogin(apiToken, enforcedOrgs, apiBaseUrl, apiProxy);
-    spinner$1.success(`API credentials ${oldToken ? 'updated' : 'set'}`);
+    spinner$1.successAndStop(`API credentials ${oldToken ? 'updated' : 'set'}`);
   } catch {
-    spinner$1.error(`API login failed`);
+    spinner$1.errorAndStop(`API login failed`);
   }
 }
 
@@ -2985,7 +3008,9 @@ async function run$r(argv, importMeta, {
   });
   let apiBaseUrl = cli.flags['apiBaseUrl'];
   let apiProxy = cli.flags['apiProxy'];
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   if (!isInteractive()) {
     throw new index.InputError('Cannot prompt for credentials in a non-interactive shell');
   }
@@ -3036,7 +3061,9 @@ async function run$q(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   attemptLogout();
 }
 
@@ -3074,14 +3101,14 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
     const output = await spawn(bin, commandArgs, {
       cwd: target || '.'
     });
-    spinner$1.success();
+    spinner$1.stop();
     if (verbose) {
       console.group('[VERBOSE] gradle stdout:');
       console.log(output);
       console.groupEnd();
     }
     if (output.stderr) {
-      spinner$1.error('There were errors while running gradle');
+      spinner$1.errorAndStop('There were errors while running gradle');
       // (In verbose mode, stderr was printed above, no need to repeat it)
       if (!verbose) {
         console.group('[VERBOSE] stderr:');
@@ -3090,6 +3117,8 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
       }
       process.exit(1);
     }
+    spinner$1.start();
+    spinner$1.successAndStop('Executed gradle successfully');
     console.log('Reported exports:');
     output.stdout.replace(/^POM file copied to: (.*)/gm, (_all, fn) => {
       console.log('- ', fn);
@@ -3098,7 +3127,7 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
 
     // const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
     // if (!loc) {
-    //   spinner.error(
+    //   spinner.errorAndStop(
     //     'There were no errors from sbt but could not find the location of resulting .pom file either'
     //   )
     //   process.exit(1)
@@ -3120,11 +3149,11 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
     //   }
     //   // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
     //   await renamep(loc, out)
-    //   spinner.success()
+    //   spinner.successAndStop()
     //   spinner.start().success(`OK. File should be available in \`${out}\``)
     // }
   } catch (e) {
-    spinner$1.error('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
+    spinner$1.errorAndStop('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
     if (verbose) {
       console.group('[VERBOSE] error:');
       console.log(e);
@@ -3265,7 +3294,9 @@ async function run$p(argv, importMeta, {
   if (cli.flags['gradleOpts']) {
     gradleOpts = cli.flags['gradleOpts'].split(' ').map(s => s.trim()).filter(Boolean);
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await convertGradleToMaven(target, bin, out, verbose, gradleOpts);
 }
 
@@ -3297,14 +3328,15 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
     const output = await spawn(bin, ['makePom'].concat(sbtOpts), {
       cwd: target || '.'
     });
-    spinner$1.success();
+    spinner$1.successAndStop();
     if (verbose) {
       console.group('[VERBOSE] sbt stdout:');
       console.log(output);
       console.groupEnd();
     }
     if (output.stderr) {
-      spinner$1.error('There were errors while running sbt');
+      spinner$1.start();
+      spinner$1.errorAndStop('There were errors while running sbt');
       // (In verbose mode, stderr was printed above, no need to repeat it)
       if (!verbose) {
         console.group('[VERBOSE] stderr:');
@@ -3319,7 +3351,7 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
       return fn;
     });
     if (!poms.length) {
-      spinner$1.error('There were no errors from sbt but it seems to not have generated any poms either');
+      spinner$1.errorAndStop('There were no errors from sbt but it seems to not have generated any poms either');
       process.exit(1);
     }
 
@@ -3351,7 +3383,7 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
       spinner$1.start().success(`OK`);
     }
   } catch (e) {
-    spinner$1.error('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
+    spinner$1.errorAndStop('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
     if (verbose) {
       console.group('[VERBOSE] error:');
       console.log(e);
@@ -3489,7 +3521,9 @@ async function run$o(argv, importMeta, {
   if (cli.flags['sbtOpts']) {
     sbtOpts = cli.flags['sbtOpts'].split(' ').map(s => s.trim()).filter(Boolean);
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await convertSbtToMaven(target, bin, out, verbose, sbtOpts);
 }
 
@@ -3557,7 +3591,9 @@ async function run$n(argv, importMeta, {
       subArgs.push('--cwd', cwd);
     }
     subArgs.push(dir);
-    if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+    if (cli.flags['dryRun']) {
+      return console.log('[DryRun] Bailing now');
+    }
     await cmdManifestScala.run(subArgs, importMeta, {
       parentName
     });
@@ -3569,7 +3605,9 @@ async function run$n(argv, importMeta, {
       // This command takes the cwd as first arg.
       subArgs.push(cwd);
     }
-    if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+    if (cli.flags['dryRun']) {
+      return console.log('[DryRun] Bailing now');
+    }
     await cmdManifestGradle.run(subArgs, importMeta, {
       parentName
     });
@@ -3732,7 +3770,9 @@ async function run$m(argv, importMeta, {
   if (cli.flags['gradleOpts']) {
     gradleOpts = cli.flags['gradleOpts'].split(' ').map(s => s.trim()).filter(Boolean);
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await convertGradleToMaven(target, bin, out, verbose, gradleOpts);
 }
 
@@ -3810,7 +3850,9 @@ async function run$k(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await wrapNpm(argv);
 }
 
@@ -3852,7 +3894,9 @@ async function run$j(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await wrapNpx(argv);
 }
 
@@ -3884,7 +3928,9 @@ async function run$i(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   throw new Error('This error was intentionally left blank');
 }
 
@@ -3902,16 +3948,7 @@ function matchHumanStdout(stdout, name) {
 function matchQueryStdout(stdout, name) {
   return stdout.includes(`"${name}"`);
 }
-const depsIncludesByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN$6]: matchHumanStdout,
-  [NPM$9]: matchQueryStdout,
-  [PNPM$7]: matchQueryStdout,
-  [VLT$6]: matchQueryStdout,
-  [YARN_BERRY$6]: matchHumanStdout,
-  [YARN_CLASSIC$6]: matchHumanStdout
-};
+const depsIncludesByAgent = new Map([[BUN$6, matchHumanStdout], [NPM$9, matchQueryStdout], [PNPM$7, matchQueryStdout], [VLT$6, matchQueryStdout], [YARN_BERRY$6, matchHumanStdout], [YARN_CLASSIC$6, matchHumanStdout]]);
 
 const {
   BINARY_LOCK_EXT,
@@ -4011,15 +4048,15 @@ const readLockFileByAgent = (() => {
     [YARN_CLASSIC$5]: defaultReader
   };
 })();
-async function detect({
+async function detectPackageEnvironment({
   cwd = process$1.cwd(),
   onUnknown
 } = {}) {
   let lockPath = await index.findUp(Object.keys(LOCKS), {
     cwd
   });
-  let lockBasename = lockPath ? path.basename(lockPath) : undefined;
-  const isHiddenLockFile = lockBasename === '.package-lock.json';
+  let lockName = lockPath ? path.basename(lockPath) : undefined;
+  const isHiddenLockFile = lockName === '.package-lock.json';
   const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await index.findUp('package.json', {
     cwd
   });
@@ -4044,8 +4081,8 @@ async function detect({
       }
     }
   }
-  if (agent === undefined && !isHiddenLockFile && typeof pkgJsonPath === 'string' && typeof lockBasename === 'string') {
-    agent = LOCKS[lockBasename];
+  if (agent === undefined && !isHiddenLockFile && typeof pkgJsonPath === 'string' && typeof lockName === 'string') {
+    agent = LOCKS[lockName];
   }
   if (agent === undefined) {
     agent = NPM$8;
@@ -4096,14 +4133,14 @@ async function detect({
     targets.node = constants.maintainedNodeVersions.some(v => semver.satisfies(v, `>=${minimumNodeVersion}`));
     lockSrc = typeof lockPath === 'string' ? await readLockFileByAgent[agent](lockPath, agentExecPath) : undefined;
   } else {
-    lockBasename = undefined;
+    lockName = undefined;
     lockPath = undefined;
   }
   return {
     agent,
     agentExecPath,
     agentVersion,
-    lockBasename,
+    lockName,
     lockPath,
     lockSrc,
     minimumNodeVersion,
@@ -4117,74 +4154,53 @@ async function detect({
 
 const {
   BUN: BUN$4,
-  NPM: NPM$7,
   VLT: VLT$4,
   YARN_BERRY: YARN_BERRY$4
 } = constants;
 const COMMAND_TITLE$2 = 'Socket Optimize';
-const manifestNpmOverrides = registry.getManifestData(NPM$7);
-async function detectAndValidatePackageManager(cwd, prod) {
+async function detectAndValidatePackageEnvironment(cwd, options) {
   const {
-    agent,
-    agentExecPath,
-    agentVersion,
-    lockBasename,
-    lockPath,
-    lockSrc,
-    minimumNodeVersion,
-    npmExecPath,
-    pkgJson,
-    pkgPath,
-    supported
-  } = await detect({
+    logger,
+    prod
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const details = await detectPackageEnvironment({
     cwd,
     onUnknown(pkgManager) {
-      console.warn(`⚠️ ${COMMAND_TITLE$2}: Unknown package manager${pkgManager ? ` ${pkgManager}` : ''}, defaulting to npm`);
+      logger?.warn(`⚠️ ${COMMAND_TITLE$2}: Unknown package manager${pkgManager ? ` ${pkgManager}` : ''}, defaulting to npm`);
     }
   });
-  if (!supported) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: No supported Node or browser range detected`);
+  if (!details.supported) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: No supported Node or browser range detected`);
     return;
   }
-  if (agent === VLT$4) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: ${agent} does not support overrides. Soon, though ⚡`);
+  if (details.agent === VLT$4) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: ${details.agent} does not support overrides. Soon, though ⚡`);
     return;
   }
-  const lockName = lockPath && lockBasename ? lockBasename : 'lock file';
-  if (lockBasename === undefined || lockSrc === undefined) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: No ${lockName} found`);
+  const lockName = details.lockName ?? 'lock file';
+  if (details.lockName === undefined || details.lockSrc === undefined) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: No ${lockName} found`);
     return;
   }
-  if (lockSrc.trim() === '') {
-    console.error(`✖️ ${COMMAND_TITLE$2}: ${lockName} is empty`);
+  if (details.lockSrc.trim() === '') {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: ${lockName} is empty`);
     return;
   }
-  if (pkgPath === undefined) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: No package.json found`);
+  if (details.pkgPath === undefined) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: No package.json found`);
     return;
   }
-  if (prod && (agent === BUN$4 || agent === YARN_BERRY$4)) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: --prod not supported for ${agent}${agentVersion ? `@${agentVersion.toString()}` : ''}`);
+  if (prod && (details.agent === BUN$4 || details.agent === YARN_BERRY$4)) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: --prod not supported for ${details.agent}${details.agentVersion ? `@${details.agentVersion.toString()}` : ''}`);
     return;
   }
-  if (lockPath && path.relative(cwd, lockPath).startsWith('.')) {
-    console.warn(`⚠️ ${COMMAND_TITLE$2}: Package ${lockName} found at ${lockPath}`);
+  if (details.lockPath && path.relative(cwd, details.lockPath).startsWith('.')) {
+    logger?.warn(`⚠️ ${COMMAND_TITLE$2}: Package ${lockName} found at ${details.lockPath}`);
   }
-  const nodeRange = `>=${minimumNodeVersion}`;
-  const manifestEntries = manifestNpmOverrides.filter(({
-    1: data
-  }) => semver.satisfies(semver.coerce(data.engines.node), nodeRange));
-  return {
-    agent,
-    agentExecPath,
-    lockBasename,
-    lockName,
-    lockSrc,
-    manifestEntries,
-    npmExecPath,
-    pkgJson,
-    pkgPath
-  };
+  return details;
 }
 
 function getDependencyEntries(pkgJson) {
@@ -4213,7 +4229,7 @@ function getDependencyEntries(pkgJson) {
 
 const {
   BUN: BUN$3,
-  NPM: NPM$6,
+  NPM: NPM$7,
   OVERRIDES: OVERRIDES$1,
   PNPM: PNPM$5,
   RESOLUTIONS: RESOLUTIONS$1,
@@ -4234,7 +4250,7 @@ function getOverridesDataBun(pkgJson) {
 function getOverridesDataNpm(pkgJson) {
   const overrides = pkgJson?.[OVERRIDES$1] ?? {};
   return {
-    type: NPM$6,
+    type: NPM$7,
     overrides
   };
 }
@@ -4275,16 +4291,7 @@ function getOverridesDataClassic(pkgJson) {
     overrides
   };
 }
-const getOverridesDataByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN$3]: getOverridesDataBun,
-  [NPM$6]: getOverridesDataNpm,
-  [PNPM$5]: getOverridesDataPnpm,
-  [VLT$3]: getOverridesDataVlt,
-  [YARN_BERRY$3]: getOverridesDataYarn,
-  [YARN_CLASSIC$4]: getOverridesDataClassic
-};
+const overridesDataByAgent = new Map([[BUN$3, getOverridesDataBun], [NPM$7, getOverridesDataNpm], [PNPM$5, getOverridesDataPnpm], [VLT$3, getOverridesDataVlt], [YARN_BERRY$3, getOverridesDataYarn], [YARN_CLASSIC$4, getOverridesDataClassic]]);
 
 const {
   PNPM: PNPM$4
@@ -4332,7 +4339,7 @@ function workspacePatternToGlobPattern(workspace) {
 const {
   BUN: BUN$2,
   LOCK_EXT,
-  NPM: NPM$5,
+  NPM: NPM$6,
   PNPM: PNPM$3,
   VLT: VLT$2,
   YARN_BERRY: YARN_BERRY$2,
@@ -4343,12 +4350,12 @@ function lockIncludesNpm(lockSrc, name) {
   //   "name":
   return lockSrc.includes(`"${name}":`);
 }
-function lockIncludesBun(lockSrc, name, lockBasename) {
-  // This is a bit counterintuitive. When lockBasename ends with a .lockb
-  // we treat it as a yarn.lock. When lockBasename ends with a .lock we
+function lockIncludesBun(lockSrc, name, lockName) {
+  // This is a bit counterintuitive. When lockName ends with a .lockb
+  // we treat it as a yarn.lock. When lockName ends with a .lock we
   // treat it as a package-lock.json. The bun.lock format is not identical
   // package-lock.json, however it close enough for npmLockIncludes to work.
-  const lockScanner = lockBasename?.endsWith(LOCK_EXT) ? lockIncludesNpm : lockIncludesYarn;
+  const lockScanner = lockName?.endsWith(LOCK_EXT) ? lockIncludesNpm : lockIncludesYarn;
   return lockScanner(lockSrc, name);
 }
 function lockIncludesPnpm(lockSrc, name) {
@@ -4376,20 +4383,11 @@ function lockIncludesYarn(lockSrc, name) {
   //   , name@
   `(?<=(?:^\\s*|,\\s*)"?)${escapedName}(?=@)`, 'm').test(lockSrc);
 }
-const lockIncludesByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN$2]: lockIncludesBun,
-  [NPM$5]: lockIncludesNpm,
-  [PNPM$3]: lockIncludesPnpm,
-  [VLT$2]: lockIncludesVlt,
-  [YARN_BERRY$2]: lockIncludesYarn,
-  [YARN_CLASSIC$3]: lockIncludesYarn
-};
+const lockIncludesByAgent = new Map([[BUN$2, lockIncludesBun], [NPM$6, lockIncludesNpm], [PNPM$3, lockIncludesPnpm], [VLT$2, lockIncludesVlt], [YARN_BERRY$2, lockIncludesYarn], [YARN_CLASSIC$3, lockIncludesYarn]]);
 
 const {
   BUN: BUN$1,
-  NPM: NPM$4,
+  NPM: NPM$5,
   PNPM: PNPM$2,
   VLT: VLT$1,
   YARN_BERRY: YARN_BERRY$1,
@@ -4459,7 +4457,7 @@ async function lsNpm(agentExecPath, cwd) {
 }
 async function lsPnpm(agentExecPath, cwd, options) {
   const npmExecPath = options?.npmExecPath;
-  if (npmExecPath && npmExecPath !== NPM$4) {
+  if (npmExecPath && npmExecPath !== NPM$5) {
     const result = await npmQuery(npmExecPath, cwd);
     if (result) {
       return result;
@@ -4510,7 +4508,7 @@ const lsByAgent = {
   // @ts-ignore
   __proto__: null,
   [BUN$1]: lsBun,
-  [NPM$4]: lsNpm,
+  [NPM$5]: lsNpm,
   [PNPM$2]: lsPnpm,
   [VLT$1]: lsVlt,
   [YARN_BERRY$1]: lsYarnBerry,
@@ -4519,7 +4517,7 @@ const lsByAgent = {
 
 const {
   BUN,
-  NPM: NPM$3,
+  NPM: NPM$4,
   OVERRIDES,
   PNPM: PNPM$1,
   RESOLUTIONS,
@@ -4623,55 +4621,75 @@ function updateResolutions(editablePkgJson, overrides) {
 function pnpmUpdatePkgJson(editablePkgJson, overrides) {
   updatePkgJson(editablePkgJson, PNPM_FIELD_NAME, overrides);
 }
-const updateManifestByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN]: updateResolutions,
-  [NPM$3]: updateOverrides,
-  [PNPM$1]: pnpmUpdatePkgJson,
-  [VLT]: updateOverrides,
-  [YARN_BERRY]: updateResolutions,
-  [YARN_CLASSIC$1]: updateResolutions
-};
+const updateManifestByAgent = new Map([[BUN, updateResolutions], [NPM$4, updateOverrides], [PNPM$1, pnpmUpdatePkgJson], [VLT, updateOverrides], [YARN_BERRY, updateResolutions], [YARN_CLASSIC$1, updateResolutions]]);
 
 const {
-  NPM: NPM$2,
-  SOCKET_CLI_SAFE_WRAPPER,
+  NPM: NPM$3,
   abortSignal: abortSignal$2
 } = constants;
+function runAgentInstall(agent, agentExecPath, options) {
+  // All package managers support the "install" command.
+  if (agent === NPM$3) {
+    return npm$1.safeNpmInstall(options);
+  }
+  const {
+    args = [],
+    spinner,
+    ...spawnOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const isSilent = !npmPaths.isDebug();
+  const isSpinning = spinner?.isSpinning ?? false;
+  if (!isSilent) {
+    spinner?.stop();
+  }
+  let spawnPromise = spawn(agentExecPath, ['install', ...args], {
+    signal: abortSignal$2,
+    stdio: isSilent ? 'ignore' : 'inherit',
+    ...spawnOptions,
+    env: {
+      ...process.env,
+      ...spawnOptions.env
+    }
+  });
+  if (!isSilent && isSpinning) {
+    const oldSpawnPromise = spawnPromise;
+    spawnPromise = spawnPromise.finally(() => {
+      spinner?.start();
+    });
+    spawnPromise.process = oldSpawnPromise.process;
+    spawnPromise.stdin = spawnPromise.stdin;
+  }
+  return spawnPromise;
+}
+
+const {
+  NPM: NPM$2
+} = constants;
 const COMMAND_TITLE$1 = 'Socket Optimize';
 const NPM_OVERRIDE_PR_URL = 'https://github.com/npm/cli/pull/8089';
-async function updatePackageLockJson(lockName, agentExecPath, agent, spinner) {
-  spinner.start(`Updating ${lockName}...`);
+async function updatePackageLockJson(pkgEnvDetails, options) {
+  const {
+    logger,
+    spinner
+  } = {
+    __proto__: null,
+    ...options
+  };
+  spinner?.start(`Updating ${pkgEnvDetails.lockName}...`);
   try {
-    if (agent === NPM$2) {
-      const ipc = {
-        [SOCKET_CLI_SAFE_WRAPPER]: true
-      };
-      await npm$1.safeNpmInstall({
-        ipc
-      });
-      // TODO: This is a temporary workaround for a `npm ci` bug where it
-      //       will error out after Socket Optimize generates a lock file.
-      //       More investigation is needed.
-      await npm$1.safeNpmInstall({
-        args: ['--ignore-scripts', '--package-lock-only'],
-        ipc
-      });
-    } else {
-      // All package managers support the "install" command.
-      await spawn(agentExecPath, ['install'], {
-        signal: abortSignal$2,
-        stdio: 'ignore'
-      });
-    }
-    spinner.stop();
-    if (agent === NPM$2) {
-      console.log(`💡 Re-run ${COMMAND_TITLE$1} whenever ${lockName} changes.\n   This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
+    await runAgentInstall(pkgEnvDetails.agent, pkgEnvDetails.agentExecPath, {
+      spinner
+    });
+    spinner?.stop();
+    if (pkgEnvDetails.agent === NPM$2) {
+      logger?.log(`💡 Re-run ${COMMAND_TITLE$1} whenever ${pkgEnvDetails.lockName} changes.\n   This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
     }
   } catch (e) {
-    spinner.error(`${COMMAND_TITLE$1}: ${agent} install failed to update ${lockName}`);
-    console.error(e);
+    spinner?.error(`${COMMAND_TITLE$1}: ${pkgEnvDetails.agent} install failed to update ${pkgEnvDetails.lockName}`);
+    logger?.error(e);
   }
 }
 
@@ -4681,91 +4699,85 @@ const {
   YARN_CLASSIC
 } = constants;
 const COMMAND_TITLE = 'Socket Optimize';
+const manifestNpmOverrides = registry.getManifestData(NPM$1);
 async function applyOptimization(cwd, pin, prod) {
-  const pkgMgrData = await detectAndValidatePackageManager(cwd, prod);
-  if (!pkgMgrData) return;
-  const {
-    agent,
-    agentExecPath,
-    lockBasename,
-    lockName,
-    lockSrc,
-    manifestEntries,
-    npmExecPath,
-    pkgJson,
-    pkgPath
-  } = pkgMgrData;
+  const logger = console;
+  const pkgEnvDetails = await detectAndValidatePackageEnvironment(cwd, {
+    logger,
+    prod
+  });
+  if (!pkgEnvDetails) {
+    return;
+  }
   const spinner$1 = new spinner.Spinner({
     text: 'Socket optimizing...'
   });
   spinner$1.start();
-  const state = await addOverrides({
-    agent,
-    agentExecPath,
-    lockBasename,
-    lockSrc,
-    manifestEntries,
-    npmExecPath,
+  const state = await addOverrides(pkgEnvDetails.pkgPath, pkgEnvDetails, {
+    logger,
     pin,
-    pkgJson,
-    pkgPath,
     prod,
-    rootPath: pkgPath
-  }, createAddOverridesState(spinner$1));
+    spinner: spinner$1
+  });
   spinner$1.stop();
   const addedCount = state.added.size;
   const updatedCount = state.updated.size;
   const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
   if (pkgJsonChanged) {
     if (updatedCount > 0) {
-      console.log(`${createActionMessage('Updated', updatedCount, state.updatedInWorkspaces.size)}${addedCount ? '.' : '🚀'}`);
+      logger?.log(`${createActionMessage('Updated', updatedCount, state.updatedInWorkspaces.size)}${addedCount ? '.' : '🚀'}`);
     }
     if (addedCount > 0) {
-      console.log(`${createActionMessage('Added', addedCount, state.addedInWorkspaces.size)} 🚀`);
+      logger?.log(`${createActionMessage('Added', addedCount, state.addedInWorkspaces.size)} 🚀`);
     }
   } else {
-    console.log('Congratulations! Already Socket.dev optimized 🎉');
+    logger?.log('Congratulations! Already Socket.dev optimized 🎉');
   }
-  if (agent === NPM$1 || pkgJsonChanged) {
+  if (pkgEnvDetails.agent === NPM$1 || pkgJsonChanged) {
     // Always update package-lock.json until the npm overrides PR lands:
     // https://github.com/npm/cli/pull/8089
-    await updatePackageLockJson(lockName, agentExecPath, agent, spinner$1);
+    await updatePackageLockJson(pkgEnvDetails, {
+      logger,
+      spinner: spinner$1
+    });
   }
 }
 function createActionMessage(verb, overrideCount, workspaceCount) {
   return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
 }
-function createAddOverridesState(spinner) {
-  return {
-    added: new Set(),
-    addedInWorkspaces: new Set(),
+async function addOverrides(pkgPath, pkgEnvDetails, options) {
+  const {
+    agent,
+    agentExecPath,
+    lockName,
+    lockSrc,
+    npmExecPath,
+    pkgPath: rootPath
+  } = pkgEnvDetails;
+  const {
+    logger,
+    pin,
+    prod,
     spinner,
-    updated: new Set(),
-    updatedInWorkspaces: new Set(),
-    warnedPnpmWorkspaceRequiresNpm: false
+    state = {
+      added: new Set(),
+      addedInWorkspaces: new Set(),
+      updated: new Set(),
+      updatedInWorkspaces: new Set(),
+      warnedPnpmWorkspaceRequiresNpm: false
+    }
+  } = {
+    __proto__: null,
+    ...options
   };
-}
-async function addOverrides({
-  agent,
-  agentExecPath,
-  lockBasename,
-  lockSrc,
-  manifestEntries,
-  npmExecPath,
-  pin,
-  pkgJson: editablePkgJson,
-  pkgPath,
-  prod,
-  rootPath
-}, state) {
+  let {
+    pkgJson: editablePkgJson
+  } = pkgEnvDetails;
   if (editablePkgJson === undefined) {
     editablePkgJson = await packages.readPackageJson(pkgPath, {
       editable: true
     });
   }
-  const {
-    spinner
-  } = state;
   const {
     content: pkgJson
   } = editablePkgJson;
@@ -4776,7 +4788,7 @@ async function addOverrides({
   const isWorkspace = !!workspaceGlobs;
   if (isWorkspace && agent === PNPM && npmExecPath === NPM$1 && !state.warnedPnpmWorkspaceRequiresNpm) {
     state.warnedPnpmWorkspaceRequiresNpm = true;
-    console.warn(`⚠️ ${COMMAND_TITLE}: pnpm workspace support requires \`npm ls\`, falling back to \`pnpm list\``);
+    logger?.warn(`⚠️ ${COMMAND_TITLE}: pnpm workspace support requires \`npm ls\`, falling back to \`pnpm list\``);
   }
   const thingToScan = isLockScanned ? lockSrc : await lsByAgent[agent](agentExecPath, pkgPath, {
     npmExecPath
@@ -4785,18 +4797,22 @@ async function addOverrides({
   // first two parameters. AgentLockIncludesFn accepts an optional third
   // parameter which AgentDepsIncludesFn will ignore so we cast thingScanner
   // as an AgentLockIncludesFn type.
-  const thingScanner = isLockScanned ? lockIncludesByAgent[agent] : depsIncludesByAgent[agent];
+  const thingScanner = isLockScanned ? lockIncludesByAgent.get(agent) : depsIncludesByAgent.get(agent);
   const depEntries = getDependencyEntries(pkgJson);
   const overridesDataObjects = [];
   if (pkgJson['private'] || isWorkspace) {
-    overridesDataObjects.push(getOverridesDataByAgent[agent](pkgJson));
+    overridesDataObjects.push(overridesDataByAgent.get(agent)(pkgJson));
   } else {
-    overridesDataObjects.push(getOverridesDataByAgent[NPM$1](pkgJson), getOverridesDataByAgent[YARN_CLASSIC](pkgJson));
+    overridesDataObjects.push(overridesDataByAgent.get(NPM$1)(pkgJson), overridesDataByAgent.get(YARN_CLASSIC)(pkgJson));
   }
   if (spinner) {
     spinner.text = `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`;
   }
   const depAliasMap = new Map();
+  const nodeRange = `>=${pkgEnvDetails.minimumNodeVersion}`;
+  const manifestEntries = manifestNpmOverrides.filter(({
+    1: data
+  }) => semver.satisfies(semver.coerce(data.engines.node), nodeRange));
   // Chunk package names to process them in parallel 3 at a time.
   await promises.pEach(manifestEntries, 3, async ({
     1: data
@@ -4839,7 +4855,7 @@ async function addOverrides({
         type
       }) => {
         const overrideExists = objects.hasOwn(overrides, origPkgName);
-        if (overrideExists || thingScanner(thingToScan, origPkgName, lockBasename)) {
+        if (overrideExists || thingScanner(thingToScan, origPkgName, lockName)) {
           const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
           const origDepAlias = depAliasMap.get(origPkgName);
           const sockRegDepAlias = depAliasMap.get(sockRegPkgName);
@@ -4884,18 +4900,12 @@ async function addOverrides({
     });
     // Chunk package names to process them in parallel 3 at a time.
     await promises.pEach(workspacePkgJsonPaths, 3, async workspacePkgJsonPath => {
-      const otherState = await addOverrides({
-        agent,
-        agentExecPath,
-        lockBasename,
-        lockSrc,
-        manifestEntries,
-        npmExecPath,
+      const otherState = await addOverrides(path.dirname(workspacePkgJsonPath), pkgEnvDetails, {
+        logger,
         pin,
-        pkgPath: path.dirname(workspacePkgJsonPath),
         prod,
-        rootPath
-      }, createAddOverridesState(spinner));
+        spinner
+      });
       for (const key of ['added', 'addedInWorkspaces', 'updated', 'updatedInWorkspaces']) {
         for (const value of otherState[key]) {
           state[key].add(value);
@@ -4909,7 +4919,7 @@ async function addOverrides({
       overrides,
       type
     } of overridesDataObjects) {
-      updateManifestByAgent[type](editablePkgJson, objects.toSortedObject(overrides));
+      updateManifestByAgent.get(type)(editablePkgJson, objects.toSortedObject(overrides));
     }
     await editablePkgJson.save();
   }
@@ -4960,32 +4970,74 @@ async function run$h(argv, importMeta, {
     parentName
   });
   const cwd = process$1.cwd();
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await applyOptimization(cwd, Boolean(cli.flags['pin']), Boolean(cli.flags['prod']));
 }
 
-async function getOrganizations() {
+async function getOrganization(format = 'text') {
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
+  await printOrganizationsFromToken(apiToken, format);
+}
+async function printOrganizationsFromToken(apiToken, format = 'text') {
   const spinner$1 = new spinner.Spinner({
     text: 'Fetching organizations...'
   }).start();
   const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
-  if (result.success === false) {
+  if (!result.success) {
     handleUnsuccessfulApiResponse('getOrganizations', result, spinner$1);
     return;
   }
-  spinner$1.stop(`List of organizations associated with your API key: ${colors.italic(apiToken)}`);
+  spinner$1.stop();
   const organizations = Object.values(result.data.organizations);
-  for (const o of organizations) {
-    console.log(`
-Name: ${o?.name}
-ID: ${o?.id}
-Plan: ${o?.plan}
-    `);
+  const lastFiveOfApiToken = getLastFiveOfApiToken(apiToken);
+  switch (format) {
+    case 'json':
+      {
+        console.log(JSON.stringify(organizations.map(o => ({
+          name: o.name,
+          id: o.id,
+          plan: o.plan
+        })), null, 2));
+        return;
+      }
+    case 'markdown':
+      {
+        // | Syntax      | Description |
+        // | ----------- | ----------- |
+        // | Header      | Title       |
+        // | Paragraph   | Text        |
+        let mw1 = 4;
+        let mw2 = 2;
+        let mw3 = 4;
+        for (const o of organizations) {
+          mw1 = Math.max(mw1, o.name.length);
+          mw2 = Math.max(mw2, o.id.length);
+          mw3 = Math.max(mw3, o.plan.length);
+        }
+        console.log('# Organizations\n');
+        console.log(`List of organizations associated with your API key, ending with: ${colors.italic(lastFiveOfApiToken)}\n`);
+        console.log(`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`);
+        console.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
+        for (const o of organizations) {
+          console.log(`| ${(o.name || '').padEnd(mw1, ' ')} | ${(o.id || '').padEnd(mw2, ' ')} | ${(o.plan || '').padEnd(mw3, ' ')} |`);
+        }
+        console.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
+        return;
+      }
+    default:
+      {
+        console.log(`List of organizations associated with your API key, ending with: ${colors.italic(lastFiveOfApiToken)}\n`);
+        // Just dump
+        for (const o of organizations) {
+          console.log(`- Name: ${colors.bold(o.name)}, ID: ${colors.bold(o.id)}, Plan: ${colors.bold(o.plan)}`);
+        }
+      }
   }
 }
 
@@ -4993,13 +5045,19 @@ const config$g = {
   commandName: 'organizations',
   description: 'List organizations associated with the API key used',
   hidden: false,
-  flags: {},
+  flags: {
+    ...commonFlags,
+    ...outputFlags
+  },
   help: (command, _config) => `
     Usage
       $ ${command}
+
+    Options
+      ${getFlagListOutput(config$g.flags, 6)}
   `
 };
-const cmdOrganizations = {
+const cmdOrganization = {
   description: config$g.description,
   hidden: config$g.hidden,
   run: run$g
@@ -5013,8 +5071,23 @@ async function run$g(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
-  await getOrganizations();
+  const json = Boolean(cli.flags['json']);
+  const markdown = Boolean(cli.flags['markdown']);
+  if (json && markdown) {
+    // Use exit status of 2 to indicate incorrect usage, generally invalid
+    // options or missing arguments.
+    // https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
+    process.exitCode = 2;
+    console.error(`
+      ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
+      - The json and markdown flags cannot be both set, pick one
+    `);
+    return;
+  }
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
+  await getOrganization(json ? 'json' : markdown ? 'markdown' : 'text');
 }
 
 const {
@@ -5073,7 +5146,9 @@ async function run$f(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runRawNpm(argv);
 }
 
@@ -5133,7 +5208,9 @@ async function run$e(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runRawNpx(argv);
 }
 
@@ -5166,7 +5243,7 @@ async function createReport(socketConfig, inputPaths, {
       handleUnsuccessfulApiResponse('createReport', result, spinner$1);
       return undefined;
     }
-    spinner$1.success();
+    spinner$1.successAndStop();
     return result;
   }
 }
@@ -5218,16 +5295,16 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
 
   if (strict) {
     if (result.data.healthy) {
-      spinner$1.success('Report result is healthy and great!');
+      spinner$1.successAndStop('Report result is healthy and great!');
     } else {
-      spinner$1.error('Report result deemed unhealthy for project');
+      spinner$1.errorAndStop('Report result deemed unhealthy for project');
     }
   } else if (!result.data.healthy) {
     const severityCount = getSeverityCount(result.data.issues, includeAllIssues ? undefined : 'high');
     const issueSummary = formatSeverityCount(severityCount);
-    spinner$1.success(`Report has these issues: ${issueSummary}`);
+    spinner$1.successAndStop(`Report has these issues: ${issueSummary}`);
   } else {
-    spinner$1.success('Report has no issues');
+    spinner$1.successAndStop('Report has no issues');
   }
   return result.data;
 }
@@ -5331,7 +5408,9 @@ async function run$d(argv, importMeta, {
   const view = Boolean(cli.flags['view']);
 
   // Note exiting earlier to skirt a hidden auth requirement
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const socketConfig = await getSocketConfig(absoluteConfigPath);
   const result = await createReport(socketConfig, cli.input, {
     cwd,
@@ -5407,7 +5486,9 @@ async function run$c(argv, importMeta, {
       - Can only handle a single report ID ${extraInput.length < 2 ? colors.red(`(received ${extraInput.length}!)`) : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await viewReport(reportId, {
     all: Boolean(cli.flags['all']),
     commandName: `${parentName} ${config$c.commandName}`,
@@ -5462,7 +5543,7 @@ async function createRepo({
     visibility
   }), 'creating repository');
   if (result.success) {
-    spinner$1.success('Repository created successfully');
+    spinner$1.successAndStop('Repository created successfully');
   } else {
     handleUnsuccessfulApiResponse('createOrgRepo', result, spinner$1);
   }
@@ -5543,7 +5624,9 @@ async function run$b(argv, importMeta, {
       - Repository name using --repoName ${!repoName ? colors.red('(missing!)') : typeof repoName !== 'string' ? colors.red('(invalid!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5569,7 +5652,7 @@ async function deleteRepo(orgSlug, repoName, apiToken) {
   const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
   if (result.success) {
-    spinner$1.success('Repository deleted successfully');
+    spinner$1.successAndStop('Repository deleted successfully');
   } else {
     handleUnsuccessfulApiResponse('deleteOrgRepo', result, spinner$1);
   }
@@ -5619,7 +5702,9 @@ async function run$a(argv, importMeta, {
       - At least one TARGET (e.g. \`.\` or \`./package.json\`\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5656,6 +5741,18 @@ async function listRepos({
     handleUnsuccessfulApiResponse('getOrgRepoList', result, spinner$1);
     return;
   }
+  spinner$1.stop();
+  if (outputJson) {
+    const data = result.data.results.map(o => ({
+      id: o.id,
+      name: o.name,
+      visibility: o.visibility,
+      defaultBranch: o.default_branch,
+      archived: o.archived
+    }));
+    console.log(JSON.stringify(data, null, 2));
+    return;
+  }
   const options = {
     columns: [{
       field: 'id',
@@ -5674,7 +5771,7 @@ async function listRepos({
       name: colors.magenta('Archived')
     }]
   };
-  spinner$1.stop(chalkTable(options, result.data.results));
+  console.log(chalkTable(options, result.data.results));
 }
 
 const config$9 = {
@@ -5744,7 +5841,9 @@ async function run$9(argv, importMeta, {
       - At least one TARGET (e.g. \`.\` or \`./package.json\`\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5788,7 +5887,7 @@ async function updateRepo({
     visibility
   }), 'updating repository');
   if (result.success) {
-    spinner$1.success('Repository updated successfully');
+    spinner$1.successAndStop('Repository updated successfully');
   } else {
     handleUnsuccessfulApiResponse('updateOrgRepo', result, spinner$1);
   }
@@ -5870,7 +5969,9 @@ async function run$8(argv, importMeta, {
       - At least one TARGET (e.g. \`.\` or \`./package.json\`\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5972,7 +6073,9 @@ async function run$7(argv, importMeta, {
       - Repository name using --repoName ${!repoName ? colors.red('(missing!)') : typeof repoName !== 'string' ? colors.red('(invalid!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6001,8 +6104,149 @@ const cmdRepos = {
   }
 };
 
+async function suggestOrgSlug(socketSdk) {
+  const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
+  // Ignore a failed request here. It was not the primary goal of
+  // running this command and reporting it only leads to end-user confusion.
+  if (result.success) {
+    const proceed = await prompts.select({
+      message: 'Missing org name; do you want to use any of these orgs for this scan?',
+      choices: Array.from(Object.values(result.data.organizations)).map(({
+        name: slug
+      }) => ({
+        name: 'Yes [' + slug + ']',
+        value: slug,
+        description: `Use "${slug}" as the organization`
+      })).concat({
+        name: 'No',
+        value: '',
+        description: 'Do not use any of these organizations (will end in a no-op)'
+      })
+    });
+    if (proceed) {
+      return proceed;
+    }
+  }
+}
+
+async function suggestRepoSlug(socketSdk, orgSlug) {
+  // Same as above, but if there's a repo with the same name as cwd then
+  // default the selection to that name.
+  const result = await handleApiCall(socketSdk.getOrgRepoList(orgSlug, {
+    orgSlug,
+    sort: 'name',
+    direction: 'asc',
+    // There's no guarantee that the cwd is part of this page. If it's not
+    // then do an additional request and specific search for it instead.
+    // This way we can offer the tip of "do you want to create [cwd]?".
+    perPage: 10,
+    page: 0
+  }), 'looking up known repos');
+  // Ignore a failed request here. It was not the primary goal of
+  // running this command and reporting it only leads to end-user confusion.
+  if (result.success) {
+    const currentDirName = dirNameToSlug(path.basename(process$1.cwd()));
+    let cwdIsKnown = !!currentDirName && result.data.results.some(obj => obj.slug === currentDirName);
+    if (!cwdIsKnown && currentDirName) {
+      // Do an explicit request so we can assert that the cwd exists or not
+      const result = await handleApiCall(socketSdk.getOrgRepo(orgSlug, currentDirName), 'checking if current cwd is a known repo');
+      if (result.success) {
+        cwdIsKnown = true;
+      }
+    }
+    const proceed = await prompts.select({
+      message: 'Missing repo name; do you want to use any of these known repo names for this scan?',
+      choices:
+      // Put the CWD suggestion at the top, whether it exists or not
+      (currentDirName ? [{
+        name: `Yes, current dir [${cwdIsKnown ? currentDirName : `create repo for ${currentDirName}`}]`,
+        value: currentDirName,
+        description: cwdIsKnown ? 'Register a new repo name under the given org and use it' : 'Use current dir as repo'
+      }] : []).concat(result.data.results.filter(({
+        slug
+      }) => !!slug && slug !== currentDirName).map(({
+        slug
+      }) => ({
+        name: 'Yes [' + slug + ']',
+        value: slug || '',
+        // Filtered above but TS is like nah.
+        description: `Use "${slug}" as the repo name`
+      })), {
+        name: 'No',
+        value: '',
+        description: 'Do not use any of these repos (will end in a no-op)'
+      })
+    });
+    if (proceed) {
+      const repoName = proceed;
+      let repoDefaultBranch = '';
+      // Store the default branch to help with the branch name question next
+      result.data.results.some(obj => {
+        if (obj.slug === proceed && obj.default_branch) {
+          repoDefaultBranch = obj.default_branch;
+          return;
+        }
+      });
+      return {
+        slug: repoName,
+        defaultBranch: repoDefaultBranch
+      };
+    }
+  }
+}
+function dirNameToSlug(name) {
+  // Uses slug specs asserted by our servers
+  // Note: this can lead to collisions; eg. slug for `x--y` and `x---y` is `x-y`
+  return name.toLowerCase().replace(/[^[a-zA-Z0-9_.-]/g, '_').replace(/--+/g, '-').replace(/__+/g, '_').replace(/\.\.+/g, '.').replace(/[._-]+$/, '');
+}
+
+async function suggestBranchSlug(repoDefaultBranch) {
+  const spawnResult = node_child_process.spawnSync('git', ['branch', '--show-current']);
+  const currentBranch = spawnResult.stdout.toString('utf8').trim();
+  if (spawnResult.status === 0 && currentBranch) {
+    const proceed = await prompts.select({
+      message: 'Use the current git branch as target branch name?',
+      choices: [{
+        name: `Yes [${currentBranch}]`,
+        value: currentBranch,
+        description: 'Use the current git branch for branch name'
+      }, ...(repoDefaultBranch && repoDefaultBranch !== currentBranch ? [{
+        name: `No, use the default branch [${repoDefaultBranch}]`,
+        value: repoDefaultBranch,
+        description: 'Use the default branch for target repo as the target branch name'
+      }] : []), {
+        name: 'No',
+        value: '',
+        description: 'Do not use the current git branch as name (will end in a no-op)'
+      }].filter(Boolean)
+    });
+    if (proceed) {
+      return proceed;
+    }
+  }
+}
+
+async function suggestTarget() {
+  // We could prefill this with sub-dirs of the current
+  // dir ... but is that going to be useful?
+  const proceed = await prompts.select({
+    message: 'No TARGET given. Do you want to use the current directory?',
+    choices: [{
+      name: 'Yes',
+      value: true,
+      description: 'Target the current directory'
+    }, {
+      name: 'No',
+      value: false,
+      description: 'Do not use the current directory (this will end in a no-op)'
+    }]
+  });
+  if (proceed) {
+    return ['.'];
+  }
+}
+
 async function createFullScan({
-  apiToken,
   branchName,
   commitHash: _commitHash,
   commitMessage,
@@ -6010,17 +6254,100 @@ async function createFullScan({
   cwd,
   defaultBranch,
   orgSlug,
-  packagePaths,
   pendingHead,
   pullRequest: _pullRequest,
+  readOnly,
   repoName,
+  targets,
   tmp
 }) {
+  const socketSdk = await index.setupSdk();
+  const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
+    if (!res.success) {
+      handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
+      assert(false, 'handleUnsuccessfulApiResponse should unconditionally throw');
+    }
+    return res.data;
+  }).catch(cause => {
+    throw new Error('Failed getting supported files for report', {
+      cause
+    });
+  });
+
+  // If we updated any inputs then we should print the command line to repeat
+  // the command without requiring user input, as a suggestion.
+  let updatedInput = false;
+  if (!targets.length) {
+    const received = await suggestTarget();
+    targets = received ?? [];
+    updatedInput = true;
+  }
+  const packagePaths = await npmPaths.getPackageFilesFullScans(cwd, targets, supportedFiles);
+
+  // We're going to need an api token to suggest data because those suggestions
+  // must come from data we already know. Don't error on missing api token yet.
+  // If the api-token is not set, ignore it for the sake of suggestions.
+  const apiToken = index.getDefaultToken();
+  if (apiToken && !orgSlug) {
+    const suggestion = await suggestOrgSlug(socketSdk);
+    if (suggestion) orgSlug = suggestion;
+    updatedInput = true;
+  }
+
+  // If the current cwd is unknown and is used as a repo slug anyways, we will
+  // first need to register the slug before we can use it.
+  let repoDefaultBranch = '';
+
+  // (Don't bother asking for the rest if we didn't get an org slug above)
+  if (apiToken && orgSlug && !repoName) {
+    const suggestion = await suggestRepoSlug(socketSdk, orgSlug);
+    if (suggestion) {
+      ({
+        defaultBranch: repoDefaultBranch,
+        slug: repoName
+      } = suggestion);
+    }
+    updatedInput = true;
+  }
+
+  // (Don't bother asking for the rest if we didn't get an org/repo above)
+  if (apiToken && orgSlug && repoName && !branchName) {
+    const suggestion = await suggestBranchSlug(repoDefaultBranch);
+    if (suggestion) branchName = suggestion;
+    updatedInput = true;
+  }
+  if (!orgSlug || !repoName || !branchName || !packagePaths.length) {
+    // Use exit status of 2 to indicate incorrect usage, generally invalid
+    // options or missing arguments.
+    // https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
+    process$1.exitCode = 2;
+    console.error(`
+      ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
+      - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Repository name using --repo ${!repoName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Branch name using --branch ${!branchName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - At least one TARGET (e.g. \`.\` or \`./package.json\`) ${!packagePaths.length ? colors.red(targets.length > 0 ? '(TARGET' + (targets.length ? 's' : '') + ' contained no matching/supported files!)' : '(missing)') : colors.green('(ok)')}\n
+      ${!apiToken ? 'Note: was unable to make suggestions because no API Token was found; this would make command fail regardless\n' : ''}
+    `);
+    return;
+  }
+  if (updatedInput) {
+    console.log('Note: You can invoke this command next time to skip the interactive questions:');
+    console.log('```');
+    console.log(`    socket scan create [other flags...] --repo ${repoName} --branch ${branchName} ${orgSlug} ${targets.join(' ')}`);
+    console.log('```');
+  }
+  if (!apiToken) {
+    throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+  }
+  if (readOnly) {
+    console.log('[ReadOnly] Bailing now');
+    return;
+  }
   const spinnerText = 'Creating a scan... \n';
   const spinner$1 = new spinner.Spinner({
     text: spinnerText
   }).start();
-  const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.createOrgFullScan(orgSlug, {
     repo: repoName,
     branch: branchName,
@@ -6033,7 +6360,7 @@ async function createFullScan({
     handleUnsuccessfulApiResponse('CreateOrgFullScan', result, spinner$1);
     return;
   }
-  spinner$1.success('Scan created successfully');
+  spinner$1.successAndStop('Scan created successfully');
   const link = colors.underline(colors.cyan(`${result.data.html_report_url}`));
   console.log(`Available at: ${link}`);
   const rl = readline.createInterface({
@@ -6107,6 +6434,11 @@ const config$6 = {
       default: false,
       description: 'Set as pending head'
     },
+    readOnly: {
+      type: 'boolean',
+      default: false,
+      description: 'Similar to --dry-run except it can read from remote, stops before it would create an actual report'
+    },
     tmp: {
       type: 'boolean',
       shortFlag: 't',
@@ -6146,54 +6478,47 @@ async function run$6(argv, importMeta, {
   });
   const [orgSlug = '', ...targets] = cli.input;
   const cwd = cli.flags['cwd'] && cli.flags['cwd'] !== 'process.cwd()' ? String(cli.flags['cwd']) : process$1.cwd();
-
-  // Note exiting earlier to skirt a hidden auth requirement
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
-  const socketSdk = await index.setupSdk();
-  const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
-    // TODO: verify type at runtime? Consider it trusted data and assume type?
-    return res.data;
-  }).catch(cause => {
-    throw new Error('Failed getting supported files for report', {
-      cause
-    });
-  });
-  const packagePaths = await npmPaths.getPackageFilesFullScans(cwd, targets, supportedFiles);
-  const {
+  let {
     branch: branchName,
     repo: repoName
   } = cli.flags;
-  if (!orgSlug || !repoName || !branchName || !packagePaths.length) {
+  const apiToken = index.getDefaultToken();
+  if (!apiToken && (!orgSlug || !repoName || !branchName || !targets.length)) {
+    // Without api token we cannot recover because we can't request more info
+    // from the server, to match and help with the current cwd/git status.
     // Use exit status of 2 to indicate incorrect usage, generally invalid
     // options or missing arguments.
     // https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
     process$1.exitCode = 2;
-    console.error(`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
-    - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n
-    - Repository name using --repo ${!repoName ? colors.red('(missing!)') : colors.green('(ok)')}\n
-    - Branch name using --branch ${!branchName ? colors.red('(missing!)') : colors.green('(ok)')}\n
-    - At least one TARGET (e.g. \`.\` or \`./package.json\`) ${!packagePaths.length ? colors.red(targets.length > 0 ? '(TARGET' + (targets.length ? 's' : '') + ' contained no matching/supported files!)' : '(missing)') : colors.green('(ok)')}\n`);
+    console.error(`
+      ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
+      - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Repository name using --repo ${!repoName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Branch name using --branch ${!branchName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - At least one TARGET (e.g. \`.\` or \`./package.json\`) ${!targets.length ? '(missing)' : colors.green('(ok)')}\n
+      (Additionally, no API Token was set so we cannot auto-discover these details)\n
+    `);
     return;
   }
-  const apiToken = index.getDefaultToken();
-  if (!apiToken) {
-    throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+
+  // Note exiting earlier to skirt a hidden auth requirement
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
   }
   await createFullScan({
-    apiToken,
-    orgSlug,
-    repoName: repoName,
     branchName: branchName,
+    commitHash: cli.flags['commitHash'] ?? '',
     commitMessage: cli.flags['commitMessage'] ?? '',
+    committers: cli.flags['committers'] ?? '',
+    cwd,
     defaultBranch: Boolean(cli.flags['defaultBranch']),
+    orgSlug,
     pendingHead: Boolean(cli.flags['pendingHead']),
-    tmp: Boolean(cli.flags['tmp']),
-    packagePaths,
-    cwd,
-    commitHash: cli.flags['commitHash'] ?? '',
-    committers: cli.flags['committers'] ?? '',
-    pullRequest: cli.flags['pullRequest'] ?? undefined
+    pullRequest: cli.flags['pullRequest'] ?? undefined,
+    readOnly: Boolean(cli.flags['readOnly']),
+    repoName: repoName,
+    targets,
+    tmp: Boolean(cli.flags['tmp'])
   });
 }
 
@@ -6205,7 +6530,7 @@ async function deleteOrgFullScan(orgSlug, fullScanId, apiToken) {
   const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
   if (result.success) {
-    spinner$1.success('Scan deleted successfully');
+    spinner$1.successAndStop('Scan deleted successfully');
   } else {
     handleUnsuccessfulApiResponse('deleteOrgFullScan', result, spinner$1);
   }
@@ -6255,7 +6580,9 @@ async function run$5(argv, importMeta, {
       - Full Scan ID to delete as second argument ${!fullScanId ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6385,7 +6712,9 @@ async function run$4(argv, importMeta, {
     - Org name as the argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6464,7 +6793,9 @@ async function run$3(argv, importMeta, {
       - Full Scan ID to inspect as second argument ${!fullScanId ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6532,7 +6863,9 @@ async function run$2(argv, importMeta, {
       - Full Scan ID to fetch as second argument ${!fullScanId ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6695,7 +7028,9 @@ async function run$1(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6924,7 +7259,7 @@ void (async () => {
       npx: cmdNpx,
       oops: cmdOops,
       optimize: cmdOptimize,
-      organization: cmdOrganizations,
+      organization: cmdOrganization,
       'raw-npm': cmdRawNpm,
       'raw-npx': cmdRawNpx,
       report: cmdReport,
@@ -6976,5 +7311,5 @@ void (async () => {
     await index.captureException(e);
   }
 })();
-//# debugId=d30f7250-79de-4641-a3e0-e622cbd34263
+//# debugId=946935cf-d1a8-421f-98f6-c3164cb5288a
 //# sourceMappingURL=cli.js.map