@socketsecurity/cli-with-sentry 0.14.49 → 0.14.50

package/dist/require/cli.js

@@ -56,7 +56,9 @@ var npmPaths = require('./npm-paths.js');
 var npm$1 = require('./npm.js');
 var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
 var config$A = require('@socketsecurity/config');
+var assert = require('node:assert');
 var readline = require('node:readline/promises');
+var childProcess = require('node:child_process');
 var TableWidget = _socketInterop(require('blessed-contrib/lib/widget/table'));
 var readline$1 = require('node:readline');
 
@@ -1293,7 +1295,7 @@ function handleUnsuccessfulApiResponse(_name, result, spinner) {
     spinner.stop();
     throw new index.AuthError(message);
   }
-  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
+  spinner.errorAndStop(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
   process$1.exit(1);
 }
 async function handleApiCall(value, description) {
@@ -1512,7 +1514,7 @@ function meowOrExit({
 }
 function getAsciiHeader(command) {
   const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['SOCKET_CLI_VERSION_HASH']".
-  "0.14.49:216163f:34d3aac1:pub";
+  "0.14.50:c8e152a:9126d091:pub";
   const nodeVersion = process.version;
   const apiToken = index.getSetting('apiToken');
   const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
@@ -2340,7 +2342,7 @@ async function getDiffScan({
   const data = await response.json();
   if (!response.ok) {
     const err = await handleAPIError(response.status);
-    spinner$1.error(`${colors.bgRed(colors.white(response.statusText))}: ${err}`);
+    spinner$1.errorAndStop(`${colors.bgRed(colors.white(response.statusText))}: ${err}`);
     return;
   }
   spinner$1.stop();
@@ -2556,7 +2558,7 @@ async function runFix() {
                 // eslint-disable-next-line no-await-in-loop
                 await editablePkgJson.save();
               } catch {
-                spinner$1.error(`Reverting ${name} to ${oldVersion}`);
+                spinner$1.errorAndStop(`Reverting ${name} to ${oldVersion}`);
                 spinner$1.start();
                 arb.idealTree = revertToIdealTree;
               }
@@ -2736,7 +2738,7 @@ function formatPackageInfo({
       spinner[strict ? 'error' : 'success'](`Package has these issues: ${formatSeverityCount(severityCount)}`);
       formatPackageIssuesDetails(data, outputMarkdown);
     } else {
-      spinner.success('Package has no issues');
+      spinner.successAndStop('Package has no issues');
     }
     const format = new index.ColorOrMarkdown(!!outputMarkdown);
     const url = index.getSocketDevPackageOverviewUrl(NPM$c, pkgName, pkgVersion);
@@ -2917,7 +2919,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
     orgs = result.data;
     spinner$1.success('API key verified');
   } catch {
-    spinner$1.error('Invalid API key');
+    spinner$1.errorAndStop('Invalid API key');
     return;
   }
   const enforcedChoices = Object.values(orgs.organizations).filter(org => org?.plan === 'enterprise').map(org => ({
@@ -2952,9 +2954,9 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
   const oldToken = index.getSetting('apiToken');
   try {
     applyLogin(apiToken, enforcedOrgs, apiBaseUrl, apiProxy);
-    spinner$1.success(`API credentials ${oldToken ? 'updated' : 'set'}`);
+    spinner$1.successAndStop(`API credentials ${oldToken ? 'updated' : 'set'}`);
   } catch {
-    spinner$1.error(`API login failed`);
+    spinner$1.errorAndStop(`API login failed`);
   }
 }
 
@@ -3096,14 +3098,14 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
     const output = await spawn(bin, commandArgs, {
       cwd: target || '.'
     });
-    spinner$1.success();
+    spinner$1.stop();
     if (verbose) {
       console.group('[VERBOSE] gradle stdout:');
       console.log(output);
       console.groupEnd();
     }
     if (output.stderr) {
-      spinner$1.error('There were errors while running gradle');
+      spinner$1.errorAndStop('There were errors while running gradle');
       // (In verbose mode, stderr was printed above, no need to repeat it)
       if (!verbose) {
         console.group('[VERBOSE] stderr:');
@@ -3112,6 +3114,8 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
       }
       process.exit(1);
     }
+    spinner$1.start();
+    spinner$1.successAndStop('Executed gradle successfully');
     console.log('Reported exports:');
     output.stdout.replace(/^POM file copied to: (.*)/gm, (_all, fn) => {
       console.log('- ', fn);
@@ -3120,7 +3124,7 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
 
     // const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
     // if (!loc) {
-    //   spinner.error(
+    //   spinner.errorAndStop(
     //     'There were no errors from sbt but could not find the location of resulting .pom file either'
     //   )
     //   process.exit(1)
@@ -3142,11 +3146,11 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
     //   }
     //   // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
     //   await renamep(loc, out)
-    //   spinner.success()
+    //   spinner.successAndStop()
     //   spinner.start().success(`OK. File should be available in \`${out}\``)
     // }
   } catch (e) {
-    spinner$1.error('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
+    spinner$1.errorAndStop('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
     if (verbose) {
       console.group('[VERBOSE] error:');
       console.log(e);
@@ -3321,14 +3325,15 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
     const output = await spawn(bin, ['makePom'].concat(sbtOpts), {
       cwd: target || '.'
     });
-    spinner$1.success();
+    spinner$1.successAndStop();
     if (verbose) {
       console.group('[VERBOSE] sbt stdout:');
       console.log(output);
       console.groupEnd();
     }
     if (output.stderr) {
-      spinner$1.error('There were errors while running sbt');
+      spinner$1.start();
+      spinner$1.errorAndStop('There were errors while running sbt');
       // (In verbose mode, stderr was printed above, no need to repeat it)
       if (!verbose) {
         console.group('[VERBOSE] stderr:');
@@ -3343,7 +3348,7 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
       return fn;
     });
     if (!poms.length) {
-      spinner$1.error('There were no errors from sbt but it seems to not have generated any poms either');
+      spinner$1.errorAndStop('There were no errors from sbt but it seems to not have generated any poms either');
       process.exit(1);
     }
 
@@ -3375,7 +3380,7 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
       spinner$1.start().success(`OK`);
     }
   } catch (e) {
-    spinner$1.error('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
+    spinner$1.errorAndStop('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
     if (verbose) {
       console.group('[VERBOSE] error:');
       console.log(e);
@@ -5235,7 +5240,7 @@ async function createReport(socketConfig, inputPaths, {
       handleUnsuccessfulApiResponse('createReport', result, spinner$1);
       return undefined;
     }
-    spinner$1.success();
+    spinner$1.successAndStop();
     return result;
   }
 }
@@ -5287,16 +5292,16 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
 
   if (strict) {
     if (result.data.healthy) {
-      spinner$1.success('Report result is healthy and great!');
+      spinner$1.successAndStop('Report result is healthy and great!');
     } else {
-      spinner$1.error('Report result deemed unhealthy for project');
+      spinner$1.errorAndStop('Report result deemed unhealthy for project');
     }
   } else if (!result.data.healthy) {
     const severityCount = getSeverityCount(result.data.issues, includeAllIssues ? undefined : 'high');
     const issueSummary = formatSeverityCount(severityCount);
-    spinner$1.success(`Report has these issues: ${issueSummary}`);
+    spinner$1.successAndStop(`Report has these issues: ${issueSummary}`);
   } else {
-    spinner$1.success('Report has no issues');
+    spinner$1.successAndStop('Report has no issues');
   }
   return result.data;
 }
@@ -5535,7 +5540,7 @@ async function createRepo({
     visibility
   }), 'creating repository');
   if (result.success) {
-    spinner$1.success('Repository created successfully');
+    spinner$1.successAndStop('Repository created successfully');
   } else {
     handleUnsuccessfulApiResponse('createOrgRepo', result, spinner$1);
   }
@@ -5644,7 +5649,7 @@ async function deleteRepo(orgSlug, repoName, apiToken) {
   const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
   if (result.success) {
-    spinner$1.success('Repository deleted successfully');
+    spinner$1.successAndStop('Repository deleted successfully');
   } else {
     handleUnsuccessfulApiResponse('deleteOrgRepo', result, spinner$1);
   }
@@ -5733,6 +5738,18 @@ async function listRepos({
     handleUnsuccessfulApiResponse('getOrgRepoList', result, spinner$1);
     return;
   }
+  spinner$1.stop();
+  if (outputJson) {
+    const data = result.data.results.map(o => ({
+      id: o.id,
+      name: o.name,
+      visibility: o.visibility,
+      defaultBranch: o.default_branch,
+      archived: o.archived
+    }));
+    console.log(JSON.stringify(data, null, 2));
+    return;
+  }
   const options = {
     columns: [{
       field: 'id',
@@ -5751,7 +5768,7 @@ async function listRepos({
       name: colors.magenta('Archived')
     }]
   };
-  spinner$1.stop(chalkTable(options, result.data.results));
+  console.log(chalkTable(options, result.data.results));
 }
 
 const config$9 = {
@@ -5867,7 +5884,7 @@ async function updateRepo({
     visibility
   }), 'updating repository');
   if (result.success) {
-    spinner$1.success('Repository updated successfully');
+    spinner$1.successAndStop('Repository updated successfully');
   } else {
     handleUnsuccessfulApiResponse('updateOrgRepo', result, spinner$1);
   }
@@ -6084,8 +6101,149 @@ const cmdRepos = {
   }
 };
 
+async function suggestOrgSlug(socketSdk) {
+  const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
+  // Ignore a failed request here. It was not the primary goal of
+  // running this command and reporting it only leads to end-user confusion.
+  if (result.success) {
+    const proceed = await prompts.select({
+      message: 'Missing org name; do you want to use any of these orgs for this scan?',
+      choices: Array.from(Object.values(result.data.organizations)).map(({
+        name: slug
+      }) => ({
+        name: 'Yes [' + slug + ']',
+        value: slug,
+        description: `Use "${slug}" as the organization`
+      })).concat({
+        name: 'No',
+        value: '',
+        description: 'Do not use any of these organizations (will end in a no-op)'
+      })
+    });
+    if (proceed) {
+      return proceed;
+    }
+  }
+}
+
+async function suggestRepoSlug(socketSdk, orgSlug) {
+  // Same as above, but if there's a repo with the same name as cwd then
+  // default the selection to that name.
+  const result = await handleApiCall(socketSdk.getOrgRepoList(orgSlug, {
+    orgSlug,
+    sort: 'name',
+    direction: 'asc',
+    // There's no guarantee that the cwd is part of this page. If it's not
+    // then do an additional request and specific search for it instead.
+    // This way we can offer the tip of "do you want to create [cwd]?".
+    perPage: 10,
+    page: 0
+  }), 'looking up known repos');
+  // Ignore a failed request here. It was not the primary goal of
+  // running this command and reporting it only leads to end-user confusion.
+  if (result.success) {
+    const currentDirName = dirNameToSlug(path.basename(process$1.cwd()));
+    let cwdIsKnown = !!currentDirName && result.data.results.some(obj => obj.slug === currentDirName);
+    if (!cwdIsKnown && currentDirName) {
+      // Do an explicit request so we can assert that the cwd exists or not
+      const result = await handleApiCall(socketSdk.getOrgRepo(orgSlug, currentDirName), 'checking if current cwd is a known repo');
+      if (result.success) {
+        cwdIsKnown = true;
+      }
+    }
+    const proceed = await prompts.select({
+      message: 'Missing repo name; do you want to use any of these known repo names for this scan?',
+      choices:
+      // Put the CWD suggestion at the top, whether it exists or not
+      (currentDirName ? [{
+        name: `Yes, current dir [${cwdIsKnown ? currentDirName : `create repo for ${currentDirName}`}]`,
+        value: currentDirName,
+        description: cwdIsKnown ? 'Register a new repo name under the given org and use it' : 'Use current dir as repo'
+      }] : []).concat(result.data.results.filter(({
+        slug
+      }) => !!slug && slug !== currentDirName).map(({
+        slug
+      }) => ({
+        name: 'Yes [' + slug + ']',
+        value: slug || '',
+        // Filtered above but TS is like nah.
+        description: `Use "${slug}" as the repo name`
+      })), {
+        name: 'No',
+        value: '',
+        description: 'Do not use any of these repos (will end in a no-op)'
+      })
+    });
+    if (proceed) {
+      const repoName = proceed;
+      let repoDefaultBranch = '';
+      // Store the default branch to help with the branch name question next
+      result.data.results.some(obj => {
+        if (obj.slug === proceed && obj.default_branch) {
+          repoDefaultBranch = obj.default_branch;
+          return;
+        }
+      });
+      return {
+        slug: repoName,
+        defaultBranch: repoDefaultBranch
+      };
+    }
+  }
+}
+function dirNameToSlug(name) {
+  // Uses slug specs asserted by our servers
+  // Note: this can lead to collisions; eg. slug for `x--y` and `x---y` is `x-y`
+  return name.toLowerCase().replace(/[^[a-zA-Z0-9_.-]/g, '_').replace(/--+/g, '-').replace(/__+/g, '_').replace(/\.\.+/g, '.').replace(/[._-]+$/, '');
+}
+
+async function suggestBranchSlug(repoDefaultBranch) {
+  const spawnResult = childProcess.spawnSync('git', ['branch', '--show-current']);
+  const currentBranch = spawnResult.stdout.toString('utf8').trim();
+  if (spawnResult.status === 0 && currentBranch) {
+    const proceed = await prompts.select({
+      message: 'Use the current git branch as target branch name?',
+      choices: [{
+        name: `Yes [${currentBranch}]`,
+        value: currentBranch,
+        description: 'Use the current git branch for branch name'
+      }, ...(repoDefaultBranch && repoDefaultBranch !== currentBranch ? [{
+        name: `No, use the default branch [${repoDefaultBranch}]`,
+        value: repoDefaultBranch,
+        description: 'Use the default branch for target repo as the target branch name'
+      }] : []), {
+        name: 'No',
+        value: '',
+        description: 'Do not use the current git branch as name (will end in a no-op)'
+      }].filter(Boolean)
+    });
+    if (proceed) {
+      return proceed;
+    }
+  }
+}
+
+async function suggestTarget() {
+  // We could prefill this with sub-dirs of the current
+  // dir ... but is that going to be useful?
+  const proceed = await prompts.select({
+    message: 'No TARGET given. Do you want to use the current directory?',
+    choices: [{
+      name: 'Yes',
+      value: true,
+      description: 'Target the current directory'
+    }, {
+      name: 'No',
+      value: false,
+      description: 'Do not use the current directory (this will end in a no-op)'
+    }]
+  });
+  if (proceed) {
+    return ['.'];
+  }
+}
+
 async function createFullScan({
-  apiToken,
   branchName,
   commitHash: _commitHash,
   commitMessage,
@@ -6093,17 +6251,100 @@ async function createFullScan({
   cwd,
   defaultBranch,
   orgSlug,
-  packagePaths,
   pendingHead,
   pullRequest: _pullRequest,
+  readOnly,
   repoName,
+  targets,
   tmp
 }) {
+  const socketSdk = await index.setupSdk();
+  const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
+    if (!res.success) {
+      handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
+      assert(false, 'handleUnsuccessfulApiResponse should unconditionally throw');
+    }
+    return res.data;
+  }).catch(cause => {
+    throw new Error('Failed getting supported files for report', {
+      cause
+    });
+  });
+
+  // If we updated any inputs then we should print the command line to repeat
+  // the command without requiring user input, as a suggestion.
+  let updatedInput = false;
+  if (!targets.length) {
+    const received = await suggestTarget();
+    targets = received ?? [];
+    updatedInput = true;
+  }
+  const packagePaths = await npmPaths.getPackageFilesFullScans(cwd, targets, supportedFiles);
+
+  // We're going to need an api token to suggest data because those suggestions
+  // must come from data we already know. Don't error on missing api token yet.
+  // If the api-token is not set, ignore it for the sake of suggestions.
+  const apiToken = index.getDefaultToken();
+  if (apiToken && !orgSlug) {
+    const suggestion = await suggestOrgSlug(socketSdk);
+    if (suggestion) orgSlug = suggestion;
+    updatedInput = true;
+  }
+
+  // If the current cwd is unknown and is used as a repo slug anyways, we will
+  // first need to register the slug before we can use it.
+  let repoDefaultBranch = '';
+
+  // (Don't bother asking for the rest if we didn't get an org slug above)
+  if (apiToken && orgSlug && !repoName) {
+    const suggestion = await suggestRepoSlug(socketSdk, orgSlug);
+    if (suggestion) {
+      ({
+        defaultBranch: repoDefaultBranch,
+        slug: repoName
+      } = suggestion);
+    }
+    updatedInput = true;
+  }
+
+  // (Don't bother asking for the rest if we didn't get an org/repo above)
+  if (apiToken && orgSlug && repoName && !branchName) {
+    const suggestion = await suggestBranchSlug(repoDefaultBranch);
+    if (suggestion) branchName = suggestion;
+    updatedInput = true;
+  }
+  if (!orgSlug || !repoName || !branchName || !packagePaths.length) {
+    // Use exit status of 2 to indicate incorrect usage, generally invalid
+    // options or missing arguments.
+    // https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
+    process$1.exitCode = 2;
+    console.error(`
+      ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
+      - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Repository name using --repo ${!repoName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Branch name using --branch ${!branchName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - At least one TARGET (e.g. \`.\` or \`./package.json\`) ${!packagePaths.length ? colors.red(targets.length > 0 ? '(TARGET' + (targets.length ? 's' : '') + ' contained no matching/supported files!)' : '(missing)') : colors.green('(ok)')}\n
+      ${!apiToken ? 'Note: was unable to make suggestions because no API Token was found; this would make command fail regardless\n' : ''}
+    `);
+    return;
+  }
+  if (updatedInput) {
+    console.log('Note: You can invoke this command next time to skip the interactive questions:');
+    console.log('```');
+    console.log(`    socket scan create [other flags...] --repo ${repoName} --branch ${branchName} ${orgSlug} ${targets.join(' ')}`);
+    console.log('```');
+  }
+  if (!apiToken) {
+    throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+  }
+  if (readOnly) {
+    console.log('[ReadOnly] Bailing now');
+    return;
+  }
   const spinnerText = 'Creating a scan... \n';
   const spinner$1 = new spinner.Spinner({
     text: spinnerText
   }).start();
-  const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.createOrgFullScan(orgSlug, {
     repo: repoName,
     branch: branchName,
@@ -6116,7 +6357,7 @@ async function createFullScan({
     handleUnsuccessfulApiResponse('CreateOrgFullScan', result, spinner$1);
     return;
   }
-  spinner$1.success('Scan created successfully');
+  spinner$1.successAndStop('Scan created successfully');
   const link = colors.underline(colors.cyan(`${result.data.html_report_url}`));
   console.log(`Available at: ${link}`);
   const rl = readline.createInterface({
@@ -6190,6 +6431,11 @@ const config$6 = {
       default: false,
       description: 'Set as pending head'
     },
+    readOnly: {
+      type: 'boolean',
+      default: false,
+      description: 'Similar to --dry-run except it can read from remote, stops before it would create an actual report'
+    },
     tmp: {
       type: 'boolean',
       shortFlag: 't',
@@ -6229,56 +6475,47 @@ async function run$6(argv, importMeta, {
   });
   const [orgSlug = '', ...targets] = cli.input;
   const cwd = cli.flags['cwd'] && cli.flags['cwd'] !== 'process.cwd()' ? String(cli.flags['cwd']) : process$1.cwd();
-
-  // Note exiting earlier to skirt a hidden auth requirement
-  if (cli.flags['dryRun']) {
-    return console.log('[DryRun] Bailing now');
-  }
-  const socketSdk = await index.setupSdk();
-  const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
-    // TODO: verify type at runtime? Consider it trusted data and assume type?
-    return res.data;
-  }).catch(cause => {
-    throw new Error('Failed getting supported files for report', {
-      cause
-    });
-  });
-  const packagePaths = await npmPaths.getPackageFilesFullScans(cwd, targets, supportedFiles);
-  const {
+  let {
     branch: branchName,
     repo: repoName
   } = cli.flags;
-  if (!orgSlug || !repoName || !branchName || !packagePaths.length) {
+  const apiToken = index.getDefaultToken();
+  if (!apiToken && (!orgSlug || !repoName || !branchName || !targets.length)) {
+    // Without api token we cannot recover because we can't request more info
+    // from the server, to match and help with the current cwd/git status.
     // Use exit status of 2 to indicate incorrect usage, generally invalid
     // options or missing arguments.
     // https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
     process$1.exitCode = 2;
-    console.error(`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
-    - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n
-    - Repository name using --repo ${!repoName ? colors.red('(missing!)') : colors.green('(ok)')}\n
-    - Branch name using --branch ${!branchName ? colors.red('(missing!)') : colors.green('(ok)')}\n
-    - At least one TARGET (e.g. \`.\` or \`./package.json\`) ${!packagePaths.length ? colors.red(targets.length > 0 ? '(TARGET' + (targets.length ? 's' : '') + ' contained no matching/supported files!)' : '(missing)') : colors.green('(ok)')}\n`);
+    console.error(`
+      ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
+      - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Repository name using --repo ${!repoName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - Branch name using --branch ${!branchName ? colors.red('(missing!)') : colors.green('(ok)')}\n
+      - At least one TARGET (e.g. \`.\` or \`./package.json\`) ${!targets.length ? '(missing)' : colors.green('(ok)')}\n
+      (Additionally, no API Token was set so we cannot auto-discover these details)\n
+    `);
     return;
   }
-  const apiToken = index.getDefaultToken();
-  if (!apiToken) {
-    throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+
+  // Note exiting earlier to skirt a hidden auth requirement
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
   }
   await createFullScan({
-    apiToken,
-    orgSlug,
-    repoName: repoName,
     branchName: branchName,
+    commitHash: cli.flags['commitHash'] ?? '',
     commitMessage: cli.flags['commitMessage'] ?? '',
+    committers: cli.flags['committers'] ?? '',
+    cwd,
     defaultBranch: Boolean(cli.flags['defaultBranch']),
+    orgSlug,
     pendingHead: Boolean(cli.flags['pendingHead']),
-    tmp: Boolean(cli.flags['tmp']),
-    packagePaths,
-    cwd,
-    commitHash: cli.flags['commitHash'] ?? '',
-    committers: cli.flags['committers'] ?? '',
-    pullRequest: cli.flags['pullRequest'] ?? undefined
+    pullRequest: cli.flags['pullRequest'] ?? undefined,
+    readOnly: Boolean(cli.flags['readOnly']),
+    repoName: repoName,
+    targets,
+    tmp: Boolean(cli.flags['tmp'])
   });
 }
 
@@ -6290,7 +6527,7 @@ async function deleteOrgFullScan(orgSlug, fullScanId, apiToken) {
   const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
   if (result.success) {
-    spinner$1.success('Scan deleted successfully');
+    spinner$1.successAndStop('Scan deleted successfully');
   } else {
     handleUnsuccessfulApiResponse('deleteOrgFullScan', result, spinner$1);
   }
@@ -7071,5 +7308,5 @@ void (async () => {
     await index.captureException(e);
   }
 })();
-//# debugId=71018fb6-02eb-4cf4-8a1e-dce142ed200
+//# debugId=76095f49-6cee-41ed-8752-1e7608d29b7d
 //# sourceMappingURL=cli.js.map