@socketsecurity/cli-with-sentry 0.15.33 → 0.15.34

package/dist/cli.js

@@ -630,7 +630,7 @@ ${table}
     process.exitCode = 1;
     logger.logger.fail('There was a problem converting the logs to Markdown, please try the `--json` flag');
     if (debug.isDebug()) {
-      debug.debugFn('Unexpected error:\n', e);
+      debug.debugFn('catch: unexpected\n', e);
     }
     return '';
   }
@@ -1151,7 +1151,7 @@ async function run$O(argv, importMeta, {
 async function getDefaultOrgSlug() {
   const defaultOrgResult = utils.getConfigValueOrUndef('defaultOrg');
   if (defaultOrgResult) {
-    debug.debugFn('Using default org:', defaultOrgResult);
+    debug.debugFn('use: default org', defaultOrgResult);
     return {
       ok: true,
       data: defaultOrgResult
@@ -1183,7 +1183,7 @@ async function getDefaultOrgSlug() {
       data: `Was unable to determine the default organization for the current API token. Unable to continue.`
     };
   }
-  debug.debugFn('Resolved org to:', slug);
+  debug.debugFn('resolve: org', slug);
   return {
     ok: true,
     message: 'Retrieved default org from server',
@@ -1287,7 +1287,7 @@ async function fetchReportData(orgSlug, scanId, includeLicensePolicy) {
         return JSON.parse(line);
       } catch {
         ok = false;
-        debug.debugFn('NDJSON failed to parse the following line:\n', line);
+        debug.debugFn('fail: parse NDJSON\n', line);
         return;
       }
     });
@@ -3737,7 +3737,7 @@ async function gitCreateAndPushBranch(branch, commitMsg, filepaths, options) {
     await spawn.spawn('git', ['push', '--force', '--set-upstream', 'origin', branch], stdioIgnoreOptions);
     return true;
   } catch (e) {
-    debug.debugFn('Unexpected error:\n', e);
+    debug.debugFn('catch: unexpected\n', e);
   }
   try {
     // Will throw with exit code 1 if branch does not exist.
@@ -3767,7 +3767,7 @@ async function gitEnsureIdentity(name, email, cwd = process.cwd()) {
       try {
         await spawn.spawn('git', ['config', prop, value], stdioIgnoreOptions);
       } catch (e) {
-        debug.debugFn('Unexpected error:\n', e);
+        debug.debugFn('catch: unexpected\n', e);
       }
     }
   }));
@@ -3807,7 +3807,7 @@ async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
       data: rawFiles.map(relPath => path$1.normalizePath(relPath))
     };
   } catch (e) {
-    debug.debugFn('Unexpected error trying to run git diff --name-only');
+    debug.debugFn('catch: git diff --name-only failed\n', e);
     return {
       ok: false,
       message: 'Git Error',
@@ -3904,14 +3904,14 @@ async function cleanupOpenPrs(owner, repo, newVersion, options) {
           pull_number: prNum,
           state: 'closed'
         });
-        debug.debugFn(`Closed ${prRef} for older version ${prToVersion}.`);
+        debug.debugFn(`close: ${prRef} for ${prToVersion}`);
         // Remove entry from parent object.
         context.parent.splice(context.index, 1);
         // Mark cache to be saved.
         cachesToSave.set(context.cacheKey, context.data);
         return null;
       } catch (e) {
-        debug.debugFn(`Failed to close ${prRef}: ${e?.message || 'Unknown error'}`);
+        debug.debugFn(`fail: close ${prRef}\n`, e?.message || 'unknown error');
       }
     }
     // Update stale PRs.
@@ -3924,7 +3924,7 @@ async function cleanupOpenPrs(owner, repo, newVersion, options) {
           base: match.headRefName,
           head: match.baseRefName
         });
-        debug.debugFn(`Updated stale ${prRef}.`);
+        debug.debugFn('update: stale', prRef);
         // Update entry entry.
         if (context.apiType === 'graphql') {
           context.entry.mergeStateStatus = 'CLEAN';
@@ -3935,7 +3935,7 @@ async function cleanupOpenPrs(owner, repo, newVersion, options) {
         cachesToSave.set(context.cacheKey, context.data);
       } catch (e) {
         const message = e?.message || 'Unknown error';
-        debug.debugFn(`Failed to update ${prRef}: ${message}`);
+        debug.debugFn(`fail: update ${prRef} - ${message}`);
       }
     }
     return match;
@@ -4002,6 +4002,9 @@ function getGitHubEnvRepoInfo() {
     repo: ownerSlashRepo.slice(slashIndex + 1)
   };
 }
+async function getOpenSocketPrs(owner, repo, options) {
+  return (await getOpenSocketPrsWithContext(owner, repo, options)).map(d => d.match);
+}
 async function getOpenSocketPrsWithContext(owner, repo, options_) {
   const options = {
     __proto__: null,
@@ -4124,7 +4127,7 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
   };
   // Lazily access constants.ENV.GITHUB_ACTIONS.
   if (!constants.ENV.GITHUB_ACTIONS) {
-    debug.debugFn('Missing GITHUB_ACTIONS environment variable.');
+    debug.debugFn('miss: GITHUB_ACTIONS env var');
     return null;
   }
   const octokit = getOctokit();
@@ -4173,7 +4176,7 @@ async function setGitRemoteGitHubRepoUrl(owner, repo, token, cwd = process.cwd()
   try {
     await spawn.spawn('git', ['remote', 'set-url', 'origin', url], stdioIgnoreOptions);
   } catch (e) {
-    debug.debugFn('Unexpected error:\n', e);
+    debug.debugFn('catch: unexpected\n', e);
   }
 }
 
@@ -4228,10 +4231,24 @@ async function npmFix(pkgEnvDetails, {
   const {
     spinner
   } = constants;
-  spinner?.start();
   const {
     pkgPath: rootPath
   } = pkgEnvDetails;
+
+  // Lazily access constants.ENV properties.
+  const gitEmail = constants.ENV.SOCKET_CLI_GIT_USER_EMAIL;
+  const gitUser = constants.ENV.SOCKET_CLI_GIT_USER_NAME;
+  const githubToken = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
+  const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && gitEmail && gitUser && githubToken);
+  spinner?.start();
+  let count = 0;
+  let repoInfo = null;
+  if (isCi) {
+    repoInfo = getGitHubEnvRepoInfo();
+    count += (await getOpenSocketPrs(repoInfo.owner, repoInfo.repo, {
+      author: gitUser
+    })).length;
+  }
   const arb = new shadowInject.Arborist({
     path: rootPath,
     ...shadowInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
@@ -4248,8 +4265,7 @@ async function npmFix(pkgEnvDetails, {
     }));
   } catch (e) {
     spinner?.stop();
-    debug.debugFn('API Error thrown:');
-    debug.debugFn(e);
+    debug.debugFn('catch: PURL API\n', e);
     return {
       ok: false,
       message: 'API Error',
@@ -4269,17 +4285,14 @@ async function npmFix(pkgEnvDetails, {
       }
     };
   }
-
-  // Lazily access constants.ENV properties.
-  const token = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
-  const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && token);
   const baseBranch = isCi ? getBaseGitBranch() : '';
   const workspacePkgJsonPaths = await utils.globWorkspace(pkgEnvDetails.agent, rootPath);
   const pkgJsonPaths = [...workspacePkgJsonPaths,
   // Process the workspace root last since it will add an override to package.json.
   pkgEnvDetails.editablePkgJson.filename];
+  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
   const handleInstallFail = () => {
-    debug.debugFn(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
+    debug.debugFn(`fail: ${pkgEnvDetails.agent} install\n`);
     logger.logger.dedent();
     spinner?.dedent();
     return {
@@ -4289,8 +4302,6 @@ async function npmFix(pkgEnvDetails, {
     };
   };
   spinner?.stop();
-  let count = 0;
-  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
   infoEntriesLoop: for (let i = 0, {
       length
     } = sortedInfoEntries; i < length; i += 1) {
@@ -4303,7 +4314,7 @@ async function npmFix(pkgEnvDetails, {
     logger.logger.indent();
     spinner?.indent();
     if (registry.getManifestData(NPM$a, name)) {
-      debug.debugFn(`Socket Optimize package exists for ${name}.`);
+      debug.debugFn(`found: Socket Optimize variant for ${name}`);
     }
     // eslint-disable-next-line no-await-in-loop
     const packument = await packages.fetchPackagePackument(name);
@@ -4327,7 +4338,7 @@ async function npmFix(pkgEnvDetails, {
       const workspace = isWorkspaceRoot ? 'root' : path.relative(rootPath, pkgPath);
       const oldVersions = arrays.arrayUnique(shadowInject.findPackageNodes(actualTree, name).map(n => n.target?.version ?? n.version).filter(Boolean));
       if (!oldVersions.length) {
-        debug.debugFn(`${name} not found, skipping.\n`);
+        debug.debugFn(`skip: ${name} not found\n`);
         // Skip to next package.
         logger.logger.dedent();
         spinner?.dedent();
@@ -4343,7 +4354,7 @@ async function npmFix(pkgEnvDetails, {
       let hasAnnouncedWorkspace = false;
       let workspaceLogCallCount = logger.logger.logCallCount;
       if (debug.isDebug()) {
-        debug.debugFn(`Checking workspace ${workspace}.`);
+        debug.debugFn(`check: workspace ${workspace}`);
         hasAnnouncedWorkspace = true;
         workspaceLogCallCount = logger.logger.logCallCount;
       }
@@ -4352,7 +4363,7 @@ async function npmFix(pkgEnvDetails, {
         const oldPurl = utils.idToPurl(oldId);
         const node = shadowInject.findPackageNode(actualTree, name, oldVersion);
         if (!node) {
-          debug.debugFn(`${oldId} not found, skipping.`);
+          debug.debugFn(`skip: ${oldId} not found`);
           continue oldVersionsLoop;
         }
         infosLoop: for (const {
@@ -4360,7 +4371,7 @@ async function npmFix(pkgEnvDetails, {
           vulnerableVersionRange
         } of infos.values()) {
           if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
-            debug.debugFn(`${oldId} is >= ${firstPatchedVersionIdentifier}, skipping.`);
+            debug.debugFn(`skip: ${oldId} is >= ${firstPatchedVersionIdentifier}`);
             continue infosLoop;
           }
           const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
@@ -4396,7 +4407,7 @@ async function npmFix(pkgEnvDetails, {
           if (!(await editablePkgJson.save({
             ignoreWhitespace: true
           }))) {
-            debug.debugFn(`${workspace}/package.json not changed, skipping.`);
+            debug.debugFn(`skip: ${workspace}/package.json unchanged`);
             // Reset things just in case.
             if (isCi) {
               // eslint-disable-next-line no-await-in-loop
@@ -4454,23 +4465,24 @@ async function npmFix(pkgEnvDetails, {
                 logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
                 continue infosLoop;
               }
-              const repoInfo = getGitHubEnvRepoInfo();
               const branch = getSocketBranchName(oldPurl, newVersion, workspace);
               let skipPr = false;
               if (
               // eslint-disable-next-line no-await-in-loop
               await prExistForBranch(repoInfo.owner, repoInfo.repo, branch)) {
                 skipPr = true;
-                debug.debugFn(`Branch "${branch}" exists, skipping PR creation.`);
+                debug.debugFn(`skip: branch "${branch}" exists`);
               }
               // eslint-disable-next-line no-await-in-loop
               else if (await gitRemoteBranchExists(branch, cwd)) {
                 skipPr = true;
-                debug.debugFn(`Remote branch "${branch}" exists, skipping PR creation.`);
+                debug.debugFn(`skip: remote branch "${branch}" exists`);
               } else if (
               // eslint-disable-next-line no-await-in-loop
               !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspace), moddedFilepaths, {
-                cwd
+                cwd,
+                email: gitEmail,
+                user: gitUser
               }))) {
                 skipPr = true;
                 logger.logger.warn('Unexpected condition: Push failed, skipping PR creation.');
@@ -4491,7 +4503,7 @@ async function npmFix(pkgEnvDetails, {
               }
 
               // eslint-disable-next-line no-await-in-loop
-              await Promise.allSettled([setGitRemoteGitHubRepoUrl(repoInfo.owner, repoInfo.repo, token, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, newVersion, {
+              await Promise.allSettled([setGitRemoteGitHubRepoUrl(repoInfo.owner, repoInfo.repo, githubToken, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, newVersion, {
                 purl: oldPurl,
                 workspace
               })]);
@@ -4652,7 +4664,21 @@ async function pnpmFix(pkgEnvDetails, {
   const {
     pkgPath: rootPath
   } = pkgEnvDetails;
+
+  // Lazily access constants.ENV properties.
+  const gitEmail = constants.ENV.SOCKET_CLI_GIT_USER_EMAIL;
+  const gitUser = constants.ENV.SOCKET_CLI_GIT_USER_NAME;
+  const githubToken = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
+  const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && gitEmail && gitUser && githubToken);
   spinner?.start();
+  let count = 0;
+  let repoInfo = null;
+  if (isCi) {
+    repoInfo = getGitHubEnvRepoInfo();
+    count += (await getOpenSocketPrs(repoInfo.owner, repoInfo.repo, {
+      author: gitUser
+    })).length;
+  }
   let actualTree;
   const lockfilePath = path.join(rootPath, 'pnpm-lock.yaml');
   let lockfileContent = await utils.readPnpmLockfile(lockfilePath);
@@ -4707,8 +4733,7 @@ async function pnpmFix(pkgEnvDetails, {
     }));
   } catch (e) {
     spinner?.stop();
-    debug.debugFn('Unexpected Socket batch PURL API error:');
-    debug.debugFn(e);
+    debug.debugFn('catch: PURL API\n', e);
     return {
       ok: false,
       message: 'API Error',
@@ -4728,15 +4753,12 @@ async function pnpmFix(pkgEnvDetails, {
       }
     };
   }
-
-  // Lazily access constants.ENV properties.
-  const token = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
-  const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && token);
   const baseBranch = isCi ? getBaseGitBranch() : '';
   const workspacePkgJsonPaths = await utils.globWorkspace(pkgEnvDetails.agent, rootPath);
   const pkgJsonPaths = [...workspacePkgJsonPaths,
   // Process the workspace root last since it will add an override to package.json.
   pkgEnvDetails.editablePkgJson.filename];
+  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
   const handleInstallFail = () => {
     logger.logger.dedent();
     spinner?.dedent();
@@ -4747,8 +4769,6 @@ async function pnpmFix(pkgEnvDetails, {
     };
   };
   spinner?.stop();
-  let count = 0;
-  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
   infoEntriesLoop: for (let i = 0, {
       length
     } = sortedInfoEntries; i < length; i += 1) {
@@ -4761,7 +4781,7 @@ async function pnpmFix(pkgEnvDetails, {
     logger.logger.indent();
     spinner?.indent();
     if (registry.getManifestData(NPM$9, name)) {
-      debug.debugFn(`Socket Optimize package exists for ${name}.`);
+      debug.debugFn(`found: Socket Optimize variant for ${name}`);
     }
     // eslint-disable-next-line no-await-in-loop
     const packument = await packages.fetchPackagePackument(name);
@@ -4786,6 +4806,10 @@ async function pnpmFix(pkgEnvDetails, {
 
       // actualTree may not be defined on the first iteration of pkgJsonPathsLoop.
       if (!actualTree) {
+        if (!isCi) {
+          // eslint-disable-next-line no-await-in-loop
+          await utils.removeNodeModules(cwd);
+        }
         const maybeActualTree = isCi && fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
         // eslint-disable-next-line no-await-in-loop
         await getActualTree(cwd) :
@@ -4808,7 +4832,7 @@ async function pnpmFix(pkgEnvDetails, {
       }
       const oldVersions = arrays.arrayUnique(shadowInject.findPackageNodes(actualTree, name).map(n => n.version).filter(Boolean));
       if (!oldVersions.length) {
-        debug.debugFn(`${name} not found, skipping.\n`);
+        debug.debugFn(`skip: ${name} not found\n`);
         // Skip to next package.
         logger.logger.dedent();
         spinner?.dedent();
@@ -4827,7 +4851,7 @@ async function pnpmFix(pkgEnvDetails, {
       let hasAnnouncedWorkspace = false;
       let workspaceLogCallCount = logger.logger.logCallCount;
       if (debug.isDebug()) {
-        debug.debugFn(`Checking workspace ${workspace}.`);
+        debug.debugFn(`check: workspace ${workspace}`);
         hasAnnouncedWorkspace = true;
         workspaceLogCallCount = logger.logger.logCallCount;
       }
@@ -4836,7 +4860,7 @@ async function pnpmFix(pkgEnvDetails, {
         const oldPurl = utils.idToPurl(oldId);
         const node = shadowInject.findPackageNode(actualTree, name, oldVersion);
         if (!node) {
-          debug.debugFn(`${oldId} not found, skipping.`);
+          debug.debugFn(`skip: ${oldId} not found`);
           continue oldVersionsLoop;
         }
         infosLoop: for (const {
@@ -4844,7 +4868,7 @@ async function pnpmFix(pkgEnvDetails, {
           vulnerableVersionRange
         } of infos.values()) {
           if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
-            debug.debugFn(`${oldId} is >= ${firstPatchedVersionIdentifier}, skipping.`);
+            debug.debugFn(`skip: ${oldId} is >= ${firstPatchedVersionIdentifier}`);
             continue infosLoop;
           }
           const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
@@ -4902,7 +4926,7 @@ async function pnpmFix(pkgEnvDetails, {
           if (!(await editablePkgJson.save({
             ignoreWhitespace: true
           }))) {
-            debug.debugFn(`${workspace}/package.json unchanged, skipping.`);
+            debug.debugFn(`skip: ${workspace}/package.json unchanged`);
             // Reset things just in case.
             if (isCi) {
               // eslint-disable-next-line no-await-in-loop
@@ -4977,23 +5001,24 @@ async function pnpmFix(pkgEnvDetails, {
                 logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
                 continue infosLoop;
               }
-              const repoInfo = getGitHubEnvRepoInfo();
               const branch = getSocketBranchName(oldPurl, newVersion, workspace);
               let skipPr = false;
               if (
               // eslint-disable-next-line no-await-in-loop
               await prExistForBranch(repoInfo.owner, repoInfo.repo, branch)) {
                 skipPr = true;
-                debug.debugFn(`Branch "${branch}" exists, skipping PR creation.`);
+                debug.debugFn(`skip: branch "${branch}" exists`);
               }
               // eslint-disable-next-line no-await-in-loop
               else if (await gitRemoteBranchExists(branch, cwd)) {
                 skipPr = true;
-                debug.debugFn(`Remote branch "${branch}" exists, skipping PR creation.`);
+                debug.debugFn(`skip: remote branch "${branch}" exists`);
               } else if (
               // eslint-disable-next-line no-await-in-loop
               !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspace), moddedFilepaths, {
-                cwd
+                cwd,
+                email: gitEmail,
+                user: gitUser
               }))) {
                 skipPr = true;
                 logger.logger.warn('Unexpected condition: Push failed, skipping PR creation.');
@@ -5019,7 +5044,7 @@ async function pnpmFix(pkgEnvDetails, {
               }
 
               // eslint-disable-next-line no-await-in-loop
-              await Promise.allSettled([setGitRemoteGitHubRepoUrl(repoInfo.owner, repoInfo.repo, token, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, newVersion, {
+              await Promise.allSettled([setGitRemoteGitHubRepoUrl(repoInfo.owner, repoInfo.repo, githubToken, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, newVersion, {
                 purl: oldPurl,
                 workspace
               })]);
@@ -5130,12 +5155,14 @@ async function pnpmFix(pkgEnvDetails, {
     spinner?.dedent();
   }
   spinner?.stop();
+
+  // Or, did we change anything?
   return {
     ok: true,
     data: {
       fixed: true
     }
-  }; // or, did we change anything?
+  };
 }
 
 const {
@@ -5634,9 +5661,9 @@ async function setupTabCompletion(targetName) {
 
   // Target dir is something like ~/.local/share/socket/settings/completion (linux)
   const targetDir = path.dirname(targetPath);
-  debug.debugFn('Target Path:', targetPath, ', Target Dir:', targetDir);
+  debug.debugFn('target: path + dir', targetPath, targetDir);
   if (!fs$1.existsSync(targetDir)) {
-    debug.debugFn('Dir does not exist, creating it now...');
+    debug.debugFn('create: target dir');
     fs$1.mkdirSync(targetDir, {
       recursive: true
     });
@@ -8016,7 +8043,7 @@ async function updateLockfile(pkgEnvDetails, options) {
     }
   } catch (e) {
     spinner?.stop();
-    debug.debugFn(e);
+    debug.debugFn('fail: update\n', e);
     return {
       ok: false,
       message: 'Update failed',
@@ -9859,7 +9886,7 @@ async function fetchListAllRepos({
       page: String(nextPage)
     }), 'list of repositories');
     if (!result.ok) {
-      debug.debugFn('At least one fetch failed, bailing...', result);
+      debug.debugFn('fail: fetch repo\n', result);
       return result;
     }
     result.data.results.forEach(row => rows.push(row));
@@ -11366,7 +11393,7 @@ async function scanOneRepo(repoSlug, {
     };
   }
   const tmpDir = fs$1.mkdtempSync(path.join(os.tmpdir(), repoSlug));
-  debug.debugFn('Temp dir for downloaded manifest (serves as scan root):', tmpDir);
+  debug.debugFn('init: temp dir for scan root', tmpDir);
   const downloadResult = await testAndDownloadManifestFiles({
     files,
     tmpDir,
@@ -11479,7 +11506,7 @@ async function testAndDownloadManifestFile({
   repoApiUrl,
   tmpDir
 }) {
-  debug.debugFn('Testing file:', file);
+  debug.debugFn('test: file', file);
   if (!SUPPORTED_FILE_PATTERNS.some(regex => regex.test(file))) {
     // Not an error.
     return {
@@ -11489,7 +11516,7 @@ async function testAndDownloadManifestFile({
       }
     };
   }
-  debug.debugLog(`[DEBUG] Found a manifest file: \`${file}\`, will download it to temp dir...`);
+  debug.debugFn('found: manifest file', file);
   const result = await downloadManifestFile({
     file,
     tmpDir,
@@ -11497,15 +11524,12 @@ async function testAndDownloadManifestFile({
     repoApiUrl,
     githubToken
   });
-  if (!result.ok) {
-    return result;
-  }
-  return {
+  return result.ok ? {
     ok: true,
     data: {
       isManifest: true
     }
-  };
+  } : result;
 }
 async function downloadManifestFile({
   defaultBranch,
@@ -11514,34 +11538,33 @@ async function downloadManifestFile({
   repoApiUrl,
   tmpDir
 }) {
-  debug.debugLog(`[DEBUG] Requesting download url from GitHub...`);
+  debug.debugFn('request: download url from GitHub');
   const fileUrl = `${repoApiUrl}/contents/${file}?ref=${defaultBranch}`;
-  debug.debugFn('File url:', fileUrl);
+  debug.debugFn('url: file', fileUrl);
   const downloadUrlResponse = await fetch(fileUrl, {
     method: 'GET',
     headers: {
       Authorization: `Bearer ${githubToken}`
     }
   });
-  debug.debugLog(`[DEBUG] Request completed.`);
+  debug.debugFn('complete: request');
   const downloadUrlText = await downloadUrlResponse.text();
-  debug.debugFn('Raw download url response:', downloadUrlText);
+  debug.debugFn('response: raw download url', downloadUrlText);
   let downloadUrl;
   try {
     downloadUrl = JSON.parse(downloadUrlText).download_url;
   } catch {
     logger.logger.fail(`GitHub response contained invalid JSON for download url for: ${file}`);
-    debug.debugLog(`[DEBUG] The not-json-content:`);
-    debug.debugLog(downloadUrlText);
+    debug.debugFn('content: raw (not JSON)', downloadUrlText);
     return {
       ok: false,
       message: 'Invalid JSON response',
       cause: `Server responded with invalid JSON for download url ${downloadUrl}`
     };
   }
-  debug.debugLog(`[DEBUG] Downloading manifest file...`);
+  debug.debugFn('download: manifest file');
   const localPath = path.join(tmpDir, file);
-  debug.debugFn('Downloading from', downloadUrl, 'to', localPath);
+  debug.debugFn('download:', downloadUrl, '->', localPath);
 
   // Now stream the file to that file...
 
@@ -11628,14 +11651,14 @@ async function getLastCommitDetails({
 }) {
   logger.logger.info(`Requesting last commit for default branch ${defaultBranch} for ${orgGithub}/${repoSlug}...`);
   const commitApiUrl = `${repoApiUrl}/commits?sha=${defaultBranch}&per_page=1`;
-  debug.debugFn('Commit url:', commitApiUrl);
+  debug.debugFn('url: commit', commitApiUrl);
   const commitResponse = await fetch(commitApiUrl, {
     headers: {
       Authorization: `Bearer ${githubToken}`
     }
   });
   const commitText = await commitResponse.text();
-  debug.debugFn('Raw commit response:', commitText);
+  debug.debugFn('response: commit', commitText);
   let lastCommit;
   try {
     lastCommit = JSON.parse(commitText)?.[0];
@@ -11722,7 +11745,7 @@ async function getRepoDetails({
   repoSlug
 }) {
   const repoApiUrl = `${githubApiUrl}/repos/${orgGithub}/${repoSlug}`;
-  debug.debugFn('Repo URL:', repoApiUrl);
+  debug.debugFn('url: repo', repoApiUrl);
   const repoDetailsResponse = await fetch(repoApiUrl, {
     method: 'GET',
     headers: {
@@ -11731,7 +11754,7 @@ async function getRepoDetails({
   });
   logger.logger.success(`Request completed.`);
   const repoDetailsText = await repoDetailsResponse.text();
-  debug.debugFn('Raw repo response:', repoDetailsText);
+  debug.debugFn('response: repo', repoDetailsText);
   let repoDetails;
   try {
     repoDetails = JSON.parse(repoDetailsText);
@@ -11770,7 +11793,7 @@ async function getRepoBranchTree({
 }) {
   logger.logger.info(`Requesting default branch file tree; branch \`${defaultBranch}\`, repo \`${orgGithub}/${repoSlug}\`...`);
   const treeApiUrl = `${repoApiUrl}/git/trees/${defaultBranch}?recursive=1`;
-  debug.debugFn('Tree URL:', treeApiUrl);
+  debug.debugFn('url: tree', treeApiUrl);
   const treeResponse = await fetch(treeApiUrl, {
     method: 'GET',
     headers: {
@@ -11778,7 +11801,7 @@ async function getRepoBranchTree({
     }
   });
   const treeText = await treeResponse.text();
-  debug.debugFn('Raw tree response:', treeText);
+  debug.debugFn('response: tree', treeText);
   let treeDetails;
   try {
     treeDetails = JSON.parse(treeText);
@@ -12555,7 +12578,7 @@ async function fetchScan(orgSlug, scanId) {
       return JSON.parse(line);
     } catch {
       ok = false;
-      debug.debugFn('NDJSON failed to parse the following line:', line);
+      debug.debugFn('fail: parse NDJSON\n', line);
       return null;
     }
   });
@@ -13340,7 +13363,7 @@ Do you want to install "safe npm" (this will create an alias to the socket-npm c
       }
     }
   } catch (e) {
-    debug.debugFn('Failed to setup tab completion:\n', e);
+    debug.debugFn('fail: setup tab completion\n', e);
     // Ignore. Skip tab completion setup.
   }
   if (!updatedTabCompletion) {
@@ -13582,5 +13605,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=2fd0bc0c-3a6c-42d6-8ccd-1745d5682e7e
+//# debugId=7e206930-1632-4ae3-b9bc-0c092c388970
 //# sourceMappingURL=cli.js.map