@socketsecurity/cli-with-sentry 0.15.52 → 0.15.54

package/dist/cli.js

@@ -315,7 +315,7 @@ const config$T = {
     file: {
       type: 'string',
       shortFlag: 'f',
-      description: 'Filepath to save output. Only valid with --json/--markdown. Defaults to stdout.'
+      description: 'Filepath to save output when given. Only valid with --json/--markdown.'
     },
     repo: {
       type: 'string',
@@ -3222,7 +3222,7 @@ const description$9 = 'Commands related to the local CLI configuration';
 const cmdConfig = {
   description: description$9,
   hidden: true,
-  // [beta]
+  // [beta]; isTestingV1
   async run(argv, importMeta, {
     parentName
   }) {
@@ -4316,10 +4316,7 @@ async function npmFix(pkgEnvDetails, {
   isCi && repoInfo ? await getOpenSocketPrs(repoInfo.owner, repoInfo.repo, {
     author: gitUser
   }) : [];
-  if (openPrs.length) {
-    debug.debugFn(`found: ${openPrs.length} open PRs`);
-  }
-  let count = isCi ? openPrs.length : 0;
+  let count = 0;
   const arb = new shadowInject.Arborist({
     path: rootPath,
     ...shadowInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
@@ -4330,9 +4327,9 @@ async function npmFix(pkgEnvDetails, {
   let alertsMap;
   try {
     alertsMap = purls.length ? await utils.getAlertsMapFromPurls(purls, getAlertsMapOptions({
-      limit: limit + openPrs.length
+      limit: Math.max(limit, openPrs.length)
     })) : await shadowInject.getAlertsMapFromArborist(arb, getAlertsMapOptions({
-      limit: limit + openPrs.length
+      limit: Math.max(limit, openPrs.length)
     }));
   } catch (e) {
     spinner?.stop();
@@ -4344,7 +4341,7 @@ async function npmFix(pkgEnvDetails, {
     };
   }
   const infoByPartialPurl = utils.getCveInfoFromAlertsMap(alertsMap, {
-    limit: limit + openPrs.length
+    limit: Math.max(limit, openPrs.length)
   });
   if (!infoByPartialPurl) {
     spinner?.stop();
@@ -4381,11 +4378,14 @@ async function npmFix(pkgEnvDetails, {
     const infoEntry = sortedInfoEntries[i];
     const partialPurlObj = utils.getPurlObject(infoEntry[0]);
     const name = packages.resolvePackageName(partialPurlObj);
-    let infos = [...infoEntry[1].values()];
+    const infos = [...infoEntry[1].values()];
+    if (!infos.length) {
+      continue infoEntriesLoop;
+    }
+    const activeBranches = [];
     if (isCi) {
       const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
       const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
-      const activeBranches = [];
       for (const pr of openPrs) {
         const parsedBranch = branchParser(pr.headRefName);
         if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
@@ -4397,10 +4397,6 @@ async function npmFix(pkgEnvDetails, {
       } else if (openPrs.length) {
         debug.debugFn('miss: 0 active branches found');
       }
-      infos = infos.filter(info => !activeBranches.find(b => b.newVersion === info.firstPatchedVersionIdentifier));
-    }
-    if (!infos.length) {
-      continue infoEntriesLoop;
     }
     logger.logger.log(`Processing vulns for ${name}:`);
     logger.logger.indent();
@@ -4428,6 +4424,7 @@ async function npmFix(pkgEnvDetails, {
       const pkgPath = path.dirname(pkgJsonPath);
       const isWorkspaceRoot = pkgJsonPath === pkgEnvDetails.editablePkgJson.filename;
       const workspace = isWorkspaceRoot ? 'root' : path.relative(rootPath, pkgPath);
+      const branchWorkspace = isCi ? getSocketBranchWorkspaceComponent(workspace) : '';
       const oldVersions = arrays.arrayUnique(shadowInject.findPackageNodes(actualTree, name).map(n => n.target?.version ?? n.version).filter(Boolean));
       if (!oldVersions.length) {
         debug.debugFn(`skip: ${name} not found\n`);
@@ -4467,6 +4464,15 @@ async function npmFix(pkgEnvDetails, {
             continue infosLoop;
           }
           const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
+          if (activeBranches.find(b => b.workspace === branchWorkspace && b.newVersion === newVersion)) {
+            debug.debugFn(`skip: open PR found for ${name}@${newVersion}`);
+            if (++count >= limit) {
+              logger.logger.dedent();
+              spinner?.dedent();
+              break infoEntriesLoop;
+            }
+            continue infosLoop;
+          }
           const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
           if (!(newVersion && newVersionPackument)) {
             warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
@@ -4771,11 +4777,6 @@ async function pnpmFix(pkgEnvDetails, {
   isCi && repoInfo ? await getOpenSocketPrs(repoInfo.owner, repoInfo.repo, {
     author: gitUser
   }) : [];
-  if (openPrs.length) {
-    debug.debugFn(`found: ${openPrs.length} open PRs\n`, openPrs);
-  } else {
-    debug.debugFn('miss: 0 open PRs found');
-  }
   let count = 0;
   let actualTree;
   const lockfilePath = path.join(rootPath, 'pnpm-lock.yaml');
@@ -4825,9 +4826,9 @@ async function pnpmFix(pkgEnvDetails, {
   let alertsMap;
   try {
     alertsMap = purls.length ? await utils.getAlertsMapFromPurls(purls, getAlertsMapOptions({
-      limit: limit + openPrs.length
+      limit: Math.max(limit, openPrs.length)
     })) : await utils.getAlertsMapFromPnpmLockfile(lockfile, getAlertsMapOptions({
-      limit: limit + openPrs.length
+      limit: Math.max(limit, openPrs.length)
     }));
   } catch (e) {
     spinner?.stop();
@@ -4839,7 +4840,7 @@ async function pnpmFix(pkgEnvDetails, {
     };
   }
   const infoByPartialPurl = utils.getCveInfoFromAlertsMap(alertsMap, {
-    limit: limit + openPrs.length
+    limit: Math.max(limit, openPrs.length)
   });
   if (!infoByPartialPurl) {
     spinner?.stop();
@@ -4921,6 +4922,7 @@ async function pnpmFix(pkgEnvDetails, {
       const pkgPath = path.dirname(pkgJsonPath);
       const isWorkspaceRoot = pkgJsonPath === pkgEnvDetails.editablePkgJson.filename;
       const workspace = isWorkspaceRoot ? 'root' : path.relative(rootPath, pkgPath);
+      const branchWorkspace = isCi ? getSocketBranchWorkspaceComponent(workspace) : '';
 
       // actualTree may not be defined on the first iteration of pkgJsonPathsLoop.
       if (!actualTree) {
@@ -4990,7 +4992,7 @@ async function pnpmFix(pkgEnvDetails, {
             continue infosLoop;
           }
           const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
-          if (activeBranches.find(b => b.newVersion === newVersion)) {
+          if (activeBranches.find(b => b.workspace === branchWorkspace && b.newVersion === newVersion)) {
             debug.debugFn(`skip: open PR found for ${name}@${newVersion}`);
             if (++count >= limit) {
               logger.logger.dedent();
@@ -5873,7 +5875,7 @@ const config$F = {
   commandName: 'completion',
   description: 'Install bash completion for Socket CLI',
   hidden: true,
-  // beta
+  // beta; isTestingV1
   flags: {
     ...utils.commonFlags
   },
@@ -5932,7 +5934,7 @@ const description$7 = 'Setup the Socket CLI command in your environment';
 const cmdInstall = {
   description: description$7,
   hidden: true,
-  // beta
+  // beta; isTestingV1
   async run(argv, importMeta, {
     parentName
   }) {
@@ -7680,12 +7682,14 @@ function includesBun(lockSrc, name, lockName) {
 function includesPnpm(lockSrc, name) {
   const escapedName = regexps.escapeRegExp(name);
   return new RegExp(
-  // Detects the package name in the following cases:
-  //   /name/
+  // Detects the package name.
+  // v9.0 and v6.0 lockfile patterns:
   //   'name'
   //   name:
   //   name@
-  `(?<=^\\s*)(?:(['/])${escapedName}\\1|${escapedName}(?=[:@]))`, 'm').test(lockSrc);
+  // v6.0 lockfile patterns:
+  //   /name@
+  `(?<=^\\s*)(?:'${escapedName}'|/?${escapedName}(?=[:@]))`, 'm').test(lockSrc);
 }
 function includesVlt(lockSrc, name) {
   // Detects the package name in the following cases:
@@ -8356,16 +8360,16 @@ async function run$s(argv, importMeta, {
   });
 }
 
-async function fetchOrganization() {
+async function fetchLicensePolicy(orgSlug) {
   const sockSdkResult = await utils.setupSdk();
   if (!sockSdkResult.ok) {
     return sockSdkResult;
   }
   const sockSdk = sockSdkResult.data;
-  return await utils.handleApiCall(sockSdk.getOrganizations(), 'organization list');
+  return await utils.handleApiCall(sockSdk.getOrgLicensePolicy(orgSlug), 'organization license policy');
 }
 
-async function outputOrganizationList(result, outputKind = 'text') {
+async function outputLicensePolicy(result, outputKind) {
   if (!result.ok) {
     process.exitCode = result.code ?? 1;
   }
@@ -8377,73 +8381,66 @@ async function outputOrganizationList(result, outputKind = 'text') {
     logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
     return;
   }
-  const organizations = Object.values(result.data.organizations);
-  const visibleTokenPrefix = utils.getVisibleTokenPrefix();
-  switch (outputKind) {
-    case 'markdown':
-      {
-        // | Syntax      | Description |
-        // | ----------- | ----------- |
-        // | Header      | Title       |
-        // | Paragraph   | Text        |
-        let mw1 = 4;
-        let mw2 = 2;
-        let mw3 = 4;
-        for (const o of organizations) {
-          mw1 = Math.max(mw1, o.name?.length ?? 0);
-          mw2 = Math.max(mw2, o.id.length);
-          mw3 = Math.max(mw3, o.plan.length);
-        }
-        logger.logger.log('# Organizations\n');
-        logger.logger.log(`List of organizations associated with your API key, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
-        logger.logger.log(`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`);
-        logger.logger.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
-        for (const o of organizations) {
-          logger.logger.log(`| ${(o.name || '').padEnd(mw1, ' ')} | ${(o.id || '').padEnd(mw2, ' ')} | ${(o.plan || '').padEnd(mw3, ' ')} |`);
-        }
-        logger.logger.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
-        return;
-      }
-    default:
-      {
-        logger.logger.log(`List of organizations associated with your API key, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
-        // Just dump
-        for (const o of organizations) {
-          logger.logger.log(`- Name: ${vendor.yoctocolorsCjsExports.bold(o.name ?? 'undefined')}, ID: ${vendor.yoctocolorsCjsExports.bold(o.id)}, Plan: ${vendor.yoctocolorsCjsExports.bold(o.plan)}`);
-        }
-      }
-  }
+  logger.logger.info('Use --json to get the full result');
+  logger.logger.log('# License policy');
+  logger.logger.log('');
+  logger.logger.log('This is the license policy for your organization:');
+  logger.logger.log('');
+  const rules = result.data['license_policy'];
+  const entries = rules ? Object.entries(rules) : [];
+  const mapped = entries.map(([key, value]) => [key, value?.['allowed'] ? ' yes' : ' no']);
+  mapped.sort(([a], [b]) => a < b ? -1 : a > b ? 1 : 0);
+  logger.logger.log(utils.mdTableOfPairs(mapped, ['License Name', 'Allowed']));
+  logger.logger.log('');
 }
 
-async function handleOrganizationList(outputKind = 'text') {
-  const data = await fetchOrganization();
-  await outputOrganizationList(data, outputKind);
+async function handleLicensePolicy(orgSlug, outputKind) {
+  const data = await fetchLicensePolicy(orgSlug);
+  await outputLicensePolicy(data, outputKind);
 }
 
 const {
   DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$p
 } = constants;
+
+// TODO: secret toplevel alias `socket license policy`?
 const config$r = {
-  commandName: 'list',
-  description: 'List organizations associated with the API key used',
-  hidden: false,
+  commandName: 'license',
+  description: 'Retrieve the license policy of an organization',
+  hidden: true,
   flags: {
     ...utils.commonFlags,
-    ...utils.outputFlags
+    ...utils.outputFlags,
+    interactive: {
+      type: 'boolean',
+      default: true,
+      description: 'Allow for interactive elements, asking for input. Use --no-interactive to prevent any input questions, defaulting them to cancel/no.'
+    },
+    org: {
+      type: 'string',
+      description: 'Force override the organization slug, overrides the default org from config'
+    }
   },
   help: (command, _config) => `
     Usage
-      $ ${command}
+      $ ${command}${utils.isTestingV1() ? '' : ' <org slug>'}
 
     API Token Requirements
       - Quota: 1 unit
-      - Permissions: none (does need a token)
+      - Permissions: license-policy:read
 
     Options
       ${utils.getFlagListOutput(config$r.flags, 6)}
+
+    Your API token will need the \`license-policy:read\` permission otherwise
+    the request will fail with an authentication error.
+
+    Examples
+      $ ${command}${utils.isTestingV1() ? '' : ' mycorp'}
+      $ ${command}${utils.isTestingV1() ? '' : ' mycorp'} --json
   `
 };
-const cmdOrganizationList = {
+const cmdOrganizationPolicyLicense = {
   description: config$r.description,
   hidden: config$r.hidden,
   run: run$r
@@ -8458,17 +8455,27 @@ async function run$r(argv, importMeta, {
     parentName
   });
   const {
+    dryRun,
+    interactive,
     json,
-    markdown
+    markdown,
+    org: orgFlag
   } = cli.flags;
   const outputKind = utils.getOutputKind(json, markdown);
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), cli.input[0] || '', !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
   const wasValidInput = utils.checkCommandInput(outputKind, {
+    nook: true,
+    test: !!orgSlug,
+    message: utils.isTestingV1() ? 'Org name by default setting, --org, or auto-discovered' : 'Org name must be the first argument',
+    pass: 'ok',
+    fail: 'missing'
+  }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: 'The json and markdown flags cannot be both set, pick one',
     pass: 'ok',
-    fail: 'bad'
+    fail: 'omit one'
   }, {
     nook: true,
     test: hasApiToken,
@@ -8483,19 +8490,19 @@ async function run$r(argv, importMeta, {
     logger.logger.log(DRY_RUN_BAILING_NOW$p);
     return;
   }
-  await handleOrganizationList(outputKind);
+  await handleLicensePolicy(orgSlug, outputKind);
 }
 
-async function fetchLicensePolicy(orgSlug) {
+async function fetchSecurityPolicy(orgSlug) {
   const sockSdkResult = await utils.setupSdk();
   if (!sockSdkResult.ok) {
     return sockSdkResult;
   }
   const sockSdk = sockSdkResult.data;
-  return await utils.handleApiCall(sockSdk.getOrgLicensePolicy(orgSlug), 'organization license policy');
+  return await utils.handleApiCall(sockSdk.getOrgSecurityPolicy(orgSlug), 'organization security policy');
 }
 
-async function outputLicensePolicy(result, outputKind) {
+async function outputSecurityPolicy(result, outputKind) {
   if (!result.ok) {
     process.exitCode = result.code ?? 1;
   }
@@ -8507,32 +8514,33 @@ async function outputLicensePolicy(result, outputKind) {
     logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
     return;
   }
-  logger.logger.info('Use --json to get the full result');
-  logger.logger.log('# License policy');
+  logger.logger.log('# Security policy');
   logger.logger.log('');
-  logger.logger.log('This is the license policy for your organization:');
+  logger.logger.log(`The default security policy setting is: "${result.data.securityPolicyDefault}"`);
   logger.logger.log('');
-  const rules = result.data['license_policy'];
+  logger.logger.log('These are the security policies per setting for your organization:');
+  logger.logger.log('');
+  const rules = result.data.securityPolicyRules;
   const entries = rules ? Object.entries(rules) : [];
-  const mapped = entries.map(([key, value]) => [key, value?.['allowed'] ? ' yes' : ' no']);
+  const mapped = entries.map(([key, value]) => [key, value.action]);
   mapped.sort(([a], [b]) => a < b ? -1 : a > b ? 1 : 0);
-  logger.logger.log(utils.mdTableOfPairs(mapped, ['License Name', 'Allowed']));
+  logger.logger.log(utils.mdTableOfPairs(mapped, ['name', 'action']));
   logger.logger.log('');
 }
 
-async function handleLicensePolicy(orgSlug, outputKind) {
-  const data = await fetchLicensePolicy(orgSlug);
-  await outputLicensePolicy(data, outputKind);
+async function handleSecurityPolicy(orgSlug, outputKind) {
+  const data = await fetchSecurityPolicy(orgSlug);
+  await outputSecurityPolicy(data, outputKind);
 }
 
 const {
   DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$o
 } = constants;
 
-// TODO: secret toplevel alias `socket license policy`?
+// TODO: secret toplevel alias `socket security policy`?
 const config$q = {
-  commandName: 'license',
-  description: 'Retrieve the license policy of an organization',
+  commandName: 'security',
+  description: 'Retrieve the security policy of an organization',
   hidden: true,
   flags: {
     ...utils.commonFlags,
@@ -8553,12 +8561,12 @@ const config$q = {
 
     API Token Requirements
       - Quota: 1 unit
-      - Permissions: license-policy:read
+      - Permissions: security-policy:read
 
     Options
       ${utils.getFlagListOutput(config$q.flags, 6)}
 
-    Your API token will need the \`license-policy:read\` permission otherwise
+    Your API token will need the \`security-policy:read\` permission otherwise
     the request will fail with an authentication error.
 
     Examples
@@ -8566,7 +8574,7 @@ const config$q = {
       $ ${command}${utils.isTestingV1() ? '' : ' mycorp'} --json
   `
 };
-const cmdOrganizationPolicyLicense = {
+const cmdOrganizationPolicyPolicy = {
   description: config$q.description,
   hidden: config$q.hidden,
   run: run$q
@@ -8593,7 +8601,7 @@ async function run$q(argv, importMeta, {
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !!orgSlug,
-    message: utils.isTestingV1() ? 'Org name by default setting, --org, or auto-discovered' : 'Org name must be the first argument',
+    message: 'Org name as the first argument',
     pass: 'ok',
     fail: 'missing'
   }, {
@@ -8616,19 +8624,19 @@ async function run$q(argv, importMeta, {
     logger.logger.log(DRY_RUN_BAILING_NOW$o);
     return;
   }
-  await handleLicensePolicy(orgSlug, outputKind);
+  await handleSecurityPolicy(orgSlug, outputKind);
 }
 
-async function fetchSecurityPolicy(orgSlug) {
+async function fetchOrganization() {
   const sockSdkResult = await utils.setupSdk();
   if (!sockSdkResult.ok) {
     return sockSdkResult;
   }
   const sockSdk = sockSdkResult.data;
-  return await utils.handleApiCall(sockSdk.getOrgSecurityPolicy(orgSlug), 'organization security policy');
+  return await utils.handleApiCall(sockSdk.getOrganizations(), 'organization list');
 }
 
-async function outputSecurityPolicy(result, outputKind) {
+async function outputOrganizationList(result, outputKind = 'text') {
   if (!result.ok) {
     process.exitCode = result.code ?? 1;
   }
@@ -8640,67 +8648,73 @@ async function outputSecurityPolicy(result, outputKind) {
     logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
     return;
   }
-  logger.logger.log('# Security policy');
-  logger.logger.log('');
-  logger.logger.log(`The default security policy setting is: "${result.data.securityPolicyDefault}"`);
-  logger.logger.log('');
-  logger.logger.log('These are the security policies per setting for your organization:');
-  logger.logger.log('');
-  const rules = result.data.securityPolicyRules;
-  const entries = rules ? Object.entries(rules) : [];
-  const mapped = entries.map(([key, value]) => [key, value.action]);
-  mapped.sort(([a], [b]) => a < b ? -1 : a > b ? 1 : 0);
-  logger.logger.log(utils.mdTableOfPairs(mapped, ['name', 'action']));
-  logger.logger.log('');
+  const organizations = Object.values(result.data.organizations);
+  const visibleTokenPrefix = utils.getVisibleTokenPrefix();
+  switch (outputKind) {
+    case 'markdown':
+      {
+        // | Syntax      | Description |
+        // | ----------- | ----------- |
+        // | Header      | Title       |
+        // | Paragraph   | Text        |
+        let mw1 = 4;
+        let mw2 = 2;
+        let mw3 = 4;
+        for (const o of organizations) {
+          mw1 = Math.max(mw1, o.name?.length ?? 0);
+          mw2 = Math.max(mw2, o.id.length);
+          mw3 = Math.max(mw3, o.plan.length);
+        }
+        logger.logger.log('# Organizations\n');
+        logger.logger.log(`List of organizations associated with your API key, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
+        logger.logger.log(`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`);
+        logger.logger.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
+        for (const o of organizations) {
+          logger.logger.log(`| ${(o.name || '').padEnd(mw1, ' ')} | ${(o.id || '').padEnd(mw2, ' ')} | ${(o.plan || '').padEnd(mw3, ' ')} |`);
+        }
+        logger.logger.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
+        return;
+      }
+    default:
+      {
+        logger.logger.log(`List of organizations associated with your API key, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
+        // Just dump
+        for (const o of organizations) {
+          logger.logger.log(`- Name: ${vendor.yoctocolorsCjsExports.bold(o.name ?? 'undefined')}, ID: ${vendor.yoctocolorsCjsExports.bold(o.id)}, Plan: ${vendor.yoctocolorsCjsExports.bold(o.plan)}`);
+        }
+      }
+  }
 }
 
-async function handleSecurityPolicy(orgSlug, outputKind) {
-  const data = await fetchSecurityPolicy(orgSlug);
-  await outputSecurityPolicy(data, outputKind);
+async function handleOrganizationList(outputKind = 'text') {
+  const data = await fetchOrganization();
+  await outputOrganizationList(data, outputKind);
 }
 
 const {
   DRY_RUN_BAILING_NOW: DRY_RUN_BAILING_NOW$n
 } = constants;
-
-// TODO: secret toplevel alias `socket security policy`?
 const config$p = {
-  commandName: 'security',
-  description: 'Retrieve the security policy of an organization',
-  hidden: true,
+  commandName: 'list',
+  description: 'List organizations associated with the API key used',
+  hidden: false,
   flags: {
     ...utils.commonFlags,
-    ...utils.outputFlags,
-    interactive: {
-      type: 'boolean',
-      default: true,
-      description: 'Allow for interactive elements, asking for input. Use --no-interactive to prevent any input questions, defaulting them to cancel/no.'
-    },
-    org: {
-      type: 'string',
-      description: 'Force override the organization slug, overrides the default org from config'
-    }
+    ...utils.outputFlags
   },
   help: (command, _config) => `
     Usage
-      $ ${command}${utils.isTestingV1() ? '' : ' <org slug>'}
+      $ ${command}
 
     API Token Requirements
       - Quota: 1 unit
-      - Permissions: security-policy:read
+      - Permissions: none (does need a token)
 
     Options
       ${utils.getFlagListOutput(config$p.flags, 6)}
-
-    Your API token will need the \`security-policy:read\` permission otherwise
-    the request will fail with an authentication error.
-
-    Examples
-      $ ${command}${utils.isTestingV1() ? '' : ' mycorp'}
-      $ ${command}${utils.isTestingV1() ? '' : ' mycorp'} --json
   `
 };
-const cmdOrganizationPolicyPolicy = {
+const cmdOrganizationList = {
   description: config$p.description,
   hidden: config$p.hidden,
   run: run$p
@@ -8715,27 +8729,17 @@ async function run$p(argv, importMeta, {
     parentName
   });
   const {
-    dryRun,
-    interactive,
     json,
-    markdown,
-    org: orgFlag
+    markdown
   } = cli.flags;
   const outputKind = utils.getOutputKind(json, markdown);
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), cli.input[0] || '', !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
   const wasValidInput = utils.checkCommandInput(outputKind, {
-    nook: true,
-    test: !!orgSlug,
-    message: 'Org name as the first argument',
-    pass: 'ok',
-    fail: 'missing'
-  }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The json and markdown flags cannot be both set, pick one',
+    message: 'The `--json` and `--markdown` flags can not be used at the same time',
     pass: 'ok',
-    fail: 'omit one'
+    fail: 'bad'
   }, {
     nook: true,
     test: hasApiToken,
@@ -8750,7 +8754,7 @@ async function run$p(argv, importMeta, {
     logger.logger.log(DRY_RUN_BAILING_NOW$n);
     return;
   }
-  await handleSecurityPolicy(orgSlug, outputKind);
+  await handleOrganizationList(outputKind);
 }
 
 const description$6 = 'Organization policy details';
@@ -8878,11 +8882,7 @@ async function run$o(argv, importMeta, {
 const description$5 = 'Account details';
 const cmdOrganization = {
   description: description$5,
-  // Hidden because it was broken all this time (nobody could be using it)
-  // and we're not sure if it's useful to anyone in its current state.
-  // Until we do, we'll hide this to keep the help tidier.
-  // And later, we may simply move this under `scan`, anyways.
-  hidden: true,
+  hidden: false,
   async run(argv, importMeta, {
     parentName
   }) {
@@ -8891,6 +8891,18 @@ const cmdOrganization = {
       quota: cmdOrganizationQuota,
       policy: cmdOrganizationPolicy
     }, {
+      aliases: {
+        license: {
+          description: cmdOrganizationPolicyLicense.description,
+          hidden: true,
+          argv: ['policy', 'license']
+        },
+        security: {
+          description: cmdOrganizationPolicyPolicy.description,
+          hidden: true,
+          argv: ['policy', 'security']
+        }
+      },
       argv,
       description: description$5,
       defaultSub: 'list',
@@ -9121,7 +9133,7 @@ const {
 } = constants;
 const config$n = {
   commandName: 'score',
-  description: '[beta] Look up score for one package which reflects all of its transitive dependencies as well',
+  description: 'Look up score for one package which reflects all of its transitive dependencies as well',
   hidden: false,
   flags: {
     ...utils.commonFlags,
@@ -9353,7 +9365,7 @@ const {
 } = constants;
 const config$m = {
   commandName: 'shallow',
-  description: '[beta] Look up info regarding one or more packages but not their transitives',
+  description: 'Look up info regarding one or more packages but not their transitives',
   hidden: false,
   flags: {
     ...utils.commonFlags,
@@ -13472,7 +13484,17 @@ const cmdScan = {
       view: cmdScanView
     }, {
       aliases: {
-        // Backwards compat. TODO: Drop next major bump
+        meta: {
+          description: cmdScanMetadata.description,
+          hidden: true,
+          argv: ['metadata']
+        },
+        reachability: {
+          description: cmdScanReach.description,
+          hidden: true,
+          argv: ['reach']
+        },
+        // Backwards compat. TODO: Drop next major bump; isTestingV1
         stream: {
           description: cmdScanView.description,
           hidden: true,
@@ -13896,7 +13918,7 @@ const config$1 = {
   commandName: 'completion',
   description: 'Uninstall bash completion for Socket CLI',
   hidden: true,
-  // beta
+  // beta; isTestingV1
   flags: {
     ...utils.commonFlags
   },
@@ -13947,7 +13969,7 @@ const description = 'Teardown the Socket command from your environment';
 const cmdUninstall = {
   description,
   hidden: true,
-  // beta
+  // beta; isTestingV1
   async run(argv, importMeta, {
     parentName
   }) {
@@ -14247,7 +14269,83 @@ void (async () => {
       manifest: cmdManifest,
       uninstall: cmdUninstall
     }, {
-      aliases: {},
+      aliases: {
+        audit: {
+          description: cmdAuditLog.description,
+          hidden: true,
+          argv: ['audit-log']
+        },
+        auditLogs: {
+          description: cmdAuditLog.description,
+          hidden: true,
+          argv: ['audit-log']
+        },
+        deps: {
+          description: cmdScanCreate$1.description,
+          hidden: true,
+          argv: ['dependencies']
+        },
+        feed: {
+          description: cmdThreatFeed.description,
+          hidden: true,
+          argv: ['threat-feed']
+        },
+        license: {
+          description: cmdOrganizationPolicyLicense.description,
+          hidden: true,
+          argv: ['organization', 'policy', 'license']
+        },
+        org: {
+          description: cmdOrganization.description,
+          hidden: true,
+          argv: ['organization']
+        },
+        orgs: {
+          description: cmdOrganization.description,
+          hidden: true,
+          argv: ['organization']
+        },
+        organizations: {
+          description: cmdOrganization.description,
+          hidden: true,
+          argv: ['organization']
+        },
+        organisation: {
+          description: cmdOrganization.description,
+          hidden: true,
+          argv: ['organization']
+        },
+        organisations: {
+          description: cmdOrganization.description,
+          hidden: true,
+          argv: ['organization']
+        },
+        pkg: {
+          description: cmdPackage.description,
+          hidden: true,
+          argv: ['package']
+        },
+        repo: {
+          description: cmdRepos.description,
+          hidden: true,
+          argv: ['repos']
+        },
+        repository: {
+          description: cmdRepos.description,
+          hidden: true,
+          argv: ['repos']
+        },
+        repositories: {
+          description: cmdRepos.description,
+          hidden: true,
+          argv: ['repos']
+        },
+        security: {
+          description: cmdOrganizationPolicyPolicy.description,
+          hidden: true,
+          argv: ['organization', 'policy', 'security']
+        }
+      },
       argv: process.argv.slice(2),
       name: SOCKET_CLI_BIN_NAME,
       importMeta: {
@@ -14282,5 +14380,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=af26517c-db28-417c-8217-08e459c8dcc5
+//# debugId=c367b9c2-15d4-4650-9e2f-c8866daf46cd
 //# sourceMappingURL=cli.js.map