npm - @socketsecurity/cli-with-sentry - Versions diffs - 1.0.7 → 1.0.9 - Mend

@socketsecurity/cli-with-sentry 1.0.7 → 1.0.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (171) hide show

package/dist/cli.js CHANGED Viewed

@@ -355,12 +355,6 @@ async function run$P(argv, importMeta, {
     importMeta,
     parentName
   });
-  const {
-    file,
-    json,
-    markdown
-  } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   // Supported inputs:
   // - []        (no args)
@@ -388,8 +382,14 @@ async function run$P(argv, importMeta, {
   } else if (cli.input[0]) {
     time = cli.input[0];
   }
+  const {
+    file,
+    json,
+    markdown
+  } = cli.flags;
   const hasApiToken = utils.hasDefaultToken();
   const noLegacy = !cli.flags['scope'] && !cli.flags['repo'] && !cli.flags['time'];
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: noLegacy,
@@ -806,12 +806,12 @@ async function run$O(argv, importMeta, {
     page,
     perPage
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   let [typeFilter = ''] = cli.input;
   typeFilter = String(typeFilter);
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
   const noLegacy = !cli.flags['type'];
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: noLegacy,
@@ -1606,7 +1606,7 @@ async function execGradleWithSpinner(bin, commandArgs, cwd) {
   try {
     logger.logger.info('(Running gradle can take a while, it depends on how long gradlew has to run)');
     logger.logger.info('(It will show no output, you can use --verbose to see its output)');
-    spinner.start(`Running gradlew`);
+    spinner.start(`Running gradlew...`);
     const output = await spawn.spawn(bin, commandArgs, {
       // We can pipe the output through to have the user see the result
       // of running gradlew, but then we can't (easily) gather the output
@@ -2432,8 +2432,8 @@ async function run$M(argv, importMeta, {
     json,
     markdown
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [key = ''] = cli.input;
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     test: utils.supportedConfigKeys.has(key) && key !== 'test',
     message: 'Config key should be the first arg',
@@ -2544,8 +2544,8 @@ async function run$L(argv, importMeta, {
     json,
     markdown
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [key = ''] = cli.input;
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     test: utils.supportedConfigKeys.has(key) || key === 'test',
     message: 'Config key should be the first arg',
@@ -2797,9 +2797,9 @@ async function run$J(argv, importMeta, {
     json,
     markdown
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [key = '', ...rest] = cli.input;
   const value = rest.join(' ');
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     test: key === 'test' || utils.supportedConfigKeys.has(key),
     message: 'Config key should be the first arg',
@@ -2917,8 +2917,8 @@ async function run$I(argv, importMeta, {
     json,
     markdown
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [key = ''] = cli.input;
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     test: key === 'test' || utils.supportedConfigKeys.has(key),
     message: 'Config key should be the first arg',
@@ -3718,21 +3718,19 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
   // eslint-disable-next-line sort-destructure-keys/sort-destructure-keys
   afterInstall = noopHandler,
   revertInstall = noopHandler
-}, ciEnv, openPrs, options) {
+}, ciEnv, openPrs, fixConfig) {
+  const {
+    pkgPath: rootPath
+  } = pkgEnvDetails;
   const {
     autoMerge,
     cwd,
     limit,
     rangeStyle,
+    spinner,
     test,
     testScript
-  } = options;
-  const {
-    spinner
-  } = constants;
-  const {
-    pkgPath: rootPath
-  } = pkgEnvDetails;
+  } = fixConfig;
   let count = 0;
   const infoByPartialPurl = utils.getCveInfoFromAlertsMap(alertsMap, {
     limit: Math.max(limit, openPrs.length)
@@ -3905,7 +3903,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
           }
           // eslint-disable-next-line no-await-in-loop
-          await beforeInstall(editablePkgJson, name, oldVersion, newVersion, vulnerableVersionRange, options);
+          await beforeInstall(editablePkgJson, name, oldVersion, newVersion, vulnerableVersionRange, fixConfig);
           shadowNpmInject.updatePackageJsonFromNode(editablePkgJson, actualTree, node, newVersion, rangeStyle);
           // eslint-disable-next-line no-await-in-loop
           if (!(await editablePkgJson.save({
@@ -3940,11 +3938,11 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
             if (maybeActualTree && maybeLockSrc) {
               actualTree = maybeActualTree;
               // eslint-disable-next-line no-await-in-loop
-              await afterInstall(editablePkgJson, name, oldVersion, newVersion, vulnerableVersionRange, options);
+              await afterInstall(editablePkgJson, name, oldVersion, newVersion, vulnerableVersionRange, fixConfig);
               if (test) {
                 spinner?.info(`Testing ${newId} in ${workspace}.`);
                 // eslint-disable-next-line no-await-in-loop
-                await npm.runScript(testScript, [], {
+                await npm.runNpmScript(testScript, [], {
                   spinner,
                   stdio: 'ignore'
                 });
@@ -4079,7 +4077,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
             if (!ciEnv) {
               spinner?.start();
               // eslint-disable-next-line no-await-in-loop
-              await revertInstall(editablePkgJson, name, oldVersion, newVersion, vulnerableVersionRange, options);
+              await revertInstall(editablePkgJson, name, oldVersion, newVersion, vulnerableVersionRange, fixConfig);
               // eslint-disable-next-line no-await-in-loop
               await Promise.all([utils.removeNodeModules(cwd), editablePkgJson.save({
                 ignoreWhitespace: true
@@ -4219,12 +4217,12 @@ async function install$1(pkgEnvDetails, options) {
   } catch {}
   return null;
 }
-async function npmFix(pkgEnvDetails, options) {
+async function npmFix(pkgEnvDetails, fixConfig) {
   const {
     limit,
     purls,
     spinner
-  } = options;
+  } = fixConfig;
   spinner?.start();
   const ciEnv = await getCiEnv();
   const openPrs = ciEnv ? await getOpenPrsForEnvironment(ciEnv) : [];
@@ -4305,7 +4303,7 @@ async function npmFix(pkgEnvDetails, options) {
         editablePkgJson.update(revertData);
       }
     }
-  }, ciEnv, openPrs, options);
+  }, ciEnv, openPrs, fixConfig);
 }
 async function outputFixResult(result, outputKind) {
@@ -4353,13 +4351,13 @@ async function install(pkgEnvDetails, options) {
   } catch {}
   return null;
 }
-async function pnpmFix(pkgEnvDetails, options) {
+async function pnpmFix(pkgEnvDetails, fixConfig) {
   const {
     cwd,
     limit,
     purls,
     spinner
-  } = options;
+  } = fixConfig;
   spinner?.start();
   let actualTree;
   let {
@@ -4487,14 +4485,14 @@ async function pnpmFix(pkgEnvDetails, options) {
         editablePkgJson.update(revertData);
       }
     }
-  }, ciEnv, openPrs, options);
+  }, ciEnv, openPrs, fixConfig);
 }
 const {
   NPM: NPM$7,
   PNPM: PNPM$6
 } = constants;
-async function handleFix(argv, {
+async function handleFix({
   autoMerge,
   cwd,
   ghsas,
@@ -4502,23 +4500,22 @@ async function handleFix(argv, {
   outputKind,
   purls,
   rangeStyle,
+  spinner,
   test,
-  testScript
+  testScript,
+  unknownFlags
 }) {
   let {
     length: ghsasCount
   } = ghsas;
   if (ghsasCount) {
-    // Lazily access constants.spinner.
-    const {
-      spinner
-    } = constants;
-    spinner.start('Fetching GHSA IDs...');
+    spinner?.start('Fetching GHSA IDs...');
     if (ghsasCount === 1 && ghsas[0] === 'auto') {
       const autoCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd], {
         cwd,
         spinner
       });
+      spinner?.stop();
       if (autoCResult.ok) {
         ghsas = utils.cmdFlagValueToArray(/(?<=Vulnerabilities found: )[^\n]+/.exec(autoCResult.data)?.[0]);
         ghsasCount = ghsas.length;
@@ -4530,17 +4527,25 @@ async function handleFix(argv, {
         ghsas = [];
         ghsasCount = 0;
       }
+      spinner?.start();
     }
     if (ghsasCount) {
-      spinner.info(`Found ${ghsasCount} GHSA ${words.pluralize('ID', ghsasCount)}.`);
-      await outputFixResult(await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--apply-fixes-to', ...ghsas, ...argv], {
+      spinner?.info(`Found ${ghsasCount} GHSA ${words.pluralize('ID', ghsasCount)}.`);
+      const applyFixesCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--apply-fixes-to', ...ghsas, ...unknownFlags], {
         cwd,
         spinner
-      }), outputKind);
-      spinner.stop();
+      });
+      spinner?.stop();
+      if (!applyFixesCResult.ok) {
+        debug.debugFn('coana fail:', {
+          message: applyFixesCResult.message,
+          cause: applyFixesCResult.cause
+        });
+      }
+      await outputFixResult(applyFixesCResult, outputKind);
       return;
     }
-    spinner.infoAndStop('No GHSA IDs found.');
+    spinner?.infoAndStop('No GHSA IDs found.');
     await outputFixResult({
       ok: true,
       data: ''
@@ -4578,11 +4583,6 @@ async function handleFix(argv, {
     }, outputKind);
     return;
   }
-  // Lazily access spinner.
-  const {
-    spinner
-  } = constants;
   const fixer = agent === NPM$7 ? npmFix : pnpmFix;
   await outputFixResult(await fixer(pkgEnvDetails, {
     autoMerge,
@@ -4709,6 +4709,14 @@ async function run$H(argv, importMeta, {
     logger.logger.log(DRY_RUN_NOT_SAVING);
     return;
   }
+  // Lazily access constants.spinner.
+  const {
+    spinner
+  } = constants;
+  const {
+    unknownFlags
+  } = cli;
   let [cwd = '.'] = cli.input;
   // Note: path.resolve vs .join:
   // If given path is absolute then cwd should not affect it.
@@ -4723,7 +4731,7 @@ async function run$H(argv, importMeta, {
   const limit = (cli.flags['limit'] ? parseInt(String(cli.flags['limit'] || ''), 10) : Infinity) || Infinity;
   const purls = utils.cmdFlagValueToArray(cli.flags['purl']);
   const testScript = String(cli.flags['testScript'] || 'test');
-  await handleFix(argv, {
+  await handleFix({
     autoMerge,
     cwd,
     ghsas,
@@ -4731,8 +4739,10 @@ async function run$H(argv, importMeta, {
     outputKind,
     purls,
     rangeStyle,
+    spinner,
     test,
-    testScript
+    testScript,
+    unknownFlags
   });
 }
@@ -4822,7 +4832,7 @@ function getTabCompletionScriptRaw() {
   if (!fs$1.existsSync(sourcePath)) {
     return {
       ok: false,
-      message: 'Source not found',
+      message: 'Source not found.',
       cause: `Unable to find the source tab completion bash script that Socket should ship. Expected to find it in \`${sourcePath}\` but it was not there.`
     };
   }
@@ -4837,12 +4847,11 @@ function updateInstalledTabCompletionScript(targetPath) {
     return content;
   }
-  // Lazily access constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH.
-  const CLI_VERSION = constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH;
   // When installing set the current package.json version.
   // Later, we can call _socket_completion_version to get the installed version.
-  fs$1.writeFileSync(targetPath, content.data.replaceAll('SOCKET_VERSION_TOKEN', CLI_VERSION), 'utf8');
+  fs$1.writeFileSync(targetPath, content.data.replaceAll('%SOCKET_VERSION_TOKEN%',
+  // Lazily access constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH.
+  constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH), 'utf8');
   return {
     ok: true,
     data: undefined
@@ -7902,8 +7911,8 @@ async function run$q(argv, importMeta, {
     markdown,
     offset
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const hasApiToken = utils.hasDefaultToken();
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
@@ -8030,9 +8039,9 @@ async function run$p(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
@@ -8158,9 +8167,9 @@ async function run$o(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
@@ -8293,8 +8302,8 @@ async function run$n(argv, importMeta, {
     json,
     markdown
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const hasApiToken = utils.hasDefaultToken();
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
@@ -8417,10 +8426,10 @@ async function run$m(argv, importMeta, {
     importMeta,
     parentName
   });
+  const hasApiToken = utils.hasDefaultToken();
   const json = Boolean(cli.flags['json']);
   const markdown = Boolean(cli.flags['markdown']);
   const outputKind = utils.getOutputKind(json, markdown);
-  const hasApiToken = utils.hasDefaultToken();
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
@@ -8768,9 +8777,9 @@ async function run$l(argv, importMeta, {
     json,
     markdown
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [ecosystem = '', purl] = cli.input;
   const hasApiToken = utils.hasDefaultToken();
+  const outputKind = utils.getOutputKind(json, markdown);
   const {
     purls,
     valid
@@ -9213,7 +9222,9 @@ const config$j = {
   commandName: 'raw-npm',
   description: `Temporarily disable the Socket ${NPM} wrapper`,
   hidden: false,
-  flags: {},
+  flags: {
+    ...utils.commonFlags
+  },
   help: command => `
     Usage
       $ ${command} ...
@@ -9276,7 +9287,9 @@ const config$i = {
   commandName: 'raw-npx',
   description: `Temporarily disable the Socket ${NPX} wrapper`,
   hidden: false,
-  flags: {},
+  flags: {
+    ...utils.commonFlags
+  },
   help: command => `
     Usage
       $ ${command} ...
@@ -9451,11 +9464,11 @@ async function run$h(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [repoName = ''] = cli.input;
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
   const noLegacy = !cli.flags['repoName'];
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !!orgSlug,
@@ -9863,9 +9876,9 @@ async function run$f(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !!orgSlug,
@@ -10047,11 +10060,11 @@ async function run$e(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [repoName = ''] = cli.input;
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
   const noLegacy = !cli.flags['repoName'];
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: noLegacy,
@@ -10204,11 +10217,11 @@ async function run$d(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [repoName = ''] = cli.input;
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
   const noLegacy = !cli.flags['repoName'];
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: noLegacy,
@@ -10461,8 +10474,6 @@ async function run$c(argv, importMeta, {
     repo: repoName,
     report
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
-  const pendingHead = tmp ? false : pendingHeadFlag;
   let [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   // Accept zero or more paths. Default to cwd() if none given.
@@ -10508,6 +10519,8 @@ async function run$c(argv, importMeta, {
   // must come from data we already know. Don't error on missing api token yet.
   // If the api-token is not set, ignore it for the sake of suggestions.
   const hasApiToken = utils.hasDefaultToken();
+  const outputKind = utils.getOutputKind(json, markdown);
+  const pendingHead = tmp ? false : pendingHeadFlag;
   // If we updated any inputs then we should print the command line to repeat
   // the command without requiring user input, as a suggestion.
@@ -10703,10 +10716,10 @@ async function run$b(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [scanId = ''] = cli.input;
-  const [orgSlug, defaultOrgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug, defaultOrgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: !!defaultOrgSlug,
     test: !!orgSlug,
@@ -11005,9 +11018,9 @@ async function run$a(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
+  const hasApiToken = utils.hasDefaultToken();
   let [id1 = '', id2 = ''] = cli.input;
-  // Support dropping in full socket urls to an sbom
+  // Support dropping in full socket urls to an sbom.
   if (id1.startsWith(SOCKET_SBOM_URL_PREFIX)) {
     id1 = id1.slice(SOCKET_SBOM_URL_PREFIX_LENGTH);
   }
@@ -11015,7 +11028,7 @@ async function run$a(argv, importMeta, {
     id2 = id2.slice(SOCKET_SBOM_URL_PREFIX_LENGTH);
   }
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
-  const hasApiToken = utils.hasDefaultToken();
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     test: !!(id1 && id2),
     message: 'Specify two Scan IDs.\nA Scan ID looks like `aaa0aa0a-aaaa-0000-0a0a-0000000a00a0`.',
@@ -12102,12 +12115,12 @@ async function run$8(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [repo = '', branchArg = ''] = cli.input;
   const branch = String(branchFlag || branchArg || '');
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
   const noLegacy = !cli.flags['repo'];
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: noLegacy,
@@ -12259,10 +12272,10 @@ async function run$7(argv, importMeta, {
     markdown,
     org: orgFlag
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [scanId = ''] = cli.input;
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !!orgSlug,
@@ -12316,13 +12329,17 @@ async function outputScanReach(result, outputKind) {
 const {
   DOT_SOCKET_DOT_FACTS_JSON
 } = constants;
-async function handleScanReach(argv, cwd, outputKind) {
+async function handleScanReach({
+  cwd,
+  outputKind,
+  unknownFlags
+}) {
   // Lazily access constants.spinner.
   const {
     spinner
   } = constants;
   spinner.start('Running reachability scan...');
-  const result = await utils.spawnCoana(['run', cwd, '--output-dir', cwd, '--socket-mode', DOT_SOCKET_DOT_FACTS_JSON, '--disable-report-submission', ...argv], {
+  const result = await utils.spawnCoana(['run', cwd, '--output-dir', cwd, '--socket-mode', DOT_SOCKET_DOT_FACTS_JSON, '--disable-report-submission', ...unknownFlags], {
     cwd,
     spinner
   });
@@ -12373,10 +12390,6 @@ async function run$6(argv, importMeta, {
     markdown
   } = cli.flags;
   const outputKind = utils.getOutputKind(json, markdown);
-  let [cwd = '.'] = cli.input;
-  // Note: path.resolve vs .join:
-  // If given path is absolute then cwd should not affect it.
-  cwd = path.resolve(process.cwd(), cwd);
   const wasValidInput = utils.checkCommandInput(outputKind);
   if (!wasValidInput) {
     return;
@@ -12385,7 +12398,18 @@ async function run$6(argv, importMeta, {
     logger.logger.log(DRY_RUN_BAILING_NOW$6);
     return;
   }
-  await handleScanReach(argv, cwd, outputKind);
+  const {
+    unknownFlags
+  } = cli;
+  let [cwd = '.'] = cli.input;
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
+  cwd = path.resolve(process.cwd(), cwd);
+  await handleScanReach({
+    cwd,
+    outputKind,
+    unknownFlags
+  });
 }
 const {
@@ -12493,10 +12517,10 @@ async function run$5(argv, importMeta, {
     org: orgFlag,
     reportLevel = 'warn'
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [scanId = '', file = ''] = cli.input;
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !!orgSlug,
@@ -13087,10 +13111,10 @@ async function run$3(argv, importMeta, {
     org: orgFlag,
     stream
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
   const [scanId = '', file = ''] = cli.input;
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !!orgSlug,
@@ -13491,12 +13515,11 @@ async function run$2(argv, importMeta, {
     type: typef,
     version
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown);
-  const argSet = new Set(cli.input);
   let ecoFilter = String(eco || '');
   let versionFilter = String(version || '');
   let typeFilter = String(typef || '');
   let nameFilter = String(pkg || '');
+  const argSet = new Set(cli.input);
   cli.input.some(str => {
     if (ECOSYSTEMS.has(str)) {
       ecoFilter = str;
@@ -13529,8 +13552,9 @@ async function run$2(argv, importMeta, {
   if (argSet.size) {
     logger.logger.info(`Warning: ignoring these excessive args: ${Array.from(argSet).join(', ')}`);
   }
-  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
   const hasApiToken = utils.hasDefaultToken();
+  const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), !!interactive, !!dryRun);
+  const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !!orgSlug,
@@ -13965,14 +13989,18 @@ const __filename$1 = require$$0.fileURLToPath((typeof document === 'undefined' ?
 const {
   SOCKET_CLI_BIN_NAME
 } = constants;
-// TODO: Add autocompletion using https://socket.dev/npm/package/omelette
 void (async () => {
+  const registryUrl = vendor.registryUrl();
   await vendor.updater({
+    authInfo: vendor.registryAuthTokenExports(registryUrl, {
+      recursive: true
+    }),
     name: SOCKET_CLI_BIN_NAME,
+    registryUrl,
+    ttl: 86_400_000 /* 24 hours in milliseconds */,
     // Lazily access constants.ENV.INLINED_SOCKET_CLI_VERSION.
-    version: constants.ENV.INLINED_SOCKET_CLI_VERSION,
-    ttl: 86_400_000 /* 24 hours in milliseconds */
+    version: constants.ENV.INLINED_SOCKET_CLI_VERSION
   });
   try {
     await utils.meowWithSubcommands({
@@ -14103,18 +14131,16 @@ void (async () => {
     debug.debugFn('Uncaught error (BAD!):');
     debug.debugFn(e);
-    // Try to parse the flags, find out if --json or --markdown is set
+    // Try to parse the flags, find out if --json or --markdown is set.
     let isJson = false;
     try {
       const cli = vendor.meow(``, {
         argv: process.argv.slice(2),
+        autoHelp: false,
+        flags: {},
         importMeta: {
           url: `${require$$0.pathToFileURL(__filename$1)}`
-        },
-        flags: {},
-        // Do not strictly check for flags here.
-        allowUnknownFlags: true,
-        autoHelp: false
+        }
       });
       isJson = !!cli.flags['json'];
     } catch {}
@@ -14152,5 +14178,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=5e867fbb-731b-4627-b1dd-e382c345e74f
+//# debugId=3540e251-1510-40db-8d43-e0489ddabe14
 //# sourceMappingURL=cli.js.map