@socketsecurity/cli-with-sentry 1.1.0 → 1.1.1

package/dist/types/commands/fix/cmd-fix.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"cmd-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/cmd-fix.mts"],"names":[],"mappings":"AAyBA,eAAO,MAAM,QAAQ,QAAQ,CAAA;AAQ7B,eAAO,MAAM,MAAM;;;;CAIlB,CAAA;AAED,iBAAe,GAAG,CAChB,IAAI,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EAClC,UAAU,EAAE,UAAU,EACtB,EAAE,UAAU,EAAE,EAAE;IAAE,UAAU,EAAE,MAAM,CAAA;CAAE,GACrC,OAAO,CAAC,IAAI,CAAC,CA6Nf"}
+{"version":3,"file":"cmd-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/cmd-fix.mts"],"names":[],"mappings":"AAyBA,eAAO,MAAM,QAAQ,QAAQ,CAAA;AAQ7B,eAAO,MAAM,MAAM;;;;CAIlB,CAAA;AAED,iBAAe,GAAG,CAChB,IAAI,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EAClC,UAAU,EAAE,UAAU,EACtB,EAAE,UAAU,EAAE,EAAE;IAAE,UAAU,EAAE,MAAM,CAAA;CAAE,GACrC,OAAO,CAAC,IAAI,CAAC,CA8Nf"}

package/dist/types/commands/fix/coana-fix.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"coana-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/coana-fix.mts"],"names":[],"mappings":"AA8BA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAE9C,wBAAsB,QAAQ,CAC5B,SAAS,EAAE,SAAS,GACnB,OAAO,CAAC,OAAO,CAAC;IAAE,KAAK,EAAE,OAAO,CAAA;CAAE,CAAC,CAAC,CA6StC"}
+{"version":3,"file":"coana-fix.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/coana-fix.mts"],"names":[],"mappings":"AA+BA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AAC5C,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAE9C,wBAAsB,QAAQ,CAC5B,SAAS,EAAE,SAAS,GACnB,OAAO,CAAC,OAAO,CAAC;IAAE,KAAK,EAAE,OAAO,CAAA;CAAE,CAAC,CAAC,CA+StC"}

package/dist/types/commands/fix/{fix-env-helpers.d.mts → env-helpers.d.mts}

@@ -10,4 +10,4 @@ export interface FixEnv {
     repoInfo: RepoInfo | null;
 }
 export declare function getFixEnv(): Promise<FixEnv>;
-//# sourceMappingURL=fix-env-helpers.d.mts.map
+//# sourceMappingURL=env-helpers.d.mts.map

package/dist/types/commands/fix/env-helpers.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"env-helpers.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/env-helpers.mts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAA;AAkBnD,MAAM,WAAW,MAAM;IACrB,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,OAAO,CAAA;IACb,GAAG,EAAE,OAAO,EAAE,CAAA;IACd,QAAQ,EAAE,QAAQ,GAAG,IAAI,CAAA;CAC1B;AAED,wBAAsB,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAuDjD"}

package/dist/types/commands/fix/git.d.mts

@@ -0,0 +1,13 @@
+import type { GhsaDetails } from '../../utils/github.mts';
+export type SocketFixBranchParser = (branch: string) => SocketFixBranchParseResult | null;
+export type SocketFixBranchParseResult = {
+    ghsaId: string;
+};
+export declare function createSocketFixBranchParser(ghsaId?: string | undefined): SocketFixBranchParser;
+export declare const genericSocketFixBranchParser: SocketFixBranchParser;
+export declare function getSocketFixBranchName(ghsaId: string): string;
+export declare function getSocketFixBranchPattern(ghsaId?: string | undefined): RegExp;
+export declare function getSocketFixCommitMessage(ghsaId: string, details?: GhsaDetails | undefined): string;
+export declare function getSocketFixPullRequestBody(ghsaIds: string[], ghsaDetails?: Map<string, GhsaDetails>): string;
+export declare function getSocketFixPullRequestTitle(ghsaIds: string[]): string;
+//# sourceMappingURL=git.d.mts.map

package/dist/types/commands/fix/git.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"git.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/git.mts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAA;AAIzD,MAAM,MAAM,qBAAqB,GAAG,CAClC,MAAM,EAAE,MAAM,KACX,0BAA0B,GAAG,IAAI,CAAA;AAEtC,MAAM,MAAM,0BAA0B,GAAG;IACvC,MAAM,EAAE,MAAM,CAAA;CACf,CAAA;AAED,wBAAgB,2BAA2B,CACzC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,GAC1B,qBAAqB,CAUvB;AAED,eAAO,MAAM,4BAA4B,uBAAgC,CAAA;AAEzE,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAE7D;AAED,wBAAgB,yBAAyB,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,CAE7E;AAED,wBAAgB,yBAAyB,CACvC,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,WAAW,GAAG,SAAS,GAChC,MAAM,CAGR;AAED,wBAAgB,2BAA2B,CACzC,OAAO,EAAE,MAAM,EAAE,EACjB,WAAW,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,GACrC,MAAM,CAuCR;AAED,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,CAKtE"}

package/dist/types/commands/fix/pull-request.d.mts

@@ -1,10 +1,11 @@
-import { graphql as OctokitGraphql } from '@octokit/graphql';
-import { PackageURL } from '@socketregistry/packageurl-js';
-import type { SocketArtifact } from '../../utils/alert/artifact.mts';
-import type { components } from '@octokit/openapi-types';
+import { type GhsaDetails, type Pr } from '../../utils/github.mts';
 import type { OctokitResponse } from '@octokit/types';
-export declare function getOctokitGraphql(): typeof OctokitGraphql;
-export type Pr = components['schemas']['pull-request'];
+export type OpenSocketFixPrOptions = {
+    baseBranch?: string | undefined;
+    cwd?: string | undefined;
+    ghsaDetails?: Map<string, GhsaDetails> | undefined;
+};
+export declare function openSocketFixPr(owner: string, repo: string, branch: string, ghsaIds: string[], options?: OpenSocketFixPrOptions | undefined): Promise<OctokitResponse<Pr> | null>;
 export type GQL_MERGE_STATE_STATUS = 'BEHIND' | 'BLOCKED' | 'CLEAN' | 'DIRTY' | 'DRAFT' | 'HAS_HOOKS' | 'UNKNOWN' | 'UNSTABLE';
 export type GQL_PR_STATE = 'OPEN' | 'CLOSED' | 'MERGED';
 export type PrMatch = {
@@ -16,59 +17,15 @@ export type PrMatch = {
     state: GQL_PR_STATE;
     title: string;
 };
-export declare function cacheFetch<T>(key: string, fetcher: () => Promise<T>, ttlMs?: number | undefined): Promise<T>;
-export type GhsaDetails = {
-    ghsaId: string;
-    cveId?: string;
-    summary: string;
-    severity: string;
-    publishedAt: string;
-    withdrawnAt?: string;
-    references: Array<{
-        url: string;
-    }>;
-    vulnerabilities: {
-        nodes: Array<{
-            package: {
-                ecosystem: string;
-                name: string;
-            };
-            vulnerableVersionRange: string;
-        }>;
-    };
-};
-export declare function fetchGhsaDetails(ids: string[]): Promise<Map<string, GhsaDetails>>;
-export type CleanupPrsOptions = {
-    newVersion?: string | undefined;
-    purl?: string | undefined;
-    workspace?: string | undefined;
-};
-export declare function cleanupPrs(owner: string, repo: string, options?: CleanupPrsOptions | undefined): Promise<PrMatch[]>;
+export declare function cleanupPrs(owner: string, repo: string, ghsaId: string): Promise<PrMatch[]>;
 export type PrAutoMergeState = {
     enabled: boolean;
     details?: string[];
 };
-export declare function enablePrAutoMerge({ node_id: prId }: Pr): Promise<PrAutoMergeState>;
 export type SocketPrsOptions = {
     author?: string | undefined;
-    newVersion?: string | undefined;
-    purl?: string | undefined;
-    states?: string[] | string | undefined;
-    workspace?: string | undefined;
+    ghsaId?: string | undefined;
+    states?: 'all' | GQL_PR_STATE | GQL_PR_STATE[];
 };
 export declare function getSocketPrs(owner: string, repo: string, options?: SocketPrsOptions | undefined): Promise<PrMatch[]>;
-export type OpenPrOptions = {
-    baseBranch?: string | undefined;
-    cwd?: string | undefined;
-    workspace?: string | undefined;
-};
-export declare function openPr(owner: string, repo: string, branch: string, purl: string | PackageURL | SocketArtifact, newVersion: string, options?: OpenPrOptions | undefined): Promise<OctokitResponse<Pr> | null>;
-export type OpenCoanaPrOptions = {
-    baseBranch?: string | undefined;
-    cwd?: string | undefined;
-    ghsaDetails?: Map<string, GhsaDetails> | undefined;
-};
-export declare function openCoanaPr(owner: string, repo: string, branch: string, ghsaIds: string[], options?: OpenCoanaPrOptions | undefined): Promise<OctokitResponse<Pr> | null>;
-export declare function prExistForBranch(owner: string, repo: string, branch: string): Promise<boolean>;
-export declare function setGitRemoteGithubRepoUrl(owner: string, repo: string, token: string, cwd?: string): Promise<boolean>;
 //# sourceMappingURL=pull-request.d.mts.map

package/dist/types/commands/fix/pull-request.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"pull-request.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/pull-request.mts"],"names":[],"mappings":"AAGA,OAAO,EAEL,OAAO,IAAI,cAAc,EAC1B,MAAM,kBAAkB,CAAA;AAKzB,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAoB1D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAA;AACpE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAsBrD,wBAAgB,iBAAiB,IAAI,OAAO,cAAc,CAazD;AA2BD,MAAM,MAAM,EAAE,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,cAAc,CAAC,CAAA;AAEtD,MAAM,MAAM,sBAAsB,GAC9B,QAAQ,GACR,SAAS,GACT,OAAO,GACP,OAAO,GACP,OAAO,GACP,WAAW,GACX,SAAS,GACT,UAAU,CAAA;AAEd,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,CAAA;AAEvD,MAAM,MAAM,OAAO,GAAG;IACpB,MAAM,EAAE,MAAM,CAAA;IACd,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,MAAM,CAAA;IACnB,gBAAgB,EAAE,sBAAsB,CAAA;IACxC,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,YAAY,CAAA;IACnB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,wBAAsB,UAAU,CAAC,CAAC,EAChC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,GACzB,OAAO,CAAC,CAAC,CAAC,CAWZ;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,UAAU,EAAE,KAAK,CAAC;QAChB,GAAG,EAAE,MAAM,CAAA;KACZ,CAAC,CAAA;IACF,eAAe,EAAE;QACf,KAAK,EAAE,KAAK,CAAC;YACX,OAAO,EAAE;gBACP,SAAS,EAAE,MAAM,CAAA;gBACjB,IAAI,EAAE,MAAM,CAAA;aACb,CAAA;YACD,sBAAsB,EAAE,MAAM,CAAA;SAC/B,CAAC,CAAA;KACH,CAAA;CACF,CAAA;AAED,wBAAsB,gBAAgB,CACpC,GAAG,EAAE,MAAM,EAAE,GACZ,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CA0DnC;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,IAAI,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACzB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC/B,CAAA;AAED,wBAAsB,UAAU,CAC9B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,iBAAiB,GAAG,SAAS,GACtC,OAAO,CAAC,OAAO,EAAE,CAAC,CAmFpB;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,OAAO,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CACnB,CAAA;AAED,wBAAsB,iBAAiB,CAAC,EACtC,OAAO,EAAE,IAAI,EACd,EAAE,EAAE,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAiChC;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,IAAI,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACzB,MAAM,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,GAAG,SAAS,CAAA;IACtC,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC/B,CAAA;AAED,wBAAsB,YAAY,CAChC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS,GACrC,OAAO,CAAC,OAAO,EAAE,CAAC,CAEpB;AA2KD,MAAM,MAAM,aAAa,GAAG;IAC1B,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;CAC/B,CAAA;AAED,wBAAsB,MAAM,CAC1B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,cAAc,EAC1C,UAAU,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE,aAAa,GAAG,SAAS,GAClC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAoCrC;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC/B,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,WAAW,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,GAAG,SAAS,CAAA;CACnD,CAAA;AAED,wBAAsB,WAAW,CAC/B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,EAAE,EACjB,OAAO,CAAC,EAAE,kBAAkB,GAAG,SAAS,GACvC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAiFrC;AAED,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,CAAC,CAalB;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,GAAG,SAAgB,GAClB,OAAO,CAAC,OAAO,CAAC,CAiBlB"}
+{"version":3,"file":"pull-request.d.mts","sourceRoot":"","sources":["../../../../src/commands/fix/pull-request.mts"],"names":[],"mappings":"AAUA,OAAO,EACL,KAAK,WAAW,EAChB,KAAK,EAAE,EAKR,MAAM,wBAAwB,CAAA;AAE/B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAA;AAGrD,MAAM,MAAM,sBAAsB,GAAG;IACnC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,WAAW,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,GAAG,SAAS,CAAA;CACnD,CAAA;AAED,wBAAsB,eAAe,CACnC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,MAAM,EAAE,EACjB,OAAO,CAAC,EAAE,sBAAsB,GAAG,SAAS,GAC3C,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAqCrC;AAED,MAAM,MAAM,sBAAsB,GAC9B,QAAQ,GACR,SAAS,GACT,OAAO,GACP,OAAO,GACP,OAAO,GACP,WAAW,GACX,SAAS,GACT,UAAU,CAAA;AAEd,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,QAAQ,GAAG,QAAQ,CAAA;AAEvD,MAAM,MAAM,OAAO,GAAG;IACpB,MAAM,EAAE,MAAM,CAAA;IACd,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,MAAM,CAAA;IACnB,gBAAgB,EAAE,sBAAsB,CAAA;IACxC,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,YAAY,CAAA;IACnB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,wBAAsB,UAAU,CAC9B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,EAAE,CAAC,CAyDpB;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,OAAO,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CACnB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,MAAM,CAAC,EAAE,KAAK,GAAG,YAAY,GAAG,YAAY,EAAE,CAAA;CAC/C,CAAA;AAED,wBAAsB,YAAY,CAChC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,gBAAgB,GAAG,SAAS,GACrC,OAAO,CAAC,OAAO,EAAE,CAAC,CAEpB"}

package/dist/types/commands/scan/fetch-supported-scan-file-names.d.mts

@@ -1,8 +1,10 @@
 import type { CResult } from '../../types.mts';
 import type { SetupSdkOptions } from '../../utils/sdk.mts';
+import type { Spinner } from '@socketsecurity/registry/lib/spinner';
 import type { SocketSdkSuccessResult } from '@socketsecurity/sdk';
 export type FetchSupportedScanFileNamesOptions = {
     sdkOpts?: SetupSdkOptions | undefined;
+    spinner?: Spinner | undefined;
 };
 export declare function fetchSupportedScanFileNames(options?: FetchSupportedScanFileNamesOptions | undefined): Promise<CResult<SocketSdkSuccessResult<'getReportSupportedFiles'>['data']>>;
 //# sourceMappingURL=fetch-supported-scan-file-names.d.mts.map

package/dist/types/commands/scan/fetch-supported-scan-file-names.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"fetch-supported-scan-file-names.d.mts","sourceRoot":"","sources":["../../../../src/commands/scan/fetch-supported-scan-file-names.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AAC1D,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AAEjE,MAAM,MAAM,kCAAkC,GAAG;IAC/C,OAAO,CAAC,EAAE,eAAe,GAAG,SAAS,CAAA;CACtC,CAAA;AAED,wBAAsB,2BAA2B,CAC/C,OAAO,CAAC,EAAE,kCAAkC,GAAG,SAAS,GACvD,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAe7E"}
+{"version":3,"file":"fetch-supported-scan-file-names.d.mts","sourceRoot":"","sources":["../../../../src/commands/scan/fetch-supported-scan-file-names.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AAC1D,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sCAAsC,CAAA;AACnE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AAEjE,MAAM,MAAM,kCAAkC,GAAG;IAC/C,OAAO,CAAC,EAAE,eAAe,GAAG,SAAS,CAAA;IACrC,OAAO,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;CAC9B,CAAA;AAED,wBAAsB,2BAA2B,CAC/C,OAAO,CAAC,EAAE,kCAAkC,GAAG,SAAS,GACvD,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAgB7E"}

package/dist/types/shadow/npm/paths.d.mts

@@ -1,6 +1,5 @@
 export declare function getArboristPackagePath(): string;
 export declare function getArboristClassPath(): string;
-export declare function getArboristDepValidPath(): string;
 export declare function getArboristEdgeClassPath(): string;
 export declare function getArboristNodeClassPath(): string;
 export declare function getArboristOverrideSetClassPath(): string;

package/dist/types/shadow/npm/paths.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"paths.d.mts","sourceRoot":"","sources":["../../../../src/shadow/npm/paths.mts"],"names":[],"mappings":"AAQA,wBAAgB,sBAAsB,WAerC;AAGD,wBAAgB,oBAAoB,WAQnC;AAGD,wBAAgB,uBAAuB,WAQtC;AAGD,wBAAgB,wBAAwB,WAKvC;AAGD,wBAAgB,wBAAwB,WAKvC;AAGD,wBAAgB,+BAA+B,WAQ9C"}
+{"version":3,"file":"paths.d.mts","sourceRoot":"","sources":["../../../../src/shadow/npm/paths.mts"],"names":[],"mappings":"AAQA,wBAAgB,sBAAsB,WAerC;AAGD,wBAAgB,oBAAoB,WAQnC;AAGD,wBAAgB,wBAAwB,WAKvC;AAGD,wBAAgB,wBAAwB,WAKvC;AAGD,wBAAgB,+BAA+B,WAQ9C"}

package/dist/types/utils/fs.d.mts

@@ -1,4 +1,3 @@
-export declare function removeNodeModules(cwd?: string): Promise<void>;
 export type FindUpOptions = {
     cwd?: string | undefined;
     onlyDirectories?: boolean | undefined;

package/dist/types/utils/fs.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"fs.d.mts","sourceRoot":"","sources":["../../../src/utils/fs.mts"],"names":[],"mappings":"AASA,wBAAsB,iBAAiB,CAAC,GAAG,SAAgB,iBAK1D;AAED,MAAM,MAAM,aAAa,GAAG;IAC1B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,eAAe,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;IACrC,SAAS,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;IAC/B,MAAM,CAAC,EAAE,WAAW,GAAG,SAAS,CAAA;CACjC,CAAA;AAED,wBAAsB,MAAM,CAC1B,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,EACvB,OAAO,CAAC,EAAE,aAAa,GAAG,SAAS,GAClC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAiC7B"}
+{"version":3,"file":"fs.d.mts","sourceRoot":"","sources":["../../../src/utils/fs.mts"],"names":[],"mappings":"AAKA,MAAM,MAAM,aAAa,GAAG;IAC1B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,eAAe,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;IACrC,SAAS,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;IAC/B,MAAM,CAAC,EAAE,WAAW,GAAG,SAAS,CAAA;CACjC,CAAA;AAED,wBAAsB,MAAM,CAC1B,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,EACvB,OAAO,CAAC,EAAE,aAAa,GAAG,SAAS,GAClC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAiC7B"}

package/dist/types/utils/github.d.mts

@@ -0,0 +1,38 @@
+import { graphql as OctokitGraphql } from '@octokit/graphql';
+import { Octokit } from '@octokit/rest';
+import type { components } from '@octokit/openapi-types';
+import type { JsonContent } from '@socketsecurity/registry/lib/fs';
+export type Pr = components['schemas']['pull-request'];
+export declare function writeCache(key: string, data: JsonContent): Promise<void>;
+export declare function cacheFetch<T>(key: string, fetcher: () => Promise<T>, ttlMs?: number | undefined): Promise<T>;
+export type GhsaDetails = {
+    ghsaId: string;
+    cveId?: string;
+    summary: string;
+    severity: string;
+    publishedAt: string;
+    withdrawnAt?: string;
+    references: Array<{
+        url: string;
+    }>;
+    vulnerabilities: {
+        nodes: Array<{
+            package: {
+                ecosystem: string;
+                name: string;
+            };
+            vulnerableVersionRange: string;
+        }>;
+    };
+};
+export declare function fetchGhsaDetails(ids: string[]): Promise<Map<string, GhsaDetails>>;
+export declare function getOctokit(): Octokit;
+export declare function getOctokitGraphql(): typeof OctokitGraphql;
+export type PrAutoMergeState = {
+    enabled: boolean;
+    details?: string[];
+};
+export declare function enablePrAutoMerge({ node_id: prId }: Pr): Promise<PrAutoMergeState>;
+export declare function prExistForBranch(owner: string, repo: string, branch: string): Promise<boolean>;
+export declare function setGitRemoteGithubRepoUrl(owner: string, repo: string, token: string, cwd?: string): Promise<boolean>;
+//# sourceMappingURL=github.d.mts.map

package/dist/types/utils/github.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"github.d.mts","sourceRoot":"","sources":["../../../src/utils/github.mts"],"names":[],"mappings":"AAGA,OAAO,EAEL,OAAO,IAAI,cAAc,EAC1B,MAAM,kBAAkB,CAAA;AACzB,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAA;AAYvC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACxD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,iCAAiC,CAAA;AAGlE,MAAM,MAAM,EAAE,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,cAAc,CAAC,CAAA;AAkBtD,wBAAsB,UAAU,CAC9B,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,WAAW,GAChB,OAAO,CAAC,IAAI,CAAC,CAOf;AAED,wBAAsB,UAAU,CAAC,CAAC,EAChC,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACzB,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,GACzB,OAAO,CAAC,CAAC,CAAC,CAWZ;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,UAAU,EAAE,KAAK,CAAC;QAChB,GAAG,EAAE,MAAM,CAAA;KACZ,CAAC,CAAA;IACF,eAAe,EAAE;QACf,KAAK,EAAE,KAAK,CAAC;YACX,OAAO,EAAE;gBACP,SAAS,EAAE,MAAM,CAAA;gBACjB,IAAI,EAAE,MAAM,CAAA;aACb,CAAA;YACD,sBAAsB,EAAE,MAAM,CAAA;SAC/B,CAAC,CAAA;KACH,CAAA;CACF,CAAA;AAED,wBAAsB,gBAAgB,CACpC,GAAG,EAAE,MAAM,EAAE,GACZ,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CA0DnC;AAGD,wBAAgB,UAAU,IAAI,OAAO,CAcpC;AAGD,wBAAgB,iBAAiB,IAAI,OAAO,cAAc,CAazD;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC7B,OAAO,EAAE,OAAO,CAAA;IAChB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CACnB,CAAA;AAED,wBAAsB,iBAAiB,CAAC,EACtC,OAAO,EAAE,IAAI,EACd,EAAE,EAAE,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAiChC;AAED,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,OAAO,CAAC,CAalB;AAED,wBAAsB,yBAAyB,CAC7C,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,GAAG,SAAgB,GAClB,OAAO,CAAC,OAAO,CAAC,CAiBlB"}

package/dist/types/utils/glob.d.mts

@@ -8,7 +8,6 @@ type GlobWithGitIgnoreOptions = GlobOptions & {
     socketConfig?: SocketYml | undefined;
 };
 export declare function globWithGitIgnore(patterns: string[] | readonly string[], options: GlobWithGitIgnoreOptions): Promise<string[]>;
-export declare function globStreamNodeModules(cwd?: string): Promise<NodeJS.ReadableStream>;
 export declare function globWorkspace(agent: Agent, cwd?: string): Promise<string[]>;
 export declare function isReportSupportedFile(filepath: string, supportedFiles: SocketSdkSuccessResult<'getReportSupportedFiles'>['data']): boolean;
 export declare function pathsToGlobPatterns(paths: string[] | readonly string[]): string[];

package/dist/types/utils/glob.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"glob.d.mts","sourceRoot":"","sources":["../../../src/utils/glob.mts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AACvD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AACjE,OAAO,KAAK,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,WAAW,CAAA;AAoJvD,wBAAgB,0BAA0B,CACxC,SAAS,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACvC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CAGV;AAED,wBAAgB,wBAAwB,CACtC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CASV;AAED,KAAK,wBAAwB,GAAG,WAAW,GAAG;IAC5C,YAAY,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;CACrC,CAAA;AAED,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACtC,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,MAAM,EAAE,CAAC,CA+EnB;AAED,wBAAsB,qBAAqB,CACzC,GAAG,SAAgB,GAClB,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC,CAMhC;AAED,wBAAsB,aAAa,CACjC,KAAK,EAAE,KAAK,EACZ,GAAG,SAAgB,GAClB,OAAO,CAAC,MAAM,EAAE,CAAC,CASnB;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,WAI1E;AAED,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,GAClC,MAAM,EAAE,CAGV"}
+{"version":3,"file":"glob.d.mts","sourceRoot":"","sources":["../../../src/utils/glob.mts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AACvD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AACjE,OAAO,KAAK,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,WAAW,CAAA;AAoJvD,wBAAgB,0BAA0B,CACxC,SAAS,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACvC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CAGV;AAED,wBAAgB,wBAAwB,CACtC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CASV;AAED,KAAK,wBAAwB,GAAG,WAAW,GAAG;IAC5C,YAAY,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;CACrC,CAAA;AAED,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACtC,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,MAAM,EAAE,CAAC,CA+EnB;AAED,wBAAsB,aAAa,CACjC,KAAK,EAAE,KAAK,EACZ,GAAG,SAAgB,GAClB,OAAO,CAAC,MAAM,EAAE,CAAC,CASnB;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,WAI1E;AAED,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,GAClC,MAAM,EAAE,CAGV"}

package/dist/utils.js

@@ -4,7 +4,7 @@ var vendor = require('./vendor.js');
 var logger = require('../external/@socketsecurity/registry/lib/logger');
 var strings = require('../external/@socketsecurity/registry/lib/strings');
 var require$$9 = require('../external/@socketsecurity/registry/lib/debug');
-var require$$10 = require('../external/@socketsecurity/registry/lib/objects');
+var require$$11 = require('../external/@socketsecurity/registry/lib/objects');
 var arrays = require('../external/@socketsecurity/registry/lib/arrays');
 var path$1 = require('../external/@socketsecurity/registry/lib/path');
 var sorts = require('../external/@socketsecurity/registry/lib/sorts');
@@ -21,9 +21,9 @@ var shadowNpmBin = require('./shadow-npm-bin.js');
 var fs$1 = require('node:fs');
 var promises = require('node:timers/promises');
 var npm = require('../external/@socketsecurity/registry/lib/npm');
+var globs = require('../external/@socketsecurity/registry/lib/globs');
 var packages = require('../external/@socketsecurity/registry/lib/packages');
 var streams = require('../external/@socketsecurity/registry/lib/streams');
-var globs = require('../external/@socketsecurity/registry/lib/globs');
 
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
 const sensitiveConfigKeyLookup = new Set(['apiToken']);
@@ -760,7 +760,7 @@ cols) {
 // Serialize the final result object before printing it
 // All commands that support the --json flag should call this before printing
 function serializeResultJson(data) {
-  if (!require$$10.isObject(data)) {
+  if (!require$$11.isObject(data)) {
     process.exitCode = 1;
     require$$9.debugFn('inspect', {
       data
@@ -916,7 +916,7 @@ function getHelpListOutput(list, options) {
   const names = Object.keys(list).sort(sorts.naturalCompare);
   for (const name of names) {
     const entry = list[name];
-    const entryIsObj = require$$10.isObject(entry);
+    const entryIsObj = require$$11.isObject(entry);
     if (entryIsObj && 'hidden' in entry && entry?.hidden) {
       continue;
     }
@@ -1183,10 +1183,10 @@ async function meowWithSubcommands(subcommands, options) {
   } else {
     lines.push('Commands');
     lines.push(`  ${getHelpListOutput({
-      ...require$$10.toSortedObject(Object.fromEntries(Object.entries(subcommands).filter(({
+      ...require$$11.toSortedObject(Object.fromEntries(Object.entries(subcommands).filter(({
         1: subcommand
       }) => !subcommand.hidden))),
-      ...require$$10.toSortedObject(Object.fromEntries(Object.entries(aliases).filter(({
+      ...require$$11.toSortedObject(Object.fromEntries(Object.entries(aliases).filter(({
         1: alias
       }) => {
         const {
@@ -1305,7 +1305,7 @@ function meowOrExit({
   }
 
   // meow doesn't detect 'version' as an unknown flag, so we do the leg work here.
-  if (!require$$10.hasOwn(config.flags, 'version') && cli.flags['version']) {
+  if (!require$$11.hasOwn(config.flags, 'version') && cli.flags['version']) {
     // Use `console.error` here instead of `logger.error` to match meow behavior.
     console.error('Unknown flag\n--version');
     // eslint-disable-next-line n/no-process-exit
@@ -2521,7 +2521,7 @@ async function findUp(name, options) {
       try {
         // eslint-disable-next-line no-await-in-loop
         const stats = await fs$1.promises.stat(thePath);
-        if (!onlyDirectories && (stats.isFile() || stats.isSymbolicLink())) {
+        if (!onlyDirectories && stats.isFile()) {
           return thePath;
         }
         if (!onlyFiles && stats.isDirectory()) {
@@ -2716,6 +2716,188 @@ async function writeSocketJson(cwd, sockJson) {
   };
 }
 
+async function readCache(key,
+// 5 minute in milliseconds time to live (TTL).
+ttlMs = 5 * 60 * 1000) {
+  const cacheJsonPath = path.join(constants.githubCachePath, `${key}.json`);
+  const stat = fs.safeStatsSync(cacheJsonPath);
+  if (stat) {
+    const isExpired = Date.now() - stat.mtimeMs > ttlMs;
+    if (!isExpired) {
+      return await fs.readJson(cacheJsonPath);
+    }
+  }
+  return null;
+}
+async function writeCache(key, data) {
+  const {
+    githubCachePath
+  } = constants;
+  const cacheJsonPath = path.join(githubCachePath, `${key}.json`);
+  if (!fs$1.existsSync(githubCachePath)) {
+    await fs$1.promises.mkdir(githubCachePath, {
+      recursive: true
+    });
+  }
+  await fs.writeJson(cacheJsonPath, data);
+}
+async function cacheFetch(key, fetcher, ttlMs) {
+  // Optionally disable cache.
+  if (constants.ENV.DISABLE_GITHUB_CACHE) {
+    return await fetcher();
+  }
+  let data = await readCache(key, ttlMs);
+  if (!data) {
+    data = await fetcher();
+    await writeCache(key, data);
+  }
+  return data;
+}
+async function fetchGhsaDetails(ids) {
+  const results = new Map();
+  if (!ids.length) {
+    return results;
+  }
+  const octokitGraphql = getOctokitGraphql();
+  try {
+    const gqlCacheKey = `${ids.join('-')}-graphql-snapshot`;
+    const aliases = ids.map((id, index) => `advisory${index}: securityAdvisory(ghsaId: "${id}") {
+        ghsaId
+        summary
+        severity
+        publishedAt
+        withdrawnAt
+        vulnerabilities(first: 10) {
+          nodes {
+            package {
+              ecosystem
+              name
+            }
+            vulnerableVersionRange
+          }
+        }
+      }`).join('\n');
+    const gqlResp = await cacheFetch(gqlCacheKey, () => octokitGraphql(`
+        query {
+          ${aliases}
+        }
+      `));
+    for (let i = 0, {
+        length
+      } = ids; i < length; i += 1) {
+      const id = ids[i];
+      const advisoryKey = `advisory${i}`;
+      const advisory = gqlResp?.[advisoryKey];
+      if (advisory && advisory.ghsaId) {
+        results.set(id, advisory);
+      } else {
+        require$$9.debugFn('notice', `miss: no advisory found for ${id}`);
+      }
+    }
+  } catch (e) {
+    require$$9.debugFn('error', `Failed to fetch GHSA details: ${e?.message || 'Unknown error'}`);
+  }
+  return results;
+}
+let _octokit;
+function getOctokit() {
+  if (_octokit === undefined) {
+    const {
+      SOCKET_CLI_GITHUB_TOKEN
+    } = constants.ENV;
+    if (!SOCKET_CLI_GITHUB_TOKEN) {
+      require$$9.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
+    }
+    const octokitOptions = {
+      auth: SOCKET_CLI_GITHUB_TOKEN,
+      baseUrl: constants.ENV.GITHUB_API_URL
+    };
+    require$$9.debugDir('inspect', {
+      octokitOptions
+    });
+    _octokit = new vendor.Octokit(octokitOptions);
+  }
+  return _octokit;
+}
+let _octokitGraphql;
+function getOctokitGraphql() {
+  if (!_octokitGraphql) {
+    const {
+      SOCKET_CLI_GITHUB_TOKEN
+    } = constants.ENV;
+    if (!SOCKET_CLI_GITHUB_TOKEN) {
+      require$$9.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
+    }
+    _octokitGraphql = vendor.graphql2.defaults({
+      headers: {
+        authorization: `token ${SOCKET_CLI_GITHUB_TOKEN}`
+      }
+    });
+  }
+  return _octokitGraphql;
+}
+async function enablePrAutoMerge({
+  node_id: prId
+}) {
+  const octokitGraphql = getOctokitGraphql();
+  try {
+    const gqlResp = await octokitGraphql(`
+      mutation EnableAutoMerge($pullRequestId: ID!) {
+        enablePullRequestAutoMerge(input: {
+          pullRequestId: $pullRequestId,
+          mergeMethod: SQUASH
+        }) {
+          pullRequest {
+            number
+          }
+        }
+      }`, {
+      pullRequestId: prId
+    });
+    const respPrNumber = gqlResp?.enablePullRequestAutoMerge?.pullRequest?.number;
+    if (respPrNumber) {
+      return {
+        enabled: true
+      };
+    }
+  } catch (e) {
+    if (e instanceof vendor.GraphqlResponseError && Array.isArray(e.errors) && e.errors.length) {
+      const details = e.errors.map(({
+        message: m
+      }) => m.trim());
+      return {
+        enabled: false,
+        details
+      };
+    }
+  }
+  return {
+    enabled: false
+  };
+}
+async function setGitRemoteGithubRepoUrl(owner, repo, token, cwd = process.cwd()) {
+  const {
+    host
+  } = new URL(constants.ENV.GITHUB_SERVER_URL);
+  const url = `https://x-access-token:${token}@${host}/${owner}/${repo}`;
+  const stdioIgnoreOptions = {
+    cwd,
+    stdio: require$$9.isDebug('stdio') ? 'inherit' : 'ignore'
+  };
+  const quotedCmd = `\`git remote set-url origin ${url}\``;
+  require$$9.debugFn('stdio', `spawn: ${quotedCmd}`);
+  try {
+    await spawn.spawn('git', ['remote', 'set-url', 'origin', url], stdioIgnoreOptions);
+    return true;
+  } catch (e) {
+    require$$9.debugFn('error', `caught: ${quotedCmd} failed`);
+    require$$9.debugDir('inspect', {
+      error: e
+    });
+  }
+  return false;
+}
+
 const RangeStyles = ['caret', 'gt', 'gte', 'lt', 'lte', 'pin', 'preserve', 'tilde'];
 function getMajor(version) {
   try {
@@ -2836,12 +3018,12 @@ function shadowNpmInstall(options) {
   const progressArg = rawBinArgs.findLast(npm.isNpmProgressFlag) !== '--no-progress';
   const isSilent = !useDebug && !binArgs.some(npm.isNpmLoglevelFlag);
   const logLevelArgs = isSilent ? ['--loglevel', 'silent'] : [];
-  const useIpc = require$$10.isObject(ipc);
+  const useIpc = require$$11.isObject(ipc);
 
   // Include 'ipc' in the spawnOpts.stdio when an options.ipc object is provided.
   // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
   // and https://github.com/nodejs/node/blob/v23.6.0/lib/internal/child_process.js#L238.
-  let stdio = require$$10.getOwn(spawnOpts, 'stdio');
+  let stdio = require$$11.getOwn(spawnOpts, 'stdio');
   if (typeof stdio === 'string') {
     stdio = useIpc ? [stdio, stdio, stdio, 'ipc'] : [stdio, stdio, stdio];
   } else if (Array.isArray(stdio)) {
@@ -2863,7 +3045,7 @@ function shadowNpmInstall(options) {
     env: {
       ...process.env,
       ...constants.processEnv,
-      ...require$$10.getOwn(spawnOpts, 'env')
+      ...require$$11.getOwn(spawnOpts, 'env')
     },
     spinner,
     stdio
@@ -2912,7 +3094,7 @@ function runAgentInstall(pkgEnvDetails, options) {
       ...process.env,
       ...constants.processEnv,
       NODE_OPTIONS: cmdFlagsToString([...(skipNodeHardenFlags ? [] : constants.nodeHardenFlags), ...constants.nodeNoWarningsFlags]),
-      ...require$$10.getOwn(spawnOpts, 'env')
+      ...require$$11.getOwn(spawnOpts, 'env')
     }
   });
 }
@@ -3319,7 +3501,7 @@ function toFilterConfig(obj) {
   const normalized = {
     __proto__: null
   };
-  const keys = require$$10.isObject(obj) ? Object.keys(obj) : [];
+  const keys = require$$11.isObject(obj) ? Object.keys(obj) : [];
   for (const key of keys) {
     const value = obj[key];
     if (typeof value === 'boolean' || Array.isArray(value)) {
@@ -3417,7 +3599,7 @@ async function addArtifactToAlertsMap(artifact, alertsByPurl, options) {
     blocked: true,
     critical: true,
     cve: true,
-    ...require$$10.getOwn(options, 'filter')
+    ...require$$11.getOwn(options, 'filter')
   });
   const enabledState = {
     __proto__: null,
@@ -3437,7 +3619,7 @@ async function addArtifactToAlertsMap(artifact, alertsByPurl, options) {
     const fixableCve = fixType === ALERT_FIX_TYPE.cve;
     const fixableUpgrade = fixType === ALERT_FIX_TYPE.upgrade;
     const fixable = fixableCve || fixableUpgrade;
-    const upgradable = fixableUpgrade && !require$$10.hasOwn(overrides, name);
+    const upgradable = fixableUpgrade && !require$$11.hasOwn(overrides, name);
     if (filterConfig.blocked && blocked || filterConfig.critical && critical || filterConfig.cve && cve || filterConfig.fixable && fixable || filterConfig.upgradable && upgradable) {
       sockPkgAlerts.push({
         name,
@@ -3703,7 +3885,7 @@ async function getAlertsMapFromPurls(purls, options) {
     consolidate: false,
     nothrow: false,
     ...options,
-    filter: toFilterConfig(require$$10.getOwn(options, 'filter'))
+    filter: toFilterConfig(require$$11.getOwn(options, 'filter'))
   };
   if (opts.onlyFixable) {
     opts.filter.fixable = true;
@@ -3782,6 +3964,7 @@ exports.AuthError = AuthError;
 exports.COMPLETION_CMD_PREFIX = COMPLETION_CMD_PREFIX;
 exports.InputError = InputError;
 exports.RangeStyles = RangeStyles;
+exports.cacheFetch = cacheFetch;
 exports.captureException = captureException;
 exports.checkCommandInput = checkCommandInput;
 exports.cmdFlagValueToArray = cmdFlagValueToArray;
@@ -3791,8 +3974,10 @@ exports.createEnum = createEnum;
 exports.detectAndValidatePackageEnvironment = detectAndValidatePackageEnvironment;
 exports.detectDefaultBranch = detectDefaultBranch;
 exports.determineOrgSlug = determineOrgSlug;
+exports.enablePrAutoMerge = enablePrAutoMerge;
 exports.extractTier1ReachabilityScanId = extractTier1ReachabilityScanId;
 exports.failMsgWithBadge = failMsgWithBadge;
+exports.fetchGhsaDetails = fetchGhsaDetails;
 exports.fetchOrganization = fetchOrganization;
 exports.findUp = findUp;
 exports.getAlertsMapFromPurls = getAlertsMapFromPurls;
@@ -3809,11 +3994,12 @@ exports.getMajor = getMajor;
 exports.getNpmBinPath = getNpmBinPath;
 exports.getNpmRequire = getNpmRequire;
 exports.getNpxBinPath = getNpxBinPath;
+exports.getOctokit = getOctokit;
+exports.getOctokitGraphql = getOctokitGraphql;
 exports.getOrgSlugs = getOrgSlugs;
 exports.getOutputKind = getOutputKind;
 exports.getPackageFilesForScan = getPackageFilesForScan;
 exports.getPublicApiToken = getPublicApiToken;
-exports.getPurlObject = getPurlObject;
 exports.getRepoInfo = getRepoInfo;
 exports.getRepoName = getRepoName;
 exports.getSocketDevPackageOverviewUrlFromPurl = getSocketDevPackageOverviewUrlFromPurl;
@@ -3858,6 +4044,7 @@ exports.readSocketJsonSync = readSocketJsonSync;
 exports.runAgentInstall = runAgentInstall;
 exports.sendApiRequest = sendApiRequest;
 exports.serializeResultJson = serializeResultJson;
+exports.setGitRemoteGithubRepoUrl = setGitRemoteGithubRepoUrl;
 exports.setupSdk = setupSdk;
 exports.spawnCoana = spawnCoana;
 exports.suggestOrgSlug = suggestOrgSlug;
@@ -3866,5 +4053,5 @@ exports.toFilterConfig = toFilterConfig;
 exports.updateConfigValue = updateConfigValue;
 exports.walkNestedMap = walkNestedMap;
 exports.writeSocketJson = writeSocketJson;
-//# debugId=6bbbb6b9-ace3-439a-9c19-0674a8ba872d
+//# debugId=c9a337ab-9c3d-4d21-a5a6-ef5d89be0e38
 //# sourceMappingURL=utils.js.map