@socketsecurity/cli-with-sentry 1.1.13 → 1.1.15

package/dist/utils.js

@@ -28,8 +28,8 @@ var globs = require('../external/@socketsecurity/registry/lib/globs');
 var streams = require('../external/@socketsecurity/registry/lib/streams');
 
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
-const sensitiveConfigKeyLookup = new Set(['apiToken']);
-const supportedConfig = new Map([['apiBaseUrl', 'Base URL of the Socket API endpoint'], ['apiProxy', 'A proxy through which to access the Socket API'], ['apiToken', 'The Socket API token required to access most Socket API endpoints'], ['defaultOrg', 'The default org slug to use; usually the org your Socket API token has access to. When set, all orgSlug arguments are implied to be this value.'], ['enforcedOrgs', 'Orgs in this list have their security policies enforced on this machine'], ['skipAskToPersistDefaultOrg', 'This flag prevents the Socket CLI from asking you to persist the org slug when you selected one interactively'], ['org', 'Alias for defaultOrg']]);
+const sensitiveConfigKeyLookup = new Set([constants.CONFIG_KEY_API_TOKEN]);
+const supportedConfig = new Map([[constants.CONFIG_KEY_API_BASE_URL, 'Base URL of the Socket API endpoint'], [constants.CONFIG_KEY_API_PROXY, 'A proxy through which to access the Socket API'], [constants.CONFIG_KEY_API_TOKEN, 'The Socket API token required to access most Socket API endpoints'], [constants.CONFIG_KEY_DEFAULT_ORG, 'The default org slug to use; usually the org your Socket API token has access to. When set, all orgSlug arguments are implied to be this value.'], [constants.CONFIG_KEY_ENFORCED_ORGS, 'Orgs in this list have their security policies enforced on this machine'], ['skipAskToPersistDefaultOrg', 'This flag prevents the Socket CLI from asking you to persist the org slug when you selected one interactively'], [constants.CONFIG_KEY_ORG, 'Alias for defaultOrg']]);
 const supportedConfigEntries = [...supportedConfig.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
 const supportedConfigKeys = supportedConfigEntries.map(p => p[0]);
 function getConfigValues() {
@@ -52,7 +52,7 @@ function getConfigValues() {
         if (_cachedConfig['apiKey']) {
           const token = _cachedConfig['apiKey'];
           delete _cachedConfig['apiKey'];
-          updateConfigValue('apiToken', token);
+          updateConfigValue(constants.CONFIG_KEY_API_TOKEN, token);
         }
       } else {
         fs$1.mkdirSync(path.dirname(socketAppDataPath), {
@@ -67,7 +67,7 @@ function normalizeConfigKey(key) {
   // Note: apiKey was the old name of the token. When we load a config with
   //       property apiKey, we'll copy that to apiToken and delete the old property.
   // We added `org` as a convenience alias for `defaultOrg`
-  const normalizedKey = key === 'apiKey' ? 'apiToken' : key === 'org' ? 'defaultOrg' : key;
+  const normalizedKey = key === 'apiKey' ? constants.CONFIG_KEY_API_TOKEN : key === constants.CONFIG_KEY_ORG ? constants.CONFIG_KEY_DEFAULT_ORG : key;
   if (!isSupportedConfigKey(normalizedKey)) {
     return {
       ok: false,
@@ -83,10 +83,10 @@ function normalizeConfigKey(key) {
 function findSocketYmlSync(dir = process.cwd()) {
   let prevDir = null;
   while (dir !== prevDir) {
-    let ymlPath = path.join(dir, 'socket.yml');
+    let ymlPath = path.join(dir, constants.SOCKET_YML);
     let yml = fs.safeReadFileSync(ymlPath);
     if (yml === undefined) {
-      ymlPath = path.join(dir, 'socket.yaml');
+      ymlPath = path.join(dir, constants.SOCKET_YAML);
       yml = fs.safeReadFileSync(ymlPath);
     }
     if (typeof yml === 'string') {
@@ -266,11 +266,11 @@ function updateConfigValue(configKey, value) {
   };
 }
 
-const require$2 = require$$5.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('utils.js', document.baseURI).href)));
+const require$3 = require$$5.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('utils.js', document.baseURI).href)));
 let _requirements;
 function getRequirements() {
   if (_requirements === undefined) {
-    _requirements = /*@__PURE__*/require$2(path.join(constants.default.rootPath, 'requirements.json'));
+    _requirements = /*@__PURE__*/require$3(path.join(constants.default.rootPath, 'requirements.json'));
   }
   return _requirements;
 }
@@ -288,13 +288,13 @@ const TOKEN_VISIBLE_LENGTH = 5;
 
 // The Socket API server that should be used for operations.
 function getDefaultApiBaseUrl$1() {
-  const baseUrl = constants.default.ENV.SOCKET_CLI_API_BASE_URL || getConfigValueOrUndef('apiBaseUrl');
+  const baseUrl = constants.default.ENV.SOCKET_CLI_API_BASE_URL || getConfigValueOrUndef(constants.CONFIG_KEY_API_BASE_URL);
   return require$$13.isUrl(baseUrl) ? baseUrl : undefined;
 }
 
 // The Socket API server that should be used for operations.
 function getDefaultProxyUrl() {
-  const apiProxy = constants.default.ENV.SOCKET_CLI_API_PROXY || getConfigValueOrUndef('apiProxy');
+  const apiProxy = constants.default.ENV.SOCKET_CLI_API_PROXY || getConfigValueOrUndef(constants.CONFIG_KEY_API_PROXY);
   return require$$13.isUrl(apiProxy) ? apiProxy : undefined;
 }
 
@@ -305,7 +305,7 @@ function getDefaultApiToken() {
     _defaultToken = undefined;
     return _defaultToken;
   }
-  const key = constants.default.ENV.SOCKET_CLI_API_TOKEN || getConfigValueOrUndef('apiToken') || _defaultToken;
+  const key = constants.default.ENV.SOCKET_CLI_API_TOKEN || getConfigValueOrUndef(constants.CONFIG_KEY_API_TOKEN) || _defaultToken;
   _defaultToken = strings.isNonEmptyString(key) ? key : undefined;
   return _defaultToken;
 }
@@ -404,7 +404,7 @@ function logPermissionsFor403(cmdPath) {
 
 // The Socket API server that should be used for operations.
 function getDefaultApiBaseUrl() {
-  const baseUrl = constants.default.ENV.SOCKET_CLI_API_BASE_URL || getConfigValueOrUndef('apiBaseUrl');
+  const baseUrl = constants.default.ENV.SOCKET_CLI_API_BASE_URL || getConfigValueOrUndef(constants.CONFIG_KEY_API_BASE_URL);
   if (strings.isNonEmptyString(baseUrl)) {
     return baseUrl;
   }
@@ -416,16 +416,16 @@ function getDefaultApiBaseUrl() {
  * Get user-friendly error message for HTTP status codes.
  */
 async function getErrorMessageForHttpStatusCode(code) {
-  if (code === 400) {
+  if (code === constants.HTTP_STATUS_BAD_REQUEST) {
     return 'One of the options passed might be incorrect';
   }
-  if (code === 403 || code === 401) {
+  if (code === constants.HTTP_STATUS_FORBIDDEN || code === constants.HTTP_STATUS_UNAUTHORIZED) {
     return 'Your Socket API token may not have the required permissions for this command or you might be trying to access (data from) an organization that is not linked to the API token you are logged in with';
   }
-  if (code === 404) {
+  if (code === constants.HTTP_STATUS_NOT_FOUND) {
     return 'The requested Socket API endpoint was not found (404) or there was no result for the requested parameters. If unexpected, this could be a temporary problem caused by an incident or a bug in the CLI. If the problem persists please let us know.';
   }
-  if (code === 500) {
+  if (code === constants.HTTP_STATUS_INTERNAL_SERVER_ERROR) {
     return 'There was an unknown server side problem with your request. This ought to be temporary. Please let us know if this problem persists.';
   }
   return `Server responded with status code ${code}`;
@@ -1100,7 +1100,7 @@ function getAsciiHeader(command, orgFlag) {
   const redacting = constants.default.ENV.VITEST;
   const cliVersion = redacting ? REDACTED : constants.default.ENV.INLINED_SOCKET_CLI_VERSION_HASH;
   const nodeVersion = redacting ? REDACTED : process.version;
-  const defaultOrg = getConfigValueOrUndef('defaultOrg');
+  const defaultOrg = getConfigValueOrUndef(constants.CONFIG_KEY_DEFAULT_ORG);
   const readOnlyConfig = isReadOnlyConfig() ? '*' : '.';
   const shownToken = redacting ? REDACTED : getVisibleTokenPrefix() || '(not set)';
   const relCwd = redacting ? REDACTED : path$1.normalizePath(tildify(process.cwd()));
@@ -1669,7 +1669,7 @@ async function suggestToPersistOrgSlug(orgSlug) {
 }
 
 async function determineOrgSlug(orgFlag, interactive, dryRun) {
-  const defaultOrgSlug = getConfigValueOrUndef('defaultOrg');
+  const defaultOrgSlug = getConfigValueOrUndef(constants.CONFIG_KEY_DEFAULT_ORG);
   let orgSlug = String(orgFlag || defaultOrgSlug || '');
   if (!orgSlug) {
     if (!interactive) {
@@ -2272,6 +2272,60 @@ function* walkNestedMap(map, keys = []) {
   }
 }
 
+function extractTier1ReachabilityScanId(socketFactsFile) {
+  const json = fs.readJsonSync(socketFactsFile, {
+    throws: false
+  });
+  const tier1ReachabilityScanId = String(json?.['tier1ReachabilityScanId'] ?? '').trim();
+  return tier1ReachabilityScanId.length > 0 ? tier1ReachabilityScanId : undefined;
+}
+
+async function findUp(name, options) {
+  const opts = {
+    __proto__: null,
+    ...options
+  };
+  const {
+    cwd = process.cwd(),
+    signal = constants.default.abortSignal
+  } = opts;
+  let {
+    onlyDirectories = false,
+    onlyFiles = true
+  } = opts;
+  if (onlyDirectories) {
+    onlyFiles = false;
+  }
+  if (onlyFiles) {
+    onlyDirectories = false;
+  }
+  let dir = path.resolve(cwd);
+  const {
+    root
+  } = path.parse(dir);
+  const names = [name].flat();
+  while (dir && dir !== root) {
+    for (const name of names) {
+      if (signal?.aborted) {
+        return undefined;
+      }
+      const thePath = path.join(dir, name);
+      try {
+        // eslint-disable-next-line no-await-in-loop
+        const stats = await fs$1.promises.stat(thePath);
+        if (!onlyDirectories && stats.isFile()) {
+          return thePath;
+        }
+        if (!onlyFiles && stats.isDirectory()) {
+          return thePath;
+        }
+      } catch {}
+    }
+    dir = path.dirname(dir);
+  }
+  return undefined;
+}
+
 const DEFAULT_IGNORE_FOR_GIT_IGNORE = globs.defaultIgnore.filter(p => !p.endsWith('.gitignore'));
 const IGNORED_DIRS = [
 // Taken from ignore-by-default:
@@ -2299,17 +2353,12 @@ const IGNORED_DIR_PATTERNS = IGNORED_DIRS.map(i => `**/${i}`);
 async function getWorkspaceGlobs(agent, cwd = process.cwd()) {
   let workspacePatterns;
   if (agent === constants.PNPM) {
-    for (const workspacePath of [path.join(cwd, 'pnpm-workspace.yaml'), path.join(cwd, 'pnpm-workspace.yml')]) {
-      // eslint-disable-next-line no-await-in-loop
-      const yml = await fs.safeReadFile(workspacePath);
-      if (yml) {
-        try {
-          workspacePatterns = vendor.distExports$1.parse(yml)?.packages;
-        } catch {}
-        if (workspacePatterns) {
-          break;
-        }
-      }
+    const workspacePath = path.join(cwd, 'pnpm-workspace.yaml');
+    const yml = await fs.safeReadFile(workspacePath);
+    if (yml) {
+      try {
+        workspacePatterns = vendor.distExports$1.parse(yml)?.packages;
+      } catch {}
     }
   } else {
     workspacePatterns = (await packages.readPackageJson(cwd, {
@@ -2570,12 +2619,64 @@ function exitWithBinPathError$2(binName) {
   // eslint-disable-next-line n/no-process-exit
   process.exit(127);
 }
+let _yarnBinPath;
+function getYarnBinPath() {
+  if (_yarnBinPath === undefined) {
+    _yarnBinPath = getYarnBinPathDetails().path;
+    if (!_yarnBinPath) {
+      exitWithBinPathError$2(constants.default.YARN);
+    }
+  }
+  return _yarnBinPath;
+}
+let _yarnBinPathDetails;
+function getYarnBinPathDetails() {
+  if (_yarnBinPathDetails === undefined) {
+    _yarnBinPathDetails = findBinPathDetailsSync(constants.default.YARN);
+  }
+  return _yarnBinPathDetails;
+}
+function isYarnBinPathShadowed() {
+  return getYarnBinPathDetails().shadowed;
+}
+
+let _isYarnBerry;
+function isYarnBerry() {
+  if (_isYarnBerry === undefined) {
+    try {
+      const yarnBinPath = getYarnBinPath();
+      const result = spawn.spawnSync(yarnBinPath, ['--version'], {
+        encoding: 'utf8',
+        shell: constants.default.WIN32
+      });
+      if (result.status === 0 && result.stdout) {
+        const version = result.stdout;
+        // Yarn Berry starts from version 2.x
+        const majorVersion = parseInt(version.split('.')[0], 10);
+        _isYarnBerry = majorVersion >= 2;
+      } else {
+        _isYarnBerry = false;
+      }
+    } catch {
+      _isYarnBerry = false;
+    }
+  }
+  return _isYarnBerry;
+}
+
+function exitWithBinPathError$1(binName) {
+  logger.logger.fail(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable`);
+  // The exit code 127 indicates that the command or binary being executed
+  // could not be found.
+  // eslint-disable-next-line n/no-process-exit
+  process.exit(127);
+}
 let _npmBinPath;
 function getNpmBinPath() {
   if (_npmBinPath === undefined) {
     _npmBinPath = getNpmBinPathDetails().path;
     if (!_npmBinPath) {
-      exitWithBinPathError$2(constants.NPM);
+      exitWithBinPathError$1(constants.NPM);
     }
   }
   return _npmBinPath;
@@ -2625,7 +2726,7 @@ function getNpxBinPath() {
   if (_npxBinPath === undefined) {
     _npxBinPath = getNpxBinPathDetails().path;
     if (!_npxBinPath) {
-      exitWithBinPathError$2('npx');
+      exitWithBinPathError$1('npx');
     }
   }
   return _npxBinPath;
@@ -2658,7 +2759,7 @@ function cmdFlagsToString(args) {
     if (arg.startsWith('--')) {
       const nextArg = i + 1 < length ? args[i + 1].trim() : undefined;
       // Check if the next item exists and is NOT another flag.
-      if (nextArg?.startsWith('--')) {
+      if (nextArg && !nextArg.startsWith('--')) {
         result.push(`${arg}=${nextArg}`);
         i += 1;
       } else {
@@ -2760,64 +2861,126 @@ function isHelpFlag(cmdArg) {
   return helpFlags.has(cmdArg);
 }
 
-async function findUp(name, options) {
-  const opts = {
-    __proto__: null,
-    ...options
-  };
+const require$2 = require$$5.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('utils.js', document.baseURI).href)));
+const {
+  PACKAGE_LOCK_JSON,
+  PNPM_LOCK_YAML,
+  YARN_LOCK
+} = constants.default;
+/**
+ * Regex to check if a version string contains range operators.
+ * Matches any version with range operators: ~, ^, >, <, =, x, X, *, spaces, or ||.
+ */
+const rangeOperatorsRegExp = /[~^><=xX* ]|\|\|/;
+
+/**
+ * Spawns a package using dlx-style execution (npx/pnpm dlx/yarn dlx).
+ * Automatically detects the appropriate package manager if not specified.
+ * Uses force/update flags to ensure the latest version within the range is fetched.
+ */
+async function spawnDlx(packageSpec, args, options, spawnExtra) {
+  // If version is not pinned exactly, default to force and silent for better UX.
+  const isNotPinned = rangeOperatorsRegExp.test(packageSpec.version);
   const {
-    cwd = process.cwd(),
-    signal = constants.default.abortSignal
-  } = opts;
-  let {
-    onlyDirectories = false,
-    onlyFiles = true
-  } = opts;
-  if (onlyDirectories) {
-    onlyFiles = false;
-  }
-  if (onlyFiles) {
-    onlyDirectories = false;
+    agent,
+    force = false,
+    silent = isNotPinned,
+    ...shadowOptions
+  } = options ?? {};
+  let finalShadowOptions = shadowOptions;
+  let pm = agent;
+
+  // Auto-detect package manager if not specified.
+  if (!pm) {
+    const pnpmLockPath = await findUp(PNPM_LOCK_YAML, {
+      onlyFiles: true
+    });
+    const yarnLockPath = pnpmLockPath ? undefined : await findUp(YARN_LOCK, {
+      onlyFiles: true
+    });
+    const npmLockPath = pnpmLockPath || yarnLockPath ? undefined : await findUp(PACKAGE_LOCK_JSON, {
+      onlyFiles: true
+    });
+    if (pnpmLockPath) {
+      pm = constants.PNPM;
+    } else if (yarnLockPath) {
+      pm = constants.YARN;
+    } else if (npmLockPath) {
+      pm = constants.NPM;
+    } else {
+      // Default to npm if no lockfile found.
+      pm = constants.NPM;
+    }
   }
-  let dir = path.resolve(cwd);
-  const {
-    root
-  } = path.parse(dir);
-  const names = [name].flat();
-  while (dir && dir !== root) {
-    for (const name of names) {
-      if (signal?.aborted) {
-        return undefined;
-      }
-      const thePath = path.join(dir, name);
-      try {
-        // eslint-disable-next-line no-await-in-loop
-        const stats = await fs$1.promises.stat(thePath);
-        if (!onlyDirectories && stats.isFile()) {
-          return thePath;
-        }
-        if (!onlyFiles && stats.isDirectory()) {
-          return thePath;
+  const packageString = `${packageSpec.name}@${packageSpec.version}`;
+
+  // Build command args based on package manager.
+  let binName;
+  let spawnArgs;
+  if (pm === constants.PNPM) {
+    binName = constants.PNPM;
+    spawnArgs = ['dlx'];
+    if (force) {
+      // For pnpm, set dlx-cache-max-age to 0 via env to force fresh download.
+      // This ensures we always get the latest version within the range.
+      finalShadowOptions = {
+        ...finalShadowOptions,
+        env: {
+          ...require$$11.getOwn(finalShadowOptions, 'env'),
+          // Set dlx cache max age to 0 minutes to bypass cache.
+          // The npm_config_ prefix is how pnpm reads config from environment variables.
+          // See: https://pnpm.io/npmrc#settings
+          npm_config_dlx_cache_max_age: '0'
         }
-      } catch {}
+      };
+      // Add --ignore-scripts for extra security.
+      // While pnpm dlx allows the executed package's scripts by default,
+      // we disable them since coana/cdxgen/synp don't need postinstall scripts.
+      spawnArgs.push('--ignore-scripts');
     }
-    dir = path.dirname(dir);
+    if (silent) {
+      spawnArgs.push('--silent');
+    }
+    spawnArgs.push(packageString, ...args);
+    const shadowPnpmBin = /*@__PURE__*/require$2(constants.default.shadowPnpmBinPath);
+    return await shadowPnpmBin(spawnArgs, finalShadowOptions, spawnExtra);
+  } else if (pm === constants.YARN && isYarnBerry()) {
+    binName = constants.YARN;
+    spawnArgs = ['dlx'];
+    // Yarn dlx runs in a temporary environment by design and should always fetch fresh.
+    if (silent) {
+      spawnArgs.push('--quiet');
+    }
+    spawnArgs.push(packageString, ...args);
+    const shadowYarnBin = /*@__PURE__*/require$2(constants.default.shadowYarnBinPath);
+    return await shadowYarnBin(spawnArgs, finalShadowOptions, spawnExtra);
+  } else {
+    // Use npm exec/npx.
+    // For consistency, we'll use npx which is more commonly used for one-off execution.
+    binName = 'npx';
+    spawnArgs = ['--yes'];
+    if (force) {
+      // Use --force to bypass cache and get latest within range.
+      spawnArgs.push('--force');
+    }
+    if (silent) {
+      spawnArgs.push('--silent');
+    }
+    spawnArgs.push(packageString, ...args);
+    return await shadowNpmBin(binName, spawnArgs, finalShadowOptions, spawnExtra);
   }
-  return undefined;
 }
 
-function extractTier1ReachabilityScanId(socketFactsFile) {
-  const json = fs.readJsonSync(socketFactsFile, {
-    throws: false
-  });
-  const tier1ReachabilityScanId = String(json?.['tier1ReachabilityScanId'] ?? '').trim();
-  return tier1ReachabilityScanId.length > 0 ? tier1ReachabilityScanId : undefined;
-}
-async function spawnCoana(args, orgSlug, options, extra) {
+/**
+ * Helper to spawn coana with dlx.
+ * Automatically uses force and silent when version is not pinned exactly.
+ * Returns a CResult with stdout extraction for backward compatibility.
+ */
+async function spawnCoanaDlx(args, orgSlug, options, spawnExtra) {
   const {
     env: spawnEnv,
     ipc,
-    ...spawnOpts
+    ...dlxOptions
   } = {
     __proto__: null,
     ...options
@@ -2842,10 +3005,13 @@ async function spawnCoana(args, orgSlug, options, extra) {
     mixinsEnv['SOCKET_CLI_API_PROXY'] = proxyUrl;
   }
   try {
-    const {
-      spawnPromise
-    } = await shadowNpmBin('npx', ['--yes', `@coana-tech/cli@~${constants.default.ENV.INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION}`, ...args], {
-      ...spawnOpts,
+    const result = await spawnDlx({
+      name: '@coana-tech/cli',
+      version: `~${constants.default.ENV.INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION}`
+    }, args, {
+      force: true,
+      silent: true,
+      ...dlxOptions,
       env: {
         ...process.env,
         ...constants.default.processEnv,
@@ -2858,8 +3024,8 @@ async function spawnCoana(args, orgSlug, options, extra) {
         [constants.default.SOCKET_CLI_SHADOW_SILENT]: true,
         ...ipc
       }
-    }, extra);
-    const output = await spawnPromise;
+    }, spawnExtra);
+    const output = await result.spawnPromise;
     return {
       ok: true,
       data: output.stdout
@@ -2876,6 +3042,34 @@ async function spawnCoana(args, orgSlug, options, extra) {
   }
 }
 
+/**
+ * Helper to spawn cdxgen with dlx.
+ */
+async function spawnCdxgenDlx(args, options, spawnExtra) {
+  return await spawnDlx({
+    name: '@cyclonedx/cdxgen',
+    version: `${constants.default.ENV.INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION}`
+  }, args, {
+    force: false,
+    silent: true,
+    ...options
+  }, spawnExtra);
+}
+
+/**
+ * Helper to spawn synp with dlx.
+ */
+async function spawnSynpDlx(args, options, spawnExtra) {
+  return await spawnDlx({
+    name: 'synp',
+    version: `${constants.default.ENV.INLINED_SOCKET_CLI_SYNP_VERSION}`
+  }, args, {
+    force: false,
+    silent: true,
+    ...options
+  }, spawnExtra);
+}
+
 function getEnterpriseOrgs(orgs) {
   return orgs.filter(o => o.plan === 'enterprise');
 }
@@ -3394,58 +3588,6 @@ function captureExceptionSync(exception, hint) {
   return Sentry.captureException(exception, hint);
 }
 
-function exitWithBinPathError$1(binName) {
-  logger.logger.fail(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable`);
-  // The exit code 127 indicates that the command or binary being executed
-  // could not be found.
-  // eslint-disable-next-line n/no-process-exit
-  process.exit(127);
-}
-let _yarnBinPath;
-function getYarnBinPath() {
-  if (_yarnBinPath === undefined) {
-    _yarnBinPath = getYarnBinPathDetails().path;
-    if (!_yarnBinPath) {
-      exitWithBinPathError$1(constants.default.YARN);
-    }
-  }
-  return _yarnBinPath;
-}
-let _yarnBinPathDetails;
-function getYarnBinPathDetails() {
-  if (_yarnBinPathDetails === undefined) {
-    _yarnBinPathDetails = findBinPathDetailsSync(constants.default.YARN);
-  }
-  return _yarnBinPathDetails;
-}
-function isYarnBinPathShadowed() {
-  return getYarnBinPathDetails().shadowed;
-}
-
-let _isYarnBerry;
-function isYarnBerry() {
-  if (_isYarnBerry === undefined) {
-    try {
-      const yarnBinPath = getYarnBinPath();
-      const result = spawn.spawnSync(yarnBinPath, ['--version'], {
-        encoding: 'utf8',
-        shell: constants.default.WIN32
-      });
-      if (result.status === 0 && result.stdout) {
-        const version = result.stdout;
-        // Yarn Berry starts from version 2.x
-        const majorVersion = parseInt(version.split('.')[0], 10);
-        _isYarnBerry = majorVersion >= 2;
-      } else {
-        _isYarnBerry = false;
-      }
-    } catch {
-      _isYarnBerry = false;
-    }
-  }
-  return _isYarnBerry;
-}
-
 function npa(...args) {
   try {
     return Reflect.apply(vendor.npaExports, undefined, args);
@@ -3519,7 +3661,8 @@ function shadowNpmInstall(options) {
 function runAgentInstall(pkgEnvDetails, options) {
   const {
     agent,
-    agentExecPath
+    agentExecPath,
+    pkgPath
   } = pkgEnvDetails;
   const isNpm = agent === constants.NPM;
   const isPnpm = agent === constants.PNPM;
@@ -3527,6 +3670,7 @@ function runAgentInstall(pkgEnvDetails, options) {
   if (isNpm) {
     return shadowNpmInstall({
       agentExecPath,
+      cwd: pkgPath,
       ...options
     });
   }
@@ -3540,6 +3684,7 @@ function runAgentInstall(pkgEnvDetails, options) {
   };
   const skipNodeHardenFlags = isPnpm && pkgEnvDetails.agentVersion.major < 11;
   return spawn.spawn(agentExecPath, ['install', ...args], {
+    cwd: pkgPath,
     shell: constants.default.WIN32,
     spinner,
     stdio: 'inherit',
@@ -3616,7 +3761,6 @@ const LOCKS = {
   'npm-shrinkwrap.json': NPM,
   [constants.PACKAGE_LOCK_JSON]: NPM,
   [constants.PNPM_LOCK_YAML]: PNPM,
-  ['pnpm-lock.yml']: PNPM,
   [constants.YARN_LOCK]: YARN_CLASSIC,
   'vlt-lock.json': VLT,
   // Lastly, look for a hidden lock file which is present if .npmrc has package-lock=false:
@@ -4604,12 +4748,14 @@ exports.sendApiRequest = sendApiRequest;
 exports.serializeResultJson = serializeResultJson;
 exports.setGitRemoteGithubRepoUrl = setGitRemoteGithubRepoUrl;
 exports.setupSdk = setupSdk;
-exports.spawnCoana = spawnCoana;
+exports.spawnCdxgenDlx = spawnCdxgenDlx;
+exports.spawnCoanaDlx = spawnCoanaDlx;
+exports.spawnSynpDlx = spawnSynpDlx;
 exports.suggestOrgSlug = suggestOrgSlug;
 exports.tildify = tildify;
 exports.toFilterConfig = toFilterConfig;
 exports.updateConfigValue = updateConfigValue;
 exports.walkNestedMap = walkNestedMap;
 exports.writeSocketJson = writeSocketJson;
-//# debugId=1da7b4a0-f584-4be9-bf6b-9269a66c830
+//# debugId=7c038248-c427-45da-a76a-77720ea4660d
 //# sourceMappingURL=utils.js.map