@socketsecurity/cli-with-sentry 1.1.18 → 1.1.19

package/dist/cli.js

@@ -94,8 +94,10 @@ async function outputAnalytics(result, {
     if (filepath) {
       try {
         await fs.writeFile(filepath, serialized, 'utf8');
+        utils.debugFileOp('write', filepath);
         logger.logger.success(`Data successfully written to ${filepath}`);
       } catch (e) {
+        utils.debugFileOp('write', filepath, e);
         process.exitCode = 1;
         logger.logger.log(utils.serializeResultJson({
           ok: false,
@@ -116,8 +118,10 @@ async function outputAnalytics(result, {
     if (filepath) {
       try {
         await fs.writeFile(filepath, serialized, 'utf8');
+        utils.debugFileOp('write', filepath);
         logger.logger.success(`Data successfully written to ${filepath}`);
       } catch (e) {
+        utils.debugFileOp('write', filepath, e);
         logger.logger.error(e);
       }
     } else {
@@ -433,12 +437,12 @@ async function run$S(argv, importMeta, {
   }, {
     nook: true,
     test: !filepath || !!json || !!markdown,
-    message: 'The `--file` flag is only valid when using `--json` or `--markdown`',
+    message: `The \`--file\` flag is only valid when using \`${constants.FLAG_JSON}\` or \`${constants.FLAG_MARKDOWN}\``,
     fail: 'bad'
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -612,11 +616,9 @@ ${table}
 `;
   } catch (e) {
     process.exitCode = 1;
-    logger.logger.fail('There was a problem converting the logs to Markdown, please try the `--json` flag');
-    require$$9.debugFn('error', 'caught: markdown conversion error');
-    require$$9.debugDir('inspect', {
-      error: e
-    });
+    logger.logger.fail(`There was a problem converting the logs to Markdown, please try the \`${constants.FLAG_JSON}\` flag`);
+    require$$9.debugFn('error', 'Markdown conversion failed');
+    require$$9.debugDir('error', e);
     return 'Failed to generate the markdown report';
   }
 }
@@ -854,7 +856,7 @@ async function run$R(argv, importMeta, {
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -1021,8 +1023,8 @@ async function fetchScanData(orgSlug, scanId, options) {
         return JSON.parse(line);
       } catch (e) {
         ok = false;
-        require$$9.debugFn('error', 'caught: JSON.parse error');
-        require$$9.debugDir('inspect', {
+        require$$9.debugFn('error', 'Failed to parse report data line as JSON');
+        require$$9.debugDir('error', {
           error: e,
           line
         });
@@ -1054,14 +1056,14 @@ async function fetchScanData(orgSlug, scanId, options) {
     return {
       ok: false,
       message: 'Socket API error',
-      cause: `Error requesting scan: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
+      cause: utils.formatErrorWithDetail('Error requesting scan', e) || 'Error requesting scan: (no error message found)'
     };
   }), fetchSecurityPolicy().catch(e => {
     updatePolicy('failure; unknown blocking error occurred');
     return {
       ok: false,
       message: 'Socket API error',
-      cause: `Error requesting policy: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
+      cause: utils.formatErrorWithDetail('Error requesting policy', e) || 'Error requesting policy: (no error message found)'
     };
   })]).finally(() => {
     finishedFetching = true;
@@ -2154,10 +2156,29 @@ async function handleCreateNewScan({
   targets,
   tmp
 }) {
+  require$$9.debugFn('notice', `Creating new scan for ${orgSlug}/${repoName}`);
+  require$$9.debugDir('inspect', {
+    autoManifest,
+    branchName,
+    commitHash,
+    defaultBranch,
+    interactive,
+    pendingHead,
+    pullRequest,
+    readOnly,
+    report,
+    reportLevel,
+    targets,
+    tmp
+  });
   if (autoManifest) {
     logger.logger.info('Auto-generating manifest files ...');
+    require$$9.debugFn('notice', 'Auto-manifest mode enabled');
     const sockJson = utils.readOrDefaultSocketJson(cwd);
     const detected = await detectManifestActions(sockJson, cwd);
+    require$$9.debugDir('inspect', {
+      detected
+    });
     await generateAutoManifest({
       detected,
       cwd,
@@ -2173,12 +2194,17 @@ async function handleCreateNewScan({
     spinner
   });
   if (!supportedFilesCResult.ok) {
+    require$$9.debugFn('warn', 'Failed to fetch supported scan file names');
+    require$$9.debugDir('inspect', {
+      supportedFilesCResult
+    });
     await outputCreateNewScan(supportedFilesCResult, {
       interactive,
       outputKind
     });
     return;
   }
+  require$$9.debugFn('notice', `Fetched ${supportedFilesCResult.data['size']} supported file types`);
   spinner.start('Searching for local files to include in scan...');
   const supportedFiles = supportedFilesCResult.data;
   const packagePaths = await utils.getPackageFilesForScan(targets, supportedFiles, {
@@ -2192,6 +2218,7 @@ async function handleCreateNewScan({
     message: 'TARGET (file/dir) must contain matching / supported file types for a scan'
   });
   if (!wasValidInput) {
+    require$$9.debugFn('warn', 'No eligible files found to scan');
     return;
   }
   logger.logger.success(`Found ${packagePaths.length} local ${words.pluralize('file', packagePaths.length)}`);
@@ -2200,6 +2227,7 @@ async function handleCreateNewScan({
   });
   if (readOnly) {
     logger.logger.log('[ReadOnly] Bailing now');
+    require$$9.debugFn('notice', 'Read-only mode, exiting early');
     return;
   }
   let scanPaths = packagePaths;
@@ -2209,6 +2237,10 @@ async function handleCreateNewScan({
   if (reach.runReachabilityAnalysis) {
     logger.logger.error('');
     logger.logger.info('Starting reachability analysis...');
+    require$$9.debugFn('notice', 'Reachability analysis enabled');
+    require$$9.debugDir('inspect', {
+      reachabilityOptions: reach
+    });
     spinner.start();
     const reachResult = await performReachabilityAnalysis({
       branchName,
@@ -2285,8 +2317,16 @@ async function handleCreateNewScan({
 }
 
 async function handleCi(autoManifest) {
+  require$$9.debugFn('notice', 'Starting CI scan');
+  require$$9.debugDir('inspect', {
+    autoManifest
+  });
   const orgSlugCResult = await utils.getDefaultOrgSlug();
   if (!orgSlugCResult.ok) {
+    require$$9.debugFn('warn', 'Failed to get default org slug');
+    require$$9.debugDir('inspect', {
+      orgSlugCResult
+    });
     process.exitCode = orgSlugCResult.code ?? 1;
     // Always assume json mode.
     logger.logger.log(utils.serializeResultJson(orgSlugCResult));
@@ -2296,6 +2336,13 @@ async function handleCi(autoManifest) {
   const cwd = process.cwd();
   const branchName = (await utils.gitBranch(cwd)) || (await utils.detectDefaultBranch(cwd));
   const repoName = await utils.getRepoName(cwd);
+  require$$9.debugFn('notice', `CI scan for ${orgSlug}/${repoName} on branch ${branchName}`);
+  require$$9.debugDir('inspect', {
+    orgSlug,
+    cwd,
+    branchName,
+    repoName
+  });
   await handleCreateNewScan({
     autoManifest,
     branchName,
@@ -2669,7 +2716,7 @@ ${utils.getSupportedConfigEntries().map(({
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   });
   if (!wasValidInput) {
@@ -2780,7 +2827,7 @@ async function run$O(argv, importMeta, {
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   });
   if (!wasValidInput) {
@@ -2912,7 +2959,7 @@ async function run$N(argv, importMeta, {
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   });
   if (!wasValidInput) {
@@ -2963,7 +3010,17 @@ async function handleConfigSet({
   outputKind,
   value
 }) {
+  require$$9.debugFn('notice', `Setting config ${key} = ${value}`);
+  require$$9.debugDir('inspect', {
+    key,
+    value,
+    outputKind
+  });
   const result = utils.updateConfigValue(key, value);
+  require$$9.debugFn('notice', `Config update ${result.ok ? 'succeeded' : 'failed'}`);
+  require$$9.debugDir('inspect', {
+    result
+  });
   await outputConfigSet(result, outputKind);
 }
 
@@ -3039,7 +3096,7 @@ ${utils.getSupportedConfigEntries().map(({
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   });
   if (!wasValidInput) {
@@ -3154,7 +3211,7 @@ ${utils.getSupportedConfigEntries().map(({
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   });
   if (!wasValidInput) {
@@ -3369,9 +3426,7 @@ async function getSocketFixPrsWithContext(owner, repo, options) {
     }
   } catch (e) {
     require$$9.debugFn('error', `GraphQL pagination failed for ${owner}/${repo}`);
-    require$$9.debugDir('inspect', {
-      error: e
-    });
+    require$$9.debugDir('error', e);
   }
   return contextualMatches;
 }
@@ -3588,9 +3643,7 @@ async function coanaFix(fixConfig) {
       }
     } catch (e) {
       require$$9.debugFn('warn', 'Failed to count open PRs, using original limit');
-      require$$9.debugDir('inspect', {
-        error: e
-      });
+      require$$9.debugDir('error', e);
     }
   }
   const shouldSpawnCoana = adjustedLimit > 0;
@@ -3644,7 +3697,7 @@ async function coanaFix(fixConfig) {
       stdio: 'inherit'
     });
     if (!fixCResult.ok) {
-      logger.logger.error(`Update failed for ${ghsaId}: ${fixCResult.message || constants.UNKNOWN_ERROR}`);
+      logger.logger.error(`Update failed for ${ghsaId}: ${utils.getErrorCause(fixCResult)}`);
       continue ghsaLoop;
     }
 
@@ -3746,9 +3799,7 @@ async function coanaFix(fixConfig) {
       await utils.gitCheckoutBranch(fixEnv.baseBranch, cwd);
     } catch (e) {
       logger.logger.warn(`Unexpected condition: Push failed for ${ghsaId}, skipping PR creation.`);
-      require$$9.debugDir('inspect', {
-        error: e
-      });
+      require$$9.debugDir('error', e);
       // eslint-disable-next-line no-await-in-loop
       await utils.gitResetAndClean(fixEnv.baseBranch, cwd);
       // eslint-disable-next-line no-await-in-loop
@@ -3792,6 +3843,10 @@ const CVE_FORMAT_REGEXP = /^CVE-\d{4}-\d{4,}$/;
  * Filters out invalid IDs and logs conversion results.
  */
 async function convertIdsToGhsas(ids) {
+  require$$9.debugFn('notice', `Converting ${ids.length} IDs to GHSA format`);
+  require$$9.debugDir('inspect', {
+    ids
+  });
   const validGhsas = [];
   const errors = [];
   for (const id of ids) {
@@ -3835,7 +3890,14 @@ async function convertIdsToGhsas(ids) {
   }
   if (errors.length) {
     logger.logger.warn(`Skipped ${errors.length} invalid IDs:\n${errors.map(e => `  - ${e}`).join('\n')}`);
+    require$$9.debugDir('inspect', {
+      errors
+    });
   }
+  require$$9.debugFn('notice', `Converted to ${validGhsas.length} valid GHSA IDs`);
+  require$$9.debugDir('inspect', {
+    validGhsas
+  });
   return validGhsas;
 }
 async function handleFix({
@@ -3854,6 +3916,21 @@ async function handleFix({
   spinner,
   unknownFlags
 }) {
+  require$$9.debugFn('notice', `Starting fix command for ${orgSlug}`);
+  require$$9.debugDir('inspect', {
+    autopilot,
+    cwd,
+    ghsas,
+    glob,
+    limit,
+    minSatisfying,
+    onlyCompute,
+    outputFile,
+    outputKind,
+    prCheck,
+    rangeStyle,
+    unknownFlags
+  });
   await outputFixResult(await coanaFix({
     autopilot,
     cwd,
@@ -3933,7 +4010,7 @@ const hiddenFlags = {
   glob: {
     type: 'string',
     default: '',
-    description: 'Glob pattern to pass to coana for filtering files',
+    description: 'Glob pattern to filter workspaces by',
     hidden: true
   },
   maxSatisfying: {
@@ -4006,7 +4083,7 @@ async function run$K(argv, importMeta, {
 
     Examples
       $ ${command}
-      $ ${command} --id CVE-2021-23337
+      $ ${command} ${constants.FLAG_ID} CVE-2021-23337
       $ ${command} ./path/to/project --range-style pin
     `
   };
@@ -5230,7 +5307,7 @@ async function run$D(argv, importMeta, {
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   });
   if (!wasValidInput) {
@@ -6279,10 +6356,10 @@ async function run$x(argv, importMeta, context) {
     API Token Requirements
       ${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$r}`)}
 
-    Note: Everything after "npm" is passed to the npm command.
-          Only the \`--dry-run\` and \`--help\` flags are caught here.
+    Note: Everything after "${constants.NPM}" is passed to the ${constants.NPM} command.
+          Only the \`${constants.FLAG_DRY_RUN}\` and \`${constants.FLAG_HELP}\` flags are caught here.
 
-    Use \`socket wrapper on\` to alias this command as \`npm\`.
+    Use \`socket wrapper on\` to alias this command as \`${constants.NPM}\`.
 
     Examples
       $ ${command}
@@ -6301,7 +6378,7 @@ async function run$x(argv, importMeta, context) {
     logger.logger.log(constants.default.DRY_RUN_BAILING_NOW);
     return;
   }
-  const shadowBin = /*@__PURE__*/require$5(constants.default.shadowNpmBinPath);
+  const shadowNpmBin = /*@__PURE__*/require$5(constants.default.shadowNpmBinPath);
   process.exitCode = 1;
 
   // Filter Socket flags from argv but keep --json for npm.
@@ -6311,7 +6388,7 @@ async function run$x(argv, importMeta, context) {
   }, [constants.FLAG_JSON]);
   const {
     spawnPromise
-  } = await shadowBin(constants.NPM, argsToForward, {
+  } = await shadowNpmBin(argsToForward, {
     stdio: 'inherit'
   });
 
@@ -6353,10 +6430,10 @@ async function run$w(argv, importMeta, {
     API Token Requirements
       ${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$q}`)}
 
-    Note: Everything after "npx" is passed to the npx command.
-          Only the \`--dry-run\` and \`--help\` flags are caught here.
+    Note: Everything after "${constants.NPX}" is passed to the ${constants.NPX} command.
+          Only the \`${constants.FLAG_DRY_RUN}\` and \`${constants.FLAG_HELP}\` flags are caught here.
 
-    Use \`socket wrapper on\` to alias this command as \`npx\`.
+    Use \`socket wrapper on\` to alias this command as \`${constants.NPX}\`.
 
     Examples
       $ ${command} cowsay
@@ -6374,11 +6451,11 @@ async function run$w(argv, importMeta, {
     logger.logger.log(constants.default.DRY_RUN_BAILING_NOW);
     return;
   }
-  const shadowBin = /*@__PURE__*/require$4(constants.default.shadowNpmBinPath);
+  const shadowNpxBin = /*@__PURE__*/require$4(constants.default.shadowNpxBinPath);
   process.exitCode = 1;
   const {
     spawnPromise
-  } = await shadowBin(constants.NPX, argv, {
+  } = await shadowNpxBin(argv, {
     stdio: 'inherit'
   });
 
@@ -7056,9 +7133,9 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
         if (
         // ...if the spec doesn't start with a valid Socket override.
         !(thisSpec.startsWith(sockOverridePrefix) &&
-        // Check the validity of the spec by passing it through npa and
-        // seeing if it will coerce to a version.
-        vendor.semverExports.coerce(utils.npa(thisSpec).subSpec.rawSpec)?.version)) {
+        // Check the validity of the spec by parsing it with npm-package-arg
+        // and seeing if it will coerce to a version.
+        vendor.semverExports.coerce(utils.safeNpa(thisSpec).subSpec.rawSpec)?.version)) {
           thisSpec = sockOverrideSpec;
           depObj[origPkgName] = thisSpec;
           state.added.add(sockRegPkgName);
@@ -7107,12 +7184,12 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
             const thisSpec = oldSpec.startsWith('$') ? depAlias || newSpec : oldSpec || newSpec;
             if (thisSpec.startsWith(sockOverridePrefix)) {
               if (pin && utils.getMajor(
-              // Check the validity of the spec by passing it through npa
+              // Check the validity of the spec by parsing it with npm-package-arg
               // and seeing if it will coerce to a version. semver.coerce
               // will strip leading v's, carets (^), comparators (<,<=,>,>=,=),
               // and tildes (~). If not coerced to a valid version then
               // default to the manifest entry version.
-              vendor.semverExports.coerce(utils.npa(thisSpec).subSpec.rawSpec)?.version ?? version) !== major) {
+              vendor.semverExports.coerce(utils.safeNpa(thisSpec).subSpec.rawSpec)?.version ?? version) !== major) {
                 const otherVersion = (await packages.fetchPackageManifest(thisSpec))?.version;
                 if (otherVersion && otherVersion !== version) {
                   newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${utils.getMajor(otherVersion)}`}`;
@@ -7196,10 +7273,8 @@ async function updateLockfile(pkgEnvDetails, options) {
     }
   } catch (e) {
     spinner?.stop();
-    require$$9.debugFn('error', 'fail: update');
-    require$$9.debugDir('inspect', {
-      error: e
-    });
+    require$$9.debugFn('error', 'Lockfile update failed');
+    require$$9.debugDir('error', e);
     if (wasSpinning) {
       spinner.start();
     }
@@ -7299,17 +7374,29 @@ async function handleOptimize({
   pin,
   prod
 }) {
+  require$$9.debugFn('notice', `Starting optimization for ${cwd}`);
+  require$$9.debugDir('inspect', {
+    cwd,
+    outputKind,
+    pin,
+    prod
+  });
   const pkgEnvCResult = await utils.detectAndValidatePackageEnvironment(cwd, {
     cmdName: CMD_NAME$p,
     logger: logger.logger,
     prod
   });
   if (!pkgEnvCResult.ok) {
+    require$$9.debugFn('warn', 'Package environment validation failed');
+    require$$9.debugDir('inspect', {
+      pkgEnvCResult
+    });
     await outputOptimizeResult(pkgEnvCResult, outputKind);
     return;
   }
   const pkgEnvDetails = pkgEnvCResult.data;
   if (!pkgEnvDetails) {
+    require$$9.debugFn('warn', 'No package environment details found');
     await outputOptimizeResult({
       ok: false,
       message: 'No package found.',
@@ -7317,11 +7404,16 @@ async function handleOptimize({
     }, outputKind);
     return;
   }
+  require$$9.debugFn('notice', `Detected package manager: ${pkgEnvDetails.agent} v${pkgEnvDetails.agentVersion}`);
+  require$$9.debugDir('inspect', {
+    pkgEnvDetails
+  });
   const {
     agent,
     agentVersion
   } = pkgEnvDetails;
   if (agent === VLT) {
+    require$$9.debugFn('warn', `${agent} does not support overrides`);
     await outputOptimizeResult({
       ok: false,
       message: 'Unsupported',
@@ -7330,10 +7422,16 @@ async function handleOptimize({
     return;
   }
   logger.logger.info(`Optimizing packages for ${agent} v${agentVersion}.\n`);
-  await outputOptimizeResult(await applyOptimization(pkgEnvDetails, {
+  require$$9.debugFn('notice', 'Applying optimization');
+  const optimizationResult = await applyOptimization(pkgEnvDetails, {
     pin,
     prod
-  }), outputKind);
+  });
+  require$$9.debugFn('notice', `Optimization ${optimizationResult.ok ? 'succeeded' : 'failed'}`);
+  require$$9.debugDir('inspect', {
+    optimizationResult
+  });
+  await outputOptimizeResult(optimizationResult, outputKind);
 }
 
 const CMD_NAME$o = 'optimize';
@@ -7501,10 +7599,20 @@ async function handleDependencies({
   offset,
   outputKind
 }) {
+  require$$9.debugFn('notice', `Fetching dependencies with limit=${limit}, offset=${offset}`);
+  require$$9.debugDir('inspect', {
+    limit,
+    offset,
+    outputKind
+  });
   const result = await fetchDependencies({
     limit,
     offset
   });
+  require$$9.debugFn('notice', `Dependencies ${result.ok ? 'fetched successfully' : 'fetch failed'}`);
+  require$$9.debugDir('inspect', {
+    result
+  });
   await outputDependencies(result, {
     limit,
     offset,
@@ -7574,7 +7682,7 @@ async function run$t(argv, importMeta, {
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -7915,7 +8023,15 @@ async function outputOrganizationList(orgsCResult, outputKind = 'text') {
 }
 
 async function handleOrganizationList(outputKind = 'text') {
+  require$$9.debugFn('notice', 'Fetching organization list');
+  require$$9.debugDir('inspect', {
+    outputKind
+  });
   const data = await utils.fetchOrganization();
+  require$$9.debugFn('notice', `Organization list ${data.ok ? 'fetched successfully' : 'fetch failed'}`);
+  require$$9.debugDir('inspect', {
+    data
+  });
   await outputOrganizationList(data, outputKind);
 }
 
@@ -7969,7 +8085,7 @@ async function run$q(argv, importMeta, {
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -8319,7 +8435,16 @@ function createMarkdownReport(data) {
 }
 
 async function handlePurlDeepScore(purl, outputKind) {
+  require$$9.debugFn('notice', `Fetching deep score for ${purl}`);
+  require$$9.debugDir('inspect', {
+    purl,
+    outputKind
+  });
   const result = await fetchPurlDeepScore(purl);
+  require$$9.debugFn('notice', `Deep score ${result.ok ? 'fetched successfully' : 'fetch failed'}`);
+  require$$9.debugDir('inspect', {
+    result
+  });
   await outputPurlsDeepScore(purl, result, outputKind);
 }
 
@@ -8751,7 +8876,16 @@ async function handlePurlsShallowScore({
   outputKind,
   purls
 }) {
+  require$$9.debugFn('notice', `Fetching shallow scores for ${purls.length} packages`);
+  require$$9.debugDir('inspect', {
+    purls,
+    outputKind
+  });
   const packageData = await fetchPurlsShallowScore(purls);
+  require$$9.debugFn('notice', `Shallow scores ${packageData.ok ? 'fetched successfully' : 'fetch failed'}`);
+  require$$9.debugDir('inspect', {
+    packageData
+  });
   outputPurlsShallowScore(purls, packageData, outputKind);
 }
 
@@ -9051,7 +9185,7 @@ async function computeSHA256(filepath) {
     return {
       ok: false,
       message: 'Failed to compute file hash',
-      cause: `Unable to read file ${filepath}: ${e instanceof Error ? e.message : constants.UNKNOWN_ERROR}`
+      cause: `Unable to read file ${filepath}: ${utils.getErrorCause(e)}`
     };
   }
 }
@@ -9150,9 +9284,7 @@ async function processFilePatch(pkgPath, fileName, fileInfo, socketDir, options)
     logger.logger.success(`Patch applied successfully`);
   } catch (e) {
     logger.logger.error('Error applying patch');
-    require$$9.debugDir('inspect', {
-      error: e
-    });
+    require$$9.debugDir('error', e);
     result = false;
   }
   logger.logger.groupEnd();
@@ -9232,7 +9364,7 @@ async function handlePatch({
   } catch (e) {
     spinner.stop();
     let message = 'Failed to apply patches';
-    let cause = e?.message || constants.UNKNOWN_ERROR;
+    let cause = utils.getErrorCause(e);
     if (e instanceof SyntaxError) {
       message = `Invalid JSON in ${constants.MANIFEST_JSON}`;
       cause = e.message;
@@ -9370,10 +9502,10 @@ async function run$l(argv, importMeta, context) {
     API Token Requirements
       ${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME$g}`)}
 
-    Note: Everything after "pnpm" is passed to the pnpm command.
-          Only the \`--dry-run\` and \`--help\` flags are caught here.
+    Note: Everything after "${constants.PNPM}" is passed to the ${constants.PNPM} command.
+          Only the \`${constants.FLAG_DRY_RUN}\` and \`${constants.FLAG_HELP}\` flags are caught here.
 
-    Use \`socket wrapper on\` to alias this command as \`pnpm\`.
+    Use \`socket wrapper on\` to alias this command as \`${constants.PNPM}\`.
 
     Examples
       $ ${command}
@@ -9393,14 +9525,16 @@ async function run$l(argv, importMeta, context) {
     logger.logger.log(constants.default.DRY_RUN_BAILING_NOW);
     return;
   }
-  const shadowBin = /*@__PURE__*/require$3(constants.default.shadowPnpmBinPath);
+  const shadowPnpmBin = /*@__PURE__*/require$3(constants.default.shadowPnpmBinPath);
   process.exitCode = 1;
 
   // Filter Socket flags from argv.
   const filteredArgv = utils.filterFlags(argv, config.flags);
   const {
     spawnPromise
-  } = await shadowBin(filteredArgv);
+  } = await shadowPnpmBin(filteredArgv, {
+    stdio: 'inherit'
+  });
   await spawnPromise;
   process.exitCode = 0;
 }
@@ -9440,7 +9574,7 @@ const config$4 = {
     the Socket wrapper. Use at your own risk.
 
     Note: Everything after "raw-npm" is passed to the npm command.
-          Only the \`--dry-run\` and \`--help\` flags are caught here.
+          Only the \`${constants.FLAG_DRY_RUN}\` and \`${constants.FLAG_HELP}\` flags are caught here.
 
     Examples
       $ ${command} install -g cowsay
@@ -9503,7 +9637,7 @@ const config$3 = {
     the Socket wrapper. Use at your own risk.
 
     Note: Everything after "raw-npx" is passed to the npx command.
-          Only the \`--dry-run\` and \`--help\` flags are caught here.
+          Only the \`${constants.FLAG_DRY_RUN}\` and \`${constants.FLAG_HELP}\` flags are caught here.
 
     Examples
       $ ${command} cowsay
@@ -9588,6 +9722,16 @@ async function handleCreateRepo({
   repoName,
   visibility
 }, outputKind) {
+  require$$9.debugFn('notice', `Creating repository ${orgSlug}/${repoName}`);
+  require$$9.debugDir('inspect', {
+    defaultBranch,
+    description,
+    homepage,
+    orgSlug,
+    repoName,
+    visibility,
+    outputKind
+  });
   const data = await fetchCreateRepo({
     defaultBranch,
     description,
@@ -9596,6 +9740,10 @@ async function handleCreateRepo({
     repoName,
     visibility
   });
+  require$$9.debugFn('notice', `Repository creation ${data.ok ? 'succeeded' : 'failed'}`);
+  require$$9.debugDir('inspect', {
+    data
+  });
   outputCreateRepo(data, repoName, outputKind);
 }
 
@@ -10124,7 +10272,7 @@ async function run$g(argv, importMeta, {
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -10490,7 +10638,7 @@ async function run$e(argv, importMeta, {
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -11383,7 +11531,7 @@ async function run$b(argv, importMeta, {
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -11792,19 +11940,17 @@ async function streamDownloadWithFetch(localPath, downloadUrl) {
     };
   } catch (e) {
     logger.logger.fail('An error was thrown while trying to download a manifest file... url:', downloadUrl);
-    require$$9.debugDir('inspect', {
-      error: e
-    });
+    require$$9.debugDir('error', e);
 
     // If an error occurs and fileStream was created, attempt to clean up.
     if (fs$1.existsSync(localPath)) {
       // Check if fileStream was even opened before trying to delete
       // This check might be too simplistic depending on when error occurs
-      fs$1.unlink(localPath, unlinkErr => {
-        if (unlinkErr) {
-          logger.logger.fail(`Error deleting partial file ${localPath}: ${unlinkErr.message}`);
-        }
-      });
+      try {
+        await fs$1.promises.unlink(localPath);
+      } catch (e) {
+        logger.logger.fail(utils.formatErrorWithDetail(`Error deleting partial file ${localPath}`, e));
+      }
     }
     // Construct a more informative error message
     let detailedError = `Error during download of ${downloadUrl}: ${e.message}`;
@@ -13428,8 +13574,8 @@ async function fetchScan(orgSlug, scanId) {
       return JSON.parse(line);
     } catch (e) {
       ok = false;
-      require$$9.debugFn('error', 'caught: JSON.parse error');
-      require$$9.debugDir('inspect', {
+      require$$9.debugFn('error', 'Failed to parse scan result line as JSON');
+      require$$9.debugDir('error', {
         error: e,
         line
       });
@@ -13627,7 +13773,7 @@ async function run$4(argv, importMeta, {
   }, {
     nook: true,
     test: !json || !markdown,
-    message: 'The `--json` and `--markdown` flags can not be used at the same time',
+    message: `The \`${constants.FLAG_JSON}\` and \`${constants.FLAG_MARKDOWN}\` flags can not be used at the same time`,
     fail: 'bad'
   }, {
     nook: true,
@@ -14309,10 +14455,8 @@ Do you want to install the Socket npm wrapper (this will create an alias to the
       }
     }
   } catch (e) {
-    require$$9.debugFn('error', 'caught: tab completion setup error');
-    require$$9.debugDir('inspect', {
-      error: e
-    });
+    require$$9.debugFn('warn', 'Tab completion setup failed (non-fatal)');
+    require$$9.debugDir('warn', e);
     // Ignore. Skip tab completion setup.
   }
   if (!updatedTabCompletion) {
@@ -14345,7 +14489,7 @@ async function setupShadowNpm(query) {
         addSocketWrapper(zshRcPath);
       }
     } catch (e) {
-      throw new Error(`There was an issue setting up the alias: ${e?.['message']}`);
+      throw new Error(`There was an issue setting up the alias: ${utils.getErrorCause(e)}`);
     }
   }
 }
@@ -14507,10 +14651,10 @@ async function run(argv, importMeta, context) {
     API Token Requirements
       ${utils.getFlagApiRequirementsOutput(`${parentName}:${CMD_NAME}`)}
 
-    Note: Everything after "yarn" is passed to the yarn command.
-          Only the \`--dry-run\` and \`--help\` flags are caught here.
+    Note: Everything after "${constants.YARN}" is passed to the ${constants.YARN} command.
+          Only the \`${constants.FLAG_DRY_RUN}\` and \`${constants.FLAG_HELP}\` flags are caught here.
 
-    Use \`socket wrapper on\` to alias this command as \`yarn\`.
+    Use \`socket wrapper on\` to alias this command as \`${constants.YARN}\`.
 
     Examples
       $ ${command}
@@ -14530,14 +14674,16 @@ async function run(argv, importMeta, context) {
     logger.logger.log(constants.default.DRY_RUN_BAILING_NOW);
     return;
   }
-  const shadowBin = /*@__PURE__*/require$1(constants.default.shadowYarnBinPath);
+  const shadowYarnBin = /*@__PURE__*/require$1(constants.default.shadowYarnBinPath);
   process.exitCode = 1;
 
   // Filter Socket flags from argv.
   const filteredArgv = utils.filterFlags(argv, config.flags);
   const {
     spawnPromise
-  } = await shadowBin(filteredArgv);
+  } = await shadowYarnBin(filteredArgv, {
+    stdio: 'inherit'
+  });
   await spawnPromise;
   process.exitCode = 0;
 }
@@ -14679,10 +14825,8 @@ void (async () => {
     });
   } catch (e) {
     process.exitCode = 1;
-    require$$9.debugFn('error', 'Uncaught error (BAD!):');
-    require$$9.debugDir('inspect', {
-      error: e
-    });
+    require$$9.debugFn('error', 'CLI uncaught error');
+    require$$9.debugDir('error', e);
     let errorBody;
     let errorTitle;
     let errorMessage = '';
@@ -14734,5 +14878,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=b2633ba4-7e32-440b-9581-735f53ff9fc8
+//# debugId=6d9d1b81-f05f-4bdf-ae16-71ba7e848b55
 //# sourceMappingURL=cli.js.map