@socketsecurity/cli-with-sentry 1.1.56 → 1.1.57

package/dist/vendor.js

@@ -23,8 +23,8 @@ var require$$0$h = process$2;
 var require$$0$i = require('node:buffer');
 var require$$2$3 = require('node:https');
 var require$$0$j = require$$0$d;
-var require$$2$4 = require$$1$8;
-var require$$3$3 = require$$2$3;
+var require$$1$9 = require$$1$8;
+var require$$0$k = require$$2$3;
 var require$$5$2 = require('node:readline');
 var require$$6$2 = require$$0$9;
 var require$$7$5 = require('../external/@socketsecurity/registry/lib/constants/abort-signal');
@@ -34,29 +34,29 @@ var require$$10 = require('../external/@socketsecurity/registry/lib/json');
 var require$$11 = require('../external/@socketsecurity/registry/lib/objects');
 var require$$12 = require('../external/@socketsecurity/registry/lib/promises');
 var require$$13 = require('../external/@socketsecurity/registry/lib/url');
-var require$$1$9 = require$$0$g;
+var require$$1$a = require$$0$g;
 var node_buffer = require$$0$i;
 var childProcess = require('node:child_process');
-var require$$1$a = require('node:path/win32');
-var require$$0$k = require('node:module');
-var require$$0$m = fs$6;
-var require$$0$l = require('node:crypto');
-var require$$0$n = childProcess;
-var require$$2$5 = require$$5$2;
-var require$$1$b = require('node:readline/promises');
-var require$$5$3 = require$$0$k;
-var require$$2$6 = require('node:string_decoder');
-var require$$2$7 = require$$2$6;
-var require$$0$o = require('node:zlib');
-var require$$1$c = require$$0$c;
-var require$$0$p = require$$0$l;
-var require$$0$q = require('node:dns');
-var require$$0$r = require('node:net');
-var require$$1$d = require('node:tls');
-var require$$3$4 = require('node:timers/promises');
+var require$$1$b = require('node:path/win32');
+var require$$0$l = require('node:module');
+var require$$0$n = fs$6;
+var require$$0$m = require('node:crypto');
+var require$$0$o = childProcess;
+var require$$0$p = require$$0$m;
+var require$$2$4 = require$$5$2;
+var require$$1$c = require('node:readline/promises');
+var require$$5$3 = require$$0$l;
+var require$$2$5 = require('node:string_decoder');
+var require$$2$6 = require$$2$5;
+var require$$0$q = require('node:zlib');
+var require$$1$d = require$$0$c;
+var require$$0$r = require('node:dns');
+var require$$0$s = require('node:net');
+var require$$1$e = require('node:tls');
+var require$$3$3 = require('node:timers/promises');
 var require$$6$3 = require('node:querystring');
-var require$$0$s = require('node:http2');
-var require$$1$e = require('node:v8');
+var require$$0$t = require('node:http2');
+var require$$1$f = require('node:v8');
 
 var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
 function camelCase$1(str) {
@@ -10194,19 +10194,19 @@ function requireUtil$5() {
   return util$5;
 }
 
-var types$4 = {};
+var types$5 = {};
 
-var hasRequiredTypes$4;
-function requireTypes$4() {
-  if (hasRequiredTypes$4) return types$4;
-  hasRequiredTypes$4 = 1;
+var hasRequiredTypes$5;
+function requireTypes$5() {
+  if (hasRequiredTypes$5) return types$5;
+  hasRequiredTypes$5 = 1;
   const path = require$$1$7;
   const Stream = require$$0$9.Stream;
   const url = require$$0$e;
   const Umask = () => {};
   const getLocalAddresses = () => [];
   const semver = () => {};
-  types$4.types = {
+  types$5.types = {
     access: [null, 'restricted', 'public'],
     'allow-same-version': Boolean,
     'always-auth': Boolean,
@@ -10330,7 +10330,7 @@ function requireTypes$4() {
     viewer: String,
     _exit: Boolean
   };
-  return types$4;
+  return types$5;
 }
 
 var conf;
@@ -10353,7 +10353,7 @@ function requireConf() {
     constructor(base, types) {
       super(base);
       this.root = base;
-      this._parseField = util.parseField.bind(null, types || requireTypes$4());
+      this._parseField = util.parseField.bind(null, types || requireTypes$5());
     }
 
     // https://github.com/npm/cli/blob/latest/lib/config/core.js#L326-L338
@@ -18811,22 +18811,22 @@ function requireDraft7() {
 
 var discriminator = {};
 
-var types$3 = {};
+var types$4 = {};
 
-var hasRequiredTypes$3;
-function requireTypes$3() {
-  if (hasRequiredTypes$3) return types$3;
-  hasRequiredTypes$3 = 1;
-  Object.defineProperty(types$3, "__esModule", {
+var hasRequiredTypes$4;
+function requireTypes$4() {
+  if (hasRequiredTypes$4) return types$4;
+  hasRequiredTypes$4 = 1;
+  Object.defineProperty(types$4, "__esModule", {
     value: true
   });
-  types$3.DiscrError = void 0;
+  types$4.DiscrError = void 0;
   var DiscrError;
   (function (DiscrError) {
     DiscrError["Tag"] = "tag";
     DiscrError["Mapping"] = "mapping";
-  })(DiscrError || (types$3.DiscrError = DiscrError = {}));
-  return types$3;
+  })(DiscrError || (types$4.DiscrError = DiscrError = {}));
+  return types$4;
 }
 
 var hasRequiredDiscriminator;
@@ -18837,7 +18837,7 @@ function requireDiscriminator() {
     value: true
   });
   const codegen_1 = requireCodegen();
-  const types_1 = requireTypes$3();
+  const types_1 = requireTypes$4();
   const compile_1 = requireCompile$1();
   const ref_error_1 = requireRef_error();
   const util_1 = requireUtil$4();
@@ -27894,8 +27894,8 @@ function requireDist$e () {
 	dist$e.createUserAgentFromPkgJson = createUserAgentFromPkgJson;
 	const node_events_1 = __importDefault(require$$0$j);
 	const node_fs_1 = fs$5;
-	const node_http_1 = __importDefault(require$$2$4);
-	const node_https_1 = __importDefault(require$$3$3);
+	const node_http_1 = __importDefault(require$$1$9);
+	const node_https_1 = __importDefault(require$$0$k);
 	const node_path_1 = __importDefault(path$4);
 	const node_readline_1 = __importDefault(require$$5$2);
 	const node_stream_1 = require$$6$2;
@@ -29289,7 +29289,7 @@ function requireSupportsColor$2() {
   if (hasRequiredSupportsColor$2) return supportsColor_1$1;
   hasRequiredSupportsColor$2 = 1;
   const os = require$$0$f;
-  const tty = require$$1$9;
+  const tty = require$$1$a;
   const hasFlag = requireHasFlag$1();
   const {
     env
@@ -50575,7 +50575,7 @@ function requireLib$M() {
   hasRequiredLib$M = 1;
   const {
     builtinModules: builtins
-  } = require$$0$k;
+  } = require$$0$l;
   var scopedPackagePattern = new RegExp('^(?:@([^/]+?)[/])?([^/]+?)$');
   var exclusionList = ['node_modules', 'favicon.ico'];
   function validate(name) {
@@ -50813,7 +50813,7 @@ function requireNpa() {
     URL
   } = require$$0$7;
   // We need to use path/win32 so that we get consistent results in tests, but this also means we need to manually convert backslashes to forward slashes when generating file: urls with paths.
-  const path = isWindows ? require$$1$a : path$4;
+  const path = isWindows ? require$$1$b : path$4;
   const {
     homedir
   } = os$3;
@@ -64165,7 +64165,7 @@ function requireTypeAliases () {
 	return typeAliases;
 }
 
-var types$2 = {};
+var types$3 = {};
 
 var errorUtil = {};
 
@@ -64185,16 +64185,16 @@ function requireErrorUtil () {
 	return errorUtil;
 }
 
-var hasRequiredTypes$2;
+var hasRequiredTypes$3;
 
-function requireTypes$2 () {
-	if (hasRequiredTypes$2) return types$2;
-	hasRequiredTypes$2 = 1;
-	Object.defineProperty(types$2, "__esModule", { value: true });
-	types$2.discriminatedUnion = types$2.date = types$2.boolean = types$2.bigint = types$2.array = types$2.any = types$2.coerce = types$2.ZodFirstPartyTypeKind = types$2.late = types$2.ZodSchema = types$2.Schema = types$2.ZodReadonly = types$2.ZodPipeline = types$2.ZodBranded = types$2.BRAND = types$2.ZodNaN = types$2.ZodCatch = types$2.ZodDefault = types$2.ZodNullable = types$2.ZodOptional = types$2.ZodTransformer = types$2.ZodEffects = types$2.ZodPromise = types$2.ZodNativeEnum = types$2.ZodEnum = types$2.ZodLiteral = types$2.ZodLazy = types$2.ZodFunction = types$2.ZodSet = types$2.ZodMap = types$2.ZodRecord = types$2.ZodTuple = types$2.ZodIntersection = types$2.ZodDiscriminatedUnion = types$2.ZodUnion = types$2.ZodObject = types$2.ZodArray = types$2.ZodVoid = types$2.ZodNever = types$2.ZodUnknown = types$2.ZodAny = types$2.ZodNull = types$2.ZodUndefined = types$2.ZodSymbol = types$2.ZodDate = types$2.ZodBoolean = types$2.ZodBigInt = types$2.ZodNumber = types$2.ZodString = types$2.ZodType = void 0;
-	types$2.NEVER = types$2.void = types$2.unknown = types$2.union = types$2.undefined = types$2.tuple = types$2.transformer = types$2.symbol = types$2.string = types$2.strictObject = types$2.set = types$2.record = types$2.promise = types$2.preprocess = types$2.pipeline = types$2.ostring = types$2.optional = types$2.onumber = types$2.oboolean = types$2.object = types$2.number = types$2.nullable = types$2.null = types$2.never = types$2.nativeEnum = types$2.nan = types$2.map = types$2.literal = types$2.lazy = types$2.intersection = types$2.instanceof = types$2.function = types$2.enum = types$2.effect = void 0;
-	types$2.datetimeRegex = datetimeRegex;
-	types$2.custom = custom;
+function requireTypes$3 () {
+	if (hasRequiredTypes$3) return types$3;
+	hasRequiredTypes$3 = 1;
+	Object.defineProperty(types$3, "__esModule", { value: true });
+	types$3.discriminatedUnion = types$3.date = types$3.boolean = types$3.bigint = types$3.array = types$3.any = types$3.coerce = types$3.ZodFirstPartyTypeKind = types$3.late = types$3.ZodSchema = types$3.Schema = types$3.ZodReadonly = types$3.ZodPipeline = types$3.ZodBranded = types$3.BRAND = types$3.ZodNaN = types$3.ZodCatch = types$3.ZodDefault = types$3.ZodNullable = types$3.ZodOptional = types$3.ZodTransformer = types$3.ZodEffects = types$3.ZodPromise = types$3.ZodNativeEnum = types$3.ZodEnum = types$3.ZodLiteral = types$3.ZodLazy = types$3.ZodFunction = types$3.ZodSet = types$3.ZodMap = types$3.ZodRecord = types$3.ZodTuple = types$3.ZodIntersection = types$3.ZodDiscriminatedUnion = types$3.ZodUnion = types$3.ZodObject = types$3.ZodArray = types$3.ZodVoid = types$3.ZodNever = types$3.ZodUnknown = types$3.ZodAny = types$3.ZodNull = types$3.ZodUndefined = types$3.ZodSymbol = types$3.ZodDate = types$3.ZodBoolean = types$3.ZodBigInt = types$3.ZodNumber = types$3.ZodString = types$3.ZodType = void 0;
+	types$3.NEVER = types$3.void = types$3.unknown = types$3.union = types$3.undefined = types$3.tuple = types$3.transformer = types$3.symbol = types$3.string = types$3.strictObject = types$3.set = types$3.record = types$3.promise = types$3.preprocess = types$3.pipeline = types$3.ostring = types$3.optional = types$3.onumber = types$3.oboolean = types$3.object = types$3.number = types$3.nullable = types$3.null = types$3.never = types$3.nativeEnum = types$3.nan = types$3.map = types$3.literal = types$3.lazy = types$3.intersection = types$3.instanceof = types$3.function = types$3.enum = types$3.effect = void 0;
+	types$3.datetimeRegex = datetimeRegex;
+	types$3.custom = custom;
 	const ZodError_js_1 = /*@__PURE__*/ requireZodError();
 	const errors_js_1 = /*@__PURE__*/ requireErrors$9();
 	const errorUtil_js_1 = /*@__PURE__*/ requireErrorUtil();
@@ -64557,9 +64557,9 @@ function requireTypes$2 () {
 	        return this.safeParse(null).success;
 	    }
 	}
-	types$2.ZodType = ZodType;
-	types$2.Schema = ZodType;
-	types$2.ZodSchema = ZodType;
+	types$3.ZodType = ZodType;
+	types$3.Schema = ZodType;
+	types$3.ZodSchema = ZodType;
 	const cuidRegex = /^c[^\s-]{8,}$/i;
 	const cuid2Regex = /^[0-9a-z]+$/;
 	const ulidRegex = /^[0-9A-HJKMNP-TV-Z]{26}$/i;
@@ -65243,7 +65243,7 @@ function requireTypes$2 () {
 	        return max;
 	    }
 	}
-	types$2.ZodString = ZodString;
+	types$3.ZodString = ZodString;
 	ZodString.create = (params) => {
 	    return new ZodString({
 	        checks: [],
@@ -65492,7 +65492,7 @@ function requireTypes$2 () {
 	        return Number.isFinite(min) && Number.isFinite(max);
 	    }
 	}
-	types$2.ZodNumber = ZodNumber;
+	types$3.ZodNumber = ZodNumber;
 	ZodNumber.create = (params) => {
 	    return new ZodNumber({
 	        checks: [],
@@ -65669,7 +65669,7 @@ function requireTypes$2 () {
 	        return max;
 	    }
 	}
-	types$2.ZodBigInt = ZodBigInt;
+	types$3.ZodBigInt = ZodBigInt;
 	ZodBigInt.create = (params) => {
 	    return new ZodBigInt({
 	        checks: [],
@@ -65696,7 +65696,7 @@ function requireTypes$2 () {
 	        return (0, parseUtil_js_1.OK)(input.data);
 	    }
 	}
-	types$2.ZodBoolean = ZodBoolean;
+	types$3.ZodBoolean = ZodBoolean;
 	ZodBoolean.create = (params) => {
 	    return new ZodBoolean({
 	        typeName: ZodFirstPartyTypeKind.ZodBoolean,
@@ -65807,7 +65807,7 @@ function requireTypes$2 () {
 	        return max != null ? new Date(max) : null;
 	    }
 	}
-	types$2.ZodDate = ZodDate;
+	types$3.ZodDate = ZodDate;
 	ZodDate.create = (params) => {
 	    return new ZodDate({
 	        checks: [],
@@ -65831,7 +65831,7 @@ function requireTypes$2 () {
 	        return (0, parseUtil_js_1.OK)(input.data);
 	    }
 	}
-	types$2.ZodSymbol = ZodSymbol;
+	types$3.ZodSymbol = ZodSymbol;
 	ZodSymbol.create = (params) => {
 	    return new ZodSymbol({
 	        typeName: ZodFirstPartyTypeKind.ZodSymbol,
@@ -65853,7 +65853,7 @@ function requireTypes$2 () {
 	        return (0, parseUtil_js_1.OK)(input.data);
 	    }
 	}
-	types$2.ZodUndefined = ZodUndefined;
+	types$3.ZodUndefined = ZodUndefined;
 	ZodUndefined.create = (params) => {
 	    return new ZodUndefined({
 	        typeName: ZodFirstPartyTypeKind.ZodUndefined,
@@ -65875,7 +65875,7 @@ function requireTypes$2 () {
 	        return (0, parseUtil_js_1.OK)(input.data);
 	    }
 	}
-	types$2.ZodNull = ZodNull;
+	types$3.ZodNull = ZodNull;
 	ZodNull.create = (params) => {
 	    return new ZodNull({
 	        typeName: ZodFirstPartyTypeKind.ZodNull,
@@ -65892,7 +65892,7 @@ function requireTypes$2 () {
 	        return (0, parseUtil_js_1.OK)(input.data);
 	    }
 	}
-	types$2.ZodAny = ZodAny;
+	types$3.ZodAny = ZodAny;
 	ZodAny.create = (params) => {
 	    return new ZodAny({
 	        typeName: ZodFirstPartyTypeKind.ZodAny,
@@ -65909,7 +65909,7 @@ function requireTypes$2 () {
 	        return (0, parseUtil_js_1.OK)(input.data);
 	    }
 	}
-	types$2.ZodUnknown = ZodUnknown;
+	types$3.ZodUnknown = ZodUnknown;
 	ZodUnknown.create = (params) => {
 	    return new ZodUnknown({
 	        typeName: ZodFirstPartyTypeKind.ZodUnknown,
@@ -65927,7 +65927,7 @@ function requireTypes$2 () {
 	        return parseUtil_js_1.INVALID;
 	    }
 	}
-	types$2.ZodNever = ZodNever;
+	types$3.ZodNever = ZodNever;
 	ZodNever.create = (params) => {
 	    return new ZodNever({
 	        typeName: ZodFirstPartyTypeKind.ZodNever,
@@ -65949,7 +65949,7 @@ function requireTypes$2 () {
 	        return (0, parseUtil_js_1.OK)(input.data);
 	    }
 	}
-	types$2.ZodVoid = ZodVoid;
+	types$3.ZodVoid = ZodVoid;
 	ZodVoid.create = (params) => {
 	    return new ZodVoid({
 	        typeName: ZodFirstPartyTypeKind.ZodVoid,
@@ -66047,7 +66047,7 @@ function requireTypes$2 () {
 	        return this.min(1, message);
 	    }
 	}
-	types$2.ZodArray = ZodArray;
+	types$3.ZodArray = ZodArray;
 	ZodArray.create = (schema, params) => {
 	    return new ZodArray({
 	        type: schema,
@@ -66449,7 +66449,7 @@ function requireTypes$2 () {
 	        return createZodEnum(util_js_1.util.objectKeys(this.shape));
 	    }
 	}
-	types$2.ZodObject = ZodObject;
+	types$3.ZodObject = ZodObject;
 	ZodObject.create = (shape, params) => {
 	    return new ZodObject({
 	        shape: () => shape,
@@ -66566,7 +66566,7 @@ function requireTypes$2 () {
 	        return this._def.options;
 	    }
 	}
-	types$2.ZodUnion = ZodUnion;
+	types$3.ZodUnion = ZodUnion;
 	ZodUnion.create = (types, params) => {
 	    return new ZodUnion({
 	        options: types,
@@ -66705,7 +66705,7 @@ function requireTypes$2 () {
 	        });
 	    }
 	}
-	types$2.ZodDiscriminatedUnion = ZodDiscriminatedUnion;
+	types$3.ZodDiscriminatedUnion = ZodDiscriminatedUnion;
 	function mergeValues(a, b) {
 	    const aType = (0, util_js_1.getParsedType)(a);
 	    const bType = (0, util_js_1.getParsedType)(b);
@@ -66794,7 +66794,7 @@ function requireTypes$2 () {
 	        }
 	    }
 	}
-	types$2.ZodIntersection = ZodIntersection;
+	types$3.ZodIntersection = ZodIntersection;
 	ZodIntersection.create = (left, right, params) => {
 	    return new ZodIntersection({
 	        left: left,
@@ -66863,7 +66863,7 @@ function requireTypes$2 () {
 	        });
 	    }
 	}
-	types$2.ZodTuple = ZodTuple;
+	types$3.ZodTuple = ZodTuple;
 	ZodTuple.create = (schemas, params) => {
 	    if (!Array.isArray(schemas)) {
 	        throw new Error("You must pass an array of schemas to z.tuple([ ... ])");
@@ -66929,7 +66929,7 @@ function requireTypes$2 () {
 	        });
 	    }
 	}
-	types$2.ZodRecord = ZodRecord;
+	types$3.ZodRecord = ZodRecord;
 	class ZodMap extends ZodType {
 	    get keySchema() {
 	        return this._def.keyType;
@@ -66989,7 +66989,7 @@ function requireTypes$2 () {
 	        }
 	    }
 	}
-	types$2.ZodMap = ZodMap;
+	types$3.ZodMap = ZodMap;
 	ZodMap.create = (keyType, valueType, params) => {
 	    return new ZodMap({
 	        valueType,
@@ -67075,7 +67075,7 @@ function requireTypes$2 () {
 	        return this.min(1, message);
 	    }
 	}
-	types$2.ZodSet = ZodSet;
+	types$3.ZodSet = ZodSet;
 	ZodSet.create = (valueType, params) => {
 	    return new ZodSet({
 	        valueType,
@@ -67199,7 +67199,7 @@ function requireTypes$2 () {
 	        });
 	    }
 	}
-	types$2.ZodFunction = ZodFunction;
+	types$3.ZodFunction = ZodFunction;
 	class ZodLazy extends ZodType {
 	    get schema() {
 	        return this._def.getter();
@@ -67210,7 +67210,7 @@ function requireTypes$2 () {
 	        return lazySchema._parse({ data: ctx.data, path: ctx.path, parent: ctx });
 	    }
 	}
-	types$2.ZodLazy = ZodLazy;
+	types$3.ZodLazy = ZodLazy;
 	ZodLazy.create = (getter, params) => {
 	    return new ZodLazy({
 	        getter: getter,
@@ -67235,7 +67235,7 @@ function requireTypes$2 () {
 	        return this._def.value;
 	    }
 	}
-	types$2.ZodLiteral = ZodLiteral;
+	types$3.ZodLiteral = ZodLiteral;
 	ZodLiteral.create = (value, params) => {
 	    return new ZodLiteral({
 	        value: value,
@@ -67314,7 +67314,7 @@ function requireTypes$2 () {
 	        });
 	    }
 	}
-	types$2.ZodEnum = ZodEnum;
+	types$3.ZodEnum = ZodEnum;
 	ZodEnum.create = createZodEnum;
 	class ZodNativeEnum extends ZodType {
 	    _parse(input) {
@@ -67347,7 +67347,7 @@ function requireTypes$2 () {
 	        return this._def.values;
 	    }
 	}
-	types$2.ZodNativeEnum = ZodNativeEnum;
+	types$3.ZodNativeEnum = ZodNativeEnum;
 	ZodNativeEnum.create = (values, params) => {
 	    return new ZodNativeEnum({
 	        values: values,
@@ -67378,7 +67378,7 @@ function requireTypes$2 () {
 	        }));
 	    }
 	}
-	types$2.ZodPromise = ZodPromise;
+	types$3.ZodPromise = ZodPromise;
 	ZodPromise.create = (schema, params) => {
 	    return new ZodPromise({
 	        type: schema,
@@ -67516,8 +67516,8 @@ function requireTypes$2 () {
 	        util_js_1.util.assertNever(effect);
 	    }
 	}
-	types$2.ZodEffects = ZodEffects;
-	types$2.ZodTransformer = ZodEffects;
+	types$3.ZodEffects = ZodEffects;
+	types$3.ZodTransformer = ZodEffects;
 	ZodEffects.create = (schema, effect, params) => {
 	    return new ZodEffects({
 	        schema,
@@ -67546,7 +67546,7 @@ function requireTypes$2 () {
 	        return this._def.innerType;
 	    }
 	}
-	types$2.ZodOptional = ZodOptional;
+	types$3.ZodOptional = ZodOptional;
 	ZodOptional.create = (type, params) => {
 	    return new ZodOptional({
 	        innerType: type,
@@ -67566,7 +67566,7 @@ function requireTypes$2 () {
 	        return this._def.innerType;
 	    }
 	}
-	types$2.ZodNullable = ZodNullable;
+	types$3.ZodNullable = ZodNullable;
 	ZodNullable.create = (type, params) => {
 	    return new ZodNullable({
 	        innerType: type,
@@ -67591,7 +67591,7 @@ function requireTypes$2 () {
 	        return this._def.innerType;
 	    }
 	}
-	types$2.ZodDefault = ZodDefault;
+	types$3.ZodDefault = ZodDefault;
 	ZodDefault.create = (type, params) => {
 	    return new ZodDefault({
 	        innerType: type,
@@ -67651,7 +67651,7 @@ function requireTypes$2 () {
 	        return this._def.innerType;
 	    }
 	}
-	types$2.ZodCatch = ZodCatch;
+	types$3.ZodCatch = ZodCatch;
 	ZodCatch.create = (type, params) => {
 	    return new ZodCatch({
 	        innerType: type,
@@ -67675,14 +67675,14 @@ function requireTypes$2 () {
 	        return { status: "valid", value: input.data };
 	    }
 	}
-	types$2.ZodNaN = ZodNaN;
+	types$3.ZodNaN = ZodNaN;
 	ZodNaN.create = (params) => {
 	    return new ZodNaN({
 	        typeName: ZodFirstPartyTypeKind.ZodNaN,
 	        ...processCreateParams(params),
 	    });
 	};
-	types$2.BRAND = Symbol("zod_brand");
+	types$3.BRAND = Symbol("zod_brand");
 	class ZodBranded extends ZodType {
 	    _parse(input) {
 	        const { ctx } = this._processInputParams(input);
@@ -67697,7 +67697,7 @@ function requireTypes$2 () {
 	        return this._def.type;
 	    }
 	}
-	types$2.ZodBranded = ZodBranded;
+	types$3.ZodBranded = ZodBranded;
 	class ZodPipeline extends ZodType {
 	    _parse(input) {
 	        const { status, ctx } = this._processInputParams(input);
@@ -67756,7 +67756,7 @@ function requireTypes$2 () {
 	        });
 	    }
 	}
-	types$2.ZodPipeline = ZodPipeline;
+	types$3.ZodPipeline = ZodPipeline;
 	class ZodReadonly extends ZodType {
 	    _parse(input) {
 	        const result = this._def.innerType._parse(input);
@@ -67772,7 +67772,7 @@ function requireTypes$2 () {
 	        return this._def.innerType;
 	    }
 	}
-	types$2.ZodReadonly = ZodReadonly;
+	types$3.ZodReadonly = ZodReadonly;
 	ZodReadonly.create = (type, params) => {
 	    return new ZodReadonly({
 	        innerType: type,
@@ -67825,7 +67825,7 @@ function requireTypes$2 () {
 	        });
 	    return ZodAny.create();
 	}
-	types$2.late = {
+	types$3.late = {
 	    object: ZodObject.lazycreate,
 	};
 	var ZodFirstPartyTypeKind;
@@ -67866,89 +67866,89 @@ function requireTypes$2 () {
 	    ZodFirstPartyTypeKind["ZodBranded"] = "ZodBranded";
 	    ZodFirstPartyTypeKind["ZodPipeline"] = "ZodPipeline";
 	    ZodFirstPartyTypeKind["ZodReadonly"] = "ZodReadonly";
-	})(ZodFirstPartyTypeKind || (types$2.ZodFirstPartyTypeKind = ZodFirstPartyTypeKind = {}));
+	})(ZodFirstPartyTypeKind || (types$3.ZodFirstPartyTypeKind = ZodFirstPartyTypeKind = {}));
 	const instanceOfType = (
 	// const instanceOfType = <T extends new (...args: any[]) => any>(
 	cls, params = {
 	    message: `Input not instance of ${cls.name}`,
 	}) => custom((data) => data instanceof cls, params);
-	types$2.instanceof = instanceOfType;
+	types$3.instanceof = instanceOfType;
 	const stringType = ZodString.create;
-	types$2.string = stringType;
+	types$3.string = stringType;
 	const numberType = ZodNumber.create;
-	types$2.number = numberType;
+	types$3.number = numberType;
 	const nanType = ZodNaN.create;
-	types$2.nan = nanType;
+	types$3.nan = nanType;
 	const bigIntType = ZodBigInt.create;
-	types$2.bigint = bigIntType;
+	types$3.bigint = bigIntType;
 	const booleanType = ZodBoolean.create;
-	types$2.boolean = booleanType;
+	types$3.boolean = booleanType;
 	const dateType = ZodDate.create;
-	types$2.date = dateType;
+	types$3.date = dateType;
 	const symbolType = ZodSymbol.create;
-	types$2.symbol = symbolType;
+	types$3.symbol = symbolType;
 	const undefinedType = ZodUndefined.create;
-	types$2.undefined = undefinedType;
+	types$3.undefined = undefinedType;
 	const nullType = ZodNull.create;
-	types$2.null = nullType;
+	types$3.null = nullType;
 	const anyType = ZodAny.create;
-	types$2.any = anyType;
+	types$3.any = anyType;
 	const unknownType = ZodUnknown.create;
-	types$2.unknown = unknownType;
+	types$3.unknown = unknownType;
 	const neverType = ZodNever.create;
-	types$2.never = neverType;
+	types$3.never = neverType;
 	const voidType = ZodVoid.create;
-	types$2.void = voidType;
+	types$3.void = voidType;
 	const arrayType = ZodArray.create;
-	types$2.array = arrayType;
+	types$3.array = arrayType;
 	const objectType = ZodObject.create;
-	types$2.object = objectType;
+	types$3.object = objectType;
 	const strictObjectType = ZodObject.strictCreate;
-	types$2.strictObject = strictObjectType;
+	types$3.strictObject = strictObjectType;
 	const unionType = ZodUnion.create;
-	types$2.union = unionType;
+	types$3.union = unionType;
 	const discriminatedUnionType = ZodDiscriminatedUnion.create;
-	types$2.discriminatedUnion = discriminatedUnionType;
+	types$3.discriminatedUnion = discriminatedUnionType;
 	const intersectionType = ZodIntersection.create;
-	types$2.intersection = intersectionType;
+	types$3.intersection = intersectionType;
 	const tupleType = ZodTuple.create;
-	types$2.tuple = tupleType;
+	types$3.tuple = tupleType;
 	const recordType = ZodRecord.create;
-	types$2.record = recordType;
+	types$3.record = recordType;
 	const mapType = ZodMap.create;
-	types$2.map = mapType;
+	types$3.map = mapType;
 	const setType = ZodSet.create;
-	types$2.set = setType;
+	types$3.set = setType;
 	const functionType = ZodFunction.create;
-	types$2.function = functionType;
+	types$3.function = functionType;
 	const lazyType = ZodLazy.create;
-	types$2.lazy = lazyType;
+	types$3.lazy = lazyType;
 	const literalType = ZodLiteral.create;
-	types$2.literal = literalType;
+	types$3.literal = literalType;
 	const enumType = ZodEnum.create;
-	types$2.enum = enumType;
+	types$3.enum = enumType;
 	const nativeEnumType = ZodNativeEnum.create;
-	types$2.nativeEnum = nativeEnumType;
+	types$3.nativeEnum = nativeEnumType;
 	const promiseType = ZodPromise.create;
-	types$2.promise = promiseType;
+	types$3.promise = promiseType;
 	const effectsType = ZodEffects.create;
-	types$2.effect = effectsType;
-	types$2.transformer = effectsType;
+	types$3.effect = effectsType;
+	types$3.transformer = effectsType;
 	const optionalType = ZodOptional.create;
-	types$2.optional = optionalType;
+	types$3.optional = optionalType;
 	const nullableType = ZodNullable.create;
-	types$2.nullable = nullableType;
+	types$3.nullable = nullableType;
 	const preprocessType = ZodEffects.createWithPreprocess;
-	types$2.preprocess = preprocessType;
+	types$3.preprocess = preprocessType;
 	const pipelineType = ZodPipeline.create;
-	types$2.pipeline = pipelineType;
+	types$3.pipeline = pipelineType;
 	const ostring = () => stringType().optional();
-	types$2.ostring = ostring;
+	types$3.ostring = ostring;
 	const onumber = () => numberType().optional();
-	types$2.onumber = onumber;
+	types$3.onumber = onumber;
 	const oboolean = () => booleanType().optional();
-	types$2.oboolean = oboolean;
-	types$2.coerce = {
+	types$3.oboolean = oboolean;
+	types$3.coerce = {
 	    string: ((arg) => ZodString.create({ ...arg, coerce: true })),
 	    number: ((arg) => ZodNumber.create({ ...arg, coerce: true })),
 	    boolean: ((arg) => ZodBoolean.create({
@@ -67958,8 +67958,8 @@ function requireTypes$2 () {
 	    bigint: ((arg) => ZodBigInt.create({ ...arg, coerce: true })),
 	    date: ((arg) => ZodDate.create({ ...arg, coerce: true })),
 	};
-	types$2.NEVER = parseUtil_js_1.INVALID;
-	return types$2;
+	types$3.NEVER = parseUtil_js_1.INVALID;
+	return types$3;
 }
 
 var hasRequiredExternal;
@@ -67987,7 +67987,7 @@ function requireExternal () {
 		__exportStar(/*@__PURE__*/ requireParseUtil(), exports);
 		__exportStar(/*@__PURE__*/ requireTypeAliases(), exports);
 		__exportStar(/*@__PURE__*/ requireUtil$3(), exports);
-		__exportStar(/*@__PURE__*/ requireTypes$2(), exports);
+		__exportStar(/*@__PURE__*/ requireTypes$3(), exports);
 		__exportStar(/*@__PURE__*/ requireZodError(), exports); 
 	} (external));
 	return external;
@@ -68133,7 +68133,7 @@ function requireGitSha256() {
   });
   gitSha256.computeGitSHA256FromBuffer = computeGitSHA256FromBuffer;
   gitSha256.computeGitSHA256FromChunks = computeGitSHA256FromChunks;
-  const crypto = __importStar(require$$0$l);
+  const crypto = __importStar(require$$0$m);
   /**
    * Compute Git-compatible SHA256 hash for a buffer
    * @param buffer - Buffer or Uint8Array to hash
@@ -68214,7 +68214,7 @@ function requireFileHash() {
   });
   fileHash.computeFileGitSHA256 = computeFileGitSHA256;
   const fs = __importStar(require$$0$b);
-  const fsp = __importStar(require$$0$m);
+  const fsp = __importStar(require$$0$n);
   const git_sha256_js_1 = requireGitSha256();
   /**
    * Compute Git-compatible SHA256 hash of file contents using streaming
@@ -68288,7 +68288,7 @@ function requireApply$1() {
   apply.applyPackagePatch = applyPackagePatch;
   apply.findNodeModules = findNodeModules;
   apply.findPackagesForPatches = findPackagesForPatches;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const file_hash_js_1 = requireFileHash();
   /**
@@ -68560,7 +68560,7 @@ function requireOperations() {
   operations.validateManifest = validateManifest;
   operations.readManifest = readManifest;
   operations.writeManifest = writeManifest;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const manifest_schema_js_1 = requireManifestSchema();
   /**
    * Get all blob hashes referenced by a manifest (both beforeHash and afterHash)
@@ -68725,7 +68725,7 @@ function requireCleanupBlobs() {
   });
   cleanupBlobs.cleanupUnusedBlobs = cleanupUnusedBlobs;
   cleanupBlobs.formatCleanupResult = formatCleanupResult;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const operations_js_1 = requireOperations();
   /**
@@ -68877,8 +68877,8 @@ function requireApiClient() {
   });
   apiClient.APIClient = void 0;
   apiClient.getAPIClientFromEnv = getAPIClientFromEnv;
-  const https = __importStar(require$$3$3);
-  const http = __importStar(require$$2$4);
+  const https = __importStar(require$$0$k);
+  const http = __importStar(require$$1$9);
   // Default public patch API URL for free patches (no auth required).
   const DEFAULT_PATCH_API_PROXY_URL = 'https://patches-api.socket.dev';
   /**
@@ -68895,6 +68895,22 @@ function requireApiClient() {
       console.error(`[socket-patch debug] ${message}`, ...args);
     }
   }
+  // Severity order for sorting (most severe = lowest number)
+  const SEVERITY_ORDER = {
+    critical: 0,
+    high: 1,
+    medium: 2,
+    low: 3,
+    unknown: 4
+  };
+  /**
+   * Get numeric severity order for comparison.
+   * Lower numbers = higher severity.
+   */
+  function getSeverityOrder(severity) {
+    if (!severity) return 4;
+    return SEVERITY_ORDER[severity.toLowerCase()] ?? 4;
+  }
   /**
    * Get the HTTP proxy URL from environment variables.
    * Returns undefined if no proxy is configured.
@@ -68978,6 +68994,65 @@ function requireApiClient() {
         req.end();
       });
     }
+    /**
+     * Make a POST request to the API.
+     */
+    async post(path, body) {
+      const url = `${this.apiUrl}${path}`;
+      debugLog(`POST ${url}`);
+      return new Promise((resolve, reject) => {
+        const urlObj = new URL(url);
+        const isHttps = urlObj.protocol === 'https:';
+        const httpModule = isHttps ? https : http;
+        const jsonBody = JSON.stringify(body);
+        const headers = {
+          'Accept': 'application/json',
+          'Content-Type': 'application/json',
+          'Content-Length': Buffer.byteLength(jsonBody).toString(),
+          'User-Agent': 'SocketPatchCLI/1.0'
+        };
+        // Only add auth header if we have a token (not using public proxy).
+        if (this.apiToken) {
+          headers['Authorization'] = `Bearer ${this.apiToken}`;
+        }
+        const options = {
+          method: 'POST',
+          headers
+        };
+        const req = httpModule.request(urlObj, options, res => {
+          let data = '';
+          res.on('data', chunk => {
+            data += chunk;
+          });
+          res.on('end', () => {
+            if (res.statusCode === 200) {
+              try {
+                const parsed = JSON.parse(data);
+                resolve(parsed);
+              } catch (err) {
+                reject(new Error(`Failed to parse response: ${err}`));
+              }
+            } else if (res.statusCode === 404) {
+              resolve(null);
+            } else if (res.statusCode === 401) {
+              reject(new Error('Unauthorized: Invalid API token'));
+            } else if (res.statusCode === 403) {
+              const msg = this.usePublicProxy ? 'Forbidden: This resource is only available to paid subscribers.' : 'Forbidden: Access denied.';
+              reject(new Error(msg));
+            } else if (res.statusCode === 429) {
+              reject(new Error('Rate limit exceeded. Please try again later.'));
+            } else {
+              reject(new Error(`API request failed with status ${res.statusCode}: ${data}`));
+            }
+          });
+        });
+        req.on('error', err => {
+          reject(new Error(`Network error: ${err.message}`));
+        });
+        req.write(jsonBody);
+        req.end();
+      });
+    }
     /**
      * Fetch a patch by UUID (full details with blob content)
      */
@@ -69031,6 +69106,136 @@ function requireApiClient() {
         canAccessPaidPatches: false
       };
     }
+    /**
+     * Search patches for multiple packages by PURL (batch)
+     * Returns minimal patch information for each package that has available patches.
+     *
+     * Each PURL must:
+     * - Start with "pkg:"
+     * - Include a valid ecosystem type (npm, pypi, maven, etc.)
+     * - Include package name
+     * - Include version (required for batch lookups)
+     *
+     * Maximum 500 PURLs per request.
+     *
+     * When using the public proxy, this falls back to individual GET requests
+     * per package since the batch endpoint is not available on the public proxy
+     * (POST requests with varying bodies cannot be cached by Cloudflare CDN).
+     */
+    async searchPatchesBatch(orgSlug, purls) {
+      // For authenticated API, use the batch endpoint
+      if (!this.usePublicProxy) {
+        const path = `/v0/orgs/${orgSlug}/patches/batch`;
+        // Use CDX-style components format
+        const components = purls.map(purl => ({
+          purl
+        }));
+        const result = await this.post(path, {
+          components
+        });
+        return result ?? {
+          packages: [],
+          canAccessPaidPatches: false
+        };
+      }
+      // For public proxy, fall back to individual per-package GET requests
+      // These are cacheable by Cloudflare CDN
+      return this.searchPatchesBatchViaIndividualQueries(purls);
+    }
+    /**
+     * Internal method to search patches by making individual GET requests
+     * for each PURL. Used when the batch endpoint is not available.
+     *
+     * Runs requests in parallel with a concurrency limit to avoid overwhelming
+     * the server while still being efficient.
+     */
+    async searchPatchesBatchViaIndividualQueries(purls) {
+      const CONCURRENCY_LIMIT = 10;
+      const packages = [];
+      let canAccessPaidPatches = false;
+      // Process PURLs in parallel with concurrency limit
+      const results = [];
+      for (let i = 0; i < purls.length; i += CONCURRENCY_LIMIT) {
+        const batch = purls.slice(i, i + CONCURRENCY_LIMIT);
+        const batchResults = await Promise.all(batch.map(async purl => {
+          try {
+            const response = await this.searchPatchesByPackage(null, purl);
+            return {
+              purl,
+              response
+            };
+          } catch (error) {
+            // Log error but continue with other packages
+            debugLog(`Error fetching patches for ${purl}:`, error);
+            return {
+              purl,
+              response: null
+            };
+          }
+        }));
+        results.push(...batchResults);
+      }
+      // Convert individual responses to batch response format
+      for (const {
+        purl,
+        response
+      } of results) {
+        if (!response || response.patches.length === 0) {
+          continue;
+        }
+        // Track paid patch access
+        if (response.canAccessPaidPatches) {
+          canAccessPaidPatches = true;
+        }
+        // Convert PatchSearchResult[] to BatchPatchInfo[]
+        const batchPatches = response.patches.map(patch => {
+          // Extract CVE and GHSA IDs from vulnerabilities
+          const cveIds = [];
+          const ghsaIds = [];
+          let highestSeverity = null;
+          let title = '';
+          for (const [ghsaId, vuln] of Object.entries(patch.vulnerabilities)) {
+            // GHSA ID is the key
+            ghsaIds.push(ghsaId);
+            // CVE IDs are in the vuln object
+            for (const cve of vuln.cves) {
+              if (!cveIds.includes(cve)) {
+                cveIds.push(cve);
+              }
+            }
+            // Track highest severity
+            if (!highestSeverity || getSeverityOrder(vuln.severity) < getSeverityOrder(highestSeverity)) {
+              highestSeverity = vuln.severity || null;
+            }
+            // Use first summary as title
+            if (!title && vuln.summary) {
+              title = vuln.summary.length > 100 ? vuln.summary.slice(0, 97) + '...' : vuln.summary;
+            }
+          }
+          // Use description as fallback title
+          if (!title && patch.description) {
+            title = patch.description.length > 100 ? patch.description.slice(0, 97) + '...' : patch.description;
+          }
+          return {
+            uuid: patch.uuid,
+            purl: patch.purl,
+            tier: patch.tier,
+            cveIds: cveIds.sort(),
+            ghsaIds: ghsaIds.sort(),
+            severity: highestSeverity,
+            title
+          };
+        });
+        packages.push({
+          purl,
+          patches: batchPatches
+        });
+      }
+      return {
+        packages,
+        canAccessPaidPatches
+      };
+    }
     /**
      * Fetch a blob by its SHA256 hash.
      * Returns the raw binary content as a Buffer, or null if not found.
@@ -69194,7 +69399,7 @@ function requireBlobFetcher() {
   blobFetcher.createBlobEnsurer = createBlobEnsurer;
   blobFetcher.fetchBlobsByHash = fetchBlobsByHash;
   blobFetcher.formatFetchResult = formatFetchResult;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const operations_js_1 = requireOperations();
   const api_client_js_1 = requireApiClient();
@@ -69439,151 +69644,892 @@ function requireBlobFetcher() {
   return blobFetcher;
 }
 
-var globalPackages = {};
+var crawlers = {};
 
-var hasRequiredGlobalPackages;
-function requireGlobalPackages() {
-  if (hasRequiredGlobalPackages) return globalPackages;
-  hasRequiredGlobalPackages = 1;
-  var __createBinding = this && this.__createBinding || (Object.create ? function (o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = {
-        enumerable: true,
-        get: function () {
-          return m[k];
-        }
-      };
-    }
-    Object.defineProperty(o, k2, desc);
-  } : function (o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-  });
-  var __setModuleDefault = this && this.__setModuleDefault || (Object.create ? function (o, v) {
-    Object.defineProperty(o, "default", {
-      enumerable: true,
-      value: v
-    });
-  } : function (o, v) {
-    o["default"] = v;
-  });
-  var __importStar = this && this.__importStar || function () {
-    var ownKeys = function (o) {
-      ownKeys = Object.getOwnPropertyNames || function (o) {
-        var ar = [];
-        for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-        return ar;
-      };
-      return ownKeys(o);
-    };
-    return function (mod) {
-      if (mod && mod.__esModule) return mod;
-      var result = {};
-      if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-      __setModuleDefault(result, mod);
-      return result;
-    };
-  }();
-  Object.defineProperty(globalPackages, "__esModule", {
+var types$2 = {};
+
+var hasRequiredTypes$2;
+function requireTypes$2() {
+  if (hasRequiredTypes$2) return types$2;
+  hasRequiredTypes$2 = 1;
+  Object.defineProperty(types$2, "__esModule", {
     value: true
   });
-  globalPackages.getNpmGlobalPrefix = getNpmGlobalPrefix;
-  globalPackages.getYarnGlobalPrefix = getYarnGlobalPrefix;
-  globalPackages.getPnpmGlobalPrefix = getPnpmGlobalPrefix;
-  globalPackages.getGlobalPrefix = getGlobalPrefix;
-  globalPackages.getGlobalNodeModulesPaths = getGlobalNodeModulesPaths;
-  globalPackages.isGlobalPath = isGlobalPath;
-  const child_process_1 = require$$0$n;
-  const path = __importStar(require$$1$7);
-  /**
-   * Get the npm global node_modules path using 'npm root -g'
-   * @returns The path to the global node_modules directory
-   */
-  function getNpmGlobalPrefix() {
-    try {
-      const result = (0, child_process_1.execSync)('npm root -g', {
-        encoding: 'utf-8',
-        stdio: ['pipe', 'pipe', 'pipe']
-      });
-      return result.trim();
-    } catch (error) {
-      throw new Error('Failed to determine npm global prefix. Ensure npm is installed and in PATH.');
-    }
-  }
-  /**
-   * Get the yarn global node_modules path
-   * @returns The path to yarn's global node_modules directory, or null if not available
-   */
-  function getYarnGlobalPrefix() {
-    try {
-      const result = (0, child_process_1.execSync)('yarn global dir', {
-        encoding: 'utf-8',
-        stdio: ['pipe', 'pipe', 'pipe']
-      });
-      return path.join(result.trim(), 'node_modules');
-    } catch {
-      return null;
-    }
-  }
-  /**
-   * Get the pnpm global node_modules path
-   * @returns The path to pnpm's global node_modules directory, or null if not available
-   */
-  function getPnpmGlobalPrefix() {
-    try {
-      const result = (0, child_process_1.execSync)('pnpm root -g', {
-        encoding: 'utf-8',
-        stdio: ['pipe', 'pipe', 'pipe']
-      });
-      return result.trim();
-    } catch {
-      return null;
-    }
-  }
-  /**
-   * Get the global node_modules path, with support for custom override
-   * @param customPrefix - Optional custom path to use instead of auto-detection
-   * @returns The path to the global node_modules directory
-   */
-  function getGlobalPrefix(customPrefix) {
-    if (customPrefix) {
-      return customPrefix;
-    }
-    return getNpmGlobalPrefix();
-  }
-  /**
-   * Get all global node_modules paths for package lookup
-   * Currently returns npm global path, but could be extended for yarn global, etc.
-   * @param customPrefix - Optional custom path to use instead of auto-detection
-   * @returns Array of global node_modules paths
-   */
-  function getGlobalNodeModulesPaths(customPrefix) {
-    if (customPrefix) {
-      return [customPrefix];
-    }
-    return [getNpmGlobalPrefix()];
-  }
-  /**
-   * Check if a path is within a global node_modules directory
-   */
-  function isGlobalPath(pkgPath) {
-    try {
-      const globalPaths = getGlobalNodeModulesPaths();
-      const normalizedPkgPath = path.normalize(pkgPath);
-      return globalPaths.some(globalPath => normalizedPkgPath.startsWith(path.normalize(globalPath)));
-    } catch {
-      return false;
-    }
-  }
-  return globalPackages;
+  return types$2;
 }
 
-var hasRequiredApply;
-function requireApply() {
-  if (hasRequiredApply) return apply$1;
-  hasRequiredApply = 1;
+var npmCrawler = {};
+
+var hasRequiredNpmCrawler;
+function requireNpmCrawler() {
+  if (hasRequiredNpmCrawler) return npmCrawler;
+  hasRequiredNpmCrawler = 1;
+  var __createBinding = this && this.__createBinding || (Object.create ? function (o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = {
+        enumerable: true,
+        get: function () {
+          return m[k];
+        }
+      };
+    }
+    Object.defineProperty(o, k2, desc);
+  } : function (o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+  });
+  var __setModuleDefault = this && this.__setModuleDefault || (Object.create ? function (o, v) {
+    Object.defineProperty(o, "default", {
+      enumerable: true,
+      value: v
+    });
+  } : function (o, v) {
+    o["default"] = v;
+  });
+  var __importStar = this && this.__importStar || function () {
+    var ownKeys = function (o) {
+      ownKeys = Object.getOwnPropertyNames || function (o) {
+        var ar = [];
+        for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+        return ar;
+      };
+      return ownKeys(o);
+    };
+    return function (mod) {
+      if (mod && mod.__esModule) return mod;
+      var result = {};
+      if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+      __setModuleDefault(result, mod);
+      return result;
+    };
+  }();
+  Object.defineProperty(npmCrawler, "__esModule", {
+    value: true
+  });
+  npmCrawler.NpmCrawler = void 0;
+  npmCrawler.getNpmGlobalPrefix = getNpmGlobalPrefix;
+  npmCrawler.getYarnGlobalPrefix = getYarnGlobalPrefix;
+  npmCrawler.getPnpmGlobalPrefix = getPnpmGlobalPrefix;
+  const fs = __importStar(require$$0$n);
+  const path = __importStar(require$$1$7);
+  const child_process_1 = require$$0$o;
+  const DEFAULT_BATCH_SIZE = 100;
+  /**
+   * Read and parse a package.json file
+   */
+  async function readPackageJson(pkgPath) {
+    try {
+      const content = await fs.readFile(pkgPath, 'utf-8');
+      const pkg = JSON.parse(content);
+      if (typeof pkg.name === 'string' && typeof pkg.version === 'string') {
+        return {
+          name: pkg.name,
+          version: pkg.version
+        };
+      }
+      return null;
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Parse a package name into namespace and name components
+   */
+  function parsePackageName(fullName) {
+    if (fullName.startsWith('@')) {
+      const slashIndex = fullName.indexOf('/');
+      if (slashIndex !== -1) {
+        return {
+          namespace: fullName.substring(0, slashIndex),
+          name: fullName.substring(slashIndex + 1)
+        };
+      }
+    }
+    return {
+      name: fullName
+    };
+  }
+  /**
+   * Build a PURL string from package components
+   */
+  function buildPurl(namespace, name, version) {
+    if (namespace) {
+      return `pkg:npm/${namespace}/${name}@${version}`;
+    }
+    return `pkg:npm/${name}@${version}`;
+  }
+  /**
+   * Get the npm global node_modules path using 'npm root -g'
+   */
+  function getNpmGlobalPrefix() {
+    try {
+      const result = (0, child_process_1.execSync)('npm root -g', {
+        encoding: 'utf-8',
+        stdio: ['pipe', 'pipe', 'pipe']
+      });
+      return result.trim();
+    } catch {
+      throw new Error('Failed to determine npm global prefix. Ensure npm is installed and in PATH.');
+    }
+  }
+  /**
+   * Get the yarn global node_modules path
+   */
+  function getYarnGlobalPrefix() {
+    try {
+      const result = (0, child_process_1.execSync)('yarn global dir', {
+        encoding: 'utf-8',
+        stdio: ['pipe', 'pipe', 'pipe']
+      });
+      return path.join(result.trim(), 'node_modules');
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Get the pnpm global node_modules path
+   */
+  function getPnpmGlobalPrefix() {
+    try {
+      const result = (0, child_process_1.execSync)('pnpm root -g', {
+        encoding: 'utf-8',
+        stdio: ['pipe', 'pipe', 'pipe']
+      });
+      return result.trim();
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * NPM ecosystem crawler for discovering packages in node_modules
+   */
+  class NpmCrawler {
+    /**
+     * Get node_modules paths based on options
+     */
+    async getNodeModulesPaths(options) {
+      if (options.global || options.globalPrefix) {
+        // Global mode: return well-known global paths
+        if (options.globalPrefix) {
+          return [options.globalPrefix];
+        }
+        return this.getGlobalNodeModulesPaths();
+      }
+      // Local mode: find node_modules in cwd and workspace directories
+      return this.findLocalNodeModulesDirs(options.cwd);
+    }
+    /**
+     * Get well-known global node_modules paths
+     * Only checks standard locations where global packages are installed
+     */
+    getGlobalNodeModulesPaths() {
+      const paths = [];
+      // Try npm global path
+      try {
+        paths.push(getNpmGlobalPrefix());
+      } catch {
+        // npm not available
+      }
+      // Try pnpm global path
+      const pnpmPath = getPnpmGlobalPrefix();
+      if (pnpmPath) {
+        paths.push(pnpmPath);
+      }
+      // Try yarn global path
+      const yarnPath = getYarnGlobalPrefix();
+      if (yarnPath) {
+        paths.push(yarnPath);
+      }
+      return paths;
+    }
+    /**
+     * Find node_modules directories within the project root.
+     * Recursively searches for workspace node_modules but stays within the project.
+     */
+    async findLocalNodeModulesDirs(startPath) {
+      const results = [];
+      // Check for node_modules directly in startPath
+      const directNodeModules = path.join(startPath, 'node_modules');
+      try {
+        const stat = await fs.stat(directNodeModules);
+        if (stat.isDirectory()) {
+          results.push(directNodeModules);
+        }
+      } catch {
+        // No direct node_modules
+      }
+      // Recursively search for workspace node_modules
+      await this.findWorkspaceNodeModules(startPath, startPath, results);
+      return results;
+    }
+    /**
+     * Recursively find node_modules in subdirectories (for monorepos/workspaces).
+     * Stays within the project by not crossing into other projects or system directories.
+     * Skips symlinks to avoid duplicates and potential infinite loops.
+     */
+    async findWorkspaceNodeModules(dir, rootPath, results) {
+      let entries;
+      try {
+        entries = await fs.readdir(dir, {
+          withFileTypes: true
+        });
+      } catch {
+        return;
+      }
+      for (const entry of entries) {
+        // Skip non-directories and symlinks (avoid duplicates and infinite loops)
+        if (!entry.isDirectory()) continue;
+        const fullPath = path.join(dir, entry.name);
+        // Skip node_modules - we handle these separately when found
+        if (entry.name === 'node_modules') continue;
+        // Skip hidden directories
+        if (entry.name.startsWith('.')) continue;
+        // Skip common build/output directories that won't have workspace node_modules
+        if (entry.name === 'dist' || entry.name === 'build' || entry.name === 'coverage' || entry.name === 'tmp' || entry.name === 'temp' || entry.name === '__pycache__' || entry.name === 'vendor') {
+          continue;
+        }
+        // Check if this subdirectory has its own node_modules
+        const subNodeModules = path.join(fullPath, 'node_modules');
+        try {
+          const stat = await fs.stat(subNodeModules);
+          if (stat.isDirectory()) {
+            results.push(subNodeModules);
+          }
+        } catch {
+          // No node_modules here
+        }
+        // Recurse into subdirectory
+        await this.findWorkspaceNodeModules(fullPath, rootPath, results);
+      }
+    }
+    /**
+     * Yield packages in batches (memory efficient for large codebases)
+     */
+    async *crawlBatches(options) {
+      const batchSize = options.batchSize ?? DEFAULT_BATCH_SIZE;
+      const seen = new Set();
+      let batch = [];
+      const nodeModulesPaths = await this.getNodeModulesPaths(options);
+      for (const nodeModulesPath of nodeModulesPaths) {
+        for await (const pkg of this.scanNodeModules(nodeModulesPath, seen)) {
+          batch.push(pkg);
+          if (batch.length >= batchSize) {
+            yield batch;
+            batch = [];
+          }
+        }
+      }
+      // Yield remaining packages
+      if (batch.length > 0) {
+        yield batch;
+      }
+    }
+    /**
+     * Return all packages at once (convenience method)
+     */
+    async crawlAll(options) {
+      const packages = [];
+      for await (const batch of this.crawlBatches(options)) {
+        packages.push(...batch);
+      }
+      return packages;
+    }
+    /**
+     * Find specific packages by PURL
+     * Efficient O(n) lookup where n = number of PURLs to find
+     */
+    async findByPurls(nodeModulesPath, purls) {
+      const result = new Map();
+      // Parse PURLs to extract package info for targeted lookup
+      const purlSet = new Set(purls);
+      const packageTargets = new Map();
+      for (const purl of purls) {
+        const parsed = this.parsePurl(purl);
+        if (parsed) {
+          // Key by directory path pattern: @scope/name or name
+          const dirKey = parsed.namespace ? `${parsed.namespace}/${parsed.name}` : parsed.name;
+          packageTargets.set(dirKey, {
+            ...parsed,
+            purl
+          });
+        }
+      }
+      // Check each target package directory directly
+      for (const [dirKey, target] of packageTargets) {
+        const pkgPath = path.join(nodeModulesPath, dirKey);
+        const pkgJsonPath = path.join(pkgPath, 'package.json');
+        const pkgInfo = await readPackageJson(pkgJsonPath);
+        if (pkgInfo && pkgInfo.version === target.version) {
+          const purl = buildPurl(target.namespace, target.name, pkgInfo.version);
+          if (purlSet.has(purl)) {
+            result.set(purl, {
+              name: target.name,
+              version: pkgInfo.version,
+              namespace: target.namespace,
+              purl,
+              path: pkgPath
+            });
+          }
+        }
+      }
+      return result;
+    }
+    /**
+     * Scan a node_modules directory and yield packages
+     */
+    async *scanNodeModules(nodeModulesPath, seen) {
+      let entries;
+      try {
+        entries = await fs.readdir(nodeModulesPath, {
+          withFileTypes: true
+        });
+      } catch {
+        return;
+      }
+      for (const entry of entries) {
+        // Skip hidden files and special directories
+        if (entry.name.startsWith('.') || entry.name === 'node_modules') {
+          continue;
+        }
+        // Allow both directories and symlinks (pnpm uses symlinks)
+        if (!entry.isDirectory() && !entry.isSymbolicLink()) {
+          continue;
+        }
+        const entryPath = path.join(nodeModulesPath, entry.name);
+        // Handle scoped packages (@scope/package)
+        if (entry.name.startsWith('@')) {
+          yield* this.scanScopedPackages(entryPath, entry.name, seen);
+        } else {
+          // Regular package
+          const pkg = await this.checkPackage(entryPath, seen);
+          if (pkg) {
+            yield pkg;
+          }
+          // Check for nested node_modules only for real directories (not symlinks)
+          // Symlinked packages (pnpm) have their deps managed separately
+          if (entry.isDirectory()) {
+            yield* this.scanNestedNodeModules(entryPath, seen);
+          }
+        }
+      }
+    }
+    /**
+     * Scan scoped packages directory (@scope/)
+     */
+    async *scanScopedPackages(scopePath, _scope, seen) {
+      let scopeEntries;
+      try {
+        scopeEntries = await fs.readdir(scopePath, {
+          withFileTypes: true
+        });
+      } catch {
+        return;
+      }
+      for (const scopeEntry of scopeEntries) {
+        if (scopeEntry.name.startsWith('.')) continue;
+        // Allow both directories and symlinks (pnpm uses symlinks)
+        if (!scopeEntry.isDirectory() && !scopeEntry.isSymbolicLink()) {
+          continue;
+        }
+        const pkgPath = path.join(scopePath, scopeEntry.name);
+        const pkg = await this.checkPackage(pkgPath, seen);
+        if (pkg) {
+          yield pkg;
+        }
+        // Check for nested node_modules only for real directories (not symlinks)
+        if (scopeEntry.isDirectory()) {
+          yield* this.scanNestedNodeModules(pkgPath, seen);
+        }
+      }
+    }
+    /**
+     * Scan nested node_modules inside a package (if it exists)
+     */
+    async *scanNestedNodeModules(pkgPath, seen) {
+      const nestedNodeModules = path.join(pkgPath, 'node_modules');
+      try {
+        // Try to read the directory - this checks existence and gets entries in one call
+        const entries = await fs.readdir(nestedNodeModules, {
+          withFileTypes: true
+        });
+        // If we got here, the directory exists and we have its entries
+        // Yield packages from this nested node_modules
+        for (const entry of entries) {
+          if (entry.name.startsWith('.') || entry.name === 'node_modules') {
+            continue;
+          }
+          if (!entry.isDirectory() && !entry.isSymbolicLink()) {
+            continue;
+          }
+          const entryPath = path.join(nestedNodeModules, entry.name);
+          if (entry.name.startsWith('@')) {
+            yield* this.scanScopedPackages(entryPath, entry.name, seen);
+          } else {
+            const pkg = await this.checkPackage(entryPath, seen);
+            if (pkg) {
+              yield pkg;
+            }
+            // Recursively check for deeper nested node_modules
+            yield* this.scanNestedNodeModules(entryPath, seen);
+          }
+        }
+      } catch {
+        // No nested node_modules or can't read it - this is the common case
+      }
+    }
+    /**
+     * Check a package directory and return CrawledPackage if valid
+     */
+    async checkPackage(pkgPath, seen) {
+      const packageJsonPath = path.join(pkgPath, 'package.json');
+      const pkgInfo = await readPackageJson(packageJsonPath);
+      if (!pkgInfo) {
+        return null;
+      }
+      const {
+        namespace,
+        name
+      } = parsePackageName(pkgInfo.name);
+      const purl = buildPurl(namespace, name, pkgInfo.version);
+      // Deduplicate by PURL
+      if (seen.has(purl)) {
+        return null;
+      }
+      seen.add(purl);
+      return {
+        name,
+        version: pkgInfo.version,
+        namespace,
+        purl,
+        path: pkgPath
+      };
+    }
+    /**
+     * Parse a PURL string to extract components
+     */
+    parsePurl(purl) {
+      // Format: pkg:npm/name@version or pkg:npm/@scope/name@version
+      const match = purl.match(/^pkg:npm\/(?:(@[^/]+)\/)?([^@]+)@(.+)$/);
+      if (!match) {
+        return null;
+      }
+      return {
+        namespace: match[1] || undefined,
+        name: match[2],
+        version: match[3]
+      };
+    }
+  }
+  npmCrawler.NpmCrawler = NpmCrawler;
+  return npmCrawler;
+}
+
+var hasRequiredCrawlers;
+function requireCrawlers() {
+  if (hasRequiredCrawlers) return crawlers;
+  hasRequiredCrawlers = 1;
+  (function (exports) {
+
+    var __createBinding = this && this.__createBinding || (Object.create ? function (o, m, k, k2) {
+      if (k2 === undefined) k2 = k;
+      var desc = Object.getOwnPropertyDescriptor(m, k);
+      if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+        desc = {
+          enumerable: true,
+          get: function () {
+            return m[k];
+          }
+        };
+      }
+      Object.defineProperty(o, k2, desc);
+    } : function (o, m, k, k2) {
+      if (k2 === undefined) k2 = k;
+      o[k2] = m[k];
+    });
+    var __exportStar = this && this.__exportStar || function (m, exports) {
+      for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+    };
+    Object.defineProperty(exports, "__esModule", {
+      value: true
+    });
+    exports.getPnpmGlobalPrefix = exports.getYarnGlobalPrefix = exports.getNpmGlobalPrefix = exports.NpmCrawler = void 0;
+    __exportStar(requireTypes$2(), exports);
+    var npm_crawler_js_1 = requireNpmCrawler();
+    Object.defineProperty(exports, "NpmCrawler", {
+      enumerable: true,
+      get: function () {
+        return npm_crawler_js_1.NpmCrawler;
+      }
+    });
+    Object.defineProperty(exports, "getNpmGlobalPrefix", {
+      enumerable: true,
+      get: function () {
+        return npm_crawler_js_1.getNpmGlobalPrefix;
+      }
+    });
+    Object.defineProperty(exports, "getYarnGlobalPrefix", {
+      enumerable: true,
+      get: function () {
+        return npm_crawler_js_1.getYarnGlobalPrefix;
+      }
+    });
+    Object.defineProperty(exports, "getPnpmGlobalPrefix", {
+      enumerable: true,
+      get: function () {
+        return npm_crawler_js_1.getPnpmGlobalPrefix;
+      }
+    });
+  })(crawlers);
+  return crawlers;
+}
+
+var telemetry = {};
+
+var hasRequiredTelemetry;
+function requireTelemetry() {
+  if (hasRequiredTelemetry) return telemetry;
+  hasRequiredTelemetry = 1;
+  /**
+   * Telemetry module for socket-patch CLI.
+   * Collects anonymous usage data for patch lifecycle events.
+   *
+   * Telemetry can be disabled via:
+   * - Environment variable: SOCKET_PATCH_TELEMETRY_DISABLED=1
+   * - Running in test environment: VITEST=true
+   *
+   * Events are sent to:
+   * - Authenticated: https://api.socket.dev/v0/orgs/{org}/telemetry
+   * - Public proxy: https://patches-api.socket.dev/patch/telemetry
+   */
+  var __createBinding = this && this.__createBinding || (Object.create ? function (o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = {
+        enumerable: true,
+        get: function () {
+          return m[k];
+        }
+      };
+    }
+    Object.defineProperty(o, k2, desc);
+  } : function (o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+  });
+  var __setModuleDefault = this && this.__setModuleDefault || (Object.create ? function (o, v) {
+    Object.defineProperty(o, "default", {
+      enumerable: true,
+      value: v
+    });
+  } : function (o, v) {
+    o["default"] = v;
+  });
+  var __importStar = this && this.__importStar || function () {
+    var ownKeys = function (o) {
+      ownKeys = Object.getOwnPropertyNames || function (o) {
+        var ar = [];
+        for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+        return ar;
+      };
+      return ownKeys(o);
+    };
+    return function (mod) {
+      if (mod && mod.__esModule) return mod;
+      var result = {};
+      if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+      __setModuleDefault(result, mod);
+      return result;
+    };
+  }();
+  Object.defineProperty(telemetry, "__esModule", {
+    value: true
+  });
+  telemetry.trackPatchEvent = trackPatchEvent;
+  telemetry.trackPatchApplied = trackPatchApplied;
+  telemetry.trackPatchApplyFailed = trackPatchApplyFailed;
+  telemetry.trackPatchRemoved = trackPatchRemoved;
+  telemetry.trackPatchRemoveFailed = trackPatchRemoveFailed;
+  telemetry.trackPatchRolledBack = trackPatchRolledBack;
+  telemetry.trackPatchRollbackFailed = trackPatchRollbackFailed;
+  const https = __importStar(require$$0$k);
+  const http = __importStar(require$$1$9);
+  const os = __importStar(os$3);
+  const crypto = __importStar(require$$0$p);
+  // Default public patch API URL for free tier telemetry.
+  const DEFAULT_PATCH_API_PROXY_URL = 'https://patches-api.socket.dev';
+  // Package version - updated during build.
+  const PACKAGE_VERSION = '1.0.0';
+  /**
+   * Check if telemetry is disabled via environment variables.
+   */
+  function isTelemetryDisabled() {
+    return process.env['SOCKET_PATCH_TELEMETRY_DISABLED'] === '1' || process.env['SOCKET_PATCH_TELEMETRY_DISABLED'] === 'true' || false === 'true';
+  }
+  /**
+   * Check if debug mode is enabled.
+   */
+  function isDebugEnabled() {
+    return process.env['SOCKET_PATCH_DEBUG'] === '1' || process.env['SOCKET_PATCH_DEBUG'] === 'true';
+  }
+  /**
+   * Log debug messages when debug mode is enabled.
+   */
+  function debugLog(message, ...args) {
+    if (isDebugEnabled()) {
+      console.error(`[socket-patch telemetry] ${message}`, ...args);
+    }
+  }
+  /**
+   * Generate a unique session ID for the current CLI invocation.
+   * This is shared across all telemetry events in a single CLI run.
+   */
+  const SESSION_ID = crypto.randomUUID();
+  /**
+   * Build the telemetry context for the current environment.
+   */
+  function buildTelemetryContext(command) {
+    return {
+      version: PACKAGE_VERSION,
+      platform: process.platform,
+      node_version: process.version,
+      arch: os.arch(),
+      command
+    };
+  }
+  /**
+   * Sanitize error for telemetry.
+   * Removes sensitive paths and information.
+   */
+  function sanitizeError(error) {
+    const homeDir = os.homedir();
+    let message = error.message;
+    if (homeDir) {
+      message = message.replace(new RegExp(homeDir.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'g'), '~');
+    }
+    return {
+      type: error.constructor.name,
+      message
+    };
+  }
+  /**
+   * Build a telemetry event from the given options.
+   */
+  function buildTelemetryEvent(options) {
+    const event = {
+      event_sender_created_at: new Date().toISOString(),
+      event_type: options.eventType,
+      context: buildTelemetryContext(options.command),
+      session_id: SESSION_ID
+    };
+    if (options.metadata && Object.keys(options.metadata).length > 0) {
+      event.metadata = options.metadata;
+    }
+    if (options.error) {
+      event.error = sanitizeError(options.error);
+    }
+    return event;
+  }
+  /**
+   * Send telemetry event to the API.
+   * Returns a promise that resolves when the request completes.
+   * Errors are logged but never thrown - telemetry should never block CLI operations.
+   */
+  async function sendTelemetryEvent(event, apiToken, orgSlug) {
+    // Determine the telemetry endpoint based on authentication.
+    let url;
+    let useAuth = false;
+    if (apiToken && orgSlug) {
+      // Authenticated endpoint.
+      const apiUrl = process.env['SOCKET_API_URL'] || 'https://api.socket.dev';
+      url = `${apiUrl}/v0/orgs/${orgSlug}/telemetry`;
+      useAuth = true;
+    } else {
+      // Public proxy endpoint.
+      const proxyUrl = process.env['SOCKET_PATCH_PROXY_URL'] || DEFAULT_PATCH_API_PROXY_URL;
+      url = `${proxyUrl}/patch/telemetry`;
+    }
+    debugLog(`Sending telemetry to ${url}`, event);
+    return new Promise(resolve => {
+      const body = JSON.stringify(event);
+      const urlObj = new URL(url);
+      const isHttps = urlObj.protocol === 'https:';
+      const httpModule = isHttps ? https : http;
+      const headers = {
+        'Content-Type': 'application/json',
+        'Content-Length': Buffer.byteLength(body).toString(),
+        'User-Agent': 'SocketPatchCLI/1.0'
+      };
+      if (useAuth && apiToken) {
+        headers['Authorization'] = `Bearer ${apiToken}`;
+      }
+      const requestOptions = {
+        method: 'POST',
+        headers,
+        timeout: 5000 // 5 second timeout.
+      };
+      const req = httpModule.request(urlObj, requestOptions, res => {
+        // Consume response body to free resources.
+        res.on('data', () => {});
+        res.on('end', () => {
+          if (res.statusCode === 200) {
+            debugLog('Telemetry sent successfully');
+          } else {
+            debugLog(`Telemetry request returned status ${res.statusCode}`);
+          }
+          resolve();
+        });
+      });
+      req.on('error', err => {
+        debugLog(`Telemetry request failed: ${err.message}`);
+        resolve();
+      });
+      req.on('timeout', () => {
+        debugLog('Telemetry request timed out');
+        req.destroy();
+        resolve();
+      });
+      req.write(body);
+      req.end();
+    });
+  }
+  /**
+   * Track a patch lifecycle event.
+   *
+   * This function is non-blocking and will never throw errors.
+   * Telemetry failures are logged in debug mode but don't affect CLI operation.
+   *
+   * @param options - Event tracking options.
+   * @returns Promise that resolves when the event is sent (or immediately if telemetry is disabled).
+   *
+   * @example
+   * ```typescript
+   * // Track successful patch application.
+   * await trackPatchEvent({
+   *   eventType: 'patch_applied',
+   *   command: 'apply',
+   *   metadata: {
+   *     patches_count: 5,
+   *     dry_run: false,
+   *   },
+   * })
+   *
+   * // Track failed patch application.
+   * await trackPatchEvent({
+   *   eventType: 'patch_apply_failed',
+   *   command: 'apply',
+   *   error: new Error('Failed to apply patch'),
+   *   metadata: {
+   *     patches_count: 0,
+   *     dry_run: false,
+   *   },
+   * })
+   * ```
+   */
+  async function trackPatchEvent(options) {
+    if (isTelemetryDisabled()) {
+      debugLog('Telemetry is disabled, skipping event');
+      return;
+    }
+    try {
+      const event = buildTelemetryEvent(options);
+      await sendTelemetryEvent(event, options.apiToken, options.orgSlug);
+    } catch (err) {
+      // Telemetry should never block CLI operations.
+      debugLog(`Failed to track event: ${err instanceof Error ? err.message : String(err)}`);
+    }
+  }
+  /**
+   * Convenience function to track a successful patch application.
+   */
+  async function trackPatchApplied(patchesCount, dryRun, apiToken, orgSlug) {
+    await trackPatchEvent({
+      eventType: 'patch_applied',
+      command: 'apply',
+      metadata: {
+        patches_count: patchesCount,
+        dry_run: dryRun
+      },
+      apiToken,
+      orgSlug
+    });
+  }
+  /**
+   * Convenience function to track a failed patch application.
+   */
+  async function trackPatchApplyFailed(error, dryRun, apiToken, orgSlug) {
+    await trackPatchEvent({
+      eventType: 'patch_apply_failed',
+      command: 'apply',
+      error,
+      metadata: {
+        dry_run: dryRun
+      },
+      apiToken,
+      orgSlug
+    });
+  }
+  /**
+   * Convenience function to track a successful patch removal.
+   */
+  async function trackPatchRemoved(removedCount, apiToken, orgSlug) {
+    await trackPatchEvent({
+      eventType: 'patch_removed',
+      command: 'remove',
+      metadata: {
+        removed_count: removedCount
+      },
+      apiToken,
+      orgSlug
+    });
+  }
+  /**
+   * Convenience function to track a failed patch removal.
+   */
+  async function trackPatchRemoveFailed(error, apiToken, orgSlug) {
+    await trackPatchEvent({
+      eventType: 'patch_remove_failed',
+      command: 'remove',
+      error,
+      apiToken,
+      orgSlug
+    });
+  }
+  /**
+   * Convenience function to track a successful patch rollback.
+   */
+  async function trackPatchRolledBack(rolledBackCount, apiToken, orgSlug) {
+    await trackPatchEvent({
+      eventType: 'patch_rolled_back',
+      command: 'rollback',
+      metadata: {
+        rolled_back_count: rolledBackCount
+      },
+      apiToken,
+      orgSlug
+    });
+  }
+  /**
+   * Convenience function to track a failed patch rollback.
+   */
+  async function trackPatchRollbackFailed(error, apiToken, orgSlug) {
+    await trackPatchEvent({
+      eventType: 'patch_rollback_failed',
+      command: 'rollback',
+      error,
+      apiToken,
+      orgSlug
+    });
+  }
+  return telemetry;
+}
+
+var hasRequiredApply;
+function requireApply() {
+  if (hasRequiredApply) return apply$1;
+  hasRequiredApply = 1;
   var __createBinding = this && this.__createBinding || (Object.create ? function (o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     var desc = Object.getOwnPropertyDescriptor(m, k);
@@ -69629,13 +70575,14 @@ function requireApply() {
     value: true
   });
   apply$1.applyCommand = void 0;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const manifest_schema_js_1 = requireManifestSchema();
   const apply_js_1 = requireApply$1();
   const cleanup_blobs_js_1 = requireCleanupBlobs();
   const blob_fetcher_js_1 = requireBlobFetcher();
-  const global_packages_js_1 = requireGlobalPackages();
+  const index_js_1 = requireCrawlers();
+  const telemetry_js_1 = requireTelemetry();
   async function applyPatches(cwd, manifestPath, dryRun, silent, offline, useGlobal, globalPrefix) {
     // Read and parse manifest
     const manifestContent = await fs.readFile(manifestPath, 'utf-8');
@@ -69684,25 +70631,26 @@ function requireApply() {
         };
       }
     }
-    // Find node_modules directories
+    // Find node_modules directories using the crawler
+    const crawler = new index_js_1.NpmCrawler();
     let nodeModulesPaths;
-    if (useGlobal || globalPrefix) {
-      try {
-        nodeModulesPaths = [(0, global_packages_js_1.getGlobalPrefix)(globalPrefix)];
-        if (!silent) {
-          console.log(`Using global npm packages at: ${nodeModulesPaths[0]}`);
-        }
-      } catch (error) {
-        if (!silent) {
-          console.error('Failed to find global npm packages:', error instanceof Error ? error.message : String(error));
-        }
-        return {
-          success: false,
-          results: []
-        };
+    try {
+      nodeModulesPaths = await crawler.getNodeModulesPaths({
+        cwd,
+        global: useGlobal,
+        globalPrefix
+      });
+      if ((useGlobal || globalPrefix) && !silent && nodeModulesPaths.length > 0) {
+        console.log(`Using global npm packages at: ${nodeModulesPaths[0]}`);
       }
-    } else {
-      nodeModulesPaths = await (0, apply_js_1.findNodeModules)(cwd);
+    } catch (error) {
+      if (!silent) {
+        console.error('Failed to find npm packages:', error instanceof Error ? error.message : String(error));
+      }
+      return {
+        success: false,
+        results: []
+      };
     }
     if (nodeModulesPaths.length === 0) {
       if (!silent) {
@@ -69713,10 +70661,11 @@ function requireApply() {
         results: []
       };
     }
-    // Find all packages that need patching
+    // Find all packages that need patching using the crawler
+    const manifestPurls = Object.keys(manifest.patches);
     const allPackages = new Map();
     for (const nmPath of nodeModulesPaths) {
-      const packages = await (0, apply_js_1.findPackagesForPatches)(nmPath, manifest);
+      const packages = await crawler.findByPurls(nmPath, manifestPurls);
       for (const [purl, location] of packages) {
         if (!allPackages.has(purl)) {
           allPackages.set(purl, location.path);
@@ -69797,6 +70746,9 @@ function requireApply() {
       }).example('$0 apply', 'Apply all patches to local packages').example('$0 apply --global', 'Apply patches to global npm packages').example('$0 apply --global-prefix /custom/path', 'Apply patches to custom global location').example('$0 apply --dry-run', 'Preview patches without applying');
     },
     handler: async argv => {
+      // Get API credentials for authenticated telemetry (optional).
+      const apiToken = process.env['SOCKET_API_TOKEN'];
+      const orgSlug = process.env['SOCKET_ORG_SLUG'];
       try {
         const manifestPath = path.isAbsolute(argv['manifest-path']) ? argv['manifest-path'] : path.join(argv.cwd, argv['manifest-path']);
         // Check if manifest exists - exit successfully if no .socket folder is set up
@@ -69834,8 +70786,18 @@ function requireApply() {
             }
           }
         }
+        // Track telemetry event.
+        const patchedCount = results.filter(r => r.success && r.filesPatched.length > 0).length;
+        if (success) {
+          await (0, telemetry_js_1.trackPatchApplied)(patchedCount, argv['dry-run'], apiToken, orgSlug);
+        } else {
+          await (0, telemetry_js_1.trackPatchApplyFailed)(new Error('One or more patches failed to apply'), argv['dry-run'], apiToken, orgSlug);
+        }
         process.exit(success ? 0 : 1);
       } catch (err) {
+        // Track telemetry for unexpected errors.
+        const error = err instanceof Error ? err : new Error(String(err));
+        await (0, telemetry_js_1.trackPatchApplyFailed)(error, argv['dry-run'], apiToken, orgSlug);
         if (!argv.silent) {
           const errorMessage = err instanceof Error ? err.message : String(err);
           console.error(`Error: ${errorMessage}`);
@@ -69849,217 +70811,6 @@ function requireApply() {
 
 var get$2 = {};
 
-var enumeratePackages = {};
-
-var hasRequiredEnumeratePackages;
-function requireEnumeratePackages() {
-  if (hasRequiredEnumeratePackages) return enumeratePackages;
-  hasRequiredEnumeratePackages = 1;
-  var __createBinding = this && this.__createBinding || (Object.create ? function (o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = {
-        enumerable: true,
-        get: function () {
-          return m[k];
-        }
-      };
-    }
-    Object.defineProperty(o, k2, desc);
-  } : function (o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-  });
-  var __setModuleDefault = this && this.__setModuleDefault || (Object.create ? function (o, v) {
-    Object.defineProperty(o, "default", {
-      enumerable: true,
-      value: v
-    });
-  } : function (o, v) {
-    o["default"] = v;
-  });
-  var __importStar = this && this.__importStar || function () {
-    var ownKeys = function (o) {
-      ownKeys = Object.getOwnPropertyNames || function (o) {
-        var ar = [];
-        for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-        return ar;
-      };
-      return ownKeys(o);
-    };
-    return function (mod) {
-      if (mod && mod.__esModule) return mod;
-      var result = {};
-      if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-      __setModuleDefault(result, mod);
-      return result;
-    };
-  }();
-  Object.defineProperty(enumeratePackages, "__esModule", {
-    value: true
-  });
-  enumeratePackages.enumerateNodeModules = enumerateNodeModules;
-  const fs = __importStar(require$$0$m);
-  const path = __importStar(require$$1$7);
-  /**
-   * Read and parse a package.json file
-   */
-  async function readPackageJson(pkgPath) {
-    try {
-      const content = await fs.readFile(pkgPath, 'utf-8');
-      const pkg = JSON.parse(content);
-      if (typeof pkg.name === 'string' && typeof pkg.version === 'string') {
-        return {
-          name: pkg.name,
-          version: pkg.version
-        };
-      }
-      return null;
-    } catch {
-      return null;
-    }
-  }
-  /**
-   * Parse a package name into namespace and name components
-   * @param fullName - Full package name (e.g., "@types/node" or "lodash")
-   */
-  function parsePackageName(fullName) {
-    if (fullName.startsWith('@')) {
-      const slashIndex = fullName.indexOf('/');
-      if (slashIndex !== -1) {
-        return {
-          namespace: fullName.substring(0, slashIndex),
-          name: fullName.substring(slashIndex + 1)
-        };
-      }
-    }
-    return {
-      name: fullName
-    };
-  }
-  /**
-   * Build a PURL string from package components
-   */
-  function buildPurl(ecosystem, namespace, name, version) {
-    if (namespace) {
-      return `pkg:${ecosystem}/${namespace}/${name}@${version}`;
-    }
-    return `pkg:${ecosystem}/${name}@${version}`;
-  }
-  /**
-   * Enumerate all packages in a node_modules directory
-   *
-   * @param cwd - Working directory to start from
-   * @param ecosystem - Package ecosystem (default: npm)
-   * @returns Array of enumerated packages
-   */
-  async function enumerateNodeModules(cwd, ecosystem = 'npm') {
-    const packages = [];
-    const seen = new Set();
-    const nodeModulesPath = path.join(cwd, 'node_modules');
-    try {
-      await fs.access(nodeModulesPath);
-    } catch {
-      // node_modules doesn't exist
-      return packages;
-    }
-    await scanDirectory(nodeModulesPath, packages, seen, ecosystem);
-    return packages;
-  }
-  /**
-   * Recursively scan a directory for packages
-   */
-  async function scanDirectory(dirPath, packages, seen, ecosystem) {
-    let entries;
-    try {
-      entries = await fs.readdir(dirPath);
-    } catch {
-      return;
-    }
-    for (const entry of entries) {
-      // Skip hidden files and special directories
-      if (entry.startsWith('.') || entry === 'node_modules') {
-        continue;
-      }
-      const entryPath = path.join(dirPath, entry);
-      // Handle scoped packages (@scope/package)
-      if (entry.startsWith('@')) {
-        // This is a scope directory, scan its contents
-        let scopeEntries;
-        try {
-          scopeEntries = await fs.readdir(entryPath);
-        } catch {
-          continue;
-        }
-        for (const scopeEntry of scopeEntries) {
-          if (scopeEntry.startsWith('.')) continue;
-          const pkgPath = path.join(entryPath, scopeEntry);
-          const packageJsonPath = path.join(pkgPath, 'package.json');
-          const pkgInfo = await readPackageJson(packageJsonPath);
-          if (pkgInfo) {
-            const {
-              namespace,
-              name
-            } = parsePackageName(pkgInfo.name);
-            const purl = buildPurl(ecosystem, namespace, name, pkgInfo.version);
-            // Deduplicate by PURL
-            if (!seen.has(purl)) {
-              seen.add(purl);
-              packages.push({
-                name,
-                version: pkgInfo.version,
-                namespace,
-                purl,
-                path: pkgPath
-              });
-            }
-            // Check for nested node_modules
-            const nestedNodeModules = path.join(pkgPath, 'node_modules');
-            try {
-              await fs.access(nestedNodeModules);
-              await scanDirectory(nestedNodeModules, packages, seen, ecosystem);
-            } catch {
-              // No nested node_modules
-            }
-          }
-        }
-      } else {
-        // Regular package
-        const packageJsonPath = path.join(entryPath, 'package.json');
-        const pkgInfo = await readPackageJson(packageJsonPath);
-        if (pkgInfo) {
-          const {
-            namespace,
-            name
-          } = parsePackageName(pkgInfo.name);
-          const purl = buildPurl(ecosystem, namespace, name, pkgInfo.version);
-          // Deduplicate by PURL
-          if (!seen.has(purl)) {
-            seen.add(purl);
-            packages.push({
-              name,
-              version: pkgInfo.version,
-              namespace,
-              purl,
-              path: entryPath
-            });
-          }
-          // Check for nested node_modules
-          const nestedNodeModules = path.join(entryPath, 'node_modules');
-          try {
-            await fs.access(nestedNodeModules);
-            await scanDirectory(nestedNodeModules, packages, seen, ecosystem);
-          } catch {
-            // No nested node_modules
-          }
-        }
-      }
-    }
-  }
-  return enumeratePackages;
-}
-
 var fuzzyMatch = {};
 
 var hasRequiredFuzzyMatch;
@@ -70237,7 +70988,7 @@ function requireRollback$1() {
   rollback$1.verifyFileRollback = verifyFileRollback;
   rollback$1.rollbackFilePatch = rollbackFilePatch;
   rollback$1.rollbackPackagePatch = rollbackPackagePatch;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const file_hash_js_1 = requireFileHash();
   /**
@@ -70427,16 +71178,15 @@ function requireGet$2() {
     value: true
   });
   get$2.getCommand = void 0;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
-  const readline = __importStar(require$$2$5);
+  const readline = __importStar(require$$2$4);
   const os = __importStar(require$$0$f);
   const manifest_schema_js_1 = requireManifestSchema();
   const api_client_js_1 = requireApiClient();
   const cleanup_blobs_js_1 = requireCleanupBlobs();
-  const enumerate_packages_js_1 = requireEnumeratePackages();
+  const index_js_1 = requireCrawlers();
   const fuzzy_match_js_1 = requireFuzzyMatch();
-  const global_packages_js_1 = requireGlobalPackages();
   const apply_js_1 = requireApply$1();
   const rollback_js_1 = requireRollback$1();
   const blob_fetcher_js_1 = requireBlobFetcher();
@@ -70521,15 +71271,14 @@ function requireGet$2() {
           patches,
           canAccessPaidPatches
         } = searchResponse;
-        // Filter to only accessible patches
-        const accessiblePatches = patches.filter(patch => patch.tier === 'free' || canAccessPaidPatches);
-        if (accessiblePatches.length === 0) {
+        // Include all patches (free and paid) - we'll show upgrade CTA for paid patches
+        if (patches.length === 0) {
           continue;
         }
-        // Extract CVE and GHSA IDs from patches
+        // Extract CVE and GHSA IDs from all patches
         const cveIds = new Set();
         const ghsaIds = new Set();
-        for (const patch of accessiblePatches) {
+        for (const patch of patches) {
           for (const [vulnId, vulnInfo] of Object.entries(patch.vulnerabilities)) {
             // Check if the vulnId itself is a GHSA
             if (GHSA_PATTERN.test(vulnId)) {
@@ -70547,7 +71296,7 @@ function requireGet$2() {
         }
         packagesWithPatches.push({
           ...pkg,
-          patches: accessiblePatches,
+          patches,
           canAccessPaidPatches,
           cveIds: Array.from(cveIds).sort(),
           ghsaIds: Array.from(ghsaIds).sort()
@@ -70603,6 +71352,9 @@ function requireGet$2() {
       // Build vulnerability summary
       const vulnIds = [...pkg.cveIds, ...pkg.ghsaIds];
       const vulnSummary = vulnIds.length > 3 ? `${vulnIds.slice(0, 3).join(', ')} (+${vulnIds.length - 3} more)` : vulnIds.join(', ');
+      // Count free vs paid patches
+      const freePatches = pkg.patches.filter(p => p.tier === 'free').length;
+      const paidPatches = pkg.patches.filter(p => p.tier === 'paid').length;
       // Count patches and show severity info
       const severities = new Set();
       for (const patch of pkg.patches) {
@@ -70614,8 +71366,17 @@ function requireGet$2() {
         const order = ['critical', 'high', 'medium', 'low'];
         return order.indexOf(a.toLowerCase()) - order.indexOf(b.toLowerCase());
       });
+      // Build patch count string
+      let patchCountStr = String(freePatches);
+      if (paidPatches > 0) {
+        if (pkg.canAccessPaidPatches) {
+          patchCountStr += `+${paidPatches}`;
+        } else {
+          patchCountStr += `+\x1b[33m${paidPatches} paid\x1b[0m`;
+        }
+      }
       console.log(`  ${i + 1}. ${displayName}@${pkg.version}`);
-      console.log(`     Patches: ${pkg.patches.length} | Severity: ${severityList.join(', ')}`);
+      console.log(`     Patches: ${patchCountStr} | Severity: ${severityList.join(', ')}`);
       console.log(`     Fixes: ${vulnSummary}`);
     }
     const rl = readline.createInterface({
@@ -70740,19 +71501,20 @@ function requireGet$2() {
         return false;
       }
     }
-    // Find node_modules directories
+    // Find node_modules directories using the crawler
+    const crawler = new index_js_1.NpmCrawler();
     let nodeModulesPaths;
-    if (useGlobal || globalPrefix) {
-      try {
-        nodeModulesPaths = [(0, global_packages_js_1.getGlobalPrefix)(globalPrefix)];
-      } catch (error) {
-        {
-          console.error('Failed to find global npm packages:', error instanceof Error ? error.message : String(error));
-        }
-        return false;
+    try {
+      nodeModulesPaths = await crawler.getNodeModulesPaths({
+        cwd,
+        global: useGlobal,
+        globalPrefix
+      });
+    } catch (error) {
+      {
+        console.error('Failed to find npm packages:', error instanceof Error ? error.message : String(error));
       }
-    } else {
-      nodeModulesPaths = await (0, apply_js_1.findNodeModules)(cwd);
+      return false;
     }
     if (nodeModulesPaths.length === 0) {
       {
@@ -70760,10 +71522,11 @@ function requireGet$2() {
       }
       return false;
     }
-    // Find all packages that need patching
+    // Find all packages that need patching using the crawler
+    const manifestPurls = Object.keys(manifest.patches);
     const allPackages = new Map();
     for (const nmPath of nodeModulesPaths) {
-      const packages = await (0, apply_js_1.findPackagesForPatches)(nmPath, manifest);
+      const packages = await crawler.findByPurls(nmPath, manifestPurls);
       for (const [purl, location] of packages) {
         if (!allPackages.has(purl)) {
           allPackages.set(purl, location.path);
@@ -70816,21 +71579,23 @@ function requireGet$2() {
    * Handle one-off patch application (no manifest storage)
    */
   async function applyOneOffPatch(patch, useGlobal, cwd, silent, globalPrefix) {
-    // Find the package location
+    // Find the package location using the crawler
+    const crawler = new index_js_1.NpmCrawler();
     let nodeModulesPath;
-    if (useGlobal || globalPrefix) {
-      try {
-        nodeModulesPath = (0, global_packages_js_1.getGlobalPrefix)(globalPrefix);
-      } catch (error) {
-        {
-          console.error('Failed to find global npm packages:', error instanceof Error ? error.message : String(error));
-        }
-        return {
-          success: false
-        };
+    try {
+      const paths = await crawler.getNodeModulesPaths({
+        cwd,
+        global: useGlobal,
+        globalPrefix
+      });
+      nodeModulesPath = paths[0] ?? path.join(cwd, 'node_modules');
+    } catch (error) {
+      {
+        console.error('Failed to find npm packages:', error instanceof Error ? error.message : String(error));
       }
-    } else {
-      nodeModulesPath = path.join(cwd, 'node_modules');
+      return {
+        success: false
+      };
     }
     // Parse PURL to get package directory
     const parsed = parsePurl(patch.purl);
@@ -70976,17 +71741,21 @@ function requireGet$2() {
     }
     // The org slug to use (null when using public proxy)
     const effectiveOrgSlug = usePublicProxy ? null : orgSlug ?? null;
-    // Determine node_modules path for package lookups
+    // Determine node_modules path for package lookups using the crawler
+    const crawler = new index_js_1.NpmCrawler();
     let nodeModulesPath;
-    if (useGlobal || globalPrefix) {
-      try {
-        nodeModulesPath = (0, global_packages_js_1.getGlobalPrefix)(globalPrefix);
+    try {
+      const paths = await crawler.getNodeModulesPaths({
+        cwd,
+        global: useGlobal,
+        globalPrefix
+      });
+      nodeModulesPath = paths[0] ?? path.join(cwd, 'node_modules');
+      if (useGlobal || globalPrefix) {
         console.log(`Using global npm packages at: ${nodeModulesPath}`);
-      } catch (error) {
-        throw new Error(`Failed to find global npm packages: ${error instanceof Error ? error.message : String(error)}`);
       }
-    } else {
-      nodeModulesPath = path.join(cwd, 'node_modules');
+    } catch (error) {
+      throw new Error(`Failed to find npm packages: ${error instanceof Error ? error.message : String(error)}`);
     }
     // Determine identifier type
     let idType;
@@ -71018,6 +71787,17 @@ function requireGet$2() {
         console.log(`No patch found with UUID: ${identifier}`);
         return true;
       }
+      // Check if patch is paid and user doesn't have access
+      if (patch.tier === 'paid' && usePublicProxy) {
+        console.log(`\n\x1b[33m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\x1b[0m`);
+        console.log(`\x1b[33m  This patch requires a paid subscription to download.\x1b[0m`);
+        console.log(`\x1b[33m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\x1b[0m`);
+        console.log(`\n  Patch: ${patch.purl}`);
+        console.log(`  Tier:  \x1b[33mpaid\x1b[0m`);
+        console.log(`\n  Upgrade to Socket's paid plan to access this patch and many more:`);
+        console.log(`  \x1b[36mhttps://socket.dev/pricing\x1b[0m\n`);
+        return true;
+      }
       // Handle one-off mode
       if (oneOff) {
         const {
@@ -71090,10 +71870,13 @@ function requireGet$2() {
         }
       case 'package':
         {
-          // Enumerate packages from node_modules and fuzzy match
-          const enumPath = useGlobal ? nodeModulesPath : cwd;
-          console.log(`Enumerating packages in ${enumPath}...`);
-          const packages = useGlobal ? await (0, enumerate_packages_js_1.enumerateNodeModules)(path.dirname(nodeModulesPath)) : await (0, enumerate_packages_js_1.enumerateNodeModules)(cwd);
+          // Enumerate packages from node_modules using the crawler and fuzzy match
+          console.log(`Enumerating packages in ${nodeModulesPath}...`);
+          const packages = await crawler.crawlAll({
+            cwd,
+            global: useGlobal,
+            globalPrefix
+          });
           if (packages.length === 0) {
             console.log(useGlobal ? 'No global packages found.' : 'No packages found in node_modules. Run npm/yarn/pnpm install first.');
             return true;
@@ -71218,11 +72001,16 @@ function requireGet$2() {
     if (notInstalledCount > 0) {
       console.log(`Note: ${notInstalledCount} patch(es) for packages not installed in this project were hidden.`);
     }
-    if (inaccessibleCount > 0) {
-      console.log(`Note: ${inaccessibleCount} patch(es) require paid access and will be skipped.`);
+    if (inaccessibleCount > 0 && !canAccessPaidPatches) {
+      console.log(`\x1b[33mNote: ${inaccessibleCount} patch(es) require a paid subscription and will be skipped.\x1b[0m`);
     }
     if (accessiblePatches.length === 0) {
-      console.log('No accessible patches available. Upgrade to access paid patches.');
+      console.log(`\n\x1b[33m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\x1b[0m`);
+      console.log(`\x1b[33m  All available patches require a paid subscription.\x1b[0m`);
+      console.log(`\x1b[33m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━\x1b[0m`);
+      console.log(`\n  Found ${inaccessibleCount} paid patch(es) that you cannot currently access.`);
+      console.log(`\n  Upgrade to Socket's paid plan to access these patches:`);
+      console.log(`  \x1b[36mhttps://socket.dev/pricing\x1b[0m\n`);
       return true;
     }
     // Prompt for confirmation if multiple patches and not using --yes
@@ -71456,7 +72244,7 @@ function requireList$1() {
     value: true
   });
   list$1.listCommand = void 0;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const manifest_schema_js_1 = requireManifestSchema();
   async function listPatches(manifestPath, outputJson) {
@@ -71589,6 +72377,147 @@ var remove = {};
 
 var rollback = {};
 
+var globalPackages = {};
+
+var hasRequiredGlobalPackages;
+function requireGlobalPackages() {
+  if (hasRequiredGlobalPackages) return globalPackages;
+  hasRequiredGlobalPackages = 1;
+  var __createBinding = this && this.__createBinding || (Object.create ? function (o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = {
+        enumerable: true,
+        get: function () {
+          return m[k];
+        }
+      };
+    }
+    Object.defineProperty(o, k2, desc);
+  } : function (o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+  });
+  var __setModuleDefault = this && this.__setModuleDefault || (Object.create ? function (o, v) {
+    Object.defineProperty(o, "default", {
+      enumerable: true,
+      value: v
+    });
+  } : function (o, v) {
+    o["default"] = v;
+  });
+  var __importStar = this && this.__importStar || function () {
+    var ownKeys = function (o) {
+      ownKeys = Object.getOwnPropertyNames || function (o) {
+        var ar = [];
+        for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+        return ar;
+      };
+      return ownKeys(o);
+    };
+    return function (mod) {
+      if (mod && mod.__esModule) return mod;
+      var result = {};
+      if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+      __setModuleDefault(result, mod);
+      return result;
+    };
+  }();
+  Object.defineProperty(globalPackages, "__esModule", {
+    value: true
+  });
+  globalPackages.getNpmGlobalPrefix = getNpmGlobalPrefix;
+  globalPackages.getYarnGlobalPrefix = getYarnGlobalPrefix;
+  globalPackages.getPnpmGlobalPrefix = getPnpmGlobalPrefix;
+  globalPackages.getGlobalPrefix = getGlobalPrefix;
+  globalPackages.getGlobalNodeModulesPaths = getGlobalNodeModulesPaths;
+  globalPackages.isGlobalPath = isGlobalPath;
+  const child_process_1 = require$$0$o;
+  const path = __importStar(require$$1$7);
+  /**
+   * Get the npm global node_modules path using 'npm root -g'
+   * @returns The path to the global node_modules directory
+   */
+  function getNpmGlobalPrefix() {
+    try {
+      const result = (0, child_process_1.execSync)('npm root -g', {
+        encoding: 'utf-8',
+        stdio: ['pipe', 'pipe', 'pipe']
+      });
+      return result.trim();
+    } catch (error) {
+      throw new Error('Failed to determine npm global prefix. Ensure npm is installed and in PATH.');
+    }
+  }
+  /**
+   * Get the yarn global node_modules path
+   * @returns The path to yarn's global node_modules directory, or null if not available
+   */
+  function getYarnGlobalPrefix() {
+    try {
+      const result = (0, child_process_1.execSync)('yarn global dir', {
+        encoding: 'utf-8',
+        stdio: ['pipe', 'pipe', 'pipe']
+      });
+      return path.join(result.trim(), 'node_modules');
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Get the pnpm global node_modules path
+   * @returns The path to pnpm's global node_modules directory, or null if not available
+   */
+  function getPnpmGlobalPrefix() {
+    try {
+      const result = (0, child_process_1.execSync)('pnpm root -g', {
+        encoding: 'utf-8',
+        stdio: ['pipe', 'pipe', 'pipe']
+      });
+      return result.trim();
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Get the global node_modules path, with support for custom override
+   * @param customPrefix - Optional custom path to use instead of auto-detection
+   * @returns The path to the global node_modules directory
+   */
+  function getGlobalPrefix(customPrefix) {
+    if (customPrefix) {
+      return customPrefix;
+    }
+    return getNpmGlobalPrefix();
+  }
+  /**
+   * Get all global node_modules paths for package lookup
+   * Currently returns npm global path, but could be extended for yarn global, etc.
+   * @param customPrefix - Optional custom path to use instead of auto-detection
+   * @returns Array of global node_modules paths
+   */
+  function getGlobalNodeModulesPaths(customPrefix) {
+    if (customPrefix) {
+      return [customPrefix];
+    }
+    return [getNpmGlobalPrefix()];
+  }
+  /**
+   * Check if a path is within a global node_modules directory
+   */
+  function isGlobalPath(pkgPath) {
+    try {
+      const globalPaths = getGlobalNodeModulesPaths();
+      const normalizedPkgPath = path.normalize(pkgPath);
+      return globalPaths.some(globalPath => normalizedPkgPath.startsWith(path.normalize(globalPath)));
+    } catch {
+      return false;
+    }
+  }
+  return globalPackages;
+}
+
 var hasRequiredRollback;
 function requireRollback() {
   if (hasRequiredRollback) return rollback;
@@ -71640,7 +72569,7 @@ function requireRollback() {
   rollback.rollbackCommand = void 0;
   rollback.rollbackPatches = rollbackPatches;
   rollback.findPatchesToRollback = findPatchesToRollback;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const os = __importStar(require$$0$f);
   const manifest_schema_js_1 = requireManifestSchema();
@@ -71649,6 +72578,7 @@ function requireRollback() {
   const blob_fetcher_js_1 = requireBlobFetcher();
   const global_packages_js_1 = requireGlobalPackages();
   const api_client_js_1 = requireApiClient();
+  const telemetry_js_1 = requireTelemetry();
   /**
    * Find patches to rollback based on identifier
    * - If identifier starts with 'pkg:' -> treat as PURL
@@ -71913,10 +72843,19 @@ function requireRollback() {
       });
     },
     handler: async argv => {
+      // Get API credentials for authenticated telemetry (optional).
+      const apiToken = argv['api-token'] || process.env['SOCKET_API_TOKEN'];
+      const orgSlug = argv.org || process.env['SOCKET_ORG_SLUG'];
       try {
         // Handle one-off mode (no manifest required)
         if (argv['one-off']) {
           const success = await rollbackOneOff(argv.identifier, argv.cwd, argv.global, argv['global-prefix'], argv['dry-run'], argv.silent, argv.org, argv['api-url'], argv['api-token']);
+          // Track telemetry for one-off rollback.
+          if (success) {
+            await (0, telemetry_js_1.trackPatchRolledBack)(1, apiToken, orgSlug);
+          } else {
+            await (0, telemetry_js_1.trackPatchRollbackFailed)(new Error('One-off rollback failed'), apiToken, orgSlug);
+          }
           process.exit(success ? 0 : 1);
         }
         const manifestPath = path.isAbsolute(argv['manifest-path']) ? argv['manifest-path'] : path.join(argv.cwd, argv['manifest-path']);
@@ -71966,8 +72905,18 @@ function requireRollback() {
             }
           }
         }
+        // Track telemetry event.
+        const rolledBackCount = results.filter(r => r.success && r.filesRolledBack.length > 0).length;
+        if (success) {
+          await (0, telemetry_js_1.trackPatchRolledBack)(rolledBackCount, apiToken, orgSlug);
+        } else {
+          await (0, telemetry_js_1.trackPatchRollbackFailed)(new Error('One or more rollbacks failed'), apiToken, orgSlug);
+        }
         process.exit(success ? 0 : 1);
       } catch (err) {
+        // Track telemetry for unexpected errors.
+        const error = err instanceof Error ? err : new Error(String(err));
+        await (0, telemetry_js_1.trackPatchRollbackFailed)(error, apiToken, orgSlug);
         if (!argv.silent) {
           const errorMessage = err instanceof Error ? err.message : String(err);
           console.error(`Error: ${errorMessage}`);
@@ -72190,11 +73139,12 @@ function requireRemove() {
     value: true
   });
   remove.removeCommand = void 0;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const manifest_schema_js_1 = requireManifestSchema();
   const cleanup_blobs_js_1 = requireCleanupBlobs();
   const rollback_js_1 = requireRollback();
+  const telemetry_js_1 = requireTelemetry();
   async function removePatch(identifier, manifestPath) {
     // Read and parse manifest
     const manifestContent = await fs.readFile(manifestPath, 'utf-8');
@@ -72262,6 +73212,9 @@ function requireRemove() {
       }).example('$0 remove pkg:npm/lodash@4.17.21', 'Rollback and remove a patch by PURL').example('$0 remove 12345678-1234-1234-1234-123456789abc', 'Rollback and remove a patch by UUID').example('$0 remove pkg:npm/lodash@4.17.21 --skip-rollback', 'Remove from manifest without rolling back files').example('$0 remove pkg:npm/lodash@4.17.21 --global', 'Remove and rollback from global npm packages');
     },
     handler: async argv => {
+      // Get API credentials for authenticated telemetry (optional).
+      const apiToken = process.env['SOCKET_API_TOKEN'];
+      const orgSlug = process.env['SOCKET_ORG_SLUG'];
       try {
         const manifestPath = path.isAbsolute(argv['manifest-path']) ? argv['manifest-path'] : path.join(argv.cwd, argv['manifest-path']);
         // Check if manifest exists
@@ -72285,6 +73238,7 @@ function requireRemove() {
           // not offline
           argv.global, argv['global-prefix']);
           if (!rollbackSuccess) {
+            await (0, telemetry_js_1.trackPatchRemoveFailed)(new Error('Rollback failed during patch removal'), apiToken, orgSlug);
             console.error('\nRollback failed. Use --skip-rollback to remove from manifest without restoring files.');
             process.exit(1);
           }
@@ -72309,6 +73263,7 @@ function requireRemove() {
           manifest
         } = await removePatch(argv.identifier, manifestPath);
         if (notFound) {
+          await (0, telemetry_js_1.trackPatchRemoveFailed)(new Error(`No patch found matching identifier: ${argv.identifier}`), apiToken, orgSlug);
           console.error(`No patch found matching identifier: ${argv.identifier}`);
           process.exit(1);
         }
@@ -72324,8 +73279,13 @@ function requireRemove() {
         if (cleanupResult.blobsRemoved > 0) {
           console.log(`\n${(0, cleanup_blobs_js_1.formatCleanupResult)(cleanupResult, false)}`);
         }
+        // Track successful removal.
+        await (0, telemetry_js_1.trackPatchRemoved)(removed.length, apiToken, orgSlug);
         process.exit(0);
       } catch (err) {
+        // Track telemetry for unexpected errors.
+        const error = err instanceof Error ? err : new Error(String(err));
+        await (0, telemetry_js_1.trackPatchRemoveFailed)(error, apiToken, orgSlug);
         const errorMessage = err instanceof Error ? err.message : String(err);
         console.error(`Error: ${errorMessage}`);
         process.exit(1);
@@ -72386,7 +73346,7 @@ function requireRepair() {
     value: true
   });
   repair.repairCommand = void 0;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   const manifest_schema_js_1 = requireManifestSchema();
   const cleanup_blobs_js_1 = requireCleanupBlobs();
@@ -72564,7 +73524,7 @@ function requireFind$2() {
   });
   find$2.findPackageJsonFiles = findPackageJsonFiles;
   find$2.detectWorkspaces = detectWorkspaces;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const path = __importStar(require$$1$7);
   /**
    * Find all package.json files recursively, respecting workspace configurations
@@ -72998,7 +73958,7 @@ function requireUpdate$1() {
   });
   update$1.updatePackageJson = updatePackageJson;
   update$1.updateMultiplePackageJsons = updateMultiplePackageJsons;
-  const fs = __importStar(require$$0$m);
+  const fs = __importStar(require$$0$n);
   const detect_js_1 = requireDetect();
   /**
    * Update a single package.json file with socket-patch postinstall script
@@ -73181,7 +74141,7 @@ function requireSetup() {
   });
   setup.setupCommand = void 0;
   const path = __importStar(require$$1$7);
-  const readline = __importStar(require$$1$b);
+  const readline = __importStar(require$$1$c);
   const index_js_1 = requirePackageJson();
   /**
    * Display a preview table of changes
@@ -73460,7 +74420,7 @@ function requireLib$K() {
     stat,
     unlink,
     writeFile
-  } = require$$0$m;
+  } = require$$0$n;
   const {
     dirname,
     relative
@@ -77807,7 +78767,7 @@ function requireLib$G() {
     readFile,
     lstat,
     readdir
-  } = require$$0$m;
+  } = require$$0$n;
   const parse = requireLib$I();
   const normalizePackageBin = requireLib$H();
   const {
@@ -78820,7 +79780,7 @@ function requireFixBin() {
     chmod,
     open,
     readFile
-  } = require$$0$m;
+  } = require$$0$n;
   const execMode = 0o777 & ~process.umask();
   const writeFileAtomic = requireLib$E();
   const isWindowsHashBang = buf => buf[0] === '#'.charCodeAt(0) && buf[1] === '!'.charCodeAt(0) && /^#![^\n]+\r\n/.test(buf.toString());
@@ -78853,7 +79813,7 @@ function requireShimBin() {
   } = require$$1$7;
   const {
     lstat
-  } = require$$0$m;
+  } = require$$0$n;
   const throwNonEnoent = er => {
     if (er.code !== 'ENOENT') {
       throw er;
@@ -78960,7 +79920,7 @@ function requireLinkGently() {
     readlink,
     rm,
     symlink
-  } = require$$0$m;
+  } = require$$0$n;
   const {
     log
   } = requireLib$L();
@@ -79232,7 +80192,7 @@ function requireCheckBin() {
   const readCmdShim = requireLib$F();
   const {
     readlink
-  } = require$$0$m;
+  } = require$$0$n;
   const checkBin = async ({
     bin,
     path,
@@ -88416,7 +89376,7 @@ function requireCommonjs$b() {
     };
     const node_events_1 = require$$0$j;
     const node_stream_1 = __importDefault(require$$6$2);
-    const node_string_decoder_1 = require$$2$6;
+    const node_string_decoder_1 = require$$2$5;
     /**
      * Return true if the argument is a Minipass stream, Node stream, or something
      * else that Minipass can interact with.
@@ -94295,7 +95255,7 @@ function requirePosix() {
   });
   posix.sync = posix.isexe = void 0;
   const fs_1 = require$$0$b;
-  const promises_1 = require$$0$m;
+  const promises_1 = require$$0$n;
   /**
    * Determine whether a path is executable according to the mode and
    * current (or specified) user and group IDs.
@@ -94368,7 +95328,7 @@ function requireWin32() {
   });
   win32.sync = win32.isexe = void 0;
   const fs_1 = require$$0$b;
-  const promises_1 = require$$0$m;
+  const promises_1 = require$$0$n;
   /**
    * Determine whether a path is executable based on the file extension
    * and PATHEXT environment variable (or specified pathExt option)
@@ -94700,7 +95660,7 @@ function requireLib$A() {
   hasRequiredLib$A = 1;
   const {
     spawn
-  } = require$$0$n;
+  } = require$$0$o;
   const os = require$$0$f;
   const which = requireLib$B();
   const escape = require_escape();
@@ -96183,7 +97143,7 @@ function requireClone$1() {
     isWindows
   } = requireUtils$4();
   const pickManifest = requireLib$y();
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   clone_1$1 = (repo, ref = 'HEAD', target = null, opts = {}) => getRevs(repo, opts).then(revs => clone(repo, revs, ref, resolveRef(revs, ref, opts), target || defaultTarget(repo, opts.cwd), opts));
   const maybeShallow = (repo, opts) => {
     if (opts.gitShallow === false || opts.gitShallow) {
@@ -96300,7 +97260,7 @@ function requireIs$1() {
   // not an airtight indicator, but a good gut-check to even bother trying
   const {
     stat
-  } = require$$0$m;
+  } = require$$0$n;
   is$1 = ({
     cwd = process.cwd()
   } = {}) => stat(cwd + '/.git').then(() => true, () => false);
@@ -96991,7 +97951,7 @@ function requireReadPackage$1() {
 
   const {
     readFile
-  } = require$$0$m;
+  } = require$$0$n;
   const parseJSON = requireLib$I();
   async function read(filename) {
     try {
@@ -97545,7 +98505,7 @@ function requireMinipass() {
   };
   const EE = require$$0$d;
   const Stream = require$$0$9;
-  const SD = require$$2$7.StringDecoder;
+  const SD = require$$2$6.StringDecoder;
   const EOF = Symbol('EOF');
   const MAYBE_EMIT_END = Symbol('maybeEmitEnd');
   const EMITTED_END = Symbol('emittedEnd');
@@ -98155,7 +99115,7 @@ var hasRequiredLib$v;
 function requireLib$v() {
   if (hasRequiredLib$v) return lib$u;
   hasRequiredLib$v = 1;
-  const crypto = require$$0$l;
+  const crypto = require$$0$m;
   const {
     Minipass
   } = requireCommonjs$b();
@@ -98938,7 +99898,7 @@ function requirePolyfill() {
     symlink,
     unlink,
     utimes
-  } = require$$0$m;
+  } = require$$0$n;
   const {
     dirname,
     isAbsolute,
@@ -99302,7 +100262,7 @@ var hasRequiredCp;
 function requireCp() {
   if (hasRequiredCp) return cp_1;
   hasRequiredCp = 1;
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const getOptions = requireGetOptions();
   const node = requireNode$2();
   const polyfill = requirePolyfill();
@@ -99337,7 +100297,7 @@ function requireWithTempDir() {
     mkdir,
     mkdtemp,
     rm
-  } = require$$0$m;
+  } = require$$0$n;
 
   // create a temp directory, ensure its permissions match its parent, then call
   // the supplied function passing it the path to the directory. clean up after
@@ -99382,7 +100342,7 @@ function requireReaddirScoped() {
   hasRequiredReaddirScoped = 1;
   const {
     readdir
-  } = require$$0$m;
+  } = require$$0$n;
   const {
     join
   } = require$$1$7;
@@ -99415,7 +100375,7 @@ function requireMoveFile() {
     relative,
     isAbsolute
   } = require$$1$7;
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const pathExists = async path => {
     try {
       await fs.access(path);
@@ -99514,7 +100474,7 @@ var hasRequiredEntryIndex$1;
 function requireEntryIndex$1() {
   if (hasRequiredEntryIndex$1) return entryIndex$1;
   hasRequiredEntryIndex$1 = 1;
-  const crypto = require$$0$l;
+  const crypto = require$$0$m;
   const {
     appendFile,
     mkdir,
@@ -99522,7 +100482,7 @@ function requireEntryIndex$1() {
     readdir,
     rm,
     writeFile
-  } = require$$0$m;
+  } = require$$0$n;
   const {
     Minipass
   } = requireCommonjs$b();
@@ -100302,7 +101262,7 @@ var hasRequiredRead$1;
 function requireRead$1() {
   if (hasRequiredRead$1) return read$1.exports;
   hasRequiredRead$1 = 1;
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const fsm = requireLib$r();
   const ssri = requireLib$v();
   const contentPath = requirePath$1();
@@ -100690,7 +101650,7 @@ function requireWrite$1() {
   hasRequiredWrite$1 = 1;
   const events = require$$0$d;
   const contentPath = requirePath$1();
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const {
     moveFile
   } = requireLib$s();
@@ -100995,7 +101955,7 @@ var hasRequiredRm$3;
 function requireRm$3() {
   if (hasRequiredRm$3) return rm_1$1;
   hasRequiredRm$3 = 1;
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const contentPath = requirePath$1();
   const {
     hasContent
@@ -101023,7 +101983,7 @@ function requireRm$2() {
   hasRequiredRm$2 = 1;
   const {
     rm
-  } = require$$0$m;
+  } = require$$0$n;
   const glob = requireGlob$2();
   const index = requireEntryIndex$1();
   const memo = requireMemoization$1();
@@ -101068,7 +102028,7 @@ function requireVerify$2() {
     stat,
     truncate,
     writeFile
-  } = require$$0$m;
+  } = require$$0$n;
   const contentPath = requirePath$1();
   const fsm = requireLib$r();
   const glob = requireGlob$2();
@@ -101319,7 +102279,7 @@ function requireTmp$1() {
   const {
     withTempDir
   } = requireLib$s();
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const path = require$$1$7;
   tmp$1.mkdir = mktmpdir;
   async function mktmpdir(cache, opts = {}) {
@@ -101647,7 +102607,7 @@ function requireLib$o() {
     readFile,
     readdir,
     stat
-  } = require$$0$m;
+  } = require$$0$n;
   const {
     resolve,
     basename,
@@ -102369,7 +103329,7 @@ function requireConstants$3() {
   // Node v6 didn't export this, so we just hard code the version and rely
   // on all the other hard-coded values from zlib v4736.  When node v6
   // support drops, we can just export the realZlibConstants object.
-  const zlib_1 = __importDefault(require$$0$o);
+  const zlib_1 = __importDefault(require$$0$q);
   /* c8 ignore start */
   const realZlibConstants = zlib_1.default.constants || {
     ZLIB_VERNUM: 4736
@@ -102545,7 +103505,7 @@ function requireCommonjs$7() {
     const assert_1 = __importDefault(require$$0$c);
     const buffer_1 = require$$0$i;
     const minipass_1 = requireCommonjs$b();
-    const realZlib = __importStar(require$$0$o);
+    const realZlib = __importStar(require$$0$q);
     const constants_js_1 = requireConstants$3();
     var constants_js_2 = requireConstants$3();
     Object.defineProperty(exports, "constants", {
@@ -106803,7 +107763,7 @@ function requireUnpack() {
   });
   unpack.UnpackSync = unpack.Unpack = void 0;
   const fsm = __importStar(requireCommonjs$8());
-  const node_assert_1 = __importDefault(require$$1$c);
+  const node_assert_1 = __importDefault(require$$1$d);
   const node_crypto_1 = require$$0$p;
   const node_fs_1 = __importDefault(fs$5);
   const node_path_1 = __importDefault(path$4);
@@ -109915,7 +110875,7 @@ function requireInternal() {
   //------------------------------------------------------------------------------
 
   // We use node.js internal decoder. Its signature is the same as ours.
-  var StringDecoder = require$$2$7.StringDecoder;
+  var StringDecoder = require$$2$6.StringDecoder;
   if (!StringDecoder.prototype.end)
     // Node v0.8 doesn't have this method.
     StringDecoder.prototype.end = function () {};
@@ -122806,7 +123766,7 @@ var hasRequiredOptions$3;
 function requireOptions$3() {
   if (hasRequiredOptions$3) return options$3;
   hasRequiredOptions$3 = 1;
-  const dns = require$$0$q;
+  const dns = require$$0$r;
   const conditionalHeaders = ['if-modified-since', 'if-none-match', 'if-unmodified-since', 'if-match', 'if-range'];
   const configureOptions = opts => {
     const {
@@ -124811,7 +125771,7 @@ function requireDns$1() {
   const {
     LRUCache
   } = /*@__PURE__*/requireCommonjs$h();
-  const dns = require$$0$q;
+  const dns = require$$0$r;
 
   // this is a factory so that each request can have its own opts (i.e. ttl)
   // while still sharing the cache across all requests
@@ -125643,7 +126603,7 @@ function requireNode$1() {
   if (hasRequiredNode$1) return node$1.exports;
   hasRequiredNode$1 = 1;
   (function (module, exports) {
-    const tty = require$$1$9;
+    const tty = require$$1$a;
     const util = require$$0$a;
 
     /**
@@ -125955,7 +126915,7 @@ function requireDist$c() {
       value: true
     });
     exports.Agent = void 0;
-    const net = __importStar(require$$0$r);
+    const net = __importStar(require$$0$s);
     const http = __importStar(require$$1$8);
     const https_1 = require$$2$3;
     __exportStar(requireHelpers$2(), exports);
@@ -126146,8 +127106,8 @@ function requireDist$b() {
     value: true
   });
   dist$c.HttpProxyAgent = void 0;
-  const net = __importStar(require$$0$r);
-  const tls = __importStar(require$$1$d);
+  const net = __importStar(require$$0$s);
+  const tls = __importStar(require$$1$e);
   const debug_1 = __importDefault(requireSrc());
   const events_1 = require$$0$d;
   const agent_base_1 = requireDist$c();
@@ -126410,8 +127370,8 @@ function requireDist$a() {
     value: true
   });
   dist$a.HttpsProxyAgent = void 0;
-  const net = __importStar(require$$0$r);
-  const tls = __importStar(require$$1$d);
+  const net = __importStar(require$$0$s);
+  const tls = __importStar(require$$1$e);
   const assert_1 = __importDefault(require$$0$c);
   const debug_1 = __importDefault(requireSrc());
   const agent_base_1 = requireDist$c();
@@ -129814,7 +130774,7 @@ function requireHelpers() {
   const constants_1 = requireConstants$2();
   const stream = require$$0$9;
   const ip_address_1 = requireIpAddress();
-  const net = require$$0$r;
+  const net = require$$0$s;
   /**
    * Validates the provided SocksClientOptions
    * @param options { SocksClientOptions }
@@ -130044,7 +131004,7 @@ function requireSocksclient() {
     });
     exports.SocksClientError = exports.SocksClient = void 0;
     const events_1 = require$$0$d;
-    const net = require$$0$r;
+    const net = require$$0$s;
     const smart_buffer_1 = requireSmartbuffer();
     const constants_1 = requireConstants$2();
     const helpers_1 = requireHelpers();
@@ -130880,9 +131840,9 @@ function requireDist$9() {
   const socks_1 = requireBuild$1();
   const agent_base_1 = requireDist$c();
   const debug_1 = __importDefault(requireSrc());
-  const dns = __importStar(require$$0$q);
-  const net = __importStar(require$$0$r);
-  const tls = __importStar(require$$1$d);
+  const dns = __importStar(require$$0$r);
+  const net = __importStar(require$$0$s);
+  const tls = __importStar(require$$1$e);
   const url_1 = require$$0$e;
   const debug = (0, debug_1.default)('socks-proxy-agent');
   const setServernameFromNonIpHost = options => {
@@ -131208,12 +132168,12 @@ var hasRequiredAgents$1;
 function requireAgents$1() {
   if (hasRequiredAgents$1) return agents$1;
   hasRequiredAgents$1 = 1;
-  const net = require$$0$r;
-  const tls = require$$1$d;
+  const net = require$$0$s;
+  const tls = require$$1$e;
   const {
     once
   } = require$$0$d;
-  const timers = require$$3$4;
+  const timers = require$$3$3;
   const {
     normalizeOptions,
     cacheOptions
@@ -136469,7 +137429,7 @@ function requireCrypto() {
   See the License for the specific language governing permissions and
   limitations under the License.
   */
-  const crypto_1 = __importDefault(require$$0$l);
+  const crypto_1 = __importDefault(require$$0$m);
   function createPublicKey(key, type = 'spki') {
     if (typeof key === 'string') {
       return crypto_1.default.createPublicKey(key);
@@ -138516,7 +139476,7 @@ function requireFetch$1() {
   See the License for the specific language governing permissions and
   limitations under the License.
   */
-  const http2_1 = require$$0$s;
+  const http2_1 = require$$0$t;
   const make_fetch_happen_1 = __importDefault(requireLib$g());
   const proc_log_1 = requireLib$L();
   const promise_retry_1 = __importDefault(requirePromiseRetry());
@@ -138743,7 +139703,7 @@ function requireEphemeral() {
   See the License for the specific language governing permissions and
   limitations under the License.
   */
-  const crypto_1 = __importDefault(require$$0$l);
+  const crypto_1 = __importDefault(require$$0$m);
   const EC_KEYPAIR_TYPE = 'ec';
   const P256_CURVE = 'P-256';
   // Signer implementation which uses an ephemeral keypair to sign artifacts.
@@ -139798,7 +140758,7 @@ function requireVerify$1() {
   });
   verify$1.verifySignature = void 0;
   const canonical_json_1 = requireLib$e();
-  const crypto_1 = __importDefault(require$$0$l);
+  const crypto_1 = __importDefault(require$$0$m);
   const verifySignature = (metaDataSignedData, key, signature) => {
     const canonicalData = Buffer.from((0, canonical_json_1.canonicalize)(metaDataSignedData));
     return crypto_1.default.verify(undefined, canonicalData, key, Buffer.from(signature, 'hex'));
@@ -139979,7 +140939,7 @@ function requireFile() {
     value: true
   });
   file.TargetFile = file.MetaFile = void 0;
-  const crypto_1 = __importDefault(require$$0$l);
+  const crypto_1 = __importDefault(require$$0$m);
   const util_1 = __importDefault(require$$0$a);
   const error_1 = requireError$3();
   const utils_1 = requireUtils$1();
@@ -140221,7 +141181,7 @@ function requireKey$3() {
     value: true
   });
   key$2.getPublicKey = getPublicKey;
-  const crypto_1 = __importDefault(require$$0$l);
+  const crypto_1 = __importDefault(require$$0$m);
   const error_1 = requireError$3();
   const oid_1 = requireOid();
   const ASN1_TAG_SEQUENCE = 0x30;
@@ -140452,7 +141412,7 @@ function requireRole() {
     value: true
   });
   role.SuccinctRoles = role.DelegatedRole = role.Role = role.TOP_LEVEL_ROLE_NAMES = void 0;
-  const crypto_1 = __importDefault(require$$0$l);
+  const crypto_1 = __importDefault(require$$0$m);
   const minimatch_1 = requireCommonjs$f();
   const util_1 = __importDefault(require$$0$a);
   const error_1 = requireError$3();
@@ -141720,7 +142680,7 @@ function requireTmpfile() {
     value: true
   });
   tmpfile.withTempFile = void 0;
-  const promises_1 = __importDefault(require$$0$m);
+  const promises_1 = __importDefault(require$$0$n);
   const os_1 = __importDefault(require$$0$f);
   const path_1 = __importDefault(require$$1$7);
   // Invokes the given handler with the path to a temporary file. The file
@@ -146153,7 +147113,7 @@ var hasRequiredOptions$1;
 function requireOptions$1() {
   if (hasRequiredOptions$1) return options$1;
   hasRequiredOptions$1 = 1;
-  const dns = require$$0$q;
+  const dns = require$$0$r;
   const conditionalHeaders = ['if-modified-since', 'if-none-match', 'if-unmodified-since', 'if-match', 'if-range'];
   const configureOptions = opts => {
     const {
@@ -146459,7 +147419,7 @@ var hasRequiredEntryIndex;
 function requireEntryIndex() {
   if (hasRequiredEntryIndex) return entryIndex;
   hasRequiredEntryIndex = 1;
-  const crypto = require$$0$l;
+  const crypto = require$$0$m;
   const {
     appendFile,
     mkdir,
@@ -146467,7 +147427,7 @@ function requireEntryIndex() {
     readdir,
     rm,
     writeFile
-  } = require$$0$m;
+  } = require$$0$n;
   const {
     Minipass
   } = requireCommonjs$b();
@@ -148372,7 +149332,7 @@ var hasRequiredRead;
 function requireRead() {
   if (hasRequiredRead) return read.exports;
   hasRequiredRead = 1;
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const fsm = requireLib$r();
   const ssri = requireLib$v();
   const contentPath = requirePath();
@@ -148724,7 +149684,7 @@ function requireWrite() {
   hasRequiredWrite = 1;
   const events = require$$0$d;
   const contentPath = requirePath();
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const {
     moveFile
   } = requireLib$s();
@@ -152341,7 +153301,7 @@ var hasRequiredRm$1;
 function requireRm$1() {
   if (hasRequiredRm$1) return rm_1;
   hasRequiredRm$1 = 1;
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const contentPath = requirePath();
   const {
     hasContent
@@ -152369,7 +153329,7 @@ function requireRm() {
   hasRequiredRm = 1;
   const {
     rm: rm$1
-  } = require$$0$m;
+  } = require$$0$n;
   const glob = requireGlob();
   const index = requireEntryIndex();
   const memo = requireMemoization();
@@ -152414,7 +153374,7 @@ function requireVerify() {
     stat,
     truncate,
     writeFile
-  } = require$$0$m;
+  } = require$$0$n;
   const contentPath = requirePath();
   const fsm = requireLib$r();
   const glob = requireGlob();
@@ -152665,7 +153625,7 @@ function requireTmp() {
   const {
     withTempDir
   } = requireLib$s();
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   const path = require$$1$7;
   tmp.mkdir = mktmpdir;
   async function mktmpdir(cache, opts = {}) {
@@ -152814,7 +153774,7 @@ function requireDns() {
   const {
     LRUCache
   } = /*@__PURE__*/requireCommonjs$3();
-  const dns = require$$0$q;
+  const dns = require$$0$r;
 
   // this is a factory so that each request can have its own opts (i.e. ttl)
   // while still sharing the cache across all requests
@@ -153116,12 +154076,12 @@ var hasRequiredAgents;
 function requireAgents() {
   if (hasRequiredAgents) return agents;
   hasRequiredAgents = 1;
-  const net = require$$0$r;
-  const tls = require$$1$d;
+  const net = require$$0$s;
+  const tls = require$$1$e;
   const {
     once
   } = require$$0$d;
-  const timers = require$$3$4;
+  const timers = require$$3$3;
   const {
     normalizeOptions,
     cacheOptions
@@ -158888,7 +159848,7 @@ function requireClone() {
     isWindows
   } = requireUtils();
   const pickManifest = requireLib$6();
-  const fs = require$$0$m;
+  const fs = require$$0$n;
   clone_1 = (repo, ref = 'HEAD', target = null, opts = {}) => getRevs(repo, opts).then(revs => clone(repo, revs, ref, resolveRef(revs, ref, opts), target || defaultTarget(repo, opts.cwd), opts));
   const maybeShallow = (repo, opts) => {
     if (opts.gitShallow === false || opts.gitShallow) {
@@ -159005,7 +159965,7 @@ function requireIs() {
   // not an airtight indicator, but a good gut-check to even bother trying
   const {
     stat
-  } = require$$0$m;
+  } = require$$0$n;
   is = ({
     cwd = process.cwd()
   } = {}) => stat(cwd + '/.git').then(() => true, () => false);
@@ -159942,7 +160902,7 @@ function requireReadPackage() {
 
   const {
     readFile
-  } = require$$0$m;
+  } = require$$0$n;
   const parseJSON = requireLib$I();
   async function read(filename) {
     try {
@@ -160976,7 +161936,7 @@ function requireHash() {
   hasRequiredHash = 1;
   const {
     createHash
-  } = require$$0$l;
+  } = require$$0$m;
   hash = ({
     name,
     source
@@ -161867,7 +162827,7 @@ function requirePackumentCache() {
   } = /*@__PURE__*/requireCommonjs$3();
   const {
     getHeapStatistics
-  } = require$$1$e;
+  } = require$$1$f;
   const {
     log
   } = requireLib$L();
@@ -172154,5 +173114,5 @@ exports.terminalLinkExports = terminalLinkExports;
 exports.updater = updater$1;
 exports.yargsParser = yargsParser;
 exports.yoctocolorsCjsExports = yoctocolorsCjsExports;
-//# debugId=5a8a47e0-496a-4f20-8cac-d9510a4fed74
+//# debugId=14bf8a4f-fac4-497b-99da-8c2ac0d7bffa
 //# sourceMappingURL=vendor.js.map