@socketsecurity/cli 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 Pelle Wessman
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,14 @@
+# Socket CLI
+
+## Commands
+
+* `report create` - creates a report
+
+## Environment variables
+
+* `SOCKET_SECURITY_API_KEY` - if set, this will be used as the API-key
+
+### Environment variables for development
+
+* `SOCKET_SECURITY_API_BASE_URL` - if set, this will be the base for all API-calls. Defaults to `https://api.socket.dev/v0/`
+* `SOCKET_SECURITY_API_PROXY` - if set to something like [`http://127.0.0.1:9090`](https://docs.proxyman.io/troubleshooting/couldnt-see-any-requests-from-3rd-party-network-libraries), then all request will be proxied through that proxy

package/cli.js

@@ -0,0 +1,51 @@
+#!/usr/bin/env node
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+import { messageWithCauses, stackWithCauses } from 'pony-cause'
+
+import * as cliCommands from './lib/commands/index.js'
+import { logSymbols } from './lib/utils/chalk-markdown.js'
+import { AuthError, InputError } from './lib/utils/errors.js'
+import { meowWithSubcommands } from './lib/utils/meow-with-subcommands.js'
+
+// TODO: Add autocompletion using https://www.npmjs.com/package/omelette
+
+try {
+  await meowWithSubcommands(
+    cliCommands,
+    {
+      argv: process.argv.slice(2),
+      name: 'socket',
+      importMeta: import.meta
+    }
+  )
+} catch (err) {
+  /** @type {string} */
+  let errorTitle
+  /** @type {string} */
+  let errorMessage = ''
+  /** @type {string|undefined} */
+  let errorBody
+
+  if (err instanceof AuthError) {
+    errorTitle = 'Authentication error'
+    errorMessage = err.message
+  } else if (err instanceof InputError) {
+    errorTitle = 'Invalid input'
+    errorMessage = err.message
+  } else if (err instanceof Error) {
+    errorTitle = 'Unexpected error'
+    errorMessage = messageWithCauses(err)
+    errorBody = stackWithCauses(err)
+  } else {
+    errorTitle = 'Unexpected error with no details'
+  }
+
+  console.error(`${logSymbols.error} ${chalk.white.bgRed(errorTitle + ':')} ${errorMessage}`)
+  if (errorBody) {
+    console.error('\n' + errorBody)
+  }
+
+  process.exit(1)
+}

package/lib/commands/index.js

@@ -0,0 +1,2 @@
+export * from './info/index.js'
+export * from './report/index.js'

package/lib/commands/info/index.js

@@ -0,0 +1,152 @@
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+import meow from 'meow'
+import ora from 'ora'
+import { ErrorWithCause } from 'pony-cause'
+
+import { ChalkOrMarkdown } from '../../utils/chalk-markdown.js'
+import { AuthError, InputError } from '../../utils/errors.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { stringJoinWithSeparateFinalSeparator } from '../../utils/misc.js'
+import { setupSdk } from '../../utils/sdk.js'
+
+const description = 'Look up info regarding a package'
+
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommandRun} */
+const run = async (argv, importMeta, { parentName }) => {
+  const name = parentName + ' info'
+
+  const cli = meow(`
+    Usage
+      $ ${name} <name>
+
+    Options
+      ${printFlagList({
+        '--debug': 'Output debug information',
+        '--json': 'Output result as json',
+        '--markdown': 'Output result as markdown',
+      }, 6)}
+
+    Examples
+      $ ${name} webtorrent
+      $ ${name} webtorrent@1.9.1
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags: {
+      debug: {
+        type: 'boolean',
+        alias: 'd',
+        default: false,
+      },
+      json: {
+        type: 'boolean',
+        alias: 'j',
+        default: false,
+      },
+      markdown: {
+        type: 'boolean',
+        alias: 'm',
+        default: false,
+      },
+    }
+  })
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+  } = cli.flags
+
+  if (cli.input.length > 1) {
+    throw new InputError('Only one package lookup supported at once')
+  }
+
+  const [rawPkgName = ''] = cli.input
+
+  if (!rawPkgName) {
+    cli.showHelp()
+    return
+  }
+
+  const versionSeparator = rawPkgName.lastIndexOf('@')
+
+  if (versionSeparator < 1) {
+    throw new InputError('Need to specify a full package identifier, like eg: webtorrent@1.0.0')
+  }
+
+  const pkgName = rawPkgName.slice(0, versionSeparator)
+  const pkgVersion = rawPkgName.slice(versionSeparator + 1)
+  console.log('sdfd', pkgName, pkgVersion)
+
+  if (!pkgVersion) {
+    throw new InputError('Need to specify a version, like eg: webtorrent@1.0.0')
+  }
+
+  const socketSdk = await setupSdk()
+
+  const spinner = ora(`Looking up data for version ${pkgVersion} of ${pkgName}`).start()
+
+  /** @type {Awaited<ReturnType<import('@socketsecurity/sdk').SocketSdk["getIssuesByNPMPackage"]>>} */
+  let result
+
+  try {
+    result = await socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion)
+  } catch (cause) {
+    spinner.fail()
+    throw new ErrorWithCause('Failed to look up package', { cause })
+  }
+
+  if (result.success === false) {
+    if (result.status === 401 || result.status === 403) {
+      spinner.stop()
+      throw new AuthError(result.error.message)
+    }
+    spinner.fail(chalk.white.bgRed('API returned an error:') + ' ' + result.error.message)
+    process.exit(1)
+  }
+
+  const data = result.data
+
+  /** @typedef {(typeof data)[number]["value"] extends infer U | undefined ? U : never} SocketSdkIssue */
+  /** @type {Record<SocketSdkIssue["severity"], number>} */
+  const severityCount = { low: 0, middle: 0, high: 0, critical: 0 }
+  for (const issue of data) {
+    const value = issue.value
+
+    if (!value) {
+      continue
+    }
+
+    if (severityCount[value.severity] !== undefined) {
+      severityCount[value.severity] += 1
+    }
+  }
+
+  const issueSummary = stringJoinWithSeparateFinalSeparator([
+    severityCount.critical ? severityCount.critical + ' critical' : undefined,
+    severityCount.high ? severityCount.high + ' high' : undefined,
+    severityCount.middle ? severityCount.middle + ' middle' : undefined,
+    severityCount.low ? severityCount.low + ' low' : undefined,
+  ])
+
+  spinner.succeed(`Found ${issueSummary || 'no'} issues for version ${pkgVersion} of ${pkgName}`)
+
+  if (outputJson) {
+    console.log(JSON.stringify(data, undefined, 2))
+    return
+  }
+
+  const format = new ChalkOrMarkdown(!!outputMarkdown)
+  const url = `https://socket.dev/npm/package/${pkgName}/overview/${pkgVersion}`
+
+  console.log('\nDetailed info on socket.dev: ' + format.hyperlink(`${pkgName} v${pkgVersion}`, url, { fallbackToUrl: true }))
+
+  if (!outputMarkdown) {
+    console.log(chalk.dim('\nOr rerun', chalk.italic(name), 'using the', chalk.italic('--json'), 'flag to get full JSON output'))
+  }
+}
+
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+export const info = { description, run }

package/lib/commands/report/create.js

@@ -0,0 +1,235 @@
+/* eslint-disable no-console */
+
+import { stat } from 'node:fs/promises'
+import path from 'node:path'
+
+import chalk from 'chalk'
+import meow from 'meow'
+import ora from 'ora'
+import { ErrorWithCause } from 'pony-cause'
+
+import { ChalkOrMarkdown, logSymbols } from '../../utils/chalk-markdown.js'
+import { AuthError, InputError } from '../../utils/errors.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { createDebugLogger } from '../../utils/misc.js'
+import { setupSdk } from '../../utils/sdk.js'
+import { isErrnoException } from '../../utils/type-helpers.js'
+
+const description = 'Create a project report'
+
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommandRun} */
+const run = async (argv, importMeta, { parentName }) => {
+  const name = parentName + ' create'
+
+  const cli = meow(`
+    Usage
+      $ ${name} <paths-to-package-folders-and-files>
+
+    Options
+      ${printFlagList({
+        '--debug': 'Output debug information',
+        '--dry-run': 'Only output what will be done without actually doing it',
+        '--json': 'Output result as json',
+        '--markdown': 'Output result as markdown',
+      }, 6)}
+
+    Examples
+      $ ${name} .
+      $ ${name} ../package-lock.json
+      $ ${name} /path/to/a/package.json /path/to/another/package.json
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags: {
+      debug: {
+        type: 'boolean',
+        alias: 'd',
+        default: false,
+      },
+      dryRun: {
+        type: 'boolean',
+        default: false,
+      },
+      json: {
+        type: 'boolean',
+        alias: 'j',
+        default: false,
+      },
+      markdown: {
+        type: 'boolean',
+        alias: 'm',
+        default: false,
+      },
+    }
+  })
+
+  const {
+    dryRun,
+    json: outputJson,
+    markdown: outputMarkdown,
+  } = cli.flags
+
+  if (!cli.input[0]) {
+    cli.showHelp()
+    return
+  }
+
+  const debugLog = createDebugLogger(dryRun || cli.flags.debug)
+
+  const cwd = process.cwd()
+  const packagePaths = await resolvePackagePaths(cwd, cli.input)
+
+  debugLog(`${logSymbols.info} Uploading:`, packagePaths.join(`\n${logSymbols.info} Uploading:`))
+
+  if (dryRun) {
+    return
+  }
+
+  const socketSdk = await setupSdk()
+
+  const spinner = ora(`Creating report with ${packagePaths.length} package files`).start()
+
+  /** @type {Awaited<ReturnType<typeof socketSdk.createReportFromFilePaths>>} */
+  let result
+
+  try {
+    result = await socketSdk.createReportFromFilePaths(packagePaths, cwd)
+  } catch (cause) {
+    spinner.fail()
+    throw new ErrorWithCause('Failed creating report', { cause })
+  }
+
+  if (result.success === false) {
+    if (result.status === 401 || result.status === 403) {
+      spinner.stop()
+      throw new AuthError(result.error.message)
+    }
+    spinner.fail(chalk.white.bgRed('API returned an error:') + ' ' + result.error.message)
+    process.exit(1)
+  }
+
+  spinner.succeed()
+
+  if (outputJson) {
+    console.log(JSON.stringify(result.data, undefined, 2))
+    return
+  }
+
+  const format = new ChalkOrMarkdown(!!outputMarkdown)
+
+  console.log('\nNew report: ' + format.hyperlink(result.data.id, result.data.url, { fallbackToUrl: true }))
+}
+
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+export const create = { description, run }
+
+// TODO: Add globbing support with support for ignoring, as a "./**/package.json" in a project also traverses eg. node_modules
+/**
+ * Takes paths to folders and/or package.json / package-lock.json files and resolves to package.json + package-lock.json pairs (where feasible)
+ *
+ * @param {string} cwd
+ * @param {string[]} inputPaths
+ * @returns {Promise<string[]>}
+ * @throws {InputError}
+ */
+async function resolvePackagePaths (cwd, inputPaths) {
+  const packagePathLookups = inputPaths.map(async (filePath) => {
+    const packagePath = await resolvePackagePath(cwd, filePath)
+    return findComplementaryPackageFile(packagePath)
+  })
+
+  const packagePaths = await Promise.all(packagePathLookups)
+
+  const uniquePackagePaths = new Set(packagePaths.flat())
+
+  return [...uniquePackagePaths]
+}
+
+/**
+ * Resolves a package.json / package-lock.json path from a relative folder / file path
+ *
+ * @param {string} cwd
+ * @param {string} inputPath
+ * @returns {Promise<string>}
+ * @throws {InputError}
+ */
+async function resolvePackagePath (cwd, inputPath) {
+  const filePath = path.resolve(cwd, inputPath)
+  /** @type {string|undefined} */
+  let filePathAppended
+
+  try {
+    const fileStat = await stat(filePath)
+
+    if (fileStat.isDirectory()) {
+      filePathAppended = path.resolve(filePath, 'package.json')
+    }
+  } catch (err) {
+    if (isErrnoException(err) && err.code === 'ENOENT') {
+      throw new InputError(`Expected '${inputPath}' to point to an existing file or directory`)
+    }
+    throw new ErrorWithCause('Failed to resolve path to package.json', { cause: err })
+  }
+
+  if (filePathAppended) {
+    /** @type {import('node:fs').Stats} */
+    let filePathAppendedStat
+
+    try {
+      filePathAppendedStat = await stat(filePathAppended)
+    } catch (err) {
+      if (isErrnoException(err) && err.code === 'ENOENT') {
+        throw new InputError(`Expected directory '${inputPath}' to contain a package.json file`)
+      }
+      throw new ErrorWithCause('Failed to resolve package.json in directory', { cause: err })
+    }
+
+    if (!filePathAppendedStat.isFile()) {
+      throw new InputError(`Expected '${filePathAppended}' to be a file`)
+    }
+
+    return filePathAppended
+  }
+
+  return filePath
+}
+
+/**
+ * Finds any complementary file to a package.json or package-lock.json
+ *
+ * @param {string} packagePath
+ * @returns {Promise<string[]>}
+ * @throws {InputError}
+ */
+async function findComplementaryPackageFile (packagePath) {
+  const basename = path.basename(packagePath)
+  const dirname = path.dirname(packagePath)
+
+  if (basename === 'package-lock.json') {
+    // We need the package file as well
+    return [
+      packagePath,
+      path.resolve(dirname, 'package.json')
+    ]
+  }
+
+  if (basename === 'package.json') {
+    const lockfilePath = path.resolve(dirname, 'package-lock.json')
+    try {
+      const lockfileStat = await stat(lockfilePath)
+      if (lockfileStat.isFile()) {
+        return [packagePath, lockfilePath]
+      }
+    } catch (err) {
+      if (isErrnoException(err) && err.code === 'ENOENT') {
+        return [packagePath]
+      }
+      throw new ErrorWithCause(`Unexpected error when finding a lockfile for '${packagePath}'`, { cause: err })
+    }
+
+    throw new InputError(`Encountered a non-file at lockfile path '${lockfilePath}'`)
+  }
+
+  throw new InputError(`Expected '${packagePath}' to point to a package.json or package-lock.json or to a folder containing a package.json`)
+}

package/lib/commands/report/index.js

@@ -0,0 +1,22 @@
+import { meowWithSubcommands } from '../../utils/meow-with-subcommands.js'
+import { create } from './create.js'
+
+const description = 'Project report related commands'
+
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+export const report = {
+  description,
+  run: async (argv, importMeta, { parentName }) => {
+    await meowWithSubcommands(
+      {
+        create,
+      },
+      {
+        argv,
+        description,
+        importMeta,
+        name: parentName + ' report',
+      }
+    )
+  }
+}

package/lib/utils/chalk-markdown.js

@@ -0,0 +1,125 @@
+import chalk from 'chalk'
+import isUnicodeSupported from 'is-unicode-supported'
+import terminalLink from 'terminal-link'
+
+// From the 'log-symbols' module
+const unicodeLogSymbols = {
+  info: chalk.blue('ℹ'),
+  success: chalk.green('✔'),
+  warning: chalk.yellow('⚠'),
+  error: chalk.red('✖'),
+}
+
+// From the 'log-symbols' module
+const fallbackLogSymbols = {
+  info: chalk.blue('i'),
+  success: chalk.green('√'),
+  warning: chalk.yellow('‼'),
+  error: chalk.red('×'),
+}
+
+// From the 'log-symbols' module
+export const logSymbols = isUnicodeSupported() ? unicodeLogSymbols : fallbackLogSymbols
+
+const markdownLogSymbols = {
+  info: ':information_source:',
+  error: ':stop_sign:',
+  success: ':white_check_mark:',
+  warning: ':warning:',
+}
+
+export class ChalkOrMarkdown {
+  /** @type {boolean} */
+  useMarkdown
+
+  /**
+   * @param {boolean} useMarkdown
+   */
+  constructor (useMarkdown) {
+    this.useMarkdown = !!useMarkdown
+  }
+
+  /**
+   * @param {string} text
+   * @param {number} [level]
+   * @returns {string}
+   */
+  header (text, level = 1) {
+    return this.useMarkdown
+      ? `\n${''.padStart(level, '#')} ${text}\n`
+      : chalk.underline(`\n${level === 1 ? chalk.bold(text) : text}\n`)
+  }
+
+  /**
+   * @param {string} text
+   * @returns {string}
+   */
+  bold (text) {
+    return this.useMarkdown
+      ? `**${text}**`
+      : chalk.bold(`${text}`)
+  }
+
+  /**
+   * @param {string} text
+   * @returns {string}
+   */
+  italic (text) {
+    return this.useMarkdown
+      ? `_${text}_`
+      : chalk.italic(`${text}`)
+  }
+
+  /**
+   * @param {string} text
+   * @param {string|undefined} url
+   * @param {{ fallback?: boolean, fallbackToUrl?: boolean }} options
+   * @returns {string}
+   */
+  hyperlink (text, url, { fallback = true, fallbackToUrl } = {}) {
+    if (!url) return text
+    return this.useMarkdown
+      ? `[${text}](${url})`
+      : terminalLink(text, url, {
+        fallback: fallbackToUrl ? (_text, url) => url : fallback
+      })
+  }
+
+  /**
+   * @param {string[]} items
+   * @returns {string}
+   */
+  list (items) {
+    const indentedContent = items.map(item => this.indent(item).trimStart())
+    return this.useMarkdown
+      ? '* ' + indentedContent.join('\n* ') + '\n'
+      : indentedContent.join('\n') + '\n'
+  }
+
+  /**
+   * @returns {typeof logSymbols}
+   */
+  get logSymbols () {
+    return this.useMarkdown ? markdownLogSymbols : logSymbols
+  }
+
+  /**
+   * @param {string} text
+   * @param {number} [level]
+   * @returns {string}
+   */
+  indent (text, level = 1) {
+    const indent = ''.padStart(level * 2, ' ')
+    return indent + text.split('\n').join('\n' + indent)
+  }
+
+  /**
+   * @param {unknown} value
+   * @returns {string}
+   */
+  json (value) {
+    return this.useMarkdown
+      ? '```json\n' + JSON.stringify(value) + '\n```'
+      : JSON.stringify(value)
+  }
+}

package/lib/utils/errors.js

@@ -0,0 +1,2 @@
+export class AuthError extends Error {}
+export class InputError extends Error {}

package/lib/utils/formatting.js

@@ -0,0 +1,36 @@
+/** @typedef {string|{ description: string }} ListDescription */
+
+/**
+ * @param {Record<string,ListDescription>} list
+ * @param {number} indent
+ * @param {number} padName
+ * @returns {string}
+ */
+export function printHelpList (list, indent, padName = 18) {
+  const names = Object.keys(list).sort()
+
+  let result = ''
+
+  for (const name of names) {
+    const rawDescription = list[name]
+    const description = (typeof rawDescription === 'object' ? rawDescription.description : rawDescription) || ''
+
+    result += ''.padEnd(indent) + name.padEnd(padName) + description + '\n'
+  }
+
+  return result.trim()
+}
+
+/**
+ * @param {Record<string,ListDescription>} list
+ * @param {number} indent
+ * @param {number} padName
+ * @returns {string}
+ */
+ export function printFlagList (list, indent, padName = 18) {
+  return printHelpList({
+    '--help': 'Print this help and exits.',
+    '--version': 'Prints current version and exits.',
+    ...list,
+  }, indent, padName)
+}

package/lib/utils/meow-with-subcommands.js

@@ -0,0 +1,69 @@
+import meow from 'meow'
+
+import { printFlagList, printHelpList } from './formatting.js'
+import { ensureIsKeyOf } from './type-helpers.js'
+
+/**
+ * @callback CliSubcommandRun
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @param {{ parentName: string }} context
+ * @returns {Promise<void>|void}
+ */
+
+/**
+ * @typedef CliSubcommand
+ * @property {string} description
+ * @property {CliSubcommandRun} run
+ */
+
+/**
+ * @template {import('meow').AnyFlags} Flags
+ * @param {Record<string, CliSubcommand>} subcommands
+ * @param {import('meow').Options<Flags> & { argv: readonly string[], name: string }} options
+ * @returns {Promise<void>}
+ */
+export async function meowWithSubcommands (subcommands, options) {
+  const {
+    argv,
+    name,
+    importMeta,
+    ...additionalOptions
+  } = options
+  const [rawCommandName, ...commandArgv] = argv
+
+  const commandName = ensureIsKeyOf(subcommands, rawCommandName)
+  const command = commandName ? subcommands[commandName] : undefined
+
+  // If a valid command has been specified, run it...
+  if (command) {
+    return await command.run(
+      commandArgv,
+      importMeta,
+      {
+        parentName: name
+      }
+    )
+  }
+
+  // ...else provide basic instructions and help
+  const cli = meow(`
+    Usage
+      $ ${name} <command>
+
+    Commands
+      ${printHelpList(subcommands, 6)}
+
+    Options
+      ${printFlagList({}, 6)}
+
+    Examples
+      $ ${name} --help
+  `, {
+    argv,
+    importMeta,
+    ...additionalOptions,
+  })
+
+  cli.showHelp()
+}

package/lib/utils/misc.js

@@ -0,0 +1,28 @@
+/**
+ * @param {boolean|undefined} printDebugLogs
+ * @returns {typeof console.error}
+ */
+export function createDebugLogger (printDebugLogs) {
+  if (printDebugLogs) {
+    // eslint-disable-next-line no-console
+    return console.error.bind(console)
+  }
+  return () => {}
+}
+
+/**
+ * @param {(string|undefined)[]} list
+ * @param {string} separator
+ * @returns {string}
+ */
+export function stringJoinWithSeparateFinalSeparator (list, separator = ' and ') {
+  const values = list.filter(value => !!value)
+
+  if (values.length < 2) {
+    return values[0] || ''
+  }
+
+  const finalValue = values.pop()
+
+  return values.join(', ') + separator + finalValue
+}

package/lib/utils/sdk.js

@@ -0,0 +1,45 @@
+import { SocketSdk } from '@socketsecurity/sdk'
+import isInteractive from 'is-interactive'
+import prompts from 'prompts'
+
+import { AuthError } from './errors.js'
+
+/**
+ * @returns {Promise<import('@socketsecurity/sdk').SocketSdk>}
+ */
+export async function setupSdk () {
+  let apiKey = process.env['SOCKET_SECURITY_API_KEY']
+
+  if (!apiKey && isInteractive()) {
+    const input = await prompts({
+      type: 'password',
+      name: 'apiKey',
+      message: 'Enter your Socket.dev API key',
+    })
+
+    apiKey = input.apiKey
+  }
+
+  if (!apiKey) {
+    throw new AuthError('You need to provide an API key')
+  }
+
+  /** @type {import('@socketsecurity/sdk').SocketSdkOptions["agent"]} */
+  let agent
+
+  if (process.env['SOCKET_SECURITY_API_PROXY']) {
+    const { HttpProxyAgent, HttpsProxyAgent } = await import('hpagent')
+    agent = {
+      http: new HttpProxyAgent({ proxy: process.env['SOCKET_SECURITY_API_PROXY'] }),
+      https: new HttpsProxyAgent({ proxy: process.env['SOCKET_SECURITY_API_PROXY'] }),
+    }
+  }
+
+  /** @type {import('@socketsecurity/sdk').SocketSdkOptions} */
+  const sdkOptions = {
+    agent,
+    baseUrl: process.env['SOCKET_SECURITY_API_BASE_URL'],
+  }
+
+  return new SocketSdk(apiKey || '', sdkOptions)
+}

package/lib/utils/type-helpers.js

@@ -0,0 +1,23 @@
+/**
+ * @template T
+ * @param {T} obj
+ * @param {string|undefined} key
+ * @returns {(keyof T) | undefined}
+ */
+export function ensureIsKeyOf (obj, key) {
+  return /** @type {keyof T} */ (key && Object.prototype.hasOwnProperty.call(obj, key) ? key : undefined)
+}
+
+/**
+ * @param {unknown} value
+ * @returns {value is NodeJS.ErrnoException}
+ */
+export function isErrnoException (value) {
+  if (!(value instanceof Error)) {
+    return false
+  }
+
+  const errnoException = /** @type NodeJS.ErrnoException} */ (value)
+
+  return errnoException.code !== undefined
+}

package/package.json

@@ -0,0 +1,82 @@
+{
+  "name": "@socketsecurity/cli",
+  "version": "0.1.0",
+  "description": "CLI tool for Socket.dev",
+  "homepage": "http://github.com/SocketDev/socket-commando",
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/SocketDev/socket-commando.git"
+  },
+  "keywords": [],
+  "author": {
+    "name": "Socket Inc",
+    "email": "eng@socket.dev",
+    "url": "https://socket.dev"
+  },
+  "license": "MIT",
+  "engines": {
+    "node": "^14.18.0 || >=16.0.0"
+  },
+  "type": "module",
+  "bin": {
+    "socket": "cli.js"
+  },
+  "files": [
+    "cli.js",
+    "lib/**/*.js"
+  ],
+  "scripts": {
+    "check:dependency-check": "dependency-check '*.js' 'test/**/*.js' --no-dev",
+    "check:installed-check": "installed-check -i eslint-plugin-jsdoc",
+    "check:lint": "eslint --report-unused-disable-directives .",
+    "check:tsc": "tsc",
+    "check:type-coverage": "type-coverage --detail --strict --at-least 95 --ignore-files 'test/*'",
+    "check": "run-p -c --aggregate-output check:*",
+    "generate-types": "node lib/utils/generate-types.js > lib/types/api.d.ts",
+    "prepare": "husky install",
+    "test:mocha": "c8 --reporter=lcov --reporter text mocha 'test/**/*.spec.js'",
+    "test-ci": "run-s test:*",
+    "test": "run-s check test:*"
+  },
+  "devDependencies": {
+    "@socketsecurity/eslint-config": "^1.0.0",
+    "@tsconfig/node14": "^1.0.3",
+    "@types/chai": "^4.3.3",
+    "@types/mocha": "^10.0.0",
+    "@types/node": "^14.18.31",
+    "@types/prompts": "^2.4.1",
+    "@typescript-eslint/eslint-plugin": "^5.36.2",
+    "@typescript-eslint/parser": "^5.36.2",
+    "c8": "^7.12.0",
+    "chai": "^4.3.6",
+    "dependency-check": "^5.0.0-7",
+    "eslint": "^8.23.0",
+    "eslint-config-standard": "^17.0.0",
+    "eslint-config-standard-jsx": "^11.0.0",
+    "eslint-import-resolver-typescript": "^3.5.1",
+    "eslint-plugin-import": "^2.26.0",
+    "eslint-plugin-jsdoc": "^39.5.0",
+    "eslint-plugin-n": "^15.3.0",
+    "eslint-plugin-promise": "^6.0.1",
+    "eslint-plugin-react": "^7.31.9",
+    "eslint-plugin-react-hooks": "^4.6.0",
+    "husky": "^8.0.1",
+    "installed-check": "^6.0.4",
+    "mocha": "^10.0.0",
+    "npm-run-all2": "^6.0.2",
+    "type-coverage": "^2.21.2",
+    "typescript": "~4.8.4"
+  },
+  "dependencies": {
+    "@socketsecurity/sdk": "^0.3.1",
+    "chalk": "^5.1.2",
+    "hpagent": "^1.2.0",
+    "is-interactive": "^2.0.0",
+    "is-unicode-supported": "^1.3.0",
+    "meow": "^11.0.0",
+    "ora": "^6.1.2",
+    "pony-cause": "^2.1.4",
+    "prompts": "^2.4.2",
+    "terminal-link": "^3.0.0"
+  }
+}