@socketsecurity/cli 0.1.1 → 0.2.0

package/LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2022 Pelle Wessman
+Copyright (c) 2022 Socket Inc
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/README.md

@@ -15,25 +15,51 @@ npm install -g @socketsecurity/cli
 ```bash
 socket --help
 socket info webtorrent@1.9.1
-socket report create package.json
+socket report create package.json --view
+socket report view QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
 ```
 
 ## Commands
 
-* `info <package@version>` - looks up issues for a package
-* `report create` - creates a report
+* `socket info <package@version>` - looks up issues for a package
+* `socket report create <path(s)-to-folder-or-file>` - uploads the specified `package.json` and/or `package-lock.json` to create a report on [socket.dev](https://socket.dev/). If only one of a `package.json`/`package-lock.json` has been specified, the other will be automatically found and uploaded if it exists
+* `socket report view <report-id>` - looks up issues and scores from a report
+
+## Flags
+
+### Command specific flags
+
+* `--view` - when set on `socket report create` the command will immediately do a `socket report view` style view of the created report, waiting for the server to complete it
+
+### Output flags
+
+* `--json` - outputs result as json which you can then pipe into [`jq`](https://stedolan.github.io/jq/) and other tools
+* `--markdown` - outputs result as markdown which you can then copy into an issue, PR or even chat
+
+### Other flags
+
+* `--dry-run` - like all CLI tools that perform an action should have, we have a dry run flag. Eg. `socket report create` supports running the command without actually uploading anything
+* `--debug` - outputs additional debug output. Great for debugging, geeks and us who develop. Hopefully you will never _need_ it, but it can still be fun, right?
+* `--help` - prints the help for the current command. All CLI tools should have this flag
+* `--version` - prints the version of the tool. All CLI tools should have this flag
 
 ## Environment variables
 
 * `SOCKET_SECURITY_API_KEY` - if set, this will be used as the API-key
 
+## Contributing
+
 ### Environment variables for development
 
 * `SOCKET_SECURITY_API_BASE_URL` - if set, this will be the base for all API-calls. Defaults to `https://api.socket.dev/v0/`
 * `SOCKET_SECURITY_API_PROXY` - if set to something like [`http://127.0.0.1:9090`](https://docs.proxyman.io/troubleshooting/couldnt-see-any-requests-from-3rd-party-network-libraries), then all request will be proxied through that proxy
 
+## Similar projects
+
+* [`@socketsecurity/sdk`](https://github.com/SocketDev/socket-sdk-js) - the SDK used in this CLI
+
 ## See also
 
-* [`@socketsecurity/sdk`]('https://github.com/SocketDev/socket-sdk-js") - the SDK used in this CLI
+* [Announcement blog post](https://socket.dev/blog/announcing-socket-cli-preview)
 * [Socket API Reference](https://docs.socket.dev/reference) - the API used in this CLI
 * [Socket GitHub App](https://github.com/apps/socket-security) - the plug-and-play GitHub App

package/lib/commands/info/index.js

@@ -3,27 +3,45 @@
 import chalk from 'chalk'
 import meow from 'meow'
 import ora from 'ora'
-import { ErrorWithCause } from 'pony-cause'
 
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
 import { ChalkOrMarkdown } from '../../utils/chalk-markdown.js'
-import { AuthError, InputError } from '../../utils/errors.js'
+import { InputError } from '../../utils/errors.js'
+import { getSeveritySummary } from '../../utils/format-issues.js'
 import { printFlagList } from '../../utils/formatting.js'
-import { stringJoinWithSeparateFinalSeparator } from '../../utils/misc.js'
 import { setupSdk } from '../../utils/sdk.js'
 
-const description = 'Look up info regarding a package'
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+export const info = {
+  description: 'Look up info regarding a package',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' info'
+
+    const input = setupCommand(name, info.description, argv, importMeta)
+    const result = input && await fetchPackageData(input.pkgName, input.pkgVersion)
+
+    if (result) {
+      formatPackageDataOutput(result.data, { name, ...input })
+    }
+  }
+}
 
-/** @type {import('../../utils/meow-with-subcommands').CliSubcommandRun} */
-const run = async (argv, importMeta, { parentName }) => {
-  const name = parentName + ' info'
+// Internal functions
 
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {void|{ outputJson: boolean, outputMarkdown: boolean, pkgName: string, pkgVersion: string }}
+ */
+ function setupCommand (name, description, argv, importMeta) {
   const cli = meow(`
     Usage
       $ ${name} <name>
 
     Options
       ${printFlagList({
-        '--debug': 'Output debug information',
         '--json': 'Output result as json',
         '--markdown': 'Output result as markdown',
       }, 6)}
@@ -36,11 +54,6 @@ const run = async (argv, importMeta, { parentName }) => {
     description,
     importMeta,
     flags: {
-      debug: {
-        type: 'boolean',
-        alias: 'd',
-        default: false,
-      },
       json: {
         type: 'boolean',
         alias: 'j',
@@ -83,69 +96,56 @@ const run = async (argv, importMeta, { parentName }) => {
     throw new InputError('Need to specify a version, like eg: webtorrent@1.0.0')
   }
 
-  const socketSdk = await setupSdk()
+  return {
+    outputJson,
+    outputMarkdown,
+    pkgName,
+    pkgVersion
+  }
+}
 
+/**
+ * @param {string} pkgName
+ * @param {string} pkgVersion
+ * @returns {Promise<void|import('@socketsecurity/sdk').SocketSdkReturnType<'getIssuesByNPMPackage'>>}
+ */
+async function fetchPackageData (pkgName, pkgVersion) {
+  const socketSdk = await setupSdk()
   const spinner = ora(`Looking up data for version ${pkgVersion} of ${pkgName}`).start()
-
-  /** @type {Awaited<ReturnType<import('@socketsecurity/sdk').SocketSdk["getIssuesByNPMPackage"]>>} */
-  let result
-
-  try {
-    result = await socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion)
-  } catch (cause) {
-    spinner.fail()
-    throw new ErrorWithCause('Failed to look up package', { cause })
-  }
+  const result = await handleApiCall(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), spinner, 'looking up package')
 
   if (result.success === false) {
-    if (result.status === 401 || result.status === 403) {
-      spinner.stop()
-      throw new AuthError(result.error.message)
-    }
-    spinner.fail(chalk.white.bgRed('API returned an error:') + ' ' + result.error.message)
-    process.exit(1)
+    return handleUnsuccessfulApiResponse(result, spinner)
   }
 
-  const data = result.data
+  // Conclude the status of the API call
 
-  /** @typedef {(typeof data)[number]["value"] extends infer U | undefined ? U : never} SocketSdkIssue */
-  /** @type {Record<SocketSdkIssue["severity"], number>} */
-  const severityCount = { low: 0, middle: 0, high: 0, critical: 0 }
-  for (const issue of data) {
-    const value = issue.value
-
-    if (!value) {
-      continue
-    }
-
-    if (severityCount[value.severity] !== undefined) {
-      severityCount[value.severity] += 1
-    }
-  }
+  const issueSummary = getSeveritySummary(result.data)
+  spinner.succeed(`Found ${issueSummary || 'no'} issues for version ${pkgVersion} of ${pkgName}`)
 
-  const issueSummary = stringJoinWithSeparateFinalSeparator([
-    severityCount.critical ? severityCount.critical + ' critical' : undefined,
-    severityCount.high ? severityCount.high + ' high' : undefined,
-    severityCount.middle ? severityCount.middle + ' middle' : undefined,
-    severityCount.low ? severityCount.low + ' low' : undefined,
-  ])
+  return result
+}
 
-  spinner.succeed(`Found ${issueSummary || 'no'} issues for version ${pkgVersion} of ${pkgName}`)
+/**
+ * @param {import('@socketsecurity/sdk').SocketSdkReturnType<'getIssuesByNPMPackage'>["data"]} data
+ * @param {{ name: string, outputJson: boolean, outputMarkdown: boolean, pkgName: string, pkgVersion: string }} context
+ * @returns {void}
+ */
+ function formatPackageDataOutput (data, { name, outputJson, outputMarkdown, pkgName, pkgVersion }) {
+  // If JSON, output and return...
 
   if (outputJson) {
     console.log(JSON.stringify(data, undefined, 2))
     return
   }
 
+  // ...else do the CLI / Markdown output dance
+
   const format = new ChalkOrMarkdown(!!outputMarkdown)
   const url = `https://socket.dev/npm/package/${pkgName}/overview/${pkgVersion}`
 
   console.log('\nDetailed info on socket.dev: ' + format.hyperlink(`${pkgName} v${pkgVersion}`, url, { fallbackToUrl: true }))
-
   if (!outputMarkdown) {
     console.log(chalk.dim('\nOr rerun', chalk.italic(name), 'using the', chalk.italic('--json'), 'flag to get full JSON output'))
   }
 }
-
-/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
-export const info = { description, run }

package/lib/commands/report/create.js

@@ -3,24 +3,64 @@
 import { stat } from 'node:fs/promises'
 import path from 'node:path'
 
-import chalk from 'chalk'
 import meow from 'meow'
 import ora from 'ora'
 import { ErrorWithCause } from 'pony-cause'
 
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
 import { ChalkOrMarkdown, logSymbols } from '../../utils/chalk-markdown.js'
-import { AuthError, InputError } from '../../utils/errors.js'
+import { InputError } from '../../utils/errors.js'
 import { printFlagList } from '../../utils/formatting.js'
 import { createDebugLogger } from '../../utils/misc.js'
 import { setupSdk } from '../../utils/sdk.js'
 import { isErrnoException } from '../../utils/type-helpers.js'
+import { fetchReportData, formatReportDataOutput } from './view.js'
 
-const description = 'Create a project report'
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+export const create = {
+  description: 'Create a project report',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' create'
+
+    const input = await setupCommand(name, create.description, argv, importMeta)
+
+    if (input) {
+      const {
+        cwd,
+        debugLog,
+        dryRun,
+        outputJson,
+        outputMarkdown,
+        packagePaths,
+        view,
+      } = input
+
+      const result = input && await createReport(packagePaths, { cwd, debugLog, dryRun })
+
+      if (result && view) {
+        const reportId = result.data.id
+        const reportResult = input && await fetchReportData(reportId)
+
+        if (reportResult) {
+          formatReportDataOutput(reportResult.data, { name, outputJson, outputMarkdown, reportId })
+        }
+      } else if (result) {
+        formatReportCreationOutput(result.data, { outputJson, outputMarkdown })
+      }
+    }
+  }
+}
 
-/** @type {import('../../utils/meow-with-subcommands').CliSubcommandRun} */
-const run = async (argv, importMeta, { parentName }) => {
-  const name = parentName + ' create'
+// Internal functions
 
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {Promise<void|{ cwd: string, debugLog: typeof console.error, dryRun: boolean, outputJson: boolean, outputMarkdown: boolean, packagePaths: string[], view: boolean }>}
+ */
+async function setupCommand (name, description, argv, importMeta) {
   const cli = meow(`
     Usage
       $ ${name} <paths-to-package-folders-and-files>
@@ -31,12 +71,14 @@ const run = async (argv, importMeta, { parentName }) => {
         '--dry-run': 'Only output what will be done without actually doing it',
         '--json': 'Output result as json',
         '--markdown': 'Output result as markdown',
+        '--view': 'Will wait for and return the created report'
       }, 6)}
 
     Examples
       $ ${name} .
       $ ${name} ../package-lock.json
       $ ${name} /path/to/a/package.json /path/to/another/package.json
+      $ ${name} . --view --json
   `, {
     argv,
     description,
@@ -61,6 +103,11 @@ const run = async (argv, importMeta, { parentName }) => {
         alias: 'm',
         default: false,
       },
+      view: {
+        type: 'boolean',
+        alias: 'v',
+        default: false,
+      },
     }
   })
 
@@ -68,6 +115,7 @@ const run = async (argv, importMeta, { parentName }) => {
     dryRun,
     json: outputJson,
     markdown: outputMarkdown,
+    view,
   } = cli.flags
 
   if (!cli.input[0]) {
@@ -80,6 +128,23 @@ const run = async (argv, importMeta, { parentName }) => {
   const cwd = process.cwd()
   const packagePaths = await resolvePackagePaths(cwd, cli.input)
 
+  return {
+    cwd,
+    debugLog,
+    dryRun,
+    outputJson,
+    outputMarkdown,
+    packagePaths,
+    view,
+  }
+}
+
+/**
+ * @param {string[]} packagePaths
+ * @param {{ cwd: string, debugLog: typeof console.error, dryRun: boolean }} context
+ * @returns {Promise<void|import('@socketsecurity/sdk').SocketSdkReturnType<'createReport'>>}
+ */
+async function createReport (packagePaths, { cwd, debugLog, dryRun }) {
   debugLog(`${logSymbols.info} Uploading:`, packagePaths.join(`\n${logSymbols.info} Uploading:`))
 
   if (dryRun) {
@@ -87,43 +152,36 @@ const run = async (argv, importMeta, { parentName }) => {
   }
 
   const socketSdk = await setupSdk()
-
   const spinner = ora(`Creating report with ${packagePaths.length} package files`).start()
-
-  /** @type {Awaited<ReturnType<typeof socketSdk.createReportFromFilePaths>>} */
-  let result
-
-  try {
-    result = await socketSdk.createReportFromFilePaths(packagePaths, cwd)
-  } catch (cause) {
-    spinner.fail()
-    throw new ErrorWithCause('Failed creating report', { cause })
-  }
+  const result = await handleApiCall(socketSdk.createReportFromFilePaths(packagePaths, cwd), spinner, 'creating report')
 
   if (result.success === false) {
-    if (result.status === 401 || result.status === 403) {
-      spinner.stop()
-      throw new AuthError(result.error.message)
-    }
-    spinner.fail(chalk.white.bgRed('API returned an error:') + ' ' + result.error.message)
-    process.exit(1)
+    return handleUnsuccessfulApiResponse(result, spinner)
   }
 
+  // Conclude the status of the API call
+
   spinner.succeed()
 
+  return result
+}
+
+/**
+ * @param {import('@socketsecurity/sdk').SocketSdkReturnType<'createReport'>["data"]} data
+ * @param {{ outputJson: boolean, outputMarkdown: boolean }} context
+ * @returns {void}
+ */
+function formatReportCreationOutput (data, { outputJson, outputMarkdown }) {
   if (outputJson) {
-    console.log(JSON.stringify(result.data, undefined, 2))
+    console.log(JSON.stringify(data, undefined, 2))
     return
   }
 
   const format = new ChalkOrMarkdown(!!outputMarkdown)
 
-  console.log('\nNew report: ' + format.hyperlink(result.data.id, result.data.url, { fallbackToUrl: true }))
+  console.log('\nNew report: ' + format.hyperlink(data.id, data.url, { fallbackToUrl: true }))
 }
 
-/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
-export const create = { description, run }
-
 // TODO: Add globbing support with support for ignoring, as a "./**/package.json" in a project also traverses eg. node_modules
 /**
  * Takes paths to folders and/or package.json / package-lock.json files and resolves to package.json + package-lock.json pairs (where feasible)

package/lib/commands/report/index.js

@@ -1,5 +1,6 @@
 import { meowWithSubcommands } from '../../utils/meow-with-subcommands.js'
 import { create } from './create.js'
+import { view } from './view.js'
 
 const description = 'Project report related commands'
 
@@ -10,6 +11,7 @@ export const report = {
     await meowWithSubcommands(
       {
         create,
+        view,
       },
       {
         argv,

package/lib/commands/report/view.js

@@ -0,0 +1,146 @@
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+import meow from 'meow'
+import ora from 'ora'
+
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
+import { ChalkOrMarkdown } from '../../utils/chalk-markdown.js'
+import { InputError } from '../../utils/errors.js'
+import { getSeveritySummary } from '../../utils/format-issues.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { setupSdk } from '../../utils/sdk.js'
+
+/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+export const view = {
+  description: 'View a project report',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' view'
+
+    const input = setupCommand(name, view.description, argv, importMeta)
+    const result = input && await fetchReportData(input.reportId)
+
+    if (result) {
+      formatReportDataOutput(result.data, { name, ...input })
+    }
+  }
+}
+
+// Internal functions
+
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {void|{ outputJson: boolean, outputMarkdown: boolean, reportId: string }}
+ */
+function setupCommand (name, description, argv, importMeta) {
+  const cli = meow(`
+    Usage
+      $ ${name} <report-identifier>
+
+    Options
+      ${printFlagList({
+        '--json': 'Output result as json',
+        '--markdown': 'Output result as markdown',
+      }, 6)}
+
+    Examples
+      $ ${name} QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags: {
+      debug: {
+        type: 'boolean',
+        alias: 'd',
+        default: false,
+      },
+      json: {
+        type: 'boolean',
+        alias: 'j',
+        default: false,
+      },
+      markdown: {
+        type: 'boolean',
+        alias: 'm',
+        default: false,
+      },
+    }
+  })
+
+  // Extract the input
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+  } = cli.flags
+
+  const [reportId, ...extraInput] = cli.input
+
+  if (!reportId) {
+    cli.showHelp()
+    return
+  }
+
+  // Validate the input
+
+  if (extraInput.length) {
+    throw new InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`)
+  }
+
+  return {
+    outputJson,
+    outputMarkdown,
+    reportId,
+  }
+}
+
+/**
+ * @param {string} reportId
+ * @returns {Promise<void|import('@socketsecurity/sdk').SocketSdkReturnType<'getReport'>>}
+ */
+export async function fetchReportData (reportId) {
+  // Do the API call
+
+  const socketSdk = await setupSdk()
+  const spinner = ora(`Fetching report with ID ${reportId}`).start()
+  const result = await handleApiCall(socketSdk.getReport(reportId), spinner, 'fetching report')
+
+  if (result.success === false) {
+    return handleUnsuccessfulApiResponse(result, spinner)
+  }
+
+  // Conclude the status of the API call
+
+  const issueSummary = getSeveritySummary(result.data.issues)
+  spinner.succeed(`Report contains ${issueSummary || 'no'} issues`)
+
+  return result
+}
+
+/**
+ * @param {import('@socketsecurity/sdk').SocketSdkReturnType<'getReport'>["data"]} data
+ * @param {{ name: string, outputJson: boolean, outputMarkdown: boolean, reportId: string }} context
+ * @returns {void}
+ */
+export function formatReportDataOutput (data, { name, outputJson, outputMarkdown, reportId }) {
+  // If JSON, output and return...
+
+  if (outputJson) {
+    console.log(JSON.stringify(data, undefined, 2))
+    return
+  }
+
+  // ...else do the CLI / Markdown output dance
+
+  const format = new ChalkOrMarkdown(!!outputMarkdown)
+  const url = `https://socket.dev/npm/reports/${encodeURIComponent(reportId)}`
+
+  console.log('\nDetailed info on socket.dev: ' + format.hyperlink(reportId, url, { fallbackToUrl: true }))
+  if (!outputMarkdown) {
+    console.log(chalk.dim('\nOr rerun', chalk.italic(name), 'using the', chalk.italic('--json'), 'flag to get full JSON output'))
+  }
+}

package/lib/utils/api-helpers.js

@@ -0,0 +1,43 @@
+import chalk from 'chalk'
+import { ErrorWithCause } from 'pony-cause'
+
+import { AuthError } from './errors.js'
+
+/**
+ * @template T
+ * @param {import('@socketsecurity/sdk').SocketSdkErrorType<T>} result
+ * @param {import('ora').Ora} spinner
+ * @returns {void}
+ */
+export function handleUnsuccessfulApiResponse (result, spinner) {
+  const resultError = 'error' in result && result.error && typeof result.error === 'object' ? result.error : {}
+  const message = 'message' in resultError && typeof resultError.message === 'string' ? resultError.message : 'No error message returned'
+
+  if (result.status === 401 || result.status === 403) {
+    spinner.stop()
+    throw new AuthError(message)
+  }
+  spinner.fail(chalk.white.bgRed('API returned an error:') + ' ' + message)
+  process.exit(1)
+}
+
+/**
+ * @template T
+ * @param {Promise<T>} value
+ * @param {import('ora').Ora} spinner
+ * @param {string} description
+ * @returns {Promise<T>}
+ */
+export async function handleApiCall (value, spinner, description) {
+  /** @type {T} */
+  let result
+
+  try {
+    result = await value
+  } catch (cause) {
+    spinner.fail()
+    throw new ErrorWithCause(`Failed ${description}`, { cause })
+  }
+
+  return result
+}

package/lib/utils/format-issues.js

@@ -0,0 +1,44 @@
+/** @typedef {import('@socketsecurity/sdk').SocketSdkReturnType<'getIssuesByNPMPackage'>['data']} SocketIssueList */
+/** @typedef {SocketIssueList[number]['value'] extends infer U | undefined ? U : never} SocketIssue */
+
+import { stringJoinWithSeparateFinalSeparator } from './misc.js'
+
+/**
+ * @param {SocketIssueList} issues
+ * @returns {Record<SocketIssue['severity'], number>}
+ */
+function getSeverityCount (issues) {
+  /** @type {Record<SocketIssue['severity'], number>} */
+  const severityCount = { low: 0, middle: 0, high: 0, critical: 0 }
+
+  for (const issue of issues) {
+    const value = issue.value
+
+    if (!value) {
+      continue
+    }
+
+    if (severityCount[value.severity] !== undefined) {
+      severityCount[value.severity] += 1
+    }
+  }
+
+  return severityCount
+}
+
+/**
+ * @param {SocketIssueList} issues
+ * @returns {string}
+ */
+export function getSeveritySummary (issues) {
+  const severityCount = getSeverityCount(issues)
+
+  const issueSummary = stringJoinWithSeparateFinalSeparator([
+    severityCount.critical ? severityCount.critical + ' critical' : undefined,
+    severityCount.high ? severityCount.high + ' high' : undefined,
+    severityCount.middle ? severityCount.middle + ' middle' : undefined,
+    severityCount.low ? severityCount.low + ' low' : undefined,
+  ])
+
+  return issueSummary
+}

package/package.json

@@ -1,11 +1,11 @@
 {
   "name": "@socketsecurity/cli",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "description": "CLI tool for Socket.dev",
-  "homepage": "http://github.com/SocketDev/socket-commando",
+  "homepage": "http://github.com/SocketDev/socket-cli-js",
   "repository": {
     "type": "git",
-    "url": "git://github.com/SocketDev/socket-commando.git"
+    "url": "git://github.com/SocketDev/socket-cli-js.git"
   },
   "keywords": [],
   "author": {
@@ -45,37 +45,37 @@
     "@types/mocha": "^10.0.0",
     "@types/node": "^14.18.31",
     "@types/prompts": "^2.4.1",
-    "@typescript-eslint/eslint-plugin": "^5.36.2",
-    "@typescript-eslint/parser": "^5.36.2",
+    "@typescript-eslint/eslint-plugin": "^5.44.0",
+    "@typescript-eslint/parser": "^5.44.0",
     "c8": "^7.12.0",
     "chai": "^4.3.6",
     "dependency-check": "^5.0.0-7",
-    "eslint": "^8.23.0",
+    "eslint": "^8.28.0",
     "eslint-config-standard": "^17.0.0",
     "eslint-config-standard-jsx": "^11.0.0",
-    "eslint-import-resolver-typescript": "^3.5.1",
+    "eslint-import-resolver-typescript": "^3.5.2",
     "eslint-plugin-import": "^2.26.0",
     "eslint-plugin-jsdoc": "^39.5.0",
-    "eslint-plugin-n": "^15.3.0",
-    "eslint-plugin-promise": "^6.0.1",
-    "eslint-plugin-react": "^7.31.9",
+    "eslint-plugin-n": "^15.5.1",
+    "eslint-plugin-promise": "^6.1.1",
+    "eslint-plugin-react": "^7.31.11",
     "eslint-plugin-react-hooks": "^4.6.0",
     "husky": "^8.0.1",
-    "installed-check": "^6.0.4",
+    "installed-check": "^6.0.5",
     "mocha": "^10.0.0",
     "npm-run-all2": "^6.0.2",
-    "type-coverage": "^2.21.2",
-    "typescript": "~4.8.4"
+    "type-coverage": "^2.24.1",
+    "typescript": "~4.9.3"
   },
   "dependencies": {
-    "@socketsecurity/sdk": "^0.3.1",
+    "@socketsecurity/sdk": "^0.4.0",
     "chalk": "^5.1.2",
     "hpagent": "^1.2.0",
     "is-interactive": "^2.0.0",
     "is-unicode-supported": "^1.3.0",
     "meow": "^11.0.0",
     "ora": "^6.1.2",
-    "pony-cause": "^2.1.4",
+    "pony-cause": "^2.1.8",
     "prompts": "^2.4.2",
     "terminal-link": "^3.0.0"
   }