@socketsecurity/cli 0.14.27 → 0.14.29

package/dist/module-sync/constants.d.ts

@@ -0,0 +1,15 @@
+declare const API_V0_URL = "https://api.socket.dev/v0";
+declare const ENV: Readonly<{
+    UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: boolean;
+}>;
+declare const SUPPORTS_SYNC_ESM: boolean;
+declare const rootPath: string;
+declare const rootDistPath: string;
+declare const rootBinPath: string;
+declare const rootPkgJsonPath: string;
+declare const nmBinPath: string;
+declare const cdxgenBinPath: string;
+declare const distPath: string;
+declare const shadowBinPath: string;
+declare const synpBinPath: string;
+export { API_V0_URL, ENV, SUPPORTS_SYNC_ESM, rootPath, rootDistPath, rootBinPath, rootPkgJsonPath, nmBinPath, cdxgenBinPath, distPath, shadowBinPath, synpBinPath };

package/dist/module-sync/constants.js

@@ -0,0 +1,62 @@
+'use strict';
+
+var require$$0 = require('node:fs');
+var require$$1 = require('node:path');
+var require$$2 = require('@socketsecurity/registry/lib/env');
+var require$$3 = require('@socketsecurity/registry/lib/constants');
+var require$$4 = require('semver');
+
+function getDefaultExportFromCjs (x) {
+	return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
+}
+
+var constants = {};
+
+Object.defineProperty(constants, "__esModule", {
+  value: true
+});
+constants.synpBinPath = constants.shadowBinPath = constants.rootPkgJsonPath = constants.rootPath = constants.rootDistPath = constants.rootBinPath = constants.nmBinPath = constants.distPath = constants.cdxgenBinPath = constants.SUPPORTS_SYNC_ESM = constants.ENV = constants.API_V0_URL = void 0;
+var _nodeFs = require$$0;
+var _nodePath = require$$1;
+var _env = require$$2;
+var _constants = require$$3;
+var _semver = require$$4;
+const {
+  PACKAGE_JSON
+} = _constants;
+constants.API_V0_URL = 'https://api.socket.dev/v0';
+constants.ENV = Object.freeze({
+  // Flag set by the optimize command to bypass the packagesHaveRiskyIssues check.
+  UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: (0, _env.envAsBoolean)(process.env['UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE'])
+});
+const SUPPORTS_SYNC_ESM = constants.SUPPORTS_SYNC_ESM = _semver.satisfies(process.versions.node, '>=22.12');
+const rootPath = constants.rootPath = (() => {
+  let oldPath;
+  let currPath = (0, _nodeFs.realpathSync)(__dirname);
+  while (currPath !== oldPath) {
+    const pkgJsonPath = _nodePath.join(currPath, PACKAGE_JSON);
+    if ((0, _nodeFs.existsSync)(pkgJsonPath)) {
+      try {
+        // @socketsecurity/cli is replaced by .config/rollup.base.config.mjs
+        // with either 'socket' or '@socketsecurity/cli'.
+        if (require(pkgJsonPath)?.name === '@socketsecurity/cli') {
+          return currPath;
+        }
+      } catch {}
+    }
+    oldPath = currPath;
+    currPath = _nodePath.dirname(currPath);
+  }
+  throw new TypeError('rootPath cannot be resolved.');
+})();
+const rootDistPath = constants.rootDistPath = _nodePath.join(rootPath, 'dist');
+constants.rootBinPath = _nodePath.join(rootPath, 'bin');
+constants.rootPkgJsonPath = _nodePath.join(rootPath, PACKAGE_JSON);
+const nmBinPath = constants.nmBinPath = _nodePath.join(rootPath, 'node_modules/.bin');
+constants.cdxgenBinPath = _nodePath.join(nmBinPath, 'cdxgen');
+constants.distPath = _nodePath.join(rootDistPath, SUPPORTS_SYNC_ESM ? 'module-sync' : 'require');
+constants.shadowBinPath = _nodePath.join(rootPath, 'shadow', SUPPORTS_SYNC_ESM ? 'module-sync' : 'require');
+constants.synpBinPath = _nodePath.join(nmBinPath, 'synp');
+
+exports.constants = constants;
+exports.getDefaultExportFromCjs = getDefaultExportFromCjs;

package/dist/module-sync/npm-cli.js

@@ -0,0 +1,85 @@
+#!/usr/bin/env node
+'use strict';
+
+var constants = require('./constants.js');
+var require$$0$1 = require('@babel/runtime/helpers/interopRequireWildcard');
+var require$$0 = require('node:fs');
+var require$$1 = require('node:path');
+var require$$1$1 = require('@npmcli/promise-spawn');
+var link = require('./link.js');
+var pathResolve = require('./path-resolve.js');
+
+var npmCli$2 = {};
+
+var npmCli$1 = {};
+
+var _nodeFs = require$$0;
+var _nodePath = require$$1;
+var _promiseSpawn = require$$1$1;
+var _constants = constants.constants;
+var _link = link.link;
+var _pathResolve = pathResolve.pathResolve;
+const npmPath = (0, _link.installLinks)(_constants.shadowBinPath, 'npm');
+const injectionPath = _nodePath.join(_constants.distPath, 'npm-injection.js');
+
+// Adding the `--quiet` and `--no-progress` flags when the `proc-log` module
+// is found to fix a UX issue when running the command with recent versions of
+// npm (input swallowed by the standard npm spinner)
+const npmArgs = process.argv.slice(2);
+if (npmArgs.includes('install') && !npmArgs.includes('--no-progress') && !npmArgs.includes('--quiet')) {
+  const npmEntrypoint = (0, _nodeFs.realpathSync)(npmPath);
+  const npmRootPath = (0, _pathResolve.findRoot)(_nodePath.dirname(npmEntrypoint));
+  if (npmRootPath === undefined) {
+    process.exit(127);
+  }
+  const npmDepPath = _nodePath.join(npmRootPath, 'node_modules');
+  let procLog;
+  try {
+    procLog = require(_nodePath.join(npmDepPath, 'proc-log/lib/index.js')).log;
+  } catch {}
+  if (procLog) {
+    npmArgs.push('--no-progress', '--quiet');
+  }
+}
+process.exitCode = 1;
+const spawnPromise = _promiseSpawn(process.execPath, ['--disable-warning', 'ExperimentalWarning', '--require', injectionPath, npmPath, ...npmArgs], {
+  stdio: 'inherit'
+});
+spawnPromise.process.on('exit', (code, signal) => {
+  if (signal) {
+    process.kill(process.pid, signal);
+  } else if (code !== null) {
+    process.exit(code);
+  }
+});
+
+(function (exports) {
+
+	var _interopRequireWildcard = require$$0$1.default;
+	Object.defineProperty(exports, "__esModule", {
+	  value: true
+	});
+	var _exportNames = {};
+	Object.defineProperty(exports, "default", {
+	  enumerable: true,
+	  get: function () {
+	    return _npmCli.default;
+	  }
+	});
+	var _npmCli = _interopRequireWildcard(npmCli$1, true);
+	Object.keys(_npmCli).forEach(function (key) {
+	  if (key === "default" || key === "__esModule") return;
+	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+	  if (key in exports && exports[key] === _npmCli[key]) return;
+	  Object.defineProperty(exports, key, {
+	    enumerable: true,
+	    get: function () {
+	      return _npmCli[key];
+	    }
+	  });
+	}); 
+} (npmCli$2));
+
+var npmCli = /*@__PURE__*/constants.getDefaultExportFromCjs(npmCli$2);
+
+module.exports = npmCli;

package/dist/{npm-injection.js → module-sync/npm-injection.js}

@@ -1,28 +1,31 @@
 'use strict';
 
-var vendor = require('./vendor.js');
+var constants = require('./constants.js');
+var require$$0$2 = require('@babel/runtime/helpers/interopRequireWildcard');
+var require$$0$1 = require('@babel/runtime/helpers/interopRequireDefault');
+var require$$1$2 = require('node:events');
 var require$$0 = require('node:fs');
-var require$$1$1 = require('node:path');
-var require$$1$3 = require('node:events');
 var require$$3$3 = require('node:https');
+var require$$1 = require('node:path');
 var require$$3 = require('node:readline');
 var require$$5 = require('node:stream');
 var require$$7$1 = require('node:timers/promises');
+var require$$3$1 = require('is-interactive');
 var require$$5$1 = require('npm-package-arg');
 var require$$3$2 = require('@socketregistry/yocto-spinner');
-var require$$3$1 = require('semver');
+var require$$4 = require('semver');
 var require$$6$1 = require('@socketsecurity/config');
 var require$$7 = require('@socketsecurity/registry/lib/objects');
-var require$$1$2 = require('node:net');
-var require$$1 = require('node:os');
-var require$$6 = require('../package.json');
+var require$$1$1 = require('node:net');
+var require$$2 = require('node:os');
+var require$$6 = require('../../package.json');
 var sdk = require('./sdk.js');
 var pathResolve = require('./path-resolve.js');
 var link = require('./link.js');
 
-var npmInjection$1 = {};
+var npmInjection$2 = {};
 
-var npmInjection = {};
+var npmInjection$1 = {};
 
 var arborist = {};
 
@@ -32,10 +35,10 @@ Object.defineProperty(ttyServer$1, "__esModule", {
   value: true
 });
 ttyServer$1.createTTYServer = createTTYServer;
-var _nodeFs$2 = require$$0;
-var _nodeNet = require$$1$2;
-var _nodeOs = require$$1;
-var _nodePath$2 = require$$1$1;
+var _nodeFs$1 = require$$0;
+var _nodeNet = require$$1$1;
+var _nodeOs = require$$2;
+var _nodePath$1 = require$$1;
 var _nodeReadline$1 = require$$3;
 var _nodeStream$1 = require$$5;
 var _package = require$$6;
@@ -43,7 +46,7 @@ var _misc$1 = sdk.misc;
 const NEWLINE_CHAR_CODE = 10; /*'\n'*/
 
 const TTY_IPC = process.env['SOCKET_SECURITY_TTY_IPC'];
-const sock = _nodePath$2.join(_nodeOs.tmpdir(), `socket-security-tty-${process.pid}.sock`);
+const sock = _nodePath$1.join(_nodeOs.tmpdir(), `socket-security-tty-${process.pid}.sock`);
 process.env['SOCKET_SECURITY_TTY_IPC'] = sock;
 function createNonStandardTTYServer() {
   return {
@@ -216,7 +219,7 @@ function createStandardTTYServer(isInteractive, npmlog) {
 }
 function tryUnlinkSync(filepath) {
   try {
-    (0, _nodeFs$2.unlinkSync)(filepath);
+    (0, _nodeFs$1.unlinkSync)(filepath);
   } catch (e) {
     if ((0, _misc$1.isErrnoException)(e) && e.code !== 'ENOENT') {
       throw e;
@@ -375,27 +378,27 @@ function createIssueUXLookup(settings) {
   };
 }
 
-var _interopRequireDefault = vendor.interopRequireDefault.default;
+var _interopRequireDefault = require$$0$1.default;
 Object.defineProperty(arborist, "__esModule", {
   value: true
 });
 arborist.SafeArborist = void 0;
 arborist.installSafeArborist = installSafeArborist;
-var _nodeEvents = require$$1$3;
-var _nodeFs$1 = require$$0;
+var _nodeEvents = require$$1$2;
+var _nodeFs = require$$0;
 var _nodeHttps = require$$3$3;
-var _nodePath$1 = require$$1$1;
+var _nodePath = require$$1;
 var _nodeReadline = require$$3;
 var _nodeStream = require$$5;
 var _promises = require$$7$1;
-var _isInteractive = _interopRequireDefault(vendor.isInteractive);
+var _isInteractive = _interopRequireDefault(require$$3$1);
 var _npmPackageArg = require$$5$1;
 var _yoctoSpinner = require$$3$2;
-var _semver = require$$3$1;
+var _semver = require$$4;
 var _config = require$$6$1;
 var _objects = require$$7;
 var _ttyServer = ttyServer$1;
-var _constants = sdk.constants;
+var _constants$1 = constants.constants;
 var _colorOrMarkdown = sdk.colorOrMarkdown;
 var _issueRules = issueRules;
 var _misc = sdk.misc;
@@ -403,10 +406,8 @@ var _pathResolve = pathResolve.pathResolve;
 var _sdk = sdk.sdk;
 var _settings = sdk.settings;
 const POTENTIALLY_BUG_ERROR_SNIPPET = 'this is potentially a bug with socket-npm caused by changes to the npm cli';
-const distPath$1 = __dirname;
-const rootPath$1 = _nodePath$1.resolve(distPath$1, '..');
-const npmEntrypoint = (0, _nodeFs$1.realpathSync)(process.argv[1]);
-const npmRootPath = (0, _pathResolve.findRoot)(_nodePath$1.dirname(npmEntrypoint));
+const npmEntrypoint = (0, _nodeFs.realpathSync)(process.argv[1]);
+const npmRootPath = (0, _pathResolve.findRoot)(_nodePath.dirname(npmEntrypoint));
 function tryRequire(...ids) {
   for (const data of ids) {
     let id;
@@ -436,26 +437,26 @@ if (npmRootPath === undefined) {
 }
 const LOOP_SENTINEL = 1_000_000;
 const NPM_REGISTRY_URL = 'https://registry.npmjs.org';
-const npmNmPath = _nodePath$1.join(npmRootPath, 'node_modules');
-const arboristPkgPath = _nodePath$1.join(npmNmPath, '@npmcli/arborist');
-const arboristClassPath = _nodePath$1.join(arboristPkgPath, 'lib/arborist/index.js');
-const arboristDepValidPath = _nodePath$1.join(arboristPkgPath, 'lib/dep-valid.js');
-const arboristEdgeClassPath = _nodePath$1.join(arboristPkgPath, 'lib/edge.js');
-const arboristNodeClassPath = _nodePath$1.join(arboristPkgPath, 'lib/node.js');
-const arboristOverrideSetClassPatch = _nodePath$1.join(arboristPkgPath, 'lib/override-set.js');
-const log = tryRequire([_nodePath$1.join(npmNmPath, 'proc-log/lib/index.js'),
+const npmNmPath = _nodePath.join(npmRootPath, 'node_modules');
+const arboristPkgPath = _nodePath.join(npmNmPath, '@npmcli/arborist');
+const arboristClassPath = _nodePath.join(arboristPkgPath, 'lib/arborist/index.js');
+const arboristDepValidPath = _nodePath.join(arboristPkgPath, 'lib/dep-valid.js');
+const arboristEdgeClassPath = _nodePath.join(arboristPkgPath, 'lib/edge.js');
+const arboristNodeClassPath = _nodePath.join(arboristPkgPath, 'lib/node.js');
+const arboristOverrideSetClassPatch = _nodePath.join(arboristPkgPath, 'lib/override-set.js');
+const log = tryRequire([_nodePath.join(npmNmPath, 'proc-log/lib/index.js'),
 // The proc-log DefinitelyTyped definition is incorrect. The type definition
 // is really that of its export log.
-mod => mod.log], _nodePath$1.join(npmNmPath, 'npmlog/lib/log.js'));
+mod => mod.log], _nodePath.join(npmNmPath, 'npmlog/lib/log.js'));
 if (log === undefined) {
   console.error(`Unable to integrate with npm cli logging infrastructure, ${POTENTIALLY_BUG_ERROR_SNIPPET}.`);
   process.exit(127);
 }
-const pacote = tryRequire(_nodePath$1.join(npmNmPath, 'pacote'), 'pacote');
+const pacote = tryRequire(_nodePath.join(npmNmPath, 'pacote'), 'pacote');
 const {
   tarball
 } = pacote;
-const translations = require(_nodePath$1.join(rootPath$1, 'translations.json'));
+const translations = require(_nodePath.join(_constants$1.rootPath, 'translations.json'));
 const abortController = new AbortController();
 const {
   signal: abortSignal
@@ -484,11 +485,11 @@ async function uxLookup(settings) {
 }
 async function* batchScan(pkgIds) {
   const query = {
-    packages: pkgIds.map(pkgid => {
+    packages: pkgIds.map(id => {
       const {
         name,
         version
-      } = pkgidParts(pkgid);
+      } = pkgidParts(id);
       return {
         eco: 'npm',
         pkg: name,
@@ -498,7 +499,7 @@ async function* batchScan(pkgIds) {
     })
   };
   // TODO: Migrate to SDK.
-  const pkgDataReq = _nodeHttps.request(`${_constants.API_V0_URL}/scan/batch`, {
+  const pkgDataReq = _nodeHttps.request(`${_constants$1.API_V0_URL}/scan/batch`, {
     method: 'POST',
     headers: {
       Authorization: `Basic ${Buffer.from(`${pubToken}:`).toString('base64url')}`
@@ -530,10 +531,10 @@ function findSocketYmlSync() {
   let prevDir = null;
   let dir = process.cwd();
   while (dir !== prevDir) {
-    let ymlPath = _nodePath$1.join(dir, 'socket.yml');
+    let ymlPath = _nodePath.join(dir, 'socket.yml');
     let yml = maybeReadfileSync(ymlPath);
     if (yml === undefined) {
-      ymlPath = _nodePath$1.join(dir, 'socket.yaml');
+      ymlPath = _nodePath.join(dir, 'socket.yaml');
       yml = maybeReadfileSync(ymlPath);
     }
     if (typeof yml === 'string') {
@@ -547,7 +548,7 @@ function findSocketYmlSync() {
       }
     }
     prevDir = dir;
-    dir = _nodePath$1.join(dir, '..');
+    dir = _nodePath.join(dir, '..');
   }
   return null;
 }
@@ -575,28 +576,33 @@ function findSpecificOverrideSet(first, second) {
 }
 function maybeReadfileSync(filepath) {
   try {
-    return (0, _nodeFs$1.readFileSync)(filepath, 'utf8');
+    return (0, _nodeFs.readFileSync)(filepath, 'utf8');
   } catch {}
   return undefined;
 }
 async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
+  const spinner = _yoctoSpinner({
+    stream: output
+  });
   let result = false;
-  let remaining = pkgs.length;
+  let {
+    length: remaining
+  } = pkgs;
   if (!remaining) {
-    _yoctoSpinner().success('No changes detected');
+    spinner.success('No changes detected');
     return result;
   }
   const getText = () => `Looking up data for ${remaining} packages`;
-  const spinner = _yoctoSpinner({
-    stream: output
-  }).start(getText());
+  spinner.start(getText());
   try {
-    for await (const pkgData of batchScan(pkgs.map(pkg => pkg.pkgid))) {
-      let failures = [];
-      let displayWarning = false;
-      const name = pkgData.pkg;
-      const version = pkgData.ver;
+    for await (const pkgData of batchScan(pkgs.map(p => p.pkgid))) {
+      const {
+        pkg: name,
+        ver: version
+      } = pkgData;
       const id = `${name}@${version}`;
+      let displayWarning = false;
+      let failures = [];
       if (pkgData.type === 'missing') {
         result = true;
         failures.push({
@@ -622,7 +628,7 @@ async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
             });
             // Before we ask about problematic issues, check to see if they
             // already existed in the old version if they did, be quiet.
-            const pkg = pkgs.find(pkg => pkg.pkgid === id && pkg.existing?.startsWith(`${name}@`));
+            const pkg = pkgs.find(p => p.pkgid === id && p.existing?.startsWith(`${name}@`));
             if (pkg?.existing) {
               // eslint-disable-next-line no-await-in-loop
               for await (const oldPkgData of batchScan([pkg.existing])) {
@@ -641,7 +647,7 @@ async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
           }
         }
         if (!blocked) {
-          const pkg = pkgs.find(pkg => pkg.pkgid === id);
+          const pkg = pkgs.find(p => p.pkgid === id);
           if (pkg) {
             await tarball.stream(id, stream => {
               stream.resume();
@@ -653,8 +659,7 @@ async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
         }
       }
       if (displayWarning) {
-        spinner.stop();
-        output?.write(`(socket) ${formatter.hyperlink(id, `https://socket.dev/npm/package/${name}/overview/${version}`)} contains risks:\n`);
+        spinner.stop(`(socket) ${formatter.hyperlink(id, `https://socket.dev/npm/package/${name}/overview/${version}`)} contains risks:`);
         failures.sort((a, b) => a.raw.type < b.raw.type ? -1 : 1);
         const lines = new Set();
         for (const failure of failures) {
@@ -675,9 +680,7 @@ async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
     }
     return result;
   } finally {
-    if (spinner.isSpinning) {
-      spinner.stop();
-    }
+    spinner.stop();
   }
 }
 function pkgidParts(pkgid) {
@@ -689,18 +692,8 @@ function pkgidParts(pkgid) {
     version
   };
 }
-function toPURL(pkgid, resolved) {
-  const repo = resolved.replace(/#[\s\S]*$/u, '').replace(/\?[\s\S]*$/u, '').replace(/\/[^/]*\/-\/[\s\S]*$/u, '');
-  const {
-    name,
-    version
-  } = pkgidParts(pkgid);
-  return {
-    type: 'npm',
-    namespace_and_name: name,
-    version,
-    repository_url: repo
-  };
+function toRepoUrl(resolved) {
+  return resolved.replace(/#[\s\S]*$/, '').replace(/\?[\s\S]*$/, '').replace(/\/[^/]*\/-\/[\s\S]*$/, '');
 }
 function walk(diff_, needInfoOn = []) {
   const queue = [diff_];
@@ -731,12 +724,8 @@ function walk(diff_, needInfoOn = []) {
       if (keep && diff.ideal?.pkgid && diff.ideal.resolved && (!diff.actual || diff.actual.resolved)) {
         needInfoOn.push({
           existing,
-          action: diff.action,
-          location: diff.ideal.location,
           pkgid: diff.ideal.pkgid,
-          newPackage: toPURL(diff.ideal.pkgid, diff.ideal.resolved),
-          oldPackage: diff.actual && diff.actual.resolved ? toPURL(diff.actual.pkgid, diff.actual.resolved) : null,
-          resolved: diff.ideal.resolved
+          repository_url: toRepoUrl(diff.ideal.resolved)
         });
       }
     }
@@ -1427,10 +1416,10 @@ class SafeArborist extends Arborist {
     options['save'] = old.save;
     options['saveBundle'] = old.saveBundle;
     // Nothing to check, mmm already installed or all private?
-    if (diff.findIndex(c => c.newPackage.repository_url === NPM_REGISTRY_URL) === -1) {
+    if (diff.findIndex(c => c.repository_url === NPM_REGISTRY_URL) === -1) {
       return await this[kRiskyReify](...args);
     }
-    let proceed = _constants.ENV.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE;
+    let proceed = _constants$1.ENV.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE;
     if (!proceed) {
       proceed = await ttyServer.captureTTY(async (input, output) => {
         if (input && output) {
@@ -1567,21 +1556,16 @@ void (async () => {
   _uxLookup = (0, _issueRules.createIssueUXLookup)(settings);
 })();
 
-var _nodeFs = require$$0;
-var _nodePath = require$$1$1;
+var _constants = constants.constants;
 var _arborist = arborist;
 var _link = link.link;
-const distPath = __dirname;
-const rootPath = _nodePath.resolve(distPath, '..');
-const binPath = _nodePath.join(rootPath, 'bin');
-
-// shadow `npm` and `npx` to mitigate subshells
-(0, _link.installLinks)((0, _nodeFs.realpathSync)(binPath), 'npm');
+// Shadow `npm` and `npx` to mitigate subshells.
+(0, _link.installLinks)(_constants.shadowBinPath, 'npm');
 (0, _arborist.installSafeArborist)();
 
 (function (exports) {
 
-	var _interopRequireWildcard = vendor.interopRequireWildcard.default;
+	var _interopRequireWildcard = require$$0$2.default;
 	Object.defineProperty(exports, "__esModule", {
 	  value: true
 	});
@@ -1592,7 +1576,7 @@ const binPath = _nodePath.join(rootPath, 'bin');
 	    return _npmInjection.default;
 	  }
 	});
-	var _npmInjection = _interopRequireWildcard(npmInjection, true);
+	var _npmInjection = _interopRequireWildcard(npmInjection$1, true);
 	Object.keys(_npmInjection).forEach(function (key) {
 	  if (key === "default" || key === "__esModule") return;
 	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
@@ -1604,6 +1588,8 @@ const binPath = _nodePath.join(rootPath, 'bin');
 	    }
 	  });
 	}); 
-} (npmInjection$1));
+} (npmInjection$2));
+
+var npmInjection = /*@__PURE__*/constants.getDefaultExportFromCjs(npmInjection$2);
 
-module.exports = npmInjection$1;
+module.exports = npmInjection;

package/dist/module-sync/npx-cli.js

@@ -0,0 +1,61 @@
+#!/usr/bin/env node
+'use strict';
+
+var constants = require('./constants.js');
+var require$$0 = require('@babel/runtime/helpers/interopRequireWildcard');
+var require$$1 = require('node:path');
+var require$$1$1 = require('@npmcli/promise-spawn');
+var link = require('./link.js');
+
+var npxCli$2 = {};
+
+var npxCli$1 = {};
+
+var _nodePath = require$$1;
+var _promiseSpawn = require$$1$1;
+var _constants = constants.constants;
+var _link = link.link;
+const npxPath = (0, _link.installLinks)(_constants.shadowBinPath, 'npx');
+const injectionPath = _nodePath.join(_constants.distPath, 'npm-injection.js');
+process.exitCode = 1;
+const spawnPromise = _promiseSpawn(process.execPath, ['--disable-warning', 'ExperimentalWarning', '--require', injectionPath, npxPath, ...process.argv.slice(2)], {
+  stdio: 'inherit'
+});
+spawnPromise.process.on('exit', (code, signal) => {
+  if (signal) {
+    process.kill(process.pid, signal);
+  } else if (code !== null) {
+    process.exit(code);
+  }
+});
+
+(function (exports) {
+
+	var _interopRequireWildcard = require$$0.default;
+	Object.defineProperty(exports, "__esModule", {
+	  value: true
+	});
+	var _exportNames = {};
+	Object.defineProperty(exports, "default", {
+	  enumerable: true,
+	  get: function () {
+	    return _npxCli.default;
+	  }
+	});
+	var _npxCli = _interopRequireWildcard(npxCli$1, true);
+	Object.keys(_npxCli).forEach(function (key) {
+	  if (key === "default" || key === "__esModule") return;
+	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+	  if (key in exports && exports[key] === _npxCli[key]) return;
+	  Object.defineProperty(exports, key, {
+	    enumerable: true,
+	    get: function () {
+	      return _npxCli[key];
+	    }
+	  });
+	}); 
+} (npxCli$2));
+
+var npxCli = /*@__PURE__*/constants.getDefaultExportFromCjs(npxCli$2);
+
+module.exports = npxCli;

package/dist/{sdk.d.ts → module-sync/sdk.d.ts}

@@ -3,11 +3,7 @@ import { SocketSdk } from '@socketsecurity/sdk';
 declare function createDebugLogger(printDebugLogs?: boolean): typeof console.error;
 declare function isErrnoException(value: unknown): value is NodeJS.ErrnoException;
 declare function stringJoinWithSeparateFinalSeparator(list: (string | undefined)[], separator?: string): string;
-declare const API_V0_URL = "https://api.socket.dev/v0";
-declare const ENV: Readonly<{
-    UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: boolean;
-}>;
 declare const FREE_API_KEY = "sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api";
 declare function getDefaultKey(): string | undefined;
 declare function setupSdk(apiKey?: string | undefined, apiBaseUrl?: string | undefined, proxy?: string | undefined): Promise<SocketSdk>;
-export { createDebugLogger, isErrnoException, stringJoinWithSeparateFinalSeparator, API_V0_URL, ENV, FREE_API_KEY, getDefaultKey, setupSdk };
+export { createDebugLogger, isErrnoException, stringJoinWithSeparateFinalSeparator, FREE_API_KEY, getDefaultKey, setupSdk };