@socketsecurity/cli 0.14.28 → 0.14.29

package/dist/{cli.js → require/cli.js}

@@ -2,20 +2,21 @@
 'use strict';
 
 var vendor = require('./vendor.js');
-var require$$1 = require('node:path');
 var require$$8$2 = require('node:url');
 var require$$1$2 = require('yoctocolors-cjs');
-var require$$5$1 = require('pony-cause');
+var require$$4$1 = require('pony-cause');
 var require$$0 = require('node:fs');
+var require$$1 = require('node:path');
 var require$$1$1 = require('@npmcli/promise-spawn');
 var require$$4 = require('yargs-parser');
 var require$$5 = require('@socketsecurity/registry/lib/words');
+var constants = require('./constants.js');
 var require$$3 = require('@socketregistry/yocto-spinner');
 var sdk = require('./sdk.js');
 var require$$1$3 = require('@inquirer/prompts');
 var require$$1$4 = require('node:fs/promises');
-var require$$5$3 = require('npm-package-arg');
-var require$$3$1 = require('semver');
+var require$$5$2 = require('npm-package-arg');
+var require$$4$2 = require('semver');
 var require$$8$1 = require('tinyglobby');
 var require$$9$1 = require('yaml');
 var require$$10 = require('@socketsecurity/registry');
@@ -25,11 +26,11 @@ var require$$13 = require('@socketsecurity/registry/lib/promises');
 var require$$14 = require('@socketsecurity/registry/lib/regexps');
 var require$$9 = require('@socketsecurity/registry/lib/strings');
 var require$$2 = require('browserslist');
-var require$$4$1 = require('which');
-var require$$5$2 = require('@socketregistry/hyrious__bun.lockb');
-var require$$6 = require('@socketsecurity/registry/lib/constants');
+var require$$4$3 = require('which');
+var require$$5$1 = require('@socketregistry/hyrious__bun.lockb');
+var require$$3$1 = require('@socketsecurity/registry/lib/constants');
 var require$$2$1 = require('@apideck/better-ajv-errors');
-var require$$6$1 = require('@socketsecurity/config');
+var require$$6 = require('@socketsecurity/config');
 var pathResolve = require('./path-resolve.js');
 var require$$1$5 = require('node:os');
 var require$$3$2 = require('node:readline');
@@ -38,14 +39,14 @@ var require$$2$2 = require('node:readline/promises');
 var require$$2$3 = require('chalk-table');
 var require$$2$4 = require('blessed/lib/widgets/screen');
 var require$$3$3 = require('blessed-contrib/lib/widget/charts/bar');
-var require$$4$2 = require('blessed-contrib/lib/layout/grid');
-var require$$5$4 = require('blessed-contrib/lib/widget/charts/line');
+var require$$4$4 = require('blessed-contrib/lib/layout/grid');
+var require$$5$3 = require('blessed-contrib/lib/widget/charts/line');
 var require$$0$2 = require('node:util');
 var require$$2$5 = require('blessed-contrib/lib/widget/table');
 
-var cli$1 = {};
+var cli$2 = {};
 
-var cli = {};
+var cli$1 = {};
 
 var commands = {};
 
@@ -56,19 +57,15 @@ Object.defineProperty(cdxgen, "__esModule", {
 });
 cdxgen.cdxgen = void 0;
 var _nodeFs$3 = require$$0;
-var _nodePath$7 = require$$1;
+var _nodePath$6 = require$$1;
 var _promiseSpawn$6 = require$$1$1;
 var _yoctocolorsCjs$j = require$$1$2;
 var _yargsParser = require$$4;
 var _words$1 = require$$5;
-const distPath$4 = __dirname;
+var _constants$6 = constants.constants;
 const {
   execPath
 } = process;
-const rootPath$1 = _nodePath$7.resolve(distPath$4, '..');
-const binPath = _nodePath$7.join(rootPath$1, 'node_modules/.bin');
-const cdxgenBinPath = _nodePath$7.join(binPath, 'cdxgen');
-const synpBinPath = _nodePath$7.join(binPath, 'synp');
 const {
   SBOM_SIGN_ALGORITHM,
   // Algorithm. Example: RS512
@@ -194,7 +191,7 @@ cdxgen.cdxgen = {
         // Use synp to create a package-lock.json from the yarn.lock,
         // based on the node_modules folder, for a more accurate SBOM.
         try {
-          await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(synpBinPath), '--source-file', './yarn.lock'], {
+          await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(_constants$6.synpBinPath), '--source-file', './yarn.lock'], {
             shell: true
           });
           yargv.type = 'npm';
@@ -205,7 +202,7 @@ cdxgen.cdxgen = {
     if (yargv.output === undefined) {
       yargv.output = 'socket-cdx.json';
     }
-    await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(cdxgenBinPath), ...argvToArray(yargv)], {
+    await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(_constants$6.cdxgenBinPath), ...argvToArray(yargv)], {
       env: {
         NODE_ENV: '',
         SBOM_SIGN_ALGORITHM,
@@ -220,7 +217,7 @@ cdxgen.cdxgen = {
         await _nodeFs$3.promises.unlink('./package-lock.json');
       } catch {}
     }
-    const fullOutputPath = _nodePath$7.join(process.cwd(), yargv.output);
+    const fullOutputPath = _nodePath$6.join(process.cwd(), yargv.output);
     if ((0, _nodeFs$3.existsSync)(fullOutputPath)) {
       console.log(_yoctocolorsCjs$j.cyanBright(`${yargv.output} created!`));
     }
@@ -292,9 +289,9 @@ apiHelpers.handleApiCall = handleApiCall;
 apiHelpers.handleUnsuccessfulApiResponse = handleUnsuccessfulApiResponse;
 apiHelpers.queryAPI = queryAPI;
 var _yoctocolorsCjs$i = require$$1$2;
-var _ponyCause$4 = require$$5$1;
+var _ponyCause$4 = require$$4$1;
 var _errors$l = sdk.errors;
-var _constants$1 = sdk.constants;
+var _constants$5 = constants.constants;
 function handleUnsuccessfulApiResponse(_name, result, spinner) {
   const resultError = 'error' in result && result.error && typeof result.error === 'object' ? result.error : {};
   const message = 'message' in resultError && typeof resultError.message === 'string' ? resultError.message : 'No error message returned';
@@ -324,7 +321,7 @@ async function handleAPIError(code) {
   }
 }
 async function queryAPI(path, apiKey) {
-  return await fetch(`${_constants$1.API_V0_URL}/${path}`, {
+  return await fetch(`${_constants$5.API_V0_URL}/${path}`, {
     method: 'GET',
     headers: {
       Authorization: 'Basic ' + btoa(`${apiKey}:${apiKey}`)
@@ -813,16 +810,16 @@ Object.defineProperty(npm, "__esModule", {
   value: true
 });
 npm.npm = void 0;
-var _nodePath$6 = require$$1;
+var _nodePath$5 = require$$1;
 var _promiseSpawn$5 = require$$1$1;
-const distPath$3 = __dirname;
+var _constants$4 = constants.constants;
 const description$5 = 'npm wrapper functionality';
 npm.npm = {
   description: description$5,
   async run(argv, _importMeta, _ctx) {
-    const wrapperPath = _nodePath$6.join(distPath$3, 'npm-cli.js');
+    const wrapperPath = _nodePath$5.join(_constants$4.distPath, 'npm-cli.js');
     process.exitCode = 1;
-    const spawnPromise = _promiseSpawn$5(process.execPath, [wrapperPath, ...argv], {
+    const spawnPromise = _promiseSpawn$5(process.execPath, ['--disable-warning', 'ExperimentalWarning', wrapperPath, ...argv], {
       stdio: 'inherit'
     });
     spawnPromise.process.on('exit', (code, signal) => {
@@ -842,16 +839,16 @@ Object.defineProperty(npx, "__esModule", {
   value: true
 });
 npx.npx = void 0;
-var _nodePath$5 = require$$1;
+var _nodePath$4 = require$$1;
 var _promiseSpawn$4 = require$$1$1;
-const distPath$2 = __dirname;
+var _constants$3 = constants.constants;
 const description$4 = 'npx wrapper functionality';
 npx.npx = {
   description: description$4,
   async run(argv, _importMeta, _ctx) {
-    const wrapperPath = _nodePath$5.join(distPath$2, 'npx-cli.js');
+    const wrapperPath = _nodePath$4.join(_constants$3.distPath, 'npx-cli.js');
     process.exitCode = 1;
-    const spawnPromise = _promiseSpawn$4(process.execPath, [wrapperPath, ...argv], {
+    const spawnPromise = _promiseSpawn$4(process.execPath, ['--disable-warning', 'ExperimentalWarning', wrapperPath, ...argv], {
       stdio: 'inherit'
     });
     spawnPromise.process.on('exit', (code, signal) => {
@@ -877,7 +874,7 @@ fs.findUp = findUp;
 fs.readFileBinary = readFileBinary;
 fs.readFileUtf8 = readFileUtf8;
 var _nodeFs$2 = require$$0;
-var _nodePath$4 = require$$1;
+var _nodePath$3 = require$$1;
 function existsSync(filepath) {
   try {
     return filepath ? (0, _nodeFs$2.existsSync)(filepath) : false;
@@ -887,14 +884,14 @@ function existsSync(filepath) {
 async function findUp(name, {
   cwd = process.cwd()
 }) {
-  let dir = _nodePath$4.resolve(cwd);
+  let dir = _nodePath$3.resolve(cwd);
   const {
     root
-  } = _nodePath$4.parse(dir);
+  } = _nodePath$3.parse(dir);
   const names = [name].flat();
   while (dir && dir !== root) {
     for (const name of names) {
-      const filePath = _nodePath$4.join(dir, name);
+      const filePath = _nodePath$3.join(dir, name);
       try {
         // eslint-disable-next-line no-await-in-loop
         const stats = await _nodeFs$2.promises.stat(filePath);
@@ -903,7 +900,7 @@ async function findUp(name, {
         }
       } catch {}
     }
-    dir = _nodePath$4.dirname(dir);
+    dir = _nodePath$3.dirname(dir);
   }
   return undefined;
 }
@@ -927,13 +924,13 @@ Object.defineProperty(packageManagerDetector, "__esModule", {
 });
 packageManagerDetector.AGENTS = void 0;
 packageManagerDetector.detect = detect;
-var _nodePath$3 = require$$1;
+var _nodePath$2 = require$$1;
 var _promiseSpawn$3 = require$$1$1;
 var _browserslist = require$$2;
-var _semver$1 = require$$3$1;
-var _which = require$$4$1;
-var _hyrious__bun = require$$5$2;
-var _constants = require$$6;
+var _semver$1 = require$$4$2;
+var _which = require$$4$3;
+var _hyrious__bun = require$$5$1;
+var _constants$2 = require$$3$1;
 var _objects$2 = require$$7;
 var _packages$1 = require$$8;
 var _strings$1 = require$$9;
@@ -1021,10 +1018,10 @@ async function detect({
     cwd
   });
   const isHiddenLockFile = lockPath?.endsWith('.package-lock.json') ?? false;
-  const pkgJsonPath = lockPath ? _nodePath$3.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await (0, _fs$1.findUp)('package.json', {
+  const pkgJsonPath = lockPath ? _nodePath$2.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await (0, _fs$1.findUp)('package.json', {
     cwd
   });
-  const pkgPath = (0, _fs$1.existsSync)(pkgJsonPath) ? _nodePath$3.dirname(pkgJsonPath) : undefined;
+  const pkgPath = (0, _fs$1.existsSync)(pkgJsonPath) ? _nodePath$2.dirname(pkgJsonPath) : undefined;
   const editablePkgJson = pkgPath ? await (0, _packages$1.readPackageJson)(pkgPath, {
     editable: true
   }) : undefined;
@@ -1046,7 +1043,7 @@ async function detect({
     }
   }
   if (agent === undefined && !isHiddenLockFile && typeof pkgJsonPath === 'string' && typeof lockPath === 'string') {
-    agent = LOCKS[_nodePath$3.basename(lockPath)];
+    agent = LOCKS[_nodePath$2.basename(lockPath)];
   }
   if (agent === undefined) {
     agent = 'npm';
@@ -1066,7 +1063,7 @@ async function detect({
   };
   let lockSrc;
   // Lazily access constants.maintainedNodeVersions.
-  let minimumNodeVersion = _constants.maintainedNodeVersions.previous;
+  let minimumNodeVersion = _constants$2.maintainedNodeVersions.previous;
   if (pkgJson) {
     const browserField = pkgJson.browser;
     if ((0, _strings$1.isNonEmptyString)(browserField) || (0, _objects$2.isObjectObject)(browserField)) {
@@ -1094,7 +1091,7 @@ async function detect({
       }
     }
     // Lazily access constants.maintainedNodeVersions.
-    targets.node = _constants.maintainedNodeVersions.some(v => _semver$1.satisfies(v, `>=${minimumNodeVersion}`));
+    targets.node = _constants$2.maintainedNodeVersions.some(v => _semver$1.satisfies(v, `>=${minimumNodeVersion}`));
     lockSrc = typeof lockPath === 'string' ? await readLockFileByAgent[agent](lockPath, agentExecPath) : undefined;
   } else {
     lockPath = undefined;
@@ -1120,12 +1117,12 @@ Object.defineProperty(optimize$1, "__esModule", {
 });
 optimize$1.optimize = void 0;
 var _promises$2 = require$$1$4;
-var _nodePath$2 = require$$1;
+var _nodePath$1 = require$$1;
 var _promiseSpawn$2 = require$$1$1;
 var _meow$m = _interopRequireDefault$n(vendor.build);
-var _npmPackageArg = require$$5$3;
+var _npmPackageArg = require$$5$2;
 var _yoctoSpinner$i = require$$3;
-var _semver = require$$3$1;
+var _semver = require$$4$2;
 var _tinyglobby = require$$8$1;
 var _yaml = require$$9$1;
 var _registry = require$$10;
@@ -1135,6 +1132,7 @@ var _promises2 = require$$13;
 var _regexps = require$$14;
 var _strings = require$$9;
 var _words = require$$5;
+var _constants$1 = constants.constants;
 var _flags$j = flags$1;
 var _formatting$k = formatting;
 var _fs = fs;
@@ -1144,7 +1142,6 @@ const OVERRIDES_FIELD_NAME = 'overrides';
 const PNPM_FIELD_NAME = 'pnpm';
 const PNPM_WORKSPACE = 'pnpm-workspace';
 const RESOLUTIONS_FIELD_NAME = 'resolutions';
-const distPath$1 = __dirname;
 const manifestNpmOverrides = (0, _registry.getManifestData)('npm');
 const getOverridesDataByAgent = {
   bun(pkgJson) {
@@ -1504,7 +1501,7 @@ function getDependencyEntries(pkgJson) {
 async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
   let workspacePatterns;
   if (agent === 'pnpm') {
-    for (const workspacePath of [_nodePath$2.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), _nodePath$2.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
+    for (const workspacePath of [_nodePath$1.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), _nodePath$1.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
       if ((0, _fs.existsSync)(workspacePath)) {
         try {
           workspacePatterns = (0, _yaml.parse)(
@@ -1575,7 +1572,7 @@ async function addOverrides({
   } = editablePkgJson;
   const isRoot = pkgPath === rootPath;
   const isLockScanned = isRoot && !prod;
-  const workspaceName = _nodePath$2.relative(rootPath, pkgPath);
+  const workspaceName = _nodePath$1.relative(rootPath, pkgPath);
   const workspaceGlobs = await getWorkspaceGlobs(agent, pkgPath, pkgJson);
   const isWorkspace = !!workspaceGlobs;
   if (isWorkspace && agent === 'pnpm' && npmExecPath === 'npm' && !state.warnedPnpmWorkspaceRequiresNpm) {
@@ -1694,7 +1691,7 @@ async function addOverrides({
         manifestEntries,
         npmExecPath,
         pin,
-        pkgPath: _nodePath$2.dirname(workspacePkgJsonPath),
+        pkgPath: _nodePath$1.dirname(workspacePkgJsonPath),
         prod,
         rootPath
       }, createAddOverridesState({
@@ -1758,7 +1755,7 @@ const optimize = optimize$1.optimize = {
       console.error(`✖️ ${COMMAND_TITLE}: ${agent} does not support overrides. Soon, though ⚡`);
       return;
     }
-    const lockName = lockPath ? _nodePath$2.basename(lockPath) : 'lock file';
+    const lockName = lockPath ? _nodePath$1.basename(lockPath) : 'lock file';
     if (lockSrc === undefined) {
       console.error(`✖️ ${COMMAND_TITLE}: No ${lockName} found`);
       return;
@@ -1775,7 +1772,7 @@ const optimize = optimize$1.optimize = {
       console.error(`✖️ ${COMMAND_TITLE}: --prod not supported for ${agent}${agentVersion ? `@${agentVersion.toString()}` : ''}`);
       return;
     }
-    if (lockPath && _nodePath$2.relative(cwd, lockPath).startsWith('.')) {
+    if (lockPath && _nodePath$1.relative(cwd, lockPath).startsWith('.')) {
       console.warn(`⚠️ ${COMMAND_TITLE}: Package ${lockName} found at ${lockPath}`);
     }
     const spinner = _yoctoSpinner$i({
@@ -1822,7 +1819,7 @@ const optimize = optimize$1.optimize = {
       spinner.start(`Updating ${lockName}...`);
       try {
         if (isNpm) {
-          const wrapperPath = _nodePath$2.join(distPath$1, 'npm-cli.js');
+          const wrapperPath = _nodePath$1.join(_constants$1.distPath, 'npm-cli.js');
           await _promiseSpawn$2(process.execPath, [wrapperPath, 'install', '--no-audit', '--no-fund'], {
             stdio: 'ignore',
             env: {
@@ -2089,7 +2086,7 @@ view$3.view = void 0;
 var _yoctocolorsCjs$f = require$$1$2;
 var _meow$i = _interopRequireDefault$j(vendor.build);
 var _yoctoSpinner$g = require$$3;
-var _ponyCause$3 = require$$5$1;
+var _ponyCause$3 = require$$4$1;
 var _flags$g = flags$1;
 var _apiHelpers$g = apiHelpers;
 var _colorOrMarkdown$2 = sdk.colorOrMarkdown;
@@ -2229,12 +2226,12 @@ Object.defineProperty(create$5, "__esModule", {
   value: true
 });
 create$5.create = void 0;
-var _nodePath$1 = require$$1;
+var _nodePath = require$$1;
 var _betterAjvErrors = require$$2$1;
 var _meow$h = _interopRequireDefault$i(vendor.build);
 var _yoctoSpinner$f = require$$3;
-var _ponyCause$2 = require$$5$1;
-var _config = require$$6$1;
+var _ponyCause$2 = require$$4$1;
+var _config = require$$6;
 var _view$2 = view$3;
 var _flags$f = flags$1;
 var _apiHelpers$f = apiHelpers;
@@ -2371,7 +2368,7 @@ async function setupCommand$g(name, description, argv, importMeta) {
 
   // TODO: Allow setting a custom cwd and/or configFile path?
   const cwd = process.cwd();
-  const absoluteConfigPath = _nodePath$1.join(cwd, 'socket.yml');
+  const absoluteConfigPath = _nodePath.join(cwd, 'socket.yml');
   const config = await (0, _config.readSocketConfig)(absoluteConfigPath).catch(cause => {
     if (cause && typeof cause === 'object' && cause instanceof _config.SocketValidationError) {
       // Inspired by workbox-build:
@@ -2714,7 +2711,7 @@ var _yoctocolorsCjs$e = require$$1$2;
 var _meow$e = _interopRequireDefault$f(vendor.build);
 var _open = _interopRequireDefault$f(vendor.open);
 var _yoctoSpinner$e = require$$3;
-var _ponyCause$1 = require$$5$1;
+var _ponyCause$1 = require$$4$1;
 var _apiHelpers$e = apiHelpers;
 var _errors$f = sdk.errors;
 var _formatting$d = formatting;
@@ -4269,8 +4266,8 @@ analytics$1.analytics = void 0;
 var _promises = require$$1$4;
 var _screen$1 = require$$2$4;
 var _bar = require$$3$3;
-var _grid = require$$4$2;
-var _line = require$$5$4;
+var _grid = require$$4$4;
+var _line = require$$5$3;
 var _meow$2 = _interopRequireDefault$3(vendor.build);
 var _yoctocolorsCjs$2 = require$$1$2;
 var _yoctoSpinner$2 = require$$3;
@@ -5155,19 +5152,15 @@ const getMinDiff = (start, end) => Math.floor((end - start) / 60000);
 
 var _interopRequireWildcard = vendor.interopRequireWildcard.default;
 var _interopRequireDefault = vendor.interopRequireDefault.default;
-var _nodePath = require$$1;
 var _nodeUrl = require$$8$2;
 var _yoctocolorsCjs = require$$1$2;
-var _ponyCause = require$$5$1;
+var _ponyCause = require$$4$1;
 var _tinyUpdater = _interopRequireDefault(vendor.dist);
 var cliCommands = _interopRequireWildcard(commands, true);
+var _constants = constants.constants;
 var _colorOrMarkdown = sdk.colorOrMarkdown;
 var _errors = sdk.errors;
 var _meowWithSubcommands = meowWithSubcommands$1;
-const distPath = __dirname;
-const rootPath = _nodePath.resolve(distPath, '..');
-const rootPkgJsonPath = _nodePath.join(rootPath, 'package.json');
-const rootPkgJson = require(rootPkgJsonPath);
 const formattedCliCommands = Object.fromEntries(Object.entries(cliCommands).map(entry => {
   const key = entry[0];
   entry[0] = camelToHyphen(key);
@@ -5179,6 +5172,7 @@ function camelToHyphen(str) {
 
 // TODO: Add autocompletion using https://socket.dev/npm/package/omelette
 void (async () => {
+  const rootPkgJson = require(_constants.rootPkgJsonPath);
   await (0, _tinyUpdater.default)({
     name: rootPkgJson.name,
     version: rootPkgJson.version,
@@ -5237,7 +5231,7 @@ void (async () => {
 	    return _cli.default;
 	  }
 	});
-	var _cli = _interopRequireWildcard(cli, true);
+	var _cli = _interopRequireWildcard(cli$1, true);
 	Object.keys(_cli).forEach(function (key) {
 	  if (key === "default" || key === "__esModule") return;
 	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
@@ -5249,6 +5243,8 @@ void (async () => {
 	    }
 	  });
 	}); 
-} (cli$1));
+} (cli$2));
+
+var cli = /*@__PURE__*/vendor.getDefaultExportFromCjs(cli$2);
 
-module.exports = cli$1;
+module.exports = cli;

package/dist/require/color-or-markdown.d.ts

@@ -0,0 +1,23 @@
+declare const logSymbols: {
+    __proto__: null;
+    info: string;
+    success: string;
+    warning: string;
+    error: string;
+};
+declare class ColorOrMarkdown {
+    useMarkdown: boolean;
+    constructor(useMarkdown: boolean);
+    header(text: string, level?: number): string;
+    bold(text: string): string;
+    italic(text: string): string;
+    hyperlink(text: string, url: string | undefined, { fallback, fallbackToUrl }?: {
+        fallback?: boolean;
+        fallbackToUrl?: boolean;
+    }): string;
+    list(items: string[]): string;
+    get logSymbols(): typeof logSymbols;
+    indent(text: string, level?: number): string;
+    json(value: unknown): string;
+}
+export { logSymbols, ColorOrMarkdown };

package/dist/require/constants.d.ts

@@ -0,0 +1,15 @@
+declare const API_V0_URL = "https://api.socket.dev/v0";
+declare const ENV: Readonly<{
+    UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: boolean;
+}>;
+declare const SUPPORTS_SYNC_ESM: boolean;
+declare const rootPath: string;
+declare const rootDistPath: string;
+declare const rootBinPath: string;
+declare const rootPkgJsonPath: string;
+declare const nmBinPath: string;
+declare const cdxgenBinPath: string;
+declare const distPath: string;
+declare const shadowBinPath: string;
+declare const synpBinPath: string;
+export { API_V0_URL, ENV, SUPPORTS_SYNC_ESM, rootPath, rootDistPath, rootBinPath, rootPkgJsonPath, nmBinPath, cdxgenBinPath, distPath, shadowBinPath, synpBinPath };

package/dist/require/constants.js

@@ -0,0 +1,57 @@
+'use strict';
+
+var require$$0 = require('node:fs');
+var require$$1 = require('node:path');
+var require$$2 = require('@socketsecurity/registry/lib/env');
+var require$$3 = require('@socketsecurity/registry/lib/constants');
+var require$$4 = require('semver');
+
+var constants = {};
+
+Object.defineProperty(constants, "__esModule", {
+  value: true
+});
+constants.synpBinPath = constants.shadowBinPath = constants.rootPkgJsonPath = constants.rootPath = constants.rootDistPath = constants.rootBinPath = constants.nmBinPath = constants.distPath = constants.cdxgenBinPath = constants.SUPPORTS_SYNC_ESM = constants.ENV = constants.API_V0_URL = void 0;
+var _nodeFs = require$$0;
+var _nodePath = require$$1;
+var _env = require$$2;
+var _constants = require$$3;
+var _semver = require$$4;
+const {
+  PACKAGE_JSON
+} = _constants;
+constants.API_V0_URL = 'https://api.socket.dev/v0';
+constants.ENV = Object.freeze({
+  // Flag set by the optimize command to bypass the packagesHaveRiskyIssues check.
+  UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: (0, _env.envAsBoolean)(process.env['UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE'])
+});
+const SUPPORTS_SYNC_ESM = constants.SUPPORTS_SYNC_ESM = _semver.satisfies(process.versions.node, '>=22.12');
+const rootPath = constants.rootPath = (() => {
+  let oldPath;
+  let currPath = (0, _nodeFs.realpathSync)(__dirname);
+  while (currPath !== oldPath) {
+    const pkgJsonPath = _nodePath.join(currPath, PACKAGE_JSON);
+    if ((0, _nodeFs.existsSync)(pkgJsonPath)) {
+      try {
+        // @socketsecurity/cli is replaced by .config/rollup.base.config.mjs
+        // with either 'socket' or '@socketsecurity/cli'.
+        if (require(pkgJsonPath)?.name === '@socketsecurity/cli') {
+          return currPath;
+        }
+      } catch {}
+    }
+    oldPath = currPath;
+    currPath = _nodePath.dirname(currPath);
+  }
+  throw new TypeError('rootPath cannot be resolved.');
+})();
+const rootDistPath = constants.rootDistPath = _nodePath.join(rootPath, 'dist');
+constants.rootBinPath = _nodePath.join(rootPath, 'bin');
+constants.rootPkgJsonPath = _nodePath.join(rootPath, PACKAGE_JSON);
+const nmBinPath = constants.nmBinPath = _nodePath.join(rootPath, 'node_modules/.bin');
+constants.cdxgenBinPath = _nodePath.join(nmBinPath, 'cdxgen');
+constants.distPath = _nodePath.join(rootDistPath, SUPPORTS_SYNC_ESM ? 'module-sync' : 'require');
+constants.shadowBinPath = _nodePath.join(rootPath, 'shadow', SUPPORTS_SYNC_ESM ? 'module-sync' : 'require');
+constants.synpBinPath = _nodePath.join(nmBinPath, 'synp');
+
+exports.constants = constants;

package/dist/require/errors.d.ts

@@ -0,0 +1,7 @@
+declare class AuthError extends Error {
+}
+declare class InputError extends Error {
+    body: string | undefined;
+    constructor(message: string, body?: string);
+}
+export { AuthError, InputError };

package/dist/require/link.d.ts

@@ -0,0 +1,2 @@
+declare function installLinks(realDirname: string, binName: 'npm' | 'npx'): string;
+export { installLinks };

package/dist/require/link.js

@@ -0,0 +1,45 @@
+'use strict';
+
+var require$$0 = require('node:fs');
+var require$$1 = require('node:path');
+var require$$4 = require('which');
+
+var link = {};
+
+Object.defineProperty(link, "__esModule", {
+  value: true
+});
+link.installLinks = installLinks;
+var _nodeFs = require$$0;
+var _nodePath = require$$1;
+var _which = require$$4;
+function installLinks(realDirname, binName) {
+  const realShadowBinDir = realDirname;
+  // find package manager being shadowed by this process
+  const bins = _which.sync(binName, {
+    all: true
+  });
+  let shadowIndex = -1;
+  const binPath = bins.find((binPath, i) => {
+    if ((0, _nodeFs.realpathSync)(_nodePath.dirname(binPath)) === realShadowBinDir) {
+      shadowIndex = i;
+      return false;
+    }
+    return true;
+  });
+  const isWin = process.platform === 'win32';
+  if (isWin && binPath) {
+    return binPath;
+  }
+  if (!binPath) {
+    console.error(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable`);
+    process.exit(127);
+  }
+  if (shadowIndex === -1) {
+    const binDir = _nodePath.join(realDirname);
+    process.env['PATH'] = `${binDir}${isWin ? ';' : ':'}${process.env['PATH']}`;
+  }
+  return binPath;
+}
+
+exports.link = link;

package/dist/require/npm-cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/{npm-cli.js → require/npm-cli.js}

@@ -5,22 +5,22 @@ var vendor = require('./vendor.js');
 var require$$0 = require('node:fs');
 var require$$1 = require('node:path');
 var require$$1$1 = require('@npmcli/promise-spawn');
+var constants = require('./constants.js');
 var link = require('./link.js');
 var pathResolve = require('./path-resolve.js');
 
-var npmCli$1 = {};
+var npmCli$2 = {};
 
-var npmCli = {};
+var npmCli$1 = {};
 
 var _nodeFs = require$$0;
 var _nodePath = require$$1;
 var _promiseSpawn = require$$1$1;
+var _constants = constants.constants;
 var _link = link.link;
 var _pathResolve = pathResolve.pathResolve;
-const realFilename = (0, _nodeFs.realpathSync)(__filename);
-const realDirname = _nodePath.dirname(realFilename);
-const npmPath = (0, _link.installLinks)(_nodePath.join(realDirname, 'bin'), 'npm');
-const injectionPath = _nodePath.join(realDirname, 'npm-injection.js');
+const npmPath = (0, _link.installLinks)(_constants.shadowBinPath, 'npm');
+const injectionPath = _nodePath.join(_constants.distPath, 'npm-injection.js');
 
 // Adding the `--quiet` and `--no-progress` flags when the `proc-log` module
 // is found to fix a UX issue when running the command with recent versions of
@@ -42,7 +42,7 @@ if (npmArgs.includes('install') && !npmArgs.includes('--no-progress') && !npmArg
   }
 }
 process.exitCode = 1;
-const spawnPromise = _promiseSpawn(process.execPath, ['--require', injectionPath, npmPath, ...npmArgs], {
+const spawnPromise = _promiseSpawn(process.execPath, ['--disable-warning', 'ExperimentalWarning', '--require', injectionPath, npmPath, ...npmArgs], {
   stdio: 'inherit'
 });
 spawnPromise.process.on('exit', (code, signal) => {
@@ -66,7 +66,7 @@ spawnPromise.process.on('exit', (code, signal) => {
 	    return _npmCli.default;
 	  }
 	});
-	var _npmCli = _interopRequireWildcard(npmCli, true);
+	var _npmCli = _interopRequireWildcard(npmCli$1, true);
 	Object.keys(_npmCli).forEach(function (key) {
 	  if (key === "default" || key === "__esModule") return;
 	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
@@ -78,6 +78,8 @@ spawnPromise.process.on('exit', (code, signal) => {
 	    }
 	  });
 	}); 
-} (npmCli$1));
+} (npmCli$2));
+
+var npmCli = /*@__PURE__*/vendor.getDefaultExportFromCjs(npmCli$2);
 
-module.exports = npmCli$1;
+module.exports = npmCli;

package/dist/require/npm-injection.d.ts

@@ -0,0 +1 @@
+export {};