@socketsecurity/cli 0.14.39 → 0.14.40

package/dist/require/cli.js

@@ -10,6 +10,7 @@ function _socketInterop(e) {
   return c ? e.default : e
 }
 
+var process$1 = require('node:process');
 var require$$0 = require('node:url');
 var ponyCause = _socketInterop(require('pony-cause'));
 var vendor = require('./vendor.js');
@@ -20,41 +21,43 @@ var yargsParse = _socketInterop(require('yargs-parser'));
 var npm$1 = require('@socketsecurity/registry/lib/npm');
 var words = require('@socketsecurity/registry/lib/words');
 var constants = require('./constants.js');
-var yoctoSpinner = require('@socketregistry/yocto-spinner');
-var sdk = require('./sdk.js');
+var spinner = require('@socketsecurity/registry/lib/spinner');
+var spawn = _socketInterop(require('@npmcli/promise-spawn'));
+var objects = require('@socketsecurity/registry/lib/objects');
+var pathResolve = require('./path-resolve.js');
+var registryConstants = require('@socketsecurity/registry/lib/constants');
+var socketUrl = require('./socket-url.js');
+var terminalLink = _socketInterop(require('terminal-link'));
+var isInteractive = require('@socketregistry/is-interactive/index.cjs');
 var prompts = require('@socketsecurity/registry/lib/prompts');
 var fs$1 = require('node:fs/promises');
-var spawn = _socketInterop(require('@npmcli/promise-spawn'));
 var npa = _socketInterop(require('npm-package-arg'));
 var semver = _socketInterop(require('semver'));
 var tinyglobby = _socketInterop(require('tinyglobby'));
 var yaml = _socketInterop(require('yaml'));
 var registry = require('@socketsecurity/registry');
-var objects = require('@socketsecurity/registry/lib/objects');
 var packages = require('@socketsecurity/registry/lib/packages');
 var promises = require('@socketsecurity/registry/lib/promises');
 var regexps = require('@socketsecurity/registry/lib/regexps');
 var strings = require('@socketsecurity/registry/lib/strings');
 var browserslist = _socketInterop(require('browserslist'));
 var which = _socketInterop(require('which'));
-var hyrious__bun_lockb = require('@socketregistry/hyrious__bun.lockb');
-var pathResolve = require('./path-resolve.js');
+var index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs');
 var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
 var config = require('@socketsecurity/config');
 var os = require('node:os');
 var readline = require('node:readline');
-var process$1 = require('node:process');
 var readline$1 = require('node:readline/promises');
 var chalkTable = _socketInterop(require('chalk-table'));
 var ScreenWidget = _socketInterop(require('blessed/lib/widgets/screen'));
-var BarChart = _socketInterop(require('blessed-contrib/lib/widget/charts/bar'));
 var GridLayout = _socketInterop(require('blessed-contrib/lib/layout/grid'));
+var BarChart = _socketInterop(require('blessed-contrib/lib/widget/charts/bar'));
 var LineChart = _socketInterop(require('blessed-contrib/lib/widget/charts/line'));
 var require$$0$1 = require('node:util');
 var TableWidget = _socketInterop(require('blessed-contrib/lib/widget/table'));
 
 const {
-  NPM: NPM$4,
+  NPM: NPM$5,
   PNPM: PNPM$2,
   cdxgenBinPath,
   synpBinPath
@@ -65,10 +68,10 @@ const {
   SBOM_SIGN_PRIVATE_KEY,
   // Location to the RSA private key
   SBOM_SIGN_PUBLIC_KEY // Optional. Location to the RSA public key
-} = process.env;
+} = process$1.env;
 const toLower = arg => arg.toLowerCase();
 const arrayToLower = arg => arg.map(toLower);
-const nodejsPlatformTypes = new Set(['javascript', 'js', 'nodejs', NPM$4, PNPM$2, 'ts', 'tsx', 'typescript']);
+const nodejsPlatformTypes = new Set(['javascript', 'js', 'nodejs', NPM$5, PNPM$2, 'ts', 'tsx', 'typescript']);
 const yargsConfig = {
   configuration: {
     'camel-case-expansion': false,
@@ -172,20 +175,20 @@ const cdxgen = {
       length: unknownLength
     } = unknown;
     if (unknownLength) {
+      process$1.exitCode = 1;
       console.error(`Unknown ${words.pluralize('argument', unknownLength)}: ${yargv._.join(', ')}`);
-      process.exitCode = 1;
       return;
     }
     let cleanupPackageLock = false;
     if (yargv.type !== 'yarn' && nodejsPlatformTypes.has(yargv.type) && fs.existsSync('./yarn.lock')) {
       if (fs.existsSync('./package-lock.json')) {
-        yargv.type = NPM$4;
+        yargv.type = NPM$5;
       } else {
         // Use synp to create a package-lock.json from the yarn.lock,
         // based on the node_modules folder, for a more accurate SBOM.
         try {
           await npm$1.runBin(await fs.promises.realpath(synpBinPath), ['--source-file', './yarn.lock']);
-          yargv.type = NPM$4;
+          yargv.type = NPM$5;
           cleanupPackageLock = true;
         } catch {}
       }
@@ -207,13 +210,82 @@ const cdxgen = {
         await fs.promises.rm('./package-lock.json');
       } catch {}
     }
-    const fullOutputPath = path.join(process.cwd(), yargv.output);
+    const fullOutputPath = path.join(process$1.cwd(), yargv.output);
     if (fs.existsSync(fullOutputPath)) {
       console.log(colors.cyanBright(`${yargv.output} created!`));
     }
   }
 };
 
+const {
+  abortSignal: abortSignal$3
+} = constants;
+function shadowNpmInstall(opts) {
+  const {
+    flags = [],
+    ipc,
+    ...spawnOptions
+  } = {
+    __proto__: null,
+    ...opts
+  };
+  const useIpc = objects.isObject(ipc);
+  const useDebug = pathResolve.isDebug();
+  const promise = spawn(
+  // Lazily access constants.execPath.
+  constants.execPath, [
+  // Lazily access constants.rootBinPath.
+  path.join(constants.rootBinPath, 'npm-cli.js'), 'install',
+  // Even though the 'silent' flag is passed npm will still run through code
+  // paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund' flags
+  // are passed.
+  ...(useDebug ? ['--no-audit', '--no-fund'] : ['silent', '--no-audit', '--no-fund']), ...flags], {
+    signal: abortSignal$3,
+    // Set stdio to include 'ipc'.
+    // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
+    // and https://github.com/nodejs/node/blob/v23.6.0/lib/internal/child_process.js#L238.
+    stdio: useDebug ?
+    // 'inherit'
+    useIpc ? [0, 1, 2, 'ipc'] : 'inherit' :
+    // 'ignore'
+    useIpc ? ['ignore', 'ignore', 'ignore', 'ipc'] : 'ignore',
+    ...spawnOptions,
+    env: {
+      ...process$1.env,
+      ...spawnOptions.env
+    }
+  });
+  if (useIpc) {
+    promise.process.send(ipc);
+  }
+  return promise;
+}
+
+const {
+  SOCKET_CLI_FIX_PACKAGE_LOCK_FILE,
+  SOCKET_IPC_HANDSHAKE: SOCKET_IPC_HANDSHAKE$1
+} = constants;
+const fix = {
+  description: 'Fix "fixable" Socket alerts',
+  hidden: true,
+  async run() {
+    const spinner$1 = new spinner.Spinner().start();
+    try {
+      await shadowNpmInstall({
+        ipc: {
+          [SOCKET_IPC_HANDSHAKE$1]: {
+            [SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]: true
+          }
+        }
+      });
+    } catch (e) {
+      console.error(e);
+    } finally {
+      spinner$1.stop();
+    }
+  }
+};
+
 const commonFlags = {
   help: {
     type: 'boolean',
@@ -270,10 +342,10 @@ function handleUnsuccessfulApiResponse(_name, result, spinner) {
   const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
   if (result.status === 401 || result.status === 403) {
     spinner.stop();
-    throw new sdk.AuthError(message);
+    throw new socketUrl.AuthError(message);
   }
   spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
-  process.exit(1);
+  process$1.exit(1);
 }
 async function handleApiCall(value, description) {
   let result;
@@ -318,6 +390,46 @@ function pick(input, keys) {
   return result;
 }
 
+function getFlagListOutput(list, indent, {
+  keyPrefix = '--',
+  padName
+} = {}) {
+  return getHelpListOutput({
+    ...list
+  }, indent, {
+    keyPrefix,
+    padName
+  });
+}
+function getHelpListOutput(list, indent, {
+  keyPrefix = '',
+  padName = 18
+} = {}) {
+  let result = '';
+  const names = Object.keys(list).sort();
+  for (const name of names) {
+    const rawDescription = list[name];
+    const description = (typeof rawDescription === 'object' ? rawDescription.description : rawDescription) || '';
+    result += ''.padEnd(indent) + (keyPrefix + name).padEnd(padName) + description + '\n';
+  }
+  return result.trim();
+}
+
+function stringJoinWithSeparateFinalSeparator(list, separator = ' and ') {
+  const values = list.filter(Boolean);
+  const {
+    length
+  } = values;
+  if (!length) {
+    return '';
+  }
+  if (length === 1) {
+    return values[0];
+  }
+  const finalValue = values.pop();
+  return `${values.join(', ')}${separator}${finalValue}`;
+}
+
 const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
 function getDesiredSeverities(lowestToInclude) {
   const result = [];
@@ -336,7 +448,7 @@ function formatSeverityCount(severityCount) {
       summary.push(`${severityCount[severity]} ${severity}`);
     }
   }
-  return sdk.stringJoinWithSeparateFinalSeparator(summary);
+  return stringJoinWithSeparateFinalSeparator(summary);
 }
 function getSeverityCount(issues, lowestToInclude) {
   const severityCount = pick({
@@ -346,7 +458,9 @@ function getSeverityCount(issues, lowestToInclude) {
     critical: 0
   }, getDesiredSeverities(lowestToInclude));
   for (const issue of issues) {
-    const value = issue.value;
+    const {
+      value
+    } = issue;
     if (!value) {
       continue;
     }
@@ -357,34 +471,9 @@ function getSeverityCount(issues, lowestToInclude) {
   return severityCount;
 }
 
-function printFlagList(list, indent, {
-  keyPrefix = '--',
-  padName
-} = {}) {
-  return printHelpList({
-    ...list
-  }, indent, {
-    keyPrefix,
-    padName
-  });
-}
-function printHelpList(list, indent, {
-  keyPrefix = '',
-  padName = 18
-} = {}) {
-  let result = '';
-  const names = Object.keys(list).sort();
-  for (const name of names) {
-    const rawDescription = list[name];
-    const description = (typeof rawDescription === 'object' ? rawDescription.description : rawDescription) || '';
-    result += ''.padEnd(indent) + (keyPrefix + name).padEnd(padName) + description + '\n';
-  }
-  return result.trim();
-}
-
 const {
-  SOCKET_PUBLIC_API_KEY: SOCKET_PUBLIC_API_KEY$1
-} = constants;
+  NPM: NPM$4
+} = registryConstants;
 const info = {
   description: 'Look up info regarding a package',
   async run(argv, importMeta, {
@@ -394,15 +483,15 @@ const info = {
     const commandContext = setupCommand$m(name, info.description, argv, importMeta);
     if (commandContext) {
       const spinnerText = commandContext.pkgVersion === 'latest' ? `Looking up data for the latest version of ${commandContext.pkgName}` : `Looking up data for version ${commandContext.pkgVersion} of ${commandContext.pkgName}`;
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      const packageData = await fetchPackageData(commandContext.pkgName, commandContext.pkgVersion, commandContext, spinner);
+      const packageData = await fetchPackageData(commandContext.pkgName, commandContext.pkgVersion, commandContext, spinner$1);
       if (packageData) {
         formatPackageDataOutput(packageData, {
           name,
           ...commandContext
-        }, spinner);
+        }, spinner$1);
       }
     }
   }
@@ -421,7 +510,7 @@ function setupCommand$m(name, description, argv, importMeta) {
       $ ${name} <name>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} webtorrent
@@ -433,7 +522,7 @@ function setupCommand$m(name, description, argv, importMeta) {
     flags
   });
   if (cli.input.length > 1) {
-    throw new sdk.InputError('Only one package lookup supported at once');
+    throw new socketUrl.InputError('Only one package lookup supported at once');
   }
   const {
     0: rawPkgName = ''
@@ -461,7 +550,7 @@ function setupCommand$m(name, description, argv, importMeta) {
 async function fetchPackageData(pkgName, pkgVersion, {
   includeAllIssues
 }, spinner) {
-  const socketSdk = await sdk.setupSdk(sdk.getDefaultKey() ?? SOCKET_PUBLIC_API_KEY$1);
+  const socketSdk = await socketUrl.setupSdk(socketUrl.getPublicToken());
   const result = await handleApiCall(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), 'looking up package');
   const scoreResult = await handleApiCall(socketSdk.getScoreByNPMPackage(pkgName, pkgVersion), 'looking up package score');
   if (result.success === false) {
@@ -508,8 +597,8 @@ function formatPackageDataOutput({
     } else {
       spinner.success('Package has no issues');
     }
-    const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
-    const url = `https://socket.dev/npm/package/${pkgName}/overview/${pkgVersion}`;
+    const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
+    const url = socketUrl.getSocketDevPackageOverviewUrl(NPM$4, pkgName, pkgVersion);
     console.log('\n');
     if (pkgVersion === 'latest') {
       console.log(`Detailed info on socket.dev: ${format.hyperlink(`${pkgName}`, url, {
@@ -525,7 +614,7 @@ function formatPackageDataOutput({
     }
   }
   if (strict && objectSome(severityCount)) {
-    process.exit(1);
+    process$1.exit(1);
   }
 }
 function formatPackageIssuesDetails(packageData, outputMarkdown) {
@@ -546,9 +635,9 @@ function formatPackageIssuesDetails(packageData, outputMarkdown) {
     }
     return acc;
   }, {});
-  const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+  const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
   for (const issue of Object.keys(uniqueIssues)) {
-    const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, `https://socket.dev/npm/issue/${issue}`, {
+    const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, socketUrl.getSocketDevAlertUrl(issue), {
       fallbackToUrl: true
     });
     if (uniqueIssues[issue]?.count === 1) {
@@ -568,7 +657,7 @@ function formatScore(score) {
 }
 
 const {
-  SOCKET_PUBLIC_API_KEY
+  SOCKET_PUBLIC_API_TOKEN
 } = constants;
 const description$5 = 'Socket API login';
 const flags = {
@@ -597,7 +686,7 @@ const login = {
       Logs into the Socket API by prompting for an API key
 
       Options
-        ${printFlagList({
+        ${getFlagListOutput({
       'api-base-url': flags['apiBaseUrl'].description,
       'api-proxy': flags['apiProxy'].description
     }, 8)}
@@ -618,30 +707,30 @@ const login = {
       cli.showHelp();
       return;
     }
-    if (!vendor.isInteractive()) {
-      throw new sdk.InputError('Cannot prompt for credentials in a non-interactive shell');
+    if (!isInteractive()) {
+      throw new socketUrl.InputError('Cannot prompt for credentials in a non-interactive shell');
     }
-    const apiKey = (await prompts.password({
-      message: `Enter your ${vendor.terminalLink('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
-    })) || SOCKET_PUBLIC_API_KEY;
+    const apiToken = (await prompts.password({
+      message: `Enter your ${terminalLink('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
+    })) || SOCKET_PUBLIC_API_TOKEN;
     let apiBaseUrl = cli.flags['apiBaseUrl'];
-    apiBaseUrl ??= sdk.getSetting('apiBaseUrl') ?? undefined;
+    apiBaseUrl ??= socketUrl.getSetting('apiBaseUrl') ?? undefined;
     let apiProxy = cli.flags['apiProxy'];
-    apiProxy ??= sdk.getSetting('apiProxy') ?? undefined;
-    const spinner = yoctoSpinner({
+    apiProxy ??= socketUrl.getSetting('apiProxy') ?? undefined;
+    const spinner$1 = new spinner.Spinner({
       text: 'Verifying API key...'
     }).start();
     let orgs;
     try {
-      const sdk$1 = await sdk.setupSdk(apiKey, apiBaseUrl, apiProxy);
-      const result = await sdk$1.getOrganizations();
+      const sdk = await socketUrl.setupSdk(apiToken, apiBaseUrl, apiProxy);
+      const result = await sdk.getOrganizations();
       if (!result.success) {
-        throw new sdk.AuthError();
+        throw new socketUrl.AuthError();
       }
       orgs = result.data;
-      spinner.success('API key verified');
+      spinner$1.success('API key verified');
     } catch {
-      spinner.error('Invalid API key');
+      spinner$1.error('Invalid API key');
       return;
     }
     const enforcedChoices = Object.values(orgs.organizations).filter(nonNullish).filter(org => org.plan === 'enterprise').map(org => ({
@@ -673,12 +762,13 @@ const login = {
         }
       }
     }
-    sdk.updateSetting('enforcedOrgs', enforcedOrgs);
-    const oldKey = sdk.getSetting('apiKey');
-    sdk.updateSetting('apiKey', apiKey);
-    sdk.updateSetting('apiBaseUrl', apiBaseUrl);
-    sdk.updateSetting('apiProxy', apiProxy);
-    spinner.success(`API credentials ${oldKey ? 'updated' : 'set'}`);
+    socketUrl.updateSetting('enforcedOrgs', enforcedOrgs);
+    // TODO: Rename the 'apiKey' setting to 'apiToken'.
+    const oldToken = socketUrl.getSetting('apiKey');
+    socketUrl.updateSetting('apiKey', apiToken);
+    socketUrl.updateSetting('apiBaseUrl', apiBaseUrl);
+    socketUrl.updateSetting('apiProxy', apiProxy);
+    spinner$1.success(`API credentials ${oldToken ? 'updated' : 'set'}`);
   }
 };
 
@@ -710,11 +800,11 @@ const logout = {
       cli.showHelp();
       return;
     }
-    sdk.updateSetting('apiKey', null);
-    sdk.updateSetting('apiBaseUrl', null);
-    sdk.updateSetting('apiProxy', null);
-    sdk.updateSetting('enforcedOrgs', null);
-    yoctoSpinner().success('Successfully logged out');
+    socketUrl.updateSetting('apiKey', null);
+    socketUrl.updateSetting('apiBaseUrl', null);
+    socketUrl.updateSetting('apiProxy', null);
+    socketUrl.updateSetting('enforcedOrgs', null);
+    new spinner.Spinner().success('Successfully logged out');
   }
 };
 
@@ -749,7 +839,7 @@ function existsSync(filepath) {
   return false;
 }
 async function findUp(name, {
-  cwd = process.cwd()
+  cwd = process$1.cwd()
 }) {
   let dir = path.resolve(cwd);
   const {
@@ -791,6 +881,7 @@ const {
   NPM: NPM$2,
   PNPM: PNPM$1,
   VLT: VLT$1,
+  YARN,
   YARN_BERRY: YARN_BERRY$1,
   YARN_CLASSIC: YARN_CLASSIC$1
 } = constants;
@@ -801,10 +892,20 @@ const {
   numeric: true,
   sensitivity: 'base'
 });
+const binByAgent = {
+  __proto__: null,
+  [BUN$1]: BUN$1,
+  [NPM$2]: NPM$2,
+  [PNPM$1]: PNPM$1,
+  [YARN_BERRY$1]: YARN,
+  [YARN_CLASSIC$1]: YARN,
+  [VLT$1]: VLT$1
+};
 async function getAgentExecPath(agent) {
-  return (await which(agent, {
+  const binName = binByAgent[agent];
+  return (await which(binName, {
     nothrow: true
-  })) ?? agent;
+  })) ?? binName;
 }
 async function getAgentVersion(agentExecPath, cwd) {
   let result;
@@ -860,7 +961,7 @@ const readLockFileByAgent = (() => {
         const lockBuffer = await binaryReader(lockPath);
         if (lockBuffer) {
           try {
-            return hyrious__bun_lockb.parse(lockBuffer);
+            return index_cjs.parse(lockBuffer);
           } catch {}
         }
         // To print a Yarn lockfile to your console without writing it to disk
@@ -878,7 +979,7 @@ const readLockFileByAgent = (() => {
   };
 })();
 async function detect({
-  cwd = process.cwd(),
+  cwd = process$1.cwd(),
   onUnknown
 } = {}) {
   let lockPath = await findUp(Object.keys(LOCKS), {
@@ -985,25 +1086,25 @@ const {
   BUN,
   LOCK_EXT,
   NPM: NPM$1,
+  OVERRIDES,
   PNPM,
-  UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE,
+  RESOLUTIONS,
+  SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE,
+  SOCKET_IPC_HANDSHAKE,
   VLT,
   YARN_BERRY,
   YARN_CLASSIC,
-  abortSignal: abortSignal$2,
-  execPath,
-  rootBinPath
+  abortSignal: abortSignal$2
 } = constants;
 const COMMAND_TITLE = 'Socket Optimize';
-const OVERRIDES_FIELD_NAME = 'overrides';
 const NPM_OVERRIDE_PR_URL = 'https://github.com/npm/cli/pull/7025';
 const PNPM_FIELD_NAME = PNPM;
 const PNPM_WORKSPACE = `${PNPM}-workspace`;
-const RESOLUTIONS_FIELD_NAME = 'resolutions';
 const manifestNpmOverrides = registry.getManifestData(NPM$1);
 const getOverridesDataByAgent = {
+  __proto__: null,
   [BUN](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_BERRY,
       overrides
@@ -1012,7 +1113,7 @@ const getOverridesDataByAgent = {
   // npm overrides documentation:
   // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
   [NPM$1](pkgJson) {
-    const overrides = pkgJson?.overrides ?? {};
+    const overrides = pkgJson?.[OVERRIDES] ?? {};
     return {
       type: NPM$1,
       overrides
@@ -1021,14 +1122,14 @@ const getOverridesDataByAgent = {
   // pnpm overrides documentation:
   // https://pnpm.io/package_json#pnpmoverrides
   [PNPM](pkgJson) {
-    const overrides = pkgJson?.pnpm?.overrides ?? {};
+    const overrides = pkgJson?.pnpm?.[OVERRIDES] ?? {};
     return {
       type: PNPM,
       overrides
     };
   },
   [VLT](pkgJson) {
-    const overrides = pkgJson?.overrides ?? {};
+    const overrides = pkgJson?.[OVERRIDES] ?? {};
     return {
       type: VLT,
       overrides
@@ -1037,7 +1138,7 @@ const getOverridesDataByAgent = {
   // Yarn resolutions documentation:
   // https://yarnpkg.com/configuration/manifest#resolutions
   [YARN_BERRY](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_BERRY,
       overrides
@@ -1046,7 +1147,7 @@ const getOverridesDataByAgent = {
   // Yarn resolutions documentation:
   // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
   [YARN_CLASSIC](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_CLASSIC,
       overrides
@@ -1070,6 +1171,7 @@ const lockIncludesByAgent = (() => {
     `(?<=(?:^\\s*|,\\s*)"?)${escapedName}(?=@)`, 'm').test(lockSrc);
   }
   return {
+    __proto__: null,
     [BUN](lockSrc, name, lockBasename) {
       // This is a bit counterintuitive. When lockBasename ends with a .lockb
       // we treat it as a yarn.lock. When lockBasename ends with a .lock we
@@ -1133,7 +1235,7 @@ const updateManifestByAgent = (() => {
             [field]: undefined
           });
         }
-      } else if (field === OVERRIDES_FIELD_NAME || field === RESOLUTIONS_FIELD_NAME) {
+      } else if (field === OVERRIDES || field === RESOLUTIONS) {
         // Properties with undefined values are omitted when saved as JSON.
         editablePkgJson.update({
           [field]: objects.hasKeys(value) ? value : undefined
@@ -1145,7 +1247,7 @@ const updateManifestByAgent = (() => {
       }
       return;
     }
-    if ((field === OVERRIDES_FIELD_NAME || field === PNPM_FIELD_NAME || field === RESOLUTIONS_FIELD_NAME) && !objects.hasKeys(value)) {
+    if ((field === OVERRIDES || field === PNPM_FIELD_NAME || field === RESOLUTIONS) && !objects.hasKeys(value)) {
       return;
     }
     // Since the field doesn't exist we want to insert it into the package.json
@@ -1154,17 +1256,17 @@ const updateManifestByAgent = (() => {
     const entries = Object.entries(pkgJson);
     let insertIndex = -1;
     let isPlacingHigher = false;
-    if (field === OVERRIDES_FIELD_NAME) {
-      insertIndex = getLowestEntryIndex(entries, [RESOLUTIONS_FIELD_NAME]);
+    if (field === OVERRIDES) {
+      insertIndex = getLowestEntryIndex(entries, [RESOLUTIONS]);
       if (insertIndex === -1) {
         isPlacingHigher = true;
         insertIndex = getHighestEntryIndex(entries, [...depFields, PNPM]);
       }
-    } else if (field === RESOLUTIONS_FIELD_NAME) {
+    } else if (field === RESOLUTIONS) {
       isPlacingHigher = true;
-      insertIndex = getHighestEntryIndex(entries, [...depFields, OVERRIDES_FIELD_NAME, PNPM]);
+      insertIndex = getHighestEntryIndex(entries, [...depFields, OVERRIDES, PNPM]);
     } else if (field === PNPM_FIELD_NAME) {
-      insertIndex = getLowestEntryIndex(entries, [OVERRIDES_FIELD_NAME, RESOLUTIONS_FIELD_NAME]);
+      insertIndex = getLowestEntryIndex(entries, [OVERRIDES, RESOLUTIONS]);
       if (insertIndex === -1) {
         isPlacingHigher = true;
         insertIndex = getHighestEntryIndex(entries, depFields);
@@ -1186,12 +1288,13 @@ const updateManifestByAgent = (() => {
     editablePkgJson.fromJSON(`${JSON.stringify(Object.fromEntries(entries), null, 2)}\n`);
   }
   function updateOverrides(editablePkgJson, overrides) {
-    updatePkgJson(editablePkgJson, OVERRIDES_FIELD_NAME, overrides);
+    updatePkgJson(editablePkgJson, OVERRIDES, overrides);
   }
   function updateResolutions(editablePkgJson, overrides) {
-    updatePkgJson(editablePkgJson, RESOLUTIONS_FIELD_NAME, overrides);
+    updatePkgJson(editablePkgJson, RESOLUTIONS, overrides);
   }
   return {
+    __proto__: null,
     [BUN]: updateResolutions,
     [NPM$1]: updateOverrides,
     [PNPM](editablePkgJson, overrides) {
@@ -1253,6 +1356,7 @@ const lsByAgent = (() => {
     return cleanupQueryStdout(stdout);
   }
   return {
+    __proto__: null,
     async [BUN](agentExecPath, cwd) {
       try {
         // Bun does not support filtering by production packages yet.
@@ -1330,6 +1434,7 @@ const depsIncludesByAgent = (() => {
     return stdout.includes(`"${name}"`);
   }
   return {
+    __proto__: null,
     [BUN]: matchHumanStdout,
     [NPM$1]: matchQueryStdout,
     [PNPM]: matchQueryStdout,
@@ -1339,7 +1444,7 @@ const depsIncludesByAgent = (() => {
   };
 })();
 function createActionMessage(verb, overrideCount, workspaceCount) {
-  return `${verb} ${overrideCount} Socket.dev optimized overrides${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
+  return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
 }
 function getDependencyEntries(pkgJson) {
   const {
@@ -1512,7 +1617,7 @@ async function addOverrides({
           const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
           const depAlias = depAliasMap.get(origPkgName);
           const regSpecStartsLike = `${NPM$1}:${regPkgName}@`;
-          let newSpec = `${regSpecStartsLike}^${pin ? version : major}`;
+          let newSpec = `${regSpecStartsLike}${pin ? version : `^${major}`}`;
           let thisVersion = version;
           if (depAlias && type === NPM$1) {
             // With npm one may not set an override for a package that one directly
@@ -1529,7 +1634,7 @@ async function addOverrides({
               if (pin) {
                 thisVersion = semver.major(semver.coerce(npa(thisSpec).rawSpec)?.version ?? version) === major ? version : (await packages.fetchPackageManifest(thisSpec))?.version ?? version;
               }
-              newSpec = `${regSpecStartsLike}^${pin ? thisVersion : semver.major(thisVersion)}`;
+              newSpec = `${regSpecStartsLike}${pin ? thisVersion : `^${semver.major(thisVersion)}`}`;
             } else {
               newSpec = oldSpec;
             }
@@ -1597,7 +1702,7 @@ const optimize = {
       pin,
       prod
     } = commandContext;
-    const cwd = process.cwd();
+    const cwd = process$1.cwd();
     const {
       agent,
       agentExecPath,
@@ -1644,13 +1749,13 @@ const optimize = {
     if (lockPath && path.relative(cwd, lockPath).startsWith('.')) {
       console.warn(`⚠️ ${COMMAND_TITLE}: Package ${lockName} found at ${lockPath}`);
     }
-    const spinner = yoctoSpinner({
+    const spinner$1 = new spinner.Spinner({
       text: 'Socket optimizing...'
     });
     const state = createAddOverridesState({
-      spinner
+      spinner: spinner$1
     });
-    spinner.start();
+    spinner$1.start();
     const nodeRange = `>=${minimumNodeVersion}`;
     const manifestEntries = manifestNpmOverrides.filter(({
       1: data
@@ -1668,7 +1773,7 @@ const optimize = {
       prod,
       rootPath: pkgPath
     }, state);
-    spinner.stop();
+    spinner$1.stop();
     const addedCount = state.added.size;
     const updatedCount = state.updated.size;
     const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
@@ -1686,23 +1791,24 @@ const optimize = {
     if (isNpm || pkgJsonChanged) {
       // Always update package-lock.json until the npm overrides PR lands:
       // https://github.com/npm/cli/pull/7025
-      spinner.start(`Updating ${lockName}...`);
+      spinner$1.start(`Updating ${lockName}...`);
       try {
         if (isNpm) {
-          const wrapperPath = path.join(rootBinPath, 'npm-cli.js');
-          const npmSpawnOptions = {
-            signal: abortSignal$2,
-            stdio: 'ignore',
-            env: {
-              ...process.env,
-              [UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE]: '1'
+          const ipc = {
+            [SOCKET_IPC_HANDSHAKE]: {
+              [SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE]: true
             }
           };
-          await spawn(execPath, [wrapperPath, 'install', '--silent'], npmSpawnOptions);
+          await shadowNpmInstall({
+            ipc
+          });
           // TODO: This is a temporary workaround for a `npm ci` bug where it
           // will error out after Socket Optimize generates a lock file. More
           // investigation is needed.
-          await spawn(execPath, [wrapperPath, 'install', '--silent', '--ignore-scripts', '--package-lock-only'], npmSpawnOptions);
+          await shadowNpmInstall({
+            flags: ['--ignore-scripts', '--package-lock-only'],
+            ipc
+          });
         } else {
           // All package managers support the "install" command.
           await spawn(agentExecPath, ['install'], {
@@ -1710,12 +1816,13 @@ const optimize = {
             stdio: 'ignore'
           });
         }
-        spinner.stop();
+        spinner$1.stop();
         if (isNpm) {
           console.log(`💡 Re-run ${COMMAND_TITLE} whenever ${lockName} changes.\n   This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
         }
-      } catch {
-        spinner.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
+      } catch (e) {
+        spinner$1.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
+        console.error(e);
       }
     }
   }
@@ -1742,7 +1849,7 @@ function setupCommand$l(name, description, argv, importMeta) {
       $ ${name}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name}
@@ -1790,20 +1897,20 @@ function setupCommand$k(name, description, argv, importMeta) {
   });
 }
 async function fetchOrganizations() {
-  const apiKey = sdk.getDefaultKey();
+  const apiKey = socketUrl.getDefaultToken();
   if (!apiKey) {
-    throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+    throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
-  const spinner = yoctoSpinner({
+  const spinner$1 = new spinner.Spinner({
     text: 'Fetching organizations...'
   }).start();
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
   if (result.success === false) {
-    handleUnsuccessfulApiResponse('getOrganizations', result, spinner);
+    handleUnsuccessfulApiResponse('getOrganizations', result, spinner$1);
     return;
   }
-  spinner.stop(`List of organizations associated with your API key: ${colors.italic(apiKey)}`);
+  spinner$1.stop(`List of organizations associated with your API key: ${colors.italic(apiKey)}`);
   const organizations = Object.values(result.data.organizations);
   for (const o of organizations) {
     console.log(`
@@ -1837,7 +1944,7 @@ async function setupCommand$j(name, description, argv, importMeta) {
       $ ${name} <${binName$1} command>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} install
@@ -1862,7 +1969,7 @@ async function setupCommand$j(name, description, argv, importMeta) {
     // The exit code 127 indicates that the command or binary being executed
     // could not be found.
     console.error(`Socket unable to locate ${binName$1}; ensure it is available in the PATH environment variable.`);
-    process.exit(127);
+    process$1.exit(127);
   }
   const spawnPromise = spawn(binPath, argv, {
     signal: abortSignal$1,
@@ -1874,9 +1981,9 @@ async function setupCommand$j(name, description, argv, importMeta) {
       return;
     }
     if (signalName) {
-      process.kill(process.pid, signalName);
+      process$1.kill(process$1.pid, signalName);
     } else if (code !== null) {
-      process.exit(code);
+      process$1.exit(code);
     }
   });
   await spawnPromise;
@@ -1905,7 +2012,7 @@ async function setupCommand$i(name, description, argv, importMeta) {
       $ ${name} <${binName} command>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} install
@@ -1930,7 +2037,7 @@ async function setupCommand$i(name, description, argv, importMeta) {
     // The exit code 127 indicates that the command or binary being executed
     // could not be found.
     console.error(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`);
-    process.exit(127);
+    process$1.exit(127);
   }
   const spawnPromise = spawn(binPath, argv, {
     signal: abortSignal,
@@ -1942,9 +2049,9 @@ async function setupCommand$i(name, description, argv, importMeta) {
       return;
     }
     if (signalName) {
-      process.kill(process.pid, signalName);
+      process$1.kill(process$1.pid, signalName);
     } else if (code !== null) {
-      process.exit(code);
+      process$1.exit(code);
     }
   });
   await spawnPromise;
@@ -1980,7 +2087,7 @@ function setupCommand$h(name, description, argv, importMeta) {
       $ ${name} <report-identifier>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
@@ -2002,7 +2109,7 @@ function setupCommand$h(name, description, argv, importMeta) {
   }
   // Validate the input.
   if (extraInput.length) {
-    throw new sdk.InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`);
+    throw new socketUrl.InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`);
   }
   return {
     includeAllIssues: cli.flags['all'],
@@ -2018,8 +2125,8 @@ async function fetchReportData(reportId, {
   strict
 }) {
   // Do the API call
-  const socketSdk = await sdk.setupSdk();
-  const spinner = yoctoSpinner({
+  const socketSdk = await socketUrl.setupSdk();
+  const spinner$1 = new spinner.Spinner({
     text: `Fetching report with ID ${reportId} (this could take a while)`
   }).start();
   let result;
@@ -2034,23 +2141,23 @@ async function fetchReportData(reportId, {
     }
   }
   if (result.success === false) {
-    return handleUnsuccessfulApiResponse('getReport', result, spinner);
+    return handleUnsuccessfulApiResponse('getReport', result, spinner$1);
   }
 
   // Conclude the status of the API call
 
   if (strict) {
     if (result.data.healthy) {
-      spinner.success('Report result is healthy and great!');
+      spinner$1.success('Report result is healthy and great!');
     } else {
-      spinner.error('Report result deemed unhealthy for project');
+      spinner$1.error('Report result deemed unhealthy for project');
     }
   } else if (result.data.healthy === false) {
     const severityCount = getSeverityCount(result.data.issues, includeAllIssues ? undefined : 'high');
     const issueSummary = formatSeverityCount(severityCount);
-    spinner.success(`Report has these issues: ${issueSummary}`);
+    spinner$1.success(`Report has these issues: ${issueSummary}`);
   } else {
-    spinner.success('Report has no issues');
+    spinner$1.success('Report has no issues');
   }
   return result.data;
 }
@@ -2064,7 +2171,7 @@ function formatReportDataOutput(data, {
   if (outputJson) {
     console.log(JSON.stringify(data, undefined, 2));
   } else {
-    const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+    const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
     console.log('\nDetailed info on socket.dev: ' + format.hyperlink(reportId, data.url, {
       fallbackToUrl: true
     }));
@@ -2073,7 +2180,7 @@ function formatReportDataOutput(data, {
     }
   }
   if (strict && data.healthy === false) {
-    process.exit(1);
+    process$1.exit(1);
   }
 }
 
@@ -2088,7 +2195,6 @@ const create$2 = {
       const {
         config,
         cwd,
-        debugLog,
         dryRun,
         includeAllIssues,
         outputJson,
@@ -2100,7 +2206,6 @@ const create$2 = {
       const result = input && (await createReport(packagePaths, {
         config,
         cwd,
-        debugLog,
         dryRun
       }));
       if (result && view) {
@@ -2136,12 +2241,6 @@ async function setupCommand$g(name, description, argv, importMeta) {
     ...commonFlags,
     ...outputFlags,
     ...validationFlags,
-    debug: {
-      type: 'boolean',
-      shortFlag: 'd',
-      default: false,
-      description: 'Output debug information'
-    },
     dryRun: {
       type: 'boolean',
       default: false,
@@ -2168,9 +2267,8 @@ async function setupCommand$g(name, description, argv, importMeta) {
     default ignores from the "ignore-by-default" module.
 
     Options
-      ${printFlagList({
+      ${getFlagListOutput({
     all: 'Include all issues',
-    debug: 'Output debug information',
     'dry-run': 'Only output what will be done without actually doing it',
     json: 'Output result as json',
     markdown: 'Output result as markdown',
@@ -2200,10 +2298,9 @@ async function setupCommand$g(name, description, argv, importMeta) {
   const {
     dryRun
   } = cli.flags;
-  const debugLog = sdk.createDebugLogger(!dryRun || cli.flags['debug']);
 
   // TODO: Allow setting a custom cwd and/or configFile path?
-  const cwd = process.cwd();
+  const cwd = process$1.cwd();
   const absoluteConfigPath = path.join(cwd, 'socket.yml');
   const config$1 = await config.readSocketConfig(absoluteConfigPath).catch(cause => {
     if (cause && typeof cause === 'object' && cause instanceof config.SocketValidationError) {
@@ -2215,27 +2312,26 @@ async function setupCommand$g(name, description, argv, importMeta) {
         errors: cause.validationErrors,
         schema: cause.schema
       });
-      throw new sdk.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
+      throw new socketUrl.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
     } else {
       throw new ponyCause.ErrorWithCause('Failed to read socket.yml config', {
         cause
       });
     }
   });
-  const socketSdk = await sdk.setupSdk();
+  const socketSdk = await socketUrl.setupSdk();
   const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, yoctoSpinner());
+    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
     return res.data;
   }).catch(cause => {
     throw new ponyCause.ErrorWithCause('Failed getting supported files for report', {
       cause
     });
   });
-  const packagePaths = await pathResolve.getPackageFiles(cwd, cli.input, config$1, supportedFiles, debugLog);
+  const packagePaths = await pathResolve.getPackageFiles(cwd, cli.input, config$1, supportedFiles);
   return {
     config: config$1,
     cwd,
-    debugLog,
     dryRun,
     includeAllIssues: cli.flags['all'],
     outputJson: cli.flags['json'],
@@ -2248,24 +2344,23 @@ async function setupCommand$g(name, description, argv, importMeta) {
 async function createReport(packagePaths, {
   config,
   cwd,
-  debugLog,
   dryRun
 }) {
-  debugLog('Uploading:', packagePaths.join(`\n${sdk.logSymbols.info} Uploading: `));
+  pathResolve.debugLog('Uploading:', packagePaths.join(`\n${pathResolve.logSymbols.info} Uploading: `));
   if (dryRun) {
     return;
   }
-  const socketSdk = await sdk.setupSdk();
-  const spinner = yoctoSpinner({
+  const socketSdk = await socketUrl.setupSdk();
+  const spinner$1 = new spinner.Spinner({
     text: `Creating report with ${packagePaths.length} package files`
   }).start();
   const apiCall = socketSdk.createReportFromFilePaths(packagePaths, cwd, config?.issueRules);
   const result = await handleApiCall(apiCall, 'creating report');
   if (result.success) {
-    spinner.success();
+    spinner$1.success();
     return result;
   }
-  handleUnsuccessfulApiResponse('createReport', result, spinner);
+  handleUnsuccessfulApiResponse('createReport', result, spinner$1);
   return undefined;
 }
 function formatReportCreationOutput(data, {
@@ -2276,7 +2371,7 @@ function formatReportCreationOutput(data, {
     console.log(JSON.stringify(data, undefined, 2));
     return;
   }
-  const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+  const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
   console.log(`New report: ${format.hyperlink(data.id, data.url, {
     fallbackToUrl: true
   })}`);
@@ -2318,13 +2413,13 @@ async function meowWithSubcommands(subcommands, options) {
       $ ${name} <command>
 
     Commands
-      ${printHelpList({
-    ...objects.toSortedObject(subcommands),
-    ...objects.toSortedObject(aliases)
+      ${getHelpListOutput({
+    ...objects.toSortedObject(Object.fromEntries(Object.entries(subcommands).filter(entry => !entry[1].hidden))),
+    ...objects.toSortedObject(Object.fromEntries(Object.entries(aliases).filter(entry => !subcommands[entry[1]?.argv[0]]?.hidden)))
   }, 6)}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --help
@@ -2355,8 +2450,9 @@ const report = {
   }
 };
 
-const BASH_FILE = `${os.homedir()}/.bashrc`;
-const ZSH_BASH_FILE = `${os.homedir()}/.zshrc`;
+const HOME_DIR = os.homedir();
+const BASH_FILE = `${HOME_DIR}/.bashrc`;
+const ZSH_BASH_FILE = `${HOME_DIR}/.zshrc`;
 const wrapper = {
   description: 'Enable or disable the Socket npm/npx wrapper',
   async run(argv, importMeta, {
@@ -2372,7 +2468,7 @@ function setupCommand$f(name, description, argv, importMeta) {
       $ ${name} <flag>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --enable
@@ -2427,21 +2523,18 @@ function setupCommand$f(name, description, argv, importMeta) {
     console.error('There was an issue setting up the alias in your bash profile');
   }
 }
-const installSafeNpm = query => {
-  console.log(`
- _____         _       _
-|   __|___ ___| |_ ___| |_
-|__   | . |  _| '_| -_|  _|
-|_____|___|___|_,_|___|_|
-
+function addAlias(file) {
+  return fs.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
+    if (err) {
+      return new Error(`There was an error setting up the alias: ${err}`);
+    }
+    console.log(`
+The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
+If you want to disable it at any time, run \`socket wrapper --disable\`
 `);
-  const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout
   });
-  return askQuestion(rl, query);
-};
-const askQuestion = (rl, query) => {
+}
+function askQuestion(rl, query) {
   rl.question(query, ans => {
     if (ans.toLowerCase() === 'y') {
       try {
@@ -2461,19 +2554,31 @@ const askQuestion = (rl, query) => {
       rl.close();
     }
   });
-};
-const addAlias = file => {
-  return fs.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
-    if (err) {
-      return new Error(`There was an error setting up the alias: ${err}`);
-    }
-    console.log(`
-The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
-If you want to disable it at any time, run \`socket wrapper --disable\`
+}
+function checkSocketWrapperAlreadySetup(file) {
+  const fileContent = fs.readFileSync(file, 'utf8');
+  const linesWithSocketAlias = fileContent.split('\n').filter(l => l === 'alias npm="socket npm"' || l === 'alias npx="socket npx"');
+  if (linesWithSocketAlias.length) {
+    console.log(`The Socket npm/npx wrapper is set up in your bash profile (${file}).`);
+    return true;
+  }
+  return false;
+}
+function installSafeNpm(query) {
+  console.log(`
+ _____         _       _
+|   __|___ ___| |_ ___| |_
+|__   | . |  _| '_| -_|  _|
+|_____|___|___|_,_|___|_|
+
 `);
+  const rl = readline.createInterface({
+    input: process$1.stdin,
+    output: process$1.stdout
   });
-};
-const removeAlias = file => {
+  return askQuestion(rl, query);
+}
+function removeAlias(file) {
   return fs.readFile(file, 'utf8', function (err, data) {
     if (err) {
       console.error(`There was an error removing the alias: ${err}`);
@@ -2490,16 +2595,7 @@ const removeAlias = file => {
       }
     });
   });
-};
-const checkSocketWrapperAlreadySetup = file => {
-  const fileContent = fs.readFileSync(file, 'utf8');
-  const linesWithSocketAlias = fileContent.split('\n').filter(l => l === 'alias npm="socket npm"' || l === 'alias npx="socket npx"');
-  if (linesWithSocketAlias.length) {
-    console.log(`The Socket npm/npx wrapper is set up in your bash profile (${file}).`);
-    return true;
-  }
-  return false;
-};
+}
 
 const create$1 = {
   description: 'Create a scan',
@@ -2509,15 +2605,15 @@ const create$1 = {
     const name = `${parentName} create`;
     const input = await setupCommand$e(name, create$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Creating a scan... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await createFullScan(input, spinner, apiKey);
+      await createFullScan(input, spinner$1, apiKey);
     }
   }
 };
@@ -2588,7 +2684,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
       $ ${name} [...options]
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --org=FakeOrg --repo=test-repo --branch=main ./package.json
@@ -2609,10 +2705,10 @@ async function setupCommand$e(name, description, argv, importMeta) {
   const {
     0: orgSlug = ''
   } = cli.input;
-  const cwd = process.cwd();
-  const socketSdk = await sdk.setupSdk();
+  const cwd = process$1.cwd();
+  const socketSdk = await socketUrl.setupSdk();
   const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, yoctoSpinner());
+    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
     return res.data;
   }).catch(/** @type {(cause: Error) => never} */
   cause => {
@@ -2620,8 +2716,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
       cause
     });
   });
-  const debugLog = sdk.createDebugLogger(false);
-  const packagePaths = await pathResolve.getPackageFilesFullScans(cwd, cli.input, supportedFiles, debugLog);
+  const packagePaths = await pathResolve.getPackageFilesFullScans(cwd, cli.input, supportedFiles);
   const {
     branch: branchName,
     repo: repoName
@@ -2652,7 +2747,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
   };
 }
 async function createFullScan(input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const {
     branchName,
     commitMessage,
@@ -2697,15 +2792,15 @@ const del$1 = {
     const name = `${parentName} del`;
     const input = setupCommand$d(name, del$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Deleting scan...';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await deleteOrgFullScan(input.orgSlug, input.fullScanId, spinner, apiKey);
+      await deleteOrgFullScan(input.orgSlug, input.fullScanId, spinner$1, apiKey);
     }
   }
 };
@@ -2722,7 +2817,7 @@ function setupCommand$d(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan ID>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
@@ -2753,7 +2848,7 @@ function setupCommand$d(name, description, argv, importMeta) {
   };
 }
 async function deleteOrgFullScan(orgSlug, fullScanId, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
   if (result.success) {
     spinner.success('Scan deleted successfully');
@@ -2762,6 +2857,7 @@ async function deleteOrgFullScan(orgSlug, fullScanId, spinner, apiKey) {
   }
 }
 
+// @ts-ignore
 const list$1 = {
   description: 'List scans for an organization',
   async run(argv, importMeta, {
@@ -2770,15 +2866,15 @@ const list$1 = {
     const name = `${parentName} list`;
     const input = setupCommand$c(name, list$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Listing scans... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await listOrgFullScan(input.orgSlug, input, spinner, apiKey);
+      await listOrgFullScan(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -2834,7 +2930,7 @@ function setupCommand$c(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -2869,7 +2965,7 @@ function setupCommand$c(name, description, argv, importMeta) {
   };
 }
 async function listOrgFullScan(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgFullScanList(orgSlug, input), 'Listing scans');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgFullScanList', result, spinner);
@@ -2914,15 +3010,15 @@ const metadata = {
     const name = `${parentName} metadata`;
     const input = setupCommand$b(name, metadata.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = "Getting scan's metadata... \n";
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await getOrgScanMetadata(input.orgSlug, input.scanID, spinner, apiKey);
+      await getOrgScanMetadata(input.orgSlug, input.scanID, spinner$1, apiKey);
     }
   }
 };
@@ -2939,7 +3035,7 @@ function setupCommand$b(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan id>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
@@ -2970,7 +3066,7 @@ function setupCommand$b(name, description, argv, importMeta) {
   };
 }
 async function getOrgScanMetadata(orgSlug, scanId, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgFullScanMetadata(orgSlug, scanId), 'Listing scans');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result, spinner);
@@ -2988,18 +3084,18 @@ const stream = {
     const name = `${parentName} stream`;
     const input = setupCommand$a(name, stream.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Streaming scan...'
       }).start();
       const result = await getOrgFullScan(input.orgSlug, input.fullScanId, input.file, apiKey);
       if (result?.success) {
-        spinner.stop(input.file ? `Full scan details written to ${input.file}` : '');
+        spinner$1.stop(input.file ? `Full scan details written to ${input.file}` : '');
       } else {
-        handleUnsuccessfulApiResponse('getOrgFullScan', result, spinner);
+        handleUnsuccessfulApiResponse('getOrgFullScan', result, spinner$1);
       }
     }
   }
@@ -3017,7 +3113,7 @@ function setupCommand$a(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan ID> <path to output file>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0 ./stream.txt
@@ -3050,7 +3146,7 @@ function setupCommand$a(name, description, argv, importMeta) {
   };
 }
 async function getOrgFullScan(orgSlug, fullScanId, file, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   return await handleApiCall(socketSdk.getOrgFullScan(orgSlug, fullScanId, file), 'Streaming a scan');
 }
 
@@ -3083,14 +3179,14 @@ const auditLog = {
     const name = parentName + ' audit-log';
     const input = setupCommand$9(name, auditLog.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: `Looking up audit log for ${input.orgSlug}\n`
       }).start();
-      await fetchOrgAuditLog(input.orgSlug, input, spinner, apiKey);
+      await fetchOrgAuditLog(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3128,7 +3224,7 @@ function setupCommand$9(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3167,7 +3263,7 @@ function setupCommand$9(name, description, argv, importMeta) {
   };
 }
 async function fetchOrgAuditLog(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getAuditLogEvents(orgSlug, input), `Looking up audit log for ${orgSlug}\n`);
   if (!result.success) {
     handleUnsuccessfulApiResponse('getAuditLogEvents', result, spinner);
@@ -3207,15 +3303,15 @@ const create = {
     const name = `${parentName} create`;
     const input = setupCommand$8(name, create.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Creating repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await createRepo(input.orgSlug, input, spinner, apiKey);
+      await createRepo(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3265,7 +3361,7 @@ function setupCommand$8(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg --repoName=test-repo
@@ -3303,7 +3399,7 @@ function setupCommand$8(name, description, argv, importMeta) {
   };
 }
 async function createRepo(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.createOrgRepo(orgSlug, input), 'creating repository');
   if (result.success) {
     spinner.success('Repository created successfully');
@@ -3320,15 +3416,15 @@ const del = {
     const name = `${parentName} del`;
     const input = setupCommand$7(name, del.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Deleting repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await deleteRepository(input.orgSlug, input.repoName, spinner, apiKey);
+      await deleteRepository(input.orgSlug, input.repoName, spinner$1, apiKey);
     }
   }
 };
@@ -3366,7 +3462,7 @@ function setupCommand$7(name, description, argv, importMeta) {
   };
 }
 async function deleteRepository(orgSlug, repoName, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
   if (result.success) {
     spinner.success('Repository deleted successfully');
@@ -3375,6 +3471,7 @@ async function deleteRepository(orgSlug, repoName, spinner, apiKey) {
   }
 }
 
+// @ts-ignore
 const list = {
   description: 'List repositories in an organization',
   async run(argv, importMeta, {
@@ -3383,15 +3480,15 @@ const list = {
     const name = `${parentName} list`;
     const input = setupCommand$6(name, list.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Listing repositories... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await listOrgRepos(input.orgSlug, input, spinner, apiKey);
+      await listOrgRepos(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3434,7 +3531,7 @@ function setupCommand$6(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3467,7 +3564,7 @@ function setupCommand$6(name, description, argv, importMeta) {
   };
 }
 async function listOrgRepos(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgRepoList(orgSlug, input), 'listing repositories');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgRepoList', result, spinner);
@@ -3502,15 +3599,15 @@ const update = {
     const name = `${parentName} update`;
     const input = setupCommand$5(name, update.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Updating repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await updateRepository(input.orgSlug, input, spinner, apiKey);
+      await updateRepository(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3560,7 +3657,7 @@ function setupCommand$5(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3598,7 +3695,7 @@ function setupCommand$5(name, description, argv, importMeta) {
   };
 }
 async function updateRepository(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.updateOrgRepo(orgSlug, input.name, input), 'updating repository');
   if (result.success) {
     spinner.success('Repository updated successfully');
@@ -3607,6 +3704,7 @@ async function updateRepository(orgSlug, input, spinner, apiKey) {
   }
 }
 
+// @ts-ignore
 const view = {
   description: 'View repositories in an organization',
   async run(argv, importMeta, {
@@ -3615,15 +3713,15 @@ const view = {
     const name = `${parentName} view`;
     const input = setupCommand$4(name, view.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Fetching repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await viewRepository(input.orgSlug, input.repositoryName, spinner, apiKey);
+      await viewRepository(input.orgSlug, input.repositoryName, spinner$1, apiKey);
     }
   }
 };
@@ -3640,7 +3738,7 @@ function setupCommand$4(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3671,7 +3769,7 @@ function setupCommand$4(name, description, argv, importMeta) {
   };
 }
 async function viewRepository(orgSlug, repoName, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgRepo(orgSlug, repoName), 'fetching repository');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgRepo', result, spinner);
@@ -3725,6 +3823,7 @@ const repo = {
   }
 };
 
+// @ts-ignore
 const dependencies = {
   description: 'Search for any dependency that is being used in your organization',
   async run(argv, importMeta, {
@@ -3765,7 +3864,7 @@ function setupCommand$3(name, description, argv, importMeta) {
       $ ${name}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name}
@@ -3793,23 +3892,23 @@ async function searchDeps({
   offset,
   outputJson
 }) {
-  const apiKey = sdk.getDefaultKey();
+  const apiKey = socketUrl.getDefaultToken();
   if (!apiKey) {
-    throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+    throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
-  const spinner = yoctoSpinner({
+  const spinner$1 = new spinner.Spinner({
     text: 'Searching dependencies...'
   }).start();
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.searchDependencies({
     limit,
     offset
   }), 'Searching dependencies');
   if (!result.success) {
-    handleUnsuccessfulApiResponse('searchDependencies', result, spinner);
+    handleUnsuccessfulApiResponse('searchDependencies', result, spinner$1);
     return;
   }
-  spinner.stop('Organization dependencies:');
+  spinner$1.stop('Organization dependencies:');
   if (outputJson) {
     console.log(result.data);
     return;
@@ -3850,18 +3949,18 @@ const analytics = {
     const name = parentName + ' analytics';
     const input = setupCommand$2(name, analytics.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Fetching analytics data'
       }).start();
       if (input.scope === 'org') {
-        await fetchOrgAnalyticsData(input.time, spinner, apiKey, input.outputJson, input.file);
+        await fetchOrgAnalyticsData(input.time, spinner$1, apiKey, input.outputJson, input.file);
       } else {
         if (input.repo) {
-          await fetchRepoAnalyticsData(input.repo, input.time, spinner, apiKey, input.outputJson, input.file);
+          await fetchRepoAnalyticsData(input.repo, input.time, spinner$1, apiKey, input.outputJson, input.file);
         }
       }
     }
@@ -3907,7 +4006,7 @@ function setupCommand$2(name, description, argv, importMeta) {
       $ ${name} --scope=<scope> --time=<time filter>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --scope=org --time=7
@@ -3925,10 +4024,10 @@ function setupCommand$2(name, description, argv, importMeta) {
     time
   } = cli.flags;
   if (scope !== 'org' && scope !== 'repo') {
-    throw new sdk.InputError("The scope must either be 'org' or 'repo'");
+    throw new socketUrl.InputError("The scope must either be 'org' or 'repo'");
   }
   if (time !== 7 && time !== 30 && time !== 90) {
-    throw new sdk.InputError('The time filter must either be 7, 30 or 90');
+    throw new socketUrl.InputError('The time filter must either be 7, 30 or 90');
   }
   let showHelp = cli.flags['help'];
   if (scope === 'repo' && !repo) {
@@ -3949,7 +4048,7 @@ function setupCommand$2(name, description, argv, importMeta) {
 }
 const METRICS = ['total_critical_alerts', 'total_high_alerts', 'total_medium_alerts', 'total_low_alerts', 'total_critical_added', 'total_medium_added', 'total_low_added', 'total_high_added', 'total_critical_prevented', 'total_high_prevented', 'total_medium_prevented', 'total_low_prevented'];
 async function fetchOrgAnalyticsData(time, spinner, apiKey, outputJson, filePath) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgAnalytics(time.toString()), 'fetching analytics data');
   if (result.success === false) {
     return handleUnsuccessfulApiResponse('getOrgAnalytics', result, spinner);
@@ -4062,7 +4161,7 @@ const formatData = (data, scope) => {
   };
 };
 async function fetchRepoAnalyticsData(repo, time, spinner, apiKey, outputJson, filePath) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getRepoAnalytics(repo, time.toString()), 'fetching analytics data');
   if (result.success === false) {
     return handleUnsuccessfulApiResponse('getRepoAnalytics', result, spinner);
@@ -4150,15 +4249,15 @@ const get = {
     const name = `${parentName} get`;
     const input = setupCommand$1(name, get.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Getting diff scan... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await getDiffScan(input, spinner, apiKey);
+      await getDiffScan(input, spinner$1, apiKey);
     }
   }
 };
@@ -4202,7 +4301,7 @@ function setupCommand$1(name, description, argv, importMeta) {
       $ ${name} <org slug> --before=<before> --after=<after>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeCorp --before=aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 --after=aaa1aa1a-aaaa-1111-1a1a-1111111a11a1
@@ -4293,7 +4392,6 @@ const diffScan = {
   }
 };
 
-// @ts-ignore
 const threatFeed = {
   description: 'Look up the threat feed',
   async run(argv, importMeta, {
@@ -4302,14 +4400,14 @@ const threatFeed = {
     const name = `${parentName} threat-feed`;
     const input = setupCommand(name, threatFeed.description, argv, importMeta);
     {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Looking up the threat feed'
       }).start();
-      await fetchThreatFeed(input, spinner, apiKey);
+      await fetchThreatFeed(input, spinner$1, apiKey);
     }
   }
 };
@@ -4353,7 +4451,7 @@ function setupCommand(name, description, argv, importMeta) {
       $ ${name}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name}
@@ -4429,7 +4527,7 @@ async function fetchThreatFeed({
     data: formattedOutput
   });
   screen.render();
-  screen.key(['escape', 'q', 'C-c'], () => process.exit(0));
+  screen.key(['escape', 'q', 'C-c'], () => process$1.exit(0));
 }
 const formatResults = data => {
   return data.map(d => {
@@ -4454,6 +4552,7 @@ var cliCommands = {
   cdxgen: cdxgen,
   dependencies: dependencies,
   diffScan: diffScan,
+  fix: fix,
   info: info,
   login: login,
   logout: logout,
@@ -4497,7 +4596,7 @@ void (async () => {
           argv: ['report', 'create', '--view', '--strict']
         }
       },
-      argv: process.argv.slice(2),
+      argv: process$1.argv.slice(2),
       name: 'socket',
       importMeta: {
         url: `${require$$0.pathToFileURL(__filename)}`
@@ -4507,10 +4606,10 @@ void (async () => {
     let errorBody;
     let errorTitle;
     let errorMessage = '';
-    if (err instanceof sdk.AuthError) {
+    if (err instanceof socketUrl.AuthError) {
       errorTitle = 'Authentication error';
       errorMessage = err.message;
-    } else if (err instanceof sdk.InputError) {
+    } else if (err instanceof socketUrl.InputError) {
       errorTitle = 'Invalid input';
       errorMessage = err.message;
       errorBody = err.body;
@@ -4521,10 +4620,10 @@ void (async () => {
     } else {
       errorTitle = 'Unexpected error with no details';
     }
-    console.error(`${sdk.logSymbols.error} ${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
+    console.error(`${pathResolve.logSymbols.error} ${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
     if (errorBody) {
       console.error(`\n${errorBody}`);
     }
-    process.exit(1);
+    process$1.exit(1);
   }
 })();