@socketsecurity/cli 0.14.39 → 0.14.41

package/dist/module-sync/cli.js

@@ -10,6 +10,7 @@ function _socketInterop(e) {
   return c ? e.default : e
 }
 
+var process$1 = require('node:process');
 var node_url = require('node:url');
 var ponyCause = _socketInterop(require('pony-cause'));
 var updateNotifier = _socketInterop(require('tiny-updater'));
@@ -20,45 +21,46 @@ var yargsParse = _socketInterop(require('yargs-parser'));
 var npm$1 = require('@socketsecurity/registry/lib/npm');
 var words = require('@socketsecurity/registry/lib/words');
 var constants = require('./constants.js');
+var spinner = require('@socketsecurity/registry/lib/spinner');
+var spawn = _socketInterop(require('@npmcli/promise-spawn'));
+var objects = require('@socketsecurity/registry/lib/objects');
+var pathResolve = require('./path-resolve.js');
 var meow = _socketInterop(require('meow'));
-var yoctoSpinner = require('@socketregistry/yocto-spinner');
-var sdk = require('./sdk.js');
-var prompts = require('@socketsecurity/registry/lib/prompts');
-var isInteractive = _socketInterop(require('is-interactive'));
+var registryConstants = require('@socketsecurity/registry/lib/constants');
+var socketUrl = require('./socket-url.js');
 var terminalLink = _socketInterop(require('terminal-link'));
-var fs$1 = require('node:fs/promises');
-var spawn = _socketInterop(require('@npmcli/promise-spawn'));
+var isInteractive = require('@socketregistry/is-interactive/index.cjs');
+var prompts = require('@socketsecurity/registry/lib/prompts');
 var npa = _socketInterop(require('npm-package-arg'));
 var semver = _socketInterop(require('semver'));
 var tinyglobby = _socketInterop(require('tinyglobby'));
 var yaml = _socketInterop(require('yaml'));
 var registry = require('@socketsecurity/registry');
-var objects = require('@socketsecurity/registry/lib/objects');
 var packages = require('@socketsecurity/registry/lib/packages');
 var promises = require('@socketsecurity/registry/lib/promises');
 var regexps = require('@socketsecurity/registry/lib/regexps');
 var strings = require('@socketsecurity/registry/lib/strings');
 var browserslist = _socketInterop(require('browserslist'));
 var which = _socketInterop(require('which'));
-var hyrious__bun_lockb = require('@socketregistry/hyrious__bun.lockb');
-var pathResolve = require('./path-resolve.js');
+var index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs');
+var sorts = require('@socketsecurity/registry/lib/sorts');
 var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
 var config = require('@socketsecurity/config');
-var homedir = require('node:os');
+var os = require('node:os');
 var readline = require('node:readline');
-var node_process = require('node:process');
 var readline$1 = require('node:readline/promises');
 var open = _socketInterop(require('open'));
 var chalkTable = _socketInterop(require('chalk-table'));
+var fs$1 = require('node:fs/promises');
 var ScreenWidget = _socketInterop(require('blessed/lib/widgets/screen'));
-var BarChart = _socketInterop(require('blessed-contrib/lib/widget/charts/bar'));
 var GridLayout = _socketInterop(require('blessed-contrib/lib/layout/grid'));
+var BarChart = _socketInterop(require('blessed-contrib/lib/widget/charts/bar'));
 var LineChart = _socketInterop(require('blessed-contrib/lib/widget/charts/line'));
 var util = require('node:util');
 var TableWidget = _socketInterop(require('blessed-contrib/lib/widget/table'));
 
 const {
-  NPM: NPM$4,
+  NPM: NPM$5,
   PNPM: PNPM$2,
   cdxgenBinPath,
   synpBinPath
@@ -69,10 +71,10 @@ const {
   SBOM_SIGN_PRIVATE_KEY,
   // Location to the RSA private key
   SBOM_SIGN_PUBLIC_KEY // Optional. Location to the RSA public key
-} = process.env;
+} = process$1.env;
 const toLower = arg => arg.toLowerCase();
 const arrayToLower = arg => arg.map(toLower);
-const nodejsPlatformTypes = new Set(['javascript', 'js', 'nodejs', NPM$4, PNPM$2, 'ts', 'tsx', 'typescript']);
+const nodejsPlatformTypes = new Set(['javascript', 'js', 'nodejs', NPM$5, PNPM$2, 'ts', 'tsx', 'typescript']);
 const yargsConfig = {
   configuration: {
     'camel-case-expansion': false,
@@ -176,20 +178,20 @@ const cdxgen = {
       length: unknownLength
     } = unknown;
     if (unknownLength) {
+      process$1.exitCode = 1;
       console.error(`Unknown ${words.pluralize('argument', unknownLength)}: ${yargv._.join(', ')}`);
-      process.exitCode = 1;
       return;
     }
     let cleanupPackageLock = false;
     if (yargv.type !== 'yarn' && nodejsPlatformTypes.has(yargv.type) && fs.existsSync('./yarn.lock')) {
       if (fs.existsSync('./package-lock.json')) {
-        yargv.type = NPM$4;
+        yargv.type = NPM$5;
       } else {
         // Use synp to create a package-lock.json from the yarn.lock,
         // based on the node_modules folder, for a more accurate SBOM.
         try {
           await npm$1.runBin(await fs.promises.realpath(synpBinPath), ['--source-file', './yarn.lock']);
-          yargv.type = NPM$4;
+          yargv.type = NPM$5;
           cleanupPackageLock = true;
         } catch {}
       }
@@ -211,13 +213,82 @@ const cdxgen = {
         await fs.promises.rm('./package-lock.json');
       } catch {}
     }
-    const fullOutputPath = path.join(process.cwd(), yargv.output);
+    const fullOutputPath = path.join(process$1.cwd(), yargv.output);
     if (fs.existsSync(fullOutputPath)) {
       console.log(colors.cyanBright(`${yargv.output} created!`));
     }
   }
 };
 
+const {
+  abortSignal: abortSignal$3
+} = constants;
+function shadowNpmInstall(opts) {
+  const {
+    flags = [],
+    ipc,
+    ...spawnOptions
+  } = {
+    __proto__: null,
+    ...opts
+  };
+  const useIpc = objects.isObject(ipc);
+  const useDebug = pathResolve.isDebug();
+  const promise = spawn(
+  // Lazily access constants.execPath.
+  constants.execPath, [
+  // Lazily access constants.rootBinPath.
+  path.join(constants.rootBinPath, 'npm-cli.js'), 'install',
+  // Even though the '--silent' flag is passed npm will still run through
+  // code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'
+  // flags are passed.
+  ...(useDebug ? ['--no-audit', '--no-fund'] : ['--silent', '--no-audit', '--no-fund']), ...flags], {
+    signal: abortSignal$3,
+    // Set stdio to include 'ipc'.
+    // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
+    // and https://github.com/nodejs/node/blob/v23.6.0/lib/internal/child_process.js#L238.
+    stdio: useDebug ?
+    // 'inherit'
+    useIpc ? [0, 1, 2, 'ipc'] : 'inherit' :
+    // 'ignore'
+    useIpc ? ['ignore', 'ignore', 'ignore', 'ipc'] : 'ignore',
+    ...spawnOptions,
+    env: {
+      ...process$1.env,
+      ...spawnOptions.env
+    }
+  });
+  if (useIpc) {
+    promise.process.send(ipc);
+  }
+  return promise;
+}
+
+const {
+  SOCKET_CLI_FIX_PACKAGE_LOCK_FILE,
+  SOCKET_IPC_HANDSHAKE: SOCKET_IPC_HANDSHAKE$1
+} = constants;
+const fix = {
+  description: 'Fix "fixable" Socket alerts',
+  hidden: true,
+  async run() {
+    const spinner$1 = new spinner.Spinner().start();
+    try {
+      await shadowNpmInstall({
+        ipc: {
+          [SOCKET_IPC_HANDSHAKE$1]: {
+            [SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]: true
+          }
+        }
+      });
+    } catch (e) {
+      console.error(e);
+    } finally {
+      spinner$1.stop();
+    }
+  }
+};
+
 const commonFlags = {
   help: {
     type: 'boolean',
@@ -265,47 +336,6 @@ const validationFlags = {
   }
 };
 
-const {
-  API_V0_URL
-} = constants;
-function handleUnsuccessfulApiResponse(_name, result, spinner) {
-  // SocketSdkErrorType['error'] is not typed.
-  const resultErrorMessage = result.error?.message;
-  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
-  if (result.status === 401 || result.status === 403) {
-    spinner.stop();
-    throw new sdk.AuthError(message);
-  }
-  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
-  process.exit(1);
-}
-async function handleApiCall(value, description) {
-  let result;
-  try {
-    result = await value;
-  } catch (cause) {
-    throw new ponyCause.ErrorWithCause(`Failed ${description}`, {
-      cause
-    });
-  }
-  return result;
-}
-async function handleAPIError(code) {
-  if (code === 400) {
-    return 'One of the options passed might be incorrect.';
-  } else if (code === 403) {
-    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
-  }
-}
-async function queryAPI(path, apiKey) {
-  return await fetch(`${API_V0_URL}/${path}`, {
-    method: 'GET',
-    headers: {
-      Authorization: `Basic ${btoa(`${apiKey}:${apiKey}`)}`
-    }
-  });
-}
-
 function objectSome(obj) {
   for (const key in obj) {
     if (obj[key]) {
@@ -322,6 +352,22 @@ function pick(input, keys) {
   return result;
 }
 
+function stringJoinWithSeparateFinalSeparator(list, separator = ' and ') {
+  const values = list.filter(Boolean);
+  const {
+    length
+  } = values;
+  if (!length) {
+    return '';
+  }
+  if (length === 1) {
+    return values[0];
+  }
+  const finalValue = values.pop();
+  return `${values.join(', ')}${separator}${finalValue}`;
+}
+
+// Ordered from most severe to least.
 const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
 function getDesiredSeverities(lowestToInclude) {
   const result = [];
@@ -340,7 +386,7 @@ function formatSeverityCount(severityCount) {
       summary.push(`${severityCount[severity]} ${severity}`);
     }
   }
-  return sdk.stringJoinWithSeparateFinalSeparator(summary);
+  return stringJoinWithSeparateFinalSeparator(summary);
 }
 function getSeverityCount(issues, lowestToInclude) {
   const severityCount = pick({
@@ -350,7 +396,9 @@ function getSeverityCount(issues, lowestToInclude) {
     critical: 0
   }, getDesiredSeverities(lowestToInclude));
   for (const issue of issues) {
-    const value = issue.value;
+    const {
+      value
+    } = issue;
     if (!value) {
       continue;
     }
@@ -361,18 +409,59 @@ function getSeverityCount(issues, lowestToInclude) {
   return severityCount;
 }
 
-function printFlagList(list, indent, {
+const {
+  API_V0_URL
+} = constants;
+function handleUnsuccessfulApiResponse(_name, result, spinner) {
+  // SocketSdkErrorType['error'] is not typed.
+  const resultErrorMessage = result.error?.message;
+  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
+  if (result.status === 401 || result.status === 403) {
+    spinner.stop();
+    throw new socketUrl.AuthError(message);
+  }
+  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
+  process$1.exit(1);
+}
+async function handleApiCall(value, description) {
+  let result;
+  try {
+    result = await value;
+  } catch (cause) {
+    throw new ponyCause.ErrorWithCause(`Failed ${description}`, {
+      cause
+    });
+  }
+  return result;
+}
+async function handleAPIError(code) {
+  if (code === 400) {
+    return 'One of the options passed might be incorrect.';
+  } else if (code === 403) {
+    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
+  }
+}
+async function queryAPI(path, apiKey) {
+  return await fetch(`${API_V0_URL}/${path}`, {
+    method: 'GET',
+    headers: {
+      Authorization: `Basic ${btoa(`${apiKey}:${apiKey}`)}`
+    }
+  });
+}
+
+function getFlagListOutput(list, indent, {
   keyPrefix = '--',
   padName
 } = {}) {
-  return printHelpList({
+  return getHelpListOutput({
     ...list
   }, indent, {
     keyPrefix,
     padName
   });
 }
-function printHelpList(list, indent, {
+function getHelpListOutput(list, indent, {
   keyPrefix = '',
   padName = 18
 } = {}) {
@@ -387,8 +476,8 @@ function printHelpList(list, indent, {
 }
 
 const {
-  SOCKET_PUBLIC_API_KEY: SOCKET_PUBLIC_API_KEY$1
-} = constants;
+  NPM: NPM$4
+} = registryConstants;
 const info = {
   description: 'Look up info regarding a package',
   async run(argv, importMeta, {
@@ -398,15 +487,15 @@ const info = {
     const commandContext = setupCommand$m(name, info.description, argv, importMeta);
     if (commandContext) {
       const spinnerText = commandContext.pkgVersion === 'latest' ? `Looking up data for the latest version of ${commandContext.pkgName}` : `Looking up data for version ${commandContext.pkgVersion} of ${commandContext.pkgName}`;
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      const packageData = await fetchPackageData(commandContext.pkgName, commandContext.pkgVersion, commandContext, spinner);
+      const packageData = await fetchPackageData(commandContext.pkgName, commandContext.pkgVersion, commandContext, spinner$1);
       if (packageData) {
         formatPackageDataOutput(packageData, {
           name,
           ...commandContext
-        }, spinner);
+        }, spinner$1);
       }
     }
   }
@@ -425,7 +514,7 @@ function setupCommand$m(name, description, argv, importMeta) {
       $ ${name} <name>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} webtorrent
@@ -437,7 +526,7 @@ function setupCommand$m(name, description, argv, importMeta) {
     flags
   });
   if (cli.input.length > 1) {
-    throw new sdk.InputError('Only one package lookup supported at once');
+    throw new socketUrl.InputError('Only one package lookup supported at once');
   }
   const {
     0: rawPkgName = ''
@@ -465,7 +554,7 @@ function setupCommand$m(name, description, argv, importMeta) {
 async function fetchPackageData(pkgName, pkgVersion, {
   includeAllIssues
 }, spinner) {
-  const socketSdk = await sdk.setupSdk(sdk.getDefaultKey() ?? SOCKET_PUBLIC_API_KEY$1);
+  const socketSdk = await socketUrl.setupSdk(socketUrl.getPublicToken());
   const result = await handleApiCall(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), 'looking up package');
   const scoreResult = await handleApiCall(socketSdk.getScoreByNPMPackage(pkgName, pkgVersion), 'looking up package score');
   if (result.success === false) {
@@ -512,8 +601,8 @@ function formatPackageDataOutput({
     } else {
       spinner.success('Package has no issues');
     }
-    const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
-    const url = `https://socket.dev/npm/package/${pkgName}/overview/${pkgVersion}`;
+    const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
+    const url = socketUrl.getSocketDevPackageOverviewUrl(NPM$4, pkgName, pkgVersion);
     console.log('\n');
     if (pkgVersion === 'latest') {
       console.log(`Detailed info on socket.dev: ${format.hyperlink(`${pkgName}`, url, {
@@ -529,7 +618,7 @@ function formatPackageDataOutput({
     }
   }
   if (strict && objectSome(severityCount)) {
-    process.exit(1);
+    process$1.exit(1);
   }
 }
 function formatPackageIssuesDetails(packageData, outputMarkdown) {
@@ -550,9 +639,9 @@ function formatPackageIssuesDetails(packageData, outputMarkdown) {
     }
     return acc;
   }, {});
-  const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+  const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
   for (const issue of Object.keys(uniqueIssues)) {
-    const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, `https://socket.dev/npm/issue/${issue}`, {
+    const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, socketUrl.getSocketDevAlertUrl(issue), {
       fallbackToUrl: true
     });
     if (uniqueIssues[issue]?.count === 1) {
@@ -572,7 +661,7 @@ function formatScore(score) {
 }
 
 const {
-  SOCKET_PUBLIC_API_KEY
+  SOCKET_PUBLIC_API_TOKEN
 } = constants;
 const description$5 = 'Socket API login';
 const flags = {
@@ -601,7 +690,7 @@ const login = {
       Logs into the Socket API by prompting for an API key
 
       Options
-        ${printFlagList({
+        ${getFlagListOutput({
       'api-base-url': flags['apiBaseUrl'].description,
       'api-proxy': flags['apiProxy'].description
     }, 8)}
@@ -623,29 +712,29 @@ const login = {
       return;
     }
     if (!isInteractive()) {
-      throw new sdk.InputError('Cannot prompt for credentials in a non-interactive shell');
+      throw new socketUrl.InputError('Cannot prompt for credentials in a non-interactive shell');
     }
-    const apiKey = (await prompts.password({
+    const apiToken = (await prompts.password({
       message: `Enter your ${terminalLink('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
-    })) || SOCKET_PUBLIC_API_KEY;
+    })) || SOCKET_PUBLIC_API_TOKEN;
     let apiBaseUrl = cli.flags['apiBaseUrl'];
-    apiBaseUrl ??= sdk.getSetting('apiBaseUrl') ?? undefined;
+    apiBaseUrl ??= socketUrl.getSetting('apiBaseUrl') ?? undefined;
     let apiProxy = cli.flags['apiProxy'];
-    apiProxy ??= sdk.getSetting('apiProxy') ?? undefined;
-    const spinner = yoctoSpinner({
+    apiProxy ??= socketUrl.getSetting('apiProxy') ?? undefined;
+    const spinner$1 = new spinner.Spinner({
       text: 'Verifying API key...'
     }).start();
     let orgs;
     try {
-      const sdk$1 = await sdk.setupSdk(apiKey, apiBaseUrl, apiProxy);
-      const result = await sdk$1.getOrganizations();
+      const sdk = await socketUrl.setupSdk(apiToken, apiBaseUrl, apiProxy);
+      const result = await sdk.getOrganizations();
       if (!result.success) {
-        throw new sdk.AuthError();
+        throw new socketUrl.AuthError();
       }
       orgs = result.data;
-      spinner.success('API key verified');
+      spinner$1.success('API key verified');
     } catch {
-      spinner.error('Invalid API key');
+      spinner$1.error('Invalid API key');
       return;
     }
     const enforcedChoices = Object.values(orgs.organizations).filter(nonNullish).filter(org => org.plan === 'enterprise').map(org => ({
@@ -677,12 +766,13 @@ const login = {
         }
       }
     }
-    sdk.updateSetting('enforcedOrgs', enforcedOrgs);
-    const oldKey = sdk.getSetting('apiKey');
-    sdk.updateSetting('apiKey', apiKey);
-    sdk.updateSetting('apiBaseUrl', apiBaseUrl);
-    sdk.updateSetting('apiProxy', apiProxy);
-    spinner.success(`API credentials ${oldKey ? 'updated' : 'set'}`);
+    socketUrl.updateSetting('enforcedOrgs', enforcedOrgs);
+    // TODO: Rename the 'apiKey' setting to 'apiToken'.
+    const oldToken = socketUrl.getSetting('apiKey');
+    socketUrl.updateSetting('apiKey', apiToken);
+    socketUrl.updateSetting('apiBaseUrl', apiBaseUrl);
+    socketUrl.updateSetting('apiProxy', apiProxy);
+    spinner$1.success(`API credentials ${oldToken ? 'updated' : 'set'}`);
   }
 };
 
@@ -714,11 +804,11 @@ const logout = {
       cli.showHelp();
       return;
     }
-    sdk.updateSetting('apiKey', null);
-    sdk.updateSetting('apiBaseUrl', null);
-    sdk.updateSetting('apiProxy', null);
-    sdk.updateSetting('enforcedOrgs', null);
-    yoctoSpinner().success('Successfully logged out');
+    socketUrl.updateSetting('apiKey', null);
+    socketUrl.updateSetting('apiBaseUrl', null);
+    socketUrl.updateSetting('apiProxy', null);
+    socketUrl.updateSetting('enforcedOrgs', null);
+    new spinner.Spinner().success('Successfully logged out');
   }
 };
 
@@ -746,48 +836,6 @@ const npx = {
   }
 };
 
-function existsSync(filepath) {
-  try {
-    return filepath ? fs.existsSync(filepath) : false;
-  } catch {}
-  return false;
-}
-async function findUp(name, {
-  cwd = process.cwd()
-}) {
-  let dir = path.resolve(cwd);
-  const {
-    root
-  } = path.parse(dir);
-  const names = [name].flat();
-  while (dir && dir !== root) {
-    for (const name of names) {
-      const filePath = path.join(dir, name);
-      try {
-        // eslint-disable-next-line no-await-in-loop
-        const stats = await fs.promises.stat(filePath);
-        if (stats.isFile()) {
-          return filePath;
-        }
-      } catch {}
-    }
-    dir = path.dirname(dir);
-  }
-  return undefined;
-}
-async function readFileBinary(filepath, options) {
-  return await fs.promises.readFile(filepath, {
-    ...options,
-    encoding: 'binary'
-  });
-}
-async function readFileUtf8(filepath, options) {
-  return await fs.promises.readFile(filepath, {
-    ...options,
-    encoding: 'utf8'
-  });
-}
-
 const {
   BINARY_LOCK_EXT,
   BUN: BUN$1,
@@ -795,20 +843,25 @@ const {
   NPM: NPM$2,
   PNPM: PNPM$1,
   VLT: VLT$1,
+  YARN,
   YARN_BERRY: YARN_BERRY$1,
   YARN_CLASSIC: YARN_CLASSIC$1
 } = constants;
 const AGENTS = [BUN$1, NPM$2, PNPM$1, YARN_BERRY$1, YARN_CLASSIC$1, VLT$1];
-const {
-  compare: alphanumericComparator
-} = new Intl.Collator(undefined, {
-  numeric: true,
-  sensitivity: 'base'
-});
+const binByAgent = {
+  __proto__: null,
+  [BUN$1]: BUN$1,
+  [NPM$2]: NPM$2,
+  [PNPM$1]: PNPM$1,
+  [YARN_BERRY$1]: YARN,
+  [YARN_CLASSIC$1]: YARN,
+  [VLT$1]: VLT$1
+};
 async function getAgentExecPath(agent) {
-  return (await which(agent, {
+  const binName = binByAgent[agent];
+  return (await which(binName, {
     nothrow: true
-  })) ?? agent;
+  })) ?? binName;
 }
 async function getAgentVersion(agentExecPath, cwd) {
   let result;
@@ -852,8 +905,8 @@ const readLockFileByAgent = (() => {
       return undefined;
     };
   }
-  const binaryReader = wrapReader(readFileBinary);
-  const defaultReader = wrapReader(async lockPath => await readFileUtf8(lockPath));
+  const binaryReader = wrapReader(socketUrl.readFileBinary);
+  const defaultReader = wrapReader(async lockPath => await socketUrl.readFileUtf8(lockPath));
   return {
     [BUN$1]: wrapReader(async (lockPath, agentExecPath) => {
       const ext = path.extname(lockPath);
@@ -864,7 +917,7 @@ const readLockFileByAgent = (() => {
         const lockBuffer = await binaryReader(lockPath);
         if (lockBuffer) {
           try {
-            return hyrious__bun_lockb.parse(lockBuffer);
+            return index_cjs.parse(lockBuffer);
           } catch {}
         }
         // To print a Yarn lockfile to your console without writing it to disk
@@ -882,18 +935,18 @@ const readLockFileByAgent = (() => {
   };
 })();
 async function detect({
-  cwd = process.cwd(),
+  cwd = process$1.cwd(),
   onUnknown
 } = {}) {
-  let lockPath = await findUp(Object.keys(LOCKS), {
+  let lockPath = await socketUrl.findUp(Object.keys(LOCKS), {
     cwd
   });
   let lockBasename = lockPath ? path.basename(lockPath) : undefined;
   const isHiddenLockFile = lockBasename === '.package-lock.json';
-  const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await findUp('package.json', {
+  const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await socketUrl.findUp('package.json', {
     cwd
   });
-  const pkgPath = existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
+  const pkgPath = pkgJsonPath && fs.existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
   const editablePkgJson = pkgPath ? await packages.readPackageJson(pkgPath, {
     editable: true
   }) : undefined;
@@ -950,7 +1003,7 @@ async function detect({
     }
     const browserslistQuery = pkgJson['browserslist'];
     if (Array.isArray(browserslistQuery)) {
-      const browserslistTargets = browserslist(browserslistQuery).map(s => s.toLowerCase()).sort(alphanumericComparator);
+      const browserslistTargets = browserslist(browserslistQuery).map(s => s.toLowerCase()).sort(sorts.naturalCompare);
       const browserslistNodeTargets = browserslistTargets.filter(v => v.startsWith('node ')).map(v => v.slice(5 /*'node '.length*/));
       if (!targets.browser && browserslistTargets.length) {
         targets.browser = browserslistTargets.length !== browserslistNodeTargets.length;
@@ -989,25 +1042,25 @@ const {
   BUN,
   LOCK_EXT,
   NPM: NPM$1,
+  OVERRIDES,
   PNPM,
-  UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE,
+  RESOLUTIONS,
+  SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE,
+  SOCKET_IPC_HANDSHAKE,
   VLT,
   YARN_BERRY,
   YARN_CLASSIC,
-  abortSignal: abortSignal$2,
-  execPath,
-  rootBinPath
+  abortSignal: abortSignal$2
 } = constants;
 const COMMAND_TITLE = 'Socket Optimize';
-const OVERRIDES_FIELD_NAME = 'overrides';
 const NPM_OVERRIDE_PR_URL = 'https://github.com/npm/cli/pull/7025';
 const PNPM_FIELD_NAME = PNPM;
 const PNPM_WORKSPACE = `${PNPM}-workspace`;
-const RESOLUTIONS_FIELD_NAME = 'resolutions';
 const manifestNpmOverrides = registry.getManifestData(NPM$1);
 const getOverridesDataByAgent = {
+  __proto__: null,
   [BUN](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_BERRY,
       overrides
@@ -1016,7 +1069,7 @@ const getOverridesDataByAgent = {
   // npm overrides documentation:
   // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
   [NPM$1](pkgJson) {
-    const overrides = pkgJson?.overrides ?? {};
+    const overrides = pkgJson?.[OVERRIDES] ?? {};
     return {
       type: NPM$1,
       overrides
@@ -1025,14 +1078,14 @@ const getOverridesDataByAgent = {
   // pnpm overrides documentation:
   // https://pnpm.io/package_json#pnpmoverrides
   [PNPM](pkgJson) {
-    const overrides = pkgJson?.pnpm?.overrides ?? {};
+    const overrides = pkgJson?.pnpm?.[OVERRIDES] ?? {};
     return {
       type: PNPM,
       overrides
     };
   },
   [VLT](pkgJson) {
-    const overrides = pkgJson?.overrides ?? {};
+    const overrides = pkgJson?.[OVERRIDES] ?? {};
     return {
       type: VLT,
       overrides
@@ -1041,7 +1094,7 @@ const getOverridesDataByAgent = {
   // Yarn resolutions documentation:
   // https://yarnpkg.com/configuration/manifest#resolutions
   [YARN_BERRY](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_BERRY,
       overrides
@@ -1050,7 +1103,7 @@ const getOverridesDataByAgent = {
   // Yarn resolutions documentation:
   // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
   [YARN_CLASSIC](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_CLASSIC,
       overrides
@@ -1074,6 +1127,7 @@ const lockIncludesByAgent = (() => {
     `(?<=(?:^\\s*|,\\s*)"?)${escapedName}(?=@)`, 'm').test(lockSrc);
   }
   return {
+    __proto__: null,
     [BUN](lockSrc, name, lockBasename) {
       // This is a bit counterintuitive. When lockBasename ends with a .lockb
       // we treat it as a yarn.lock. When lockBasename ends with a .lock we
@@ -1137,7 +1191,7 @@ const updateManifestByAgent = (() => {
             [field]: undefined
           });
         }
-      } else if (field === OVERRIDES_FIELD_NAME || field === RESOLUTIONS_FIELD_NAME) {
+      } else if (field === OVERRIDES || field === RESOLUTIONS) {
         // Properties with undefined values are omitted when saved as JSON.
         editablePkgJson.update({
           [field]: objects.hasKeys(value) ? value : undefined
@@ -1149,7 +1203,7 @@ const updateManifestByAgent = (() => {
       }
       return;
     }
-    if ((field === OVERRIDES_FIELD_NAME || field === PNPM_FIELD_NAME || field === RESOLUTIONS_FIELD_NAME) && !objects.hasKeys(value)) {
+    if ((field === OVERRIDES || field === PNPM_FIELD_NAME || field === RESOLUTIONS) && !objects.hasKeys(value)) {
       return;
     }
     // Since the field doesn't exist we want to insert it into the package.json
@@ -1158,17 +1212,17 @@ const updateManifestByAgent = (() => {
     const entries = Object.entries(pkgJson);
     let insertIndex = -1;
     let isPlacingHigher = false;
-    if (field === OVERRIDES_FIELD_NAME) {
-      insertIndex = getLowestEntryIndex(entries, [RESOLUTIONS_FIELD_NAME]);
+    if (field === OVERRIDES) {
+      insertIndex = getLowestEntryIndex(entries, [RESOLUTIONS]);
       if (insertIndex === -1) {
         isPlacingHigher = true;
         insertIndex = getHighestEntryIndex(entries, [...depFields, PNPM]);
       }
-    } else if (field === RESOLUTIONS_FIELD_NAME) {
+    } else if (field === RESOLUTIONS) {
       isPlacingHigher = true;
-      insertIndex = getHighestEntryIndex(entries, [...depFields, OVERRIDES_FIELD_NAME, PNPM]);
+      insertIndex = getHighestEntryIndex(entries, [...depFields, OVERRIDES, PNPM]);
     } else if (field === PNPM_FIELD_NAME) {
-      insertIndex = getLowestEntryIndex(entries, [OVERRIDES_FIELD_NAME, RESOLUTIONS_FIELD_NAME]);
+      insertIndex = getLowestEntryIndex(entries, [OVERRIDES, RESOLUTIONS]);
       if (insertIndex === -1) {
         isPlacingHigher = true;
         insertIndex = getHighestEntryIndex(entries, depFields);
@@ -1190,12 +1244,13 @@ const updateManifestByAgent = (() => {
     editablePkgJson.fromJSON(`${JSON.stringify(Object.fromEntries(entries), null, 2)}\n`);
   }
   function updateOverrides(editablePkgJson, overrides) {
-    updatePkgJson(editablePkgJson, OVERRIDES_FIELD_NAME, overrides);
+    updatePkgJson(editablePkgJson, OVERRIDES, overrides);
   }
   function updateResolutions(editablePkgJson, overrides) {
-    updatePkgJson(editablePkgJson, RESOLUTIONS_FIELD_NAME, overrides);
+    updatePkgJson(editablePkgJson, RESOLUTIONS, overrides);
   }
   return {
+    __proto__: null,
     [BUN]: updateResolutions,
     [NPM$1]: updateOverrides,
     [PNPM](editablePkgJson, overrides) {
@@ -1257,6 +1312,7 @@ const lsByAgent = (() => {
     return cleanupQueryStdout(stdout);
   }
   return {
+    __proto__: null,
     async [BUN](agentExecPath, cwd) {
       try {
         // Bun does not support filtering by production packages yet.
@@ -1334,6 +1390,7 @@ const depsIncludesByAgent = (() => {
     return stdout.includes(`"${name}"`);
   }
   return {
+    __proto__: null,
     [BUN]: matchHumanStdout,
     [NPM$1]: matchQueryStdout,
     [PNPM]: matchQueryStdout,
@@ -1343,7 +1400,7 @@ const depsIncludesByAgent = (() => {
   };
 })();
 function createActionMessage(verb, overrideCount, workspaceCount) {
-  return `${verb} ${overrideCount} Socket.dev optimized overrides${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
+  return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
 }
 function getDependencyEntries(pkgJson) {
   const {
@@ -1372,11 +1429,11 @@ async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
   let workspacePatterns;
   if (agent === PNPM) {
     for (const workspacePath of [path.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), path.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
-      if (existsSync(workspacePath)) {
+      // eslint-disable-next-line no-await-in-loop
+      const yml = await socketUrl.safeReadFile(workspacePath, 'utf8');
+      if (yml) {
         try {
-          workspacePatterns = yaml.parse(
-          // eslint-disable-next-line no-await-in-loop
-          await fs$1.readFile(workspacePath, 'utf8'))?.packages;
+          workspacePatterns = yaml.parse(yml)?.packages;
         } catch {}
         if (workspacePatterns) {
           break;
@@ -1516,7 +1573,7 @@ async function addOverrides({
           const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
           const depAlias = depAliasMap.get(origPkgName);
           const regSpecStartsLike = `${NPM$1}:${regPkgName}@`;
-          let newSpec = `${regSpecStartsLike}^${pin ? version : major}`;
+          let newSpec = `${regSpecStartsLike}${pin ? version : `^${major}`}`;
           let thisVersion = version;
           if (depAlias && type === NPM$1) {
             // With npm one may not set an override for a package that one directly
@@ -1533,7 +1590,7 @@ async function addOverrides({
               if (pin) {
                 thisVersion = semver.major(semver.coerce(npa(thisSpec).rawSpec)?.version ?? version) === major ? version : (await packages.fetchPackageManifest(thisSpec))?.version ?? version;
               }
-              newSpec = `${regSpecStartsLike}^${pin ? thisVersion : semver.major(thisVersion)}`;
+              newSpec = `${regSpecStartsLike}${pin ? thisVersion : `^${semver.major(thisVersion)}`}`;
             } else {
               newSpec = oldSpec;
             }
@@ -1601,7 +1658,7 @@ const optimize = {
       pin,
       prod
     } = commandContext;
-    const cwd = process.cwd();
+    const cwd = process$1.cwd();
     const {
       agent,
       agentExecPath,
@@ -1648,13 +1705,13 @@ const optimize = {
     if (lockPath && path.relative(cwd, lockPath).startsWith('.')) {
       console.warn(`⚠️ ${COMMAND_TITLE}: Package ${lockName} found at ${lockPath}`);
     }
-    const spinner = yoctoSpinner({
+    const spinner$1 = new spinner.Spinner({
       text: 'Socket optimizing...'
     });
     const state = createAddOverridesState({
-      spinner
+      spinner: spinner$1
     });
-    spinner.start();
+    spinner$1.start();
     const nodeRange = `>=${minimumNodeVersion}`;
     const manifestEntries = manifestNpmOverrides.filter(({
       1: data
@@ -1672,7 +1729,7 @@ const optimize = {
       prod,
       rootPath: pkgPath
     }, state);
-    spinner.stop();
+    spinner$1.stop();
     const addedCount = state.added.size;
     const updatedCount = state.updated.size;
     const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
@@ -1690,23 +1747,24 @@ const optimize = {
     if (isNpm || pkgJsonChanged) {
       // Always update package-lock.json until the npm overrides PR lands:
       // https://github.com/npm/cli/pull/7025
-      spinner.start(`Updating ${lockName}...`);
+      spinner$1.start(`Updating ${lockName}...`);
       try {
         if (isNpm) {
-          const wrapperPath = path.join(rootBinPath, 'npm-cli.js');
-          const npmSpawnOptions = {
-            signal: abortSignal$2,
-            stdio: 'ignore',
-            env: {
-              ...process.env,
-              [UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE]: '1'
+          const ipc = {
+            [SOCKET_IPC_HANDSHAKE]: {
+              [SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE]: true
             }
           };
-          await spawn(execPath, [wrapperPath, 'install', '--silent'], npmSpawnOptions);
+          await shadowNpmInstall({
+            ipc
+          });
           // TODO: This is a temporary workaround for a `npm ci` bug where it
           // will error out after Socket Optimize generates a lock file. More
           // investigation is needed.
-          await spawn(execPath, [wrapperPath, 'install', '--silent', '--ignore-scripts', '--package-lock-only'], npmSpawnOptions);
+          await shadowNpmInstall({
+            flags: ['--ignore-scripts', '--package-lock-only'],
+            ipc
+          });
         } else {
           // All package managers support the "install" command.
           await spawn(agentExecPath, ['install'], {
@@ -1714,12 +1772,13 @@ const optimize = {
             stdio: 'ignore'
           });
         }
-        spinner.stop();
+        spinner$1.stop();
         if (isNpm) {
           console.log(`💡 Re-run ${COMMAND_TITLE} whenever ${lockName} changes.\n   This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
         }
-      } catch {
-        spinner.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
+      } catch (e) {
+        spinner$1.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
+        console.error(e);
       }
     }
   }
@@ -1746,7 +1805,7 @@ function setupCommand$l(name, description, argv, importMeta) {
       $ ${name}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name}
@@ -1794,20 +1853,20 @@ function setupCommand$k(name, description, argv, importMeta) {
   });
 }
 async function fetchOrganizations() {
-  const apiKey = sdk.getDefaultKey();
+  const apiKey = socketUrl.getDefaultToken();
   if (!apiKey) {
-    throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+    throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
-  const spinner = yoctoSpinner({
+  const spinner$1 = new spinner.Spinner({
     text: 'Fetching organizations...'
   }).start();
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
   if (result.success === false) {
-    handleUnsuccessfulApiResponse('getOrganizations', result, spinner);
+    handleUnsuccessfulApiResponse('getOrganizations', result, spinner$1);
     return;
   }
-  spinner.stop(`List of organizations associated with your API key: ${colors.italic(apiKey)}`);
+  spinner$1.stop(`List of organizations associated with your API key: ${colors.italic(apiKey)}`);
   const organizations = Object.values(result.data.organizations);
   for (const o of organizations) {
     console.log(`
@@ -1841,7 +1900,7 @@ async function setupCommand$j(name, description, argv, importMeta) {
       $ ${name} <${binName$1} command>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} install
@@ -1866,7 +1925,7 @@ async function setupCommand$j(name, description, argv, importMeta) {
     // The exit code 127 indicates that the command or binary being executed
     // could not be found.
     console.error(`Socket unable to locate ${binName$1}; ensure it is available in the PATH environment variable.`);
-    process.exit(127);
+    process$1.exit(127);
   }
   const spawnPromise = spawn(binPath, argv, {
     signal: abortSignal$1,
@@ -1878,9 +1937,9 @@ async function setupCommand$j(name, description, argv, importMeta) {
       return;
     }
     if (signalName) {
-      process.kill(process.pid, signalName);
+      process$1.kill(process$1.pid, signalName);
     } else if (code !== null) {
-      process.exit(code);
+      process$1.exit(code);
     }
   });
   await spawnPromise;
@@ -1909,7 +1968,7 @@ async function setupCommand$i(name, description, argv, importMeta) {
       $ ${name} <${binName} command>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} install
@@ -1934,7 +1993,7 @@ async function setupCommand$i(name, description, argv, importMeta) {
     // The exit code 127 indicates that the command or binary being executed
     // could not be found.
     console.error(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`);
-    process.exit(127);
+    process$1.exit(127);
   }
   const spawnPromise = spawn(binPath, argv, {
     signal: abortSignal,
@@ -1946,9 +2005,9 @@ async function setupCommand$i(name, description, argv, importMeta) {
       return;
     }
     if (signalName) {
-      process.kill(process.pid, signalName);
+      process$1.kill(process$1.pid, signalName);
     } else if (code !== null) {
-      process.exit(code);
+      process$1.exit(code);
     }
   });
   await spawnPromise;
@@ -1984,7 +2043,7 @@ function setupCommand$h(name, description, argv, importMeta) {
       $ ${name} <report-identifier>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
@@ -2006,7 +2065,7 @@ function setupCommand$h(name, description, argv, importMeta) {
   }
   // Validate the input.
   if (extraInput.length) {
-    throw new sdk.InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`);
+    throw new socketUrl.InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`);
   }
   return {
     includeAllIssues: cli.flags['all'],
@@ -2022,8 +2081,8 @@ async function fetchReportData(reportId, {
   strict
 }) {
   // Do the API call
-  const socketSdk = await sdk.setupSdk();
-  const spinner = yoctoSpinner({
+  const socketSdk = await socketUrl.setupSdk();
+  const spinner$1 = new spinner.Spinner({
     text: `Fetching report with ID ${reportId} (this could take a while)`
   }).start();
   let result;
@@ -2038,23 +2097,23 @@ async function fetchReportData(reportId, {
     }
   }
   if (result.success === false) {
-    return handleUnsuccessfulApiResponse('getReport', result, spinner);
+    return handleUnsuccessfulApiResponse('getReport', result, spinner$1);
   }
 
   // Conclude the status of the API call
 
   if (strict) {
     if (result.data.healthy) {
-      spinner.success('Report result is healthy and great!');
+      spinner$1.success('Report result is healthy and great!');
     } else {
-      spinner.error('Report result deemed unhealthy for project');
+      spinner$1.error('Report result deemed unhealthy for project');
     }
   } else if (result.data.healthy === false) {
     const severityCount = getSeverityCount(result.data.issues, includeAllIssues ? undefined : 'high');
     const issueSummary = formatSeverityCount(severityCount);
-    spinner.success(`Report has these issues: ${issueSummary}`);
+    spinner$1.success(`Report has these issues: ${issueSummary}`);
   } else {
-    spinner.success('Report has no issues');
+    spinner$1.success('Report has no issues');
   }
   return result.data;
 }
@@ -2068,7 +2127,7 @@ function formatReportDataOutput(data, {
   if (outputJson) {
     console.log(JSON.stringify(data, undefined, 2));
   } else {
-    const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+    const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
     console.log('\nDetailed info on socket.dev: ' + format.hyperlink(reportId, data.url, {
       fallbackToUrl: true
     }));
@@ -2077,7 +2136,7 @@ function formatReportDataOutput(data, {
     }
   }
   if (strict && data.healthy === false) {
-    process.exit(1);
+    process$1.exit(1);
   }
 }
 
@@ -2092,7 +2151,6 @@ const create$2 = {
       const {
         config,
         cwd,
-        debugLog,
         dryRun,
         includeAllIssues,
         outputJson,
@@ -2104,7 +2162,6 @@ const create$2 = {
       const result = input && (await createReport(packagePaths, {
         config,
         cwd,
-        debugLog,
         dryRun
       }));
       if (result && view) {
@@ -2140,12 +2197,6 @@ async function setupCommand$g(name, description, argv, importMeta) {
     ...commonFlags,
     ...outputFlags,
     ...validationFlags,
-    debug: {
-      type: 'boolean',
-      shortFlag: 'd',
-      default: false,
-      description: 'Output debug information'
-    },
     dryRun: {
       type: 'boolean',
       default: false,
@@ -2172,9 +2223,8 @@ async function setupCommand$g(name, description, argv, importMeta) {
     default ignores from the "ignore-by-default" module.
 
     Options
-      ${printFlagList({
+      ${getFlagListOutput({
     all: 'Include all issues',
-    debug: 'Output debug information',
     'dry-run': 'Only output what will be done without actually doing it',
     json: 'Output result as json',
     markdown: 'Output result as markdown',
@@ -2204,10 +2254,9 @@ async function setupCommand$g(name, description, argv, importMeta) {
   const {
     dryRun
   } = cli.flags;
-  const debugLog = sdk.createDebugLogger(!dryRun || cli.flags['debug']);
 
   // TODO: Allow setting a custom cwd and/or configFile path?
-  const cwd = process.cwd();
+  const cwd = process$1.cwd();
   const absoluteConfigPath = path.join(cwd, 'socket.yml');
   const config$1 = await config.readSocketConfig(absoluteConfigPath).catch(cause => {
     if (cause && typeof cause === 'object' && cause instanceof config.SocketValidationError) {
@@ -2219,27 +2268,26 @@ async function setupCommand$g(name, description, argv, importMeta) {
         errors: cause.validationErrors,
         schema: cause.schema
       });
-      throw new sdk.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
+      throw new socketUrl.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
     } else {
       throw new ponyCause.ErrorWithCause('Failed to read socket.yml config', {
         cause
       });
     }
   });
-  const socketSdk = await sdk.setupSdk();
+  const socketSdk = await socketUrl.setupSdk();
   const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, yoctoSpinner());
+    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
     return res.data;
   }).catch(cause => {
     throw new ponyCause.ErrorWithCause('Failed getting supported files for report', {
       cause
     });
   });
-  const packagePaths = await pathResolve.getPackageFiles(cwd, cli.input, config$1, supportedFiles, debugLog);
+  const packagePaths = await pathResolve.getPackageFiles(cwd, cli.input, config$1, supportedFiles);
   return {
     config: config$1,
     cwd,
-    debugLog,
     dryRun,
     includeAllIssues: cli.flags['all'],
     outputJson: cli.flags['json'],
@@ -2252,24 +2300,23 @@ async function setupCommand$g(name, description, argv, importMeta) {
 async function createReport(packagePaths, {
   config,
   cwd,
-  debugLog,
   dryRun
 }) {
-  debugLog('Uploading:', packagePaths.join(`\n${sdk.logSymbols.info} Uploading: `));
+  pathResolve.debugLog('Uploading:', packagePaths.join(`\n${pathResolve.logSymbols.info} Uploading: `));
   if (dryRun) {
     return;
   }
-  const socketSdk = await sdk.setupSdk();
-  const spinner = yoctoSpinner({
+  const socketSdk = await socketUrl.setupSdk();
+  const spinner$1 = new spinner.Spinner({
     text: `Creating report with ${packagePaths.length} package files`
   }).start();
   const apiCall = socketSdk.createReportFromFilePaths(packagePaths, cwd, config?.issueRules);
   const result = await handleApiCall(apiCall, 'creating report');
   if (result.success) {
-    spinner.success();
+    spinner$1.success();
     return result;
   }
-  handleUnsuccessfulApiResponse('createReport', result, spinner);
+  handleUnsuccessfulApiResponse('createReport', result, spinner$1);
   return undefined;
 }
 function formatReportCreationOutput(data, {
@@ -2280,7 +2327,7 @@ function formatReportCreationOutput(data, {
     console.log(JSON.stringify(data, undefined, 2));
     return;
   }
-  const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+  const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
   console.log(`New report: ${format.hyperlink(data.id, data.url, {
     fallbackToUrl: true
   })}`);
@@ -2322,13 +2369,13 @@ async function meowWithSubcommands(subcommands, options) {
       $ ${name} <command>
 
     Commands
-      ${printHelpList({
-    ...objects.toSortedObject(subcommands),
-    ...objects.toSortedObject(aliases)
+      ${getHelpListOutput({
+    ...objects.toSortedObject(Object.fromEntries(Object.entries(subcommands).filter(entry => !entry[1].hidden))),
+    ...objects.toSortedObject(Object.fromEntries(Object.entries(aliases).filter(entry => !subcommands[entry[1]?.argv[0]]?.hidden)))
   }, 6)}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --help
@@ -2359,8 +2406,9 @@ const report = {
   }
 };
 
-const BASH_FILE = `${homedir.homedir()}/.bashrc`;
-const ZSH_BASH_FILE = `${homedir.homedir()}/.zshrc`;
+const HOME_DIR = os.homedir();
+const BASH_FILE = `${HOME_DIR}/.bashrc`;
+const ZSH_BASH_FILE = `${HOME_DIR}/.zshrc`;
 const wrapper = {
   description: 'Enable or disable the Socket npm/npx wrapper',
   async run(argv, importMeta, {
@@ -2376,7 +2424,7 @@ function setupCommand$f(name, description, argv, importMeta) {
       $ ${name} <flag>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --enable
@@ -2431,21 +2479,18 @@ function setupCommand$f(name, description, argv, importMeta) {
     console.error('There was an issue setting up the alias in your bash profile');
   }
 }
-const installSafeNpm = query => {
-  console.log(`
- _____         _       _
-|   __|___ ___| |_ ___| |_
-|__   | . |  _| '_| -_|  _|
-|_____|___|___|_,_|___|_|
-
+function addAlias(file) {
+  return fs.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
+    if (err) {
+      return new Error(`There was an error setting up the alias: ${err}`);
+    }
+    console.log(`
+The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
+If you want to disable it at any time, run \`socket wrapper --disable\`
 `);
-  const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout
   });
-  return askQuestion(rl, query);
-};
-const askQuestion = (rl, query) => {
+}
+function askQuestion(rl, query) {
   rl.question(query, ans => {
     if (ans.toLowerCase() === 'y') {
       try {
@@ -2465,19 +2510,31 @@ const askQuestion = (rl, query) => {
       rl.close();
     }
   });
-};
-const addAlias = file => {
-  return fs.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
-    if (err) {
-      return new Error(`There was an error setting up the alias: ${err}`);
-    }
-    console.log(`
-The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
-If you want to disable it at any time, run \`socket wrapper --disable\`
+}
+function checkSocketWrapperAlreadySetup(file) {
+  const fileContent = fs.readFileSync(file, 'utf8');
+  const linesWithSocketAlias = fileContent.split('\n').filter(l => l === 'alias npm="socket npm"' || l === 'alias npx="socket npx"');
+  if (linesWithSocketAlias.length) {
+    console.log(`The Socket npm/npx wrapper is set up in your bash profile (${file}).`);
+    return true;
+  }
+  return false;
+}
+function installSafeNpm(query) {
+  console.log(`
+ _____         _       _
+|   __|___ ___| |_ ___| |_
+|__   | . |  _| '_| -_|  _|
+|_____|___|___|_,_|___|_|
+
 `);
+  const rl = readline.createInterface({
+    input: process$1.stdin,
+    output: process$1.stdout
   });
-};
-const removeAlias = file => {
+  return askQuestion(rl, query);
+}
+function removeAlias(file) {
   return fs.readFile(file, 'utf8', function (err, data) {
     if (err) {
       console.error(`There was an error removing the alias: ${err}`);
@@ -2494,16 +2551,7 @@ const removeAlias = file => {
       }
     });
   });
-};
-const checkSocketWrapperAlreadySetup = file => {
-  const fileContent = fs.readFileSync(file, 'utf8');
-  const linesWithSocketAlias = fileContent.split('\n').filter(l => l === 'alias npm="socket npm"' || l === 'alias npx="socket npx"');
-  if (linesWithSocketAlias.length) {
-    console.log(`The Socket npm/npx wrapper is set up in your bash profile (${file}).`);
-    return true;
-  }
-  return false;
-};
+}
 
 const create$1 = {
   description: 'Create a scan',
@@ -2513,15 +2561,15 @@ const create$1 = {
     const name = `${parentName} create`;
     const input = await setupCommand$e(name, create$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Creating a scan... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await createFullScan(input, spinner, apiKey);
+      await createFullScan(input, spinner$1, apiKey);
     }
   }
 };
@@ -2592,7 +2640,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
       $ ${name} [...options]
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --org=FakeOrg --repo=test-repo --branch=main ./package.json
@@ -2613,10 +2661,10 @@ async function setupCommand$e(name, description, argv, importMeta) {
   const {
     0: orgSlug = ''
   } = cli.input;
-  const cwd = process.cwd();
-  const socketSdk = await sdk.setupSdk();
+  const cwd = process$1.cwd();
+  const socketSdk = await socketUrl.setupSdk();
   const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, yoctoSpinner());
+    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
     return res.data;
   }).catch(/** @type {(cause: Error) => never} */
   cause => {
@@ -2624,8 +2672,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
       cause
     });
   });
-  const debugLog = sdk.createDebugLogger(false);
-  const packagePaths = await pathResolve.getPackageFilesFullScans(cwd, cli.input, supportedFiles, debugLog);
+  const packagePaths = await pathResolve.getPackageFilesFullScans(cwd, cli.input, supportedFiles);
   const {
     branch: branchName,
     repo: repoName
@@ -2656,7 +2703,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
   };
 }
 async function createFullScan(input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const {
     branchName,
     commitMessage,
@@ -2683,8 +2730,8 @@ async function createFullScan(input, spinner, apiKey) {
   const link = colors.underline(colors.cyan(`${result.data.html_report_url}`));
   console.log(`Available at: ${link}`);
   const rl = readline$1.createInterface({
-    input: node_process.stdin,
-    output: node_process.stdout
+    input: process$1.stdin,
+    output: process$1.stdout
   });
   const answer = await rl.question('Would you like to open it in your browser? (y/n)');
   if (answer.toLowerCase() === 'y') {
@@ -2701,15 +2748,15 @@ const del$1 = {
     const name = `${parentName} del`;
     const input = setupCommand$d(name, del$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Deleting scan...';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await deleteOrgFullScan(input.orgSlug, input.fullScanId, spinner, apiKey);
+      await deleteOrgFullScan(input.orgSlug, input.fullScanId, spinner$1, apiKey);
     }
   }
 };
@@ -2726,7 +2773,7 @@ function setupCommand$d(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan ID>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
@@ -2757,7 +2804,7 @@ function setupCommand$d(name, description, argv, importMeta) {
   };
 }
 async function deleteOrgFullScan(orgSlug, fullScanId, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
   if (result.success) {
     spinner.success('Scan deleted successfully');
@@ -2766,6 +2813,7 @@ async function deleteOrgFullScan(orgSlug, fullScanId, spinner, apiKey) {
   }
 }
 
+// @ts-ignore
 const list$1 = {
   description: 'List scans for an organization',
   async run(argv, importMeta, {
@@ -2774,15 +2822,15 @@ const list$1 = {
     const name = `${parentName} list`;
     const input = setupCommand$c(name, list$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Listing scans... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await listOrgFullScan(input.orgSlug, input, spinner, apiKey);
+      await listOrgFullScan(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -2838,7 +2886,7 @@ function setupCommand$c(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -2873,7 +2921,7 @@ function setupCommand$c(name, description, argv, importMeta) {
   };
 }
 async function listOrgFullScan(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgFullScanList(orgSlug, input), 'Listing scans');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgFullScanList', result, spinner);
@@ -2918,15 +2966,15 @@ const metadata = {
     const name = `${parentName} metadata`;
     const input = setupCommand$b(name, metadata.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = "Getting scan's metadata... \n";
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await getOrgScanMetadata(input.orgSlug, input.scanID, spinner, apiKey);
+      await getOrgScanMetadata(input.orgSlug, input.scanID, spinner$1, apiKey);
     }
   }
 };
@@ -2943,7 +2991,7 @@ function setupCommand$b(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan id>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
@@ -2974,7 +3022,7 @@ function setupCommand$b(name, description, argv, importMeta) {
   };
 }
 async function getOrgScanMetadata(orgSlug, scanId, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgFullScanMetadata(orgSlug, scanId), 'Listing scans');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result, spinner);
@@ -2992,18 +3040,18 @@ const stream = {
     const name = `${parentName} stream`;
     const input = setupCommand$a(name, stream.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Streaming scan...'
       }).start();
       const result = await getOrgFullScan(input.orgSlug, input.fullScanId, input.file, apiKey);
       if (result?.success) {
-        spinner.stop(input.file ? `Full scan details written to ${input.file}` : '');
+        spinner$1.stop(input.file ? `Full scan details written to ${input.file}` : '');
       } else {
-        handleUnsuccessfulApiResponse('getOrgFullScan', result, spinner);
+        handleUnsuccessfulApiResponse('getOrgFullScan', result, spinner$1);
       }
     }
   }
@@ -3021,7 +3069,7 @@ function setupCommand$a(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan ID> <path to output file>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0 ./stream.txt
@@ -3054,7 +3102,7 @@ function setupCommand$a(name, description, argv, importMeta) {
   };
 }
 async function getOrgFullScan(orgSlug, fullScanId, file, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   return await handleApiCall(socketSdk.getOrgFullScan(orgSlug, fullScanId, file), 'Streaming a scan');
 }
 
@@ -3087,14 +3135,14 @@ const auditLog = {
     const name = parentName + ' audit-log';
     const input = setupCommand$9(name, auditLog.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: `Looking up audit log for ${input.orgSlug}\n`
       }).start();
-      await fetchOrgAuditLog(input.orgSlug, input, spinner, apiKey);
+      await fetchOrgAuditLog(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3132,7 +3180,7 @@ function setupCommand$9(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3171,7 +3219,7 @@ function setupCommand$9(name, description, argv, importMeta) {
   };
 }
 async function fetchOrgAuditLog(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getAuditLogEvents(orgSlug, input), `Looking up audit log for ${orgSlug}\n`);
   if (!result.success) {
     handleUnsuccessfulApiResponse('getAuditLogEvents', result, spinner);
@@ -3211,15 +3259,15 @@ const create = {
     const name = `${parentName} create`;
     const input = setupCommand$8(name, create.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Creating repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await createRepo(input.orgSlug, input, spinner, apiKey);
+      await createRepo(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3269,7 +3317,7 @@ function setupCommand$8(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg --repoName=test-repo
@@ -3307,7 +3355,7 @@ function setupCommand$8(name, description, argv, importMeta) {
   };
 }
 async function createRepo(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.createOrgRepo(orgSlug, input), 'creating repository');
   if (result.success) {
     spinner.success('Repository created successfully');
@@ -3324,15 +3372,15 @@ const del = {
     const name = `${parentName} del`;
     const input = setupCommand$7(name, del.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Deleting repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await deleteRepository(input.orgSlug, input.repoName, spinner, apiKey);
+      await deleteRepository(input.orgSlug, input.repoName, spinner$1, apiKey);
     }
   }
 };
@@ -3370,7 +3418,7 @@ function setupCommand$7(name, description, argv, importMeta) {
   };
 }
 async function deleteRepository(orgSlug, repoName, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
   if (result.success) {
     spinner.success('Repository deleted successfully');
@@ -3379,6 +3427,7 @@ async function deleteRepository(orgSlug, repoName, spinner, apiKey) {
   }
 }
 
+// @ts-ignore
 const list = {
   description: 'List repositories in an organization',
   async run(argv, importMeta, {
@@ -3387,15 +3436,15 @@ const list = {
     const name = `${parentName} list`;
     const input = setupCommand$6(name, list.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Listing repositories... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await listOrgRepos(input.orgSlug, input, spinner, apiKey);
+      await listOrgRepos(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3438,7 +3487,7 @@ function setupCommand$6(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3471,7 +3520,7 @@ function setupCommand$6(name, description, argv, importMeta) {
   };
 }
 async function listOrgRepos(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgRepoList(orgSlug, input), 'listing repositories');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgRepoList', result, spinner);
@@ -3506,15 +3555,15 @@ const update = {
     const name = `${parentName} update`;
     const input = setupCommand$5(name, update.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Updating repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await updateRepository(input.orgSlug, input, spinner, apiKey);
+      await updateRepository(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3564,7 +3613,7 @@ function setupCommand$5(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3602,7 +3651,7 @@ function setupCommand$5(name, description, argv, importMeta) {
   };
 }
 async function updateRepository(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.updateOrgRepo(orgSlug, input.name, input), 'updating repository');
   if (result.success) {
     spinner.success('Repository updated successfully');
@@ -3611,6 +3660,7 @@ async function updateRepository(orgSlug, input, spinner, apiKey) {
   }
 }
 
+// @ts-ignore
 const view = {
   description: 'View repositories in an organization',
   async run(argv, importMeta, {
@@ -3619,15 +3669,15 @@ const view = {
     const name = `${parentName} view`;
     const input = setupCommand$4(name, view.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Fetching repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await viewRepository(input.orgSlug, input.repositoryName, spinner, apiKey);
+      await viewRepository(input.orgSlug, input.repositoryName, spinner$1, apiKey);
     }
   }
 };
@@ -3644,7 +3694,7 @@ function setupCommand$4(name, description, argv, importMeta) {
       $ ${name} <org slug>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeOrg
@@ -3675,7 +3725,7 @@ function setupCommand$4(name, description, argv, importMeta) {
   };
 }
 async function viewRepository(orgSlug, repoName, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgRepo(orgSlug, repoName), 'fetching repository');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgRepo', result, spinner);
@@ -3729,6 +3779,7 @@ const repo = {
   }
 };
 
+// @ts-ignore
 const dependencies = {
   description: 'Search for any dependency that is being used in your organization',
   async run(argv, importMeta, {
@@ -3769,7 +3820,7 @@ function setupCommand$3(name, description, argv, importMeta) {
       $ ${name}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name}
@@ -3797,23 +3848,23 @@ async function searchDeps({
   offset,
   outputJson
 }) {
-  const apiKey = sdk.getDefaultKey();
+  const apiKey = socketUrl.getDefaultToken();
   if (!apiKey) {
-    throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+    throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
-  const spinner = yoctoSpinner({
+  const spinner$1 = new spinner.Spinner({
     text: 'Searching dependencies...'
   }).start();
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.searchDependencies({
     limit,
     offset
   }), 'Searching dependencies');
   if (!result.success) {
-    handleUnsuccessfulApiResponse('searchDependencies', result, spinner);
+    handleUnsuccessfulApiResponse('searchDependencies', result, spinner$1);
     return;
   }
-  spinner.stop('Organization dependencies:');
+  spinner$1.stop('Organization dependencies:');
   if (outputJson) {
     console.log(result.data);
     return;
@@ -3854,18 +3905,18 @@ const analytics = {
     const name = parentName + ' analytics';
     const input = setupCommand$2(name, analytics.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Fetching analytics data'
       }).start();
       if (input.scope === 'org') {
-        await fetchOrgAnalyticsData(input.time, spinner, apiKey, input.outputJson, input.file);
+        await fetchOrgAnalyticsData(input.time, spinner$1, apiKey, input.outputJson, input.file);
       } else {
         if (input.repo) {
-          await fetchRepoAnalyticsData(input.repo, input.time, spinner, apiKey, input.outputJson, input.file);
+          await fetchRepoAnalyticsData(input.repo, input.time, spinner$1, apiKey, input.outputJson, input.file);
         }
       }
     }
@@ -3911,7 +3962,7 @@ function setupCommand$2(name, description, argv, importMeta) {
       $ ${name} --scope=<scope> --time=<time filter>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} --scope=org --time=7
@@ -3929,10 +3980,10 @@ function setupCommand$2(name, description, argv, importMeta) {
     time
   } = cli.flags;
   if (scope !== 'org' && scope !== 'repo') {
-    throw new sdk.InputError("The scope must either be 'org' or 'repo'");
+    throw new socketUrl.InputError("The scope must either be 'org' or 'repo'");
   }
   if (time !== 7 && time !== 30 && time !== 90) {
-    throw new sdk.InputError('The time filter must either be 7, 30 or 90');
+    throw new socketUrl.InputError('The time filter must either be 7, 30 or 90');
   }
   let showHelp = cli.flags['help'];
   if (scope === 'repo' && !repo) {
@@ -3953,7 +4004,7 @@ function setupCommand$2(name, description, argv, importMeta) {
 }
 const METRICS = ['total_critical_alerts', 'total_high_alerts', 'total_medium_alerts', 'total_low_alerts', 'total_critical_added', 'total_medium_added', 'total_low_added', 'total_high_added', 'total_critical_prevented', 'total_high_prevented', 'total_medium_prevented', 'total_low_prevented'];
 async function fetchOrgAnalyticsData(time, spinner, apiKey, outputJson, filePath) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgAnalytics(time.toString()), 'fetching analytics data');
   if (result.success === false) {
     return handleUnsuccessfulApiResponse('getOrgAnalytics', result, spinner);
@@ -4066,7 +4117,7 @@ const formatData = (data, scope) => {
   };
 };
 async function fetchRepoAnalyticsData(repo, time, spinner, apiKey, outputJson, filePath) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getRepoAnalytics(repo, time.toString()), 'fetching analytics data');
   if (result.success === false) {
     return handleUnsuccessfulApiResponse('getRepoAnalytics', result, spinner);
@@ -4154,15 +4205,15 @@ const get = {
     const name = `${parentName} get`;
     const input = setupCommand$1(name, get.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Getting diff scan... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await getDiffScan(input, spinner, apiKey);
+      await getDiffScan(input, spinner$1, apiKey);
     }
   }
 };
@@ -4206,7 +4257,7 @@ function setupCommand$1(name, description, argv, importMeta) {
       $ ${name} <org slug> --before=<before> --after=<after>
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name} FakeCorp --before=aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 --after=aaa1aa1a-aaaa-1111-1a1a-1111111a11a1
@@ -4297,7 +4348,6 @@ const diffScan = {
   }
 };
 
-// @ts-ignore
 const threatFeed = {
   description: 'Look up the threat feed',
   async run(argv, importMeta, {
@@ -4306,14 +4356,14 @@ const threatFeed = {
     const name = `${parentName} threat-feed`;
     const input = setupCommand(name, threatFeed.description, argv, importMeta);
     {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Looking up the threat feed'
       }).start();
-      await fetchThreatFeed(input, spinner, apiKey);
+      await fetchThreatFeed(input, spinner$1, apiKey);
     }
   }
 };
@@ -4357,7 +4407,7 @@ function setupCommand(name, description, argv, importMeta) {
       $ ${name}
 
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
 
     Examples
       $ ${name}
@@ -4433,7 +4483,7 @@ async function fetchThreatFeed({
     data: formattedOutput
   });
   screen.render();
-  screen.key(['escape', 'q', 'C-c'], () => process.exit(0));
+  screen.key(['escape', 'q', 'C-c'], () => process$1.exit(0));
 }
 const formatResults = data => {
   return data.map(d => {
@@ -4458,6 +4508,7 @@ var cliCommands = {
   cdxgen: cdxgen,
   dependencies: dependencies,
   diffScan: diffScan,
+  fix: fix,
   info: info,
   login: login,
   logout: logout,
@@ -4501,7 +4552,7 @@ void (async () => {
           argv: ['report', 'create', '--view', '--strict']
         }
       },
-      argv: process.argv.slice(2),
+      argv: process$1.argv.slice(2),
       name: 'socket',
       importMeta: {
         url: `${node_url.pathToFileURL(__filename)}`
@@ -4511,10 +4562,10 @@ void (async () => {
     let errorBody;
     let errorTitle;
     let errorMessage = '';
-    if (err instanceof sdk.AuthError) {
+    if (err instanceof socketUrl.AuthError) {
       errorTitle = 'Authentication error';
       errorMessage = err.message;
-    } else if (err instanceof sdk.InputError) {
+    } else if (err instanceof socketUrl.InputError) {
       errorTitle = 'Invalid input';
       errorMessage = err.message;
       errorBody = err.body;
@@ -4525,10 +4576,10 @@ void (async () => {
     } else {
       errorTitle = 'Unexpected error with no details';
     }
-    console.error(`${sdk.logSymbols.error} ${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
+    console.error(`${pathResolve.logSymbols.error} ${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
     if (errorBody) {
       console.error(`\n${errorBody}`);
     }
-    process.exit(1);
+    process$1.exit(1);
   }
 })();