npm - @socketsecurity/cli - Versions diffs - 0.14.39 → 0.14.41 - Mend

@socketsecurity/cli 0.14.39 → 0.14.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/README.md +1 -1
package/bin/cli.js +12 -6
package/dist/{module-sync/constants.d.ts → constants.d.ts} +13 -2
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +24 -10
package/dist/module-sync/cli.js +455 -404
package/dist/module-sync/debug.d.ts +3 -0
package/dist/module-sync/errors.d.ts +3 -1
package/dist/module-sync/logging.d.ts +16 -0
package/dist/module-sync/npm-injection.js +1119 -1095
package/dist/module-sync/path-resolve.d.ts +1 -1
package/dist/module-sync/path-resolve.js +50 -5
package/dist/module-sync/settings.d.ts +6 -1
package/dist/module-sync/shadow-bin.d.ts +2 -2
package/dist/module-sync/shadow-bin.js +23 -40
package/dist/module-sync/socket-url.d.ts +40 -0
package/dist/module-sync/socket-url.js +301 -0
package/dist/require/cli.js +454 -401
package/dist/require/npm-injection.js +2 -1511
package/dist/require/path-resolve.js +2 -200
package/dist/require/shadow-bin.js +2 -102
package/dist/require/socket-url.js +3 -0
package/dist/require/vendor.js +53 -400
package/package.json +39 -31
package/dist/module-sync/color-or-markdown.d.ts +0 -23
package/dist/module-sync/constants.d.ts.map +0 -1
package/dist/module-sync/sdk.d.ts +0 -8
package/dist/module-sync/sdk.js +0 -214
package/dist/require/constants.d.ts.map +0 -1
package/dist/require/sdk.js +0 -212

package/dist/require/cli.js CHANGED Viewed

@@ -10,6 +10,7 @@ function _socketInterop(e) {
   return c ? e.default : e
 }
+var process$1 = require('node:process');
 var require$$0 = require('node:url');
 var ponyCause = _socketInterop(require('pony-cause'));
 var vendor = require('./vendor.js');
@@ -20,41 +21,44 @@ var yargsParse = _socketInterop(require('yargs-parser'));
 var npm$1 = require('@socketsecurity/registry/lib/npm');
 var words = require('@socketsecurity/registry/lib/words');
 var constants = require('./constants.js');
-var yoctoSpinner = require('@socketregistry/yocto-spinner');
-var sdk = require('./sdk.js');
-var prompts = require('@socketsecurity/registry/lib/prompts');
-var fs$1 = require('node:fs/promises');
+var spinner = require('@socketsecurity/registry/lib/spinner');
 var spawn = _socketInterop(require('@npmcli/promise-spawn'));
+var objects = require('@socketsecurity/registry/lib/objects');
+var pathResolve = require('./path-resolve.js');
+var registryConstants = require('@socketsecurity/registry/lib/constants');
+var socketUrl = require('./socket-url.js');
+var terminalLink = _socketInterop(require('terminal-link'));
+var isInteractive = require('@socketregistry/is-interactive/index.cjs');
+var prompts = require('@socketsecurity/registry/lib/prompts');
 var npa = _socketInterop(require('npm-package-arg'));
 var semver = _socketInterop(require('semver'));
 var tinyglobby = _socketInterop(require('tinyglobby'));
 var yaml = _socketInterop(require('yaml'));
 var registry = require('@socketsecurity/registry');
-var objects = require('@socketsecurity/registry/lib/objects');
 var packages = require('@socketsecurity/registry/lib/packages');
 var promises = require('@socketsecurity/registry/lib/promises');
 var regexps = require('@socketsecurity/registry/lib/regexps');
 var strings = require('@socketsecurity/registry/lib/strings');
 var browserslist = _socketInterop(require('browserslist'));
 var which = _socketInterop(require('which'));
-var hyrious__bun_lockb = require('@socketregistry/hyrious__bun.lockb');
-var pathResolve = require('./path-resolve.js');
+var index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs');
+var sorts = require('@socketsecurity/registry/lib/sorts');
 var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
 var config = require('@socketsecurity/config');
 var os = require('node:os');
 var readline = require('node:readline');
-var process$1 = require('node:process');
 var readline$1 = require('node:readline/promises');
 var chalkTable = _socketInterop(require('chalk-table'));
+var fs$1 = require('node:fs/promises');
 var ScreenWidget = _socketInterop(require('blessed/lib/widgets/screen'));
-var BarChart = _socketInterop(require('blessed-contrib/lib/widget/charts/bar'));
 var GridLayout = _socketInterop(require('blessed-contrib/lib/layout/grid'));
+var BarChart = _socketInterop(require('blessed-contrib/lib/widget/charts/bar'));
 var LineChart = _socketInterop(require('blessed-contrib/lib/widget/charts/line'));
 var require$$0$1 = require('node:util');
 var TableWidget = _socketInterop(require('blessed-contrib/lib/widget/table'));
 const {
-  NPM: NPM$4,
+  NPM: NPM$5,
   PNPM: PNPM$2,
   cdxgenBinPath,
   synpBinPath
@@ -65,10 +69,10 @@ const {
   SBOM_SIGN_PRIVATE_KEY,
   // Location to the RSA private key
   SBOM_SIGN_PUBLIC_KEY // Optional. Location to the RSA public key
-} = process.env;
+} = process$1.env;
 const toLower = arg => arg.toLowerCase();
 const arrayToLower = arg => arg.map(toLower);
-const nodejsPlatformTypes = new Set(['javascript', 'js', 'nodejs', NPM$4, PNPM$2, 'ts', 'tsx', 'typescript']);
+const nodejsPlatformTypes = new Set(['javascript', 'js', 'nodejs', NPM$5, PNPM$2, 'ts', 'tsx', 'typescript']);
 const yargsConfig = {
   configuration: {
     'camel-case-expansion': false,
@@ -172,20 +176,20 @@ const cdxgen = {
       length: unknownLength
     } = unknown;
     if (unknownLength) {
+      process$1.exitCode = 1;
       console.error(`Unknown ${words.pluralize('argument', unknownLength)}: ${yargv._.join(', ')}`);
-      process.exitCode = 1;
       return;
     }
     let cleanupPackageLock = false;
     if (yargv.type !== 'yarn' && nodejsPlatformTypes.has(yargv.type) && fs.existsSync('./yarn.lock')) {
       if (fs.existsSync('./package-lock.json')) {
-        yargv.type = NPM$4;
+        yargv.type = NPM$5;
       } else {
         // Use synp to create a package-lock.json from the yarn.lock,
         // based on the node_modules folder, for a more accurate SBOM.
         try {
           await npm$1.runBin(await fs.promises.realpath(synpBinPath), ['--source-file', './yarn.lock']);
-          yargv.type = NPM$4;
+          yargv.type = NPM$5;
           cleanupPackageLock = true;
         } catch {}
       }
@@ -207,13 +211,82 @@ const cdxgen = {
         await fs.promises.rm('./package-lock.json');
       } catch {}
     }
-    const fullOutputPath = path.join(process.cwd(), yargv.output);
+    const fullOutputPath = path.join(process$1.cwd(), yargv.output);
     if (fs.existsSync(fullOutputPath)) {
       console.log(colors.cyanBright(`${yargv.output} created!`));
     }
   }
 };
+const {
+  abortSignal: abortSignal$3
+} = constants;
+function shadowNpmInstall(opts) {
+  const {
+    flags = [],
+    ipc,
+    ...spawnOptions
+  } = {
+    __proto__: null,
+    ...opts
+  };
+  const useIpc = objects.isObject(ipc);
+  const useDebug = pathResolve.isDebug();
+  const promise = spawn(
+  // Lazily access constants.execPath.
+  constants.execPath, [
+  // Lazily access constants.rootBinPath.
+  path.join(constants.rootBinPath, 'npm-cli.js'), 'install',
+  // Even though the '--silent' flag is passed npm will still run through
+  // code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'
+  // flags are passed.
+  ...(useDebug ? ['--no-audit', '--no-fund'] : ['--silent', '--no-audit', '--no-fund']), ...flags], {
+    signal: abortSignal$3,
+    // Set stdio to include 'ipc'.
+    // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
+    // and https://github.com/nodejs/node/blob/v23.6.0/lib/internal/child_process.js#L238.
+    stdio: useDebug ?
+    // 'inherit'
+    useIpc ? [0, 1, 2, 'ipc'] : 'inherit' :
+    // 'ignore'
+    useIpc ? ['ignore', 'ignore', 'ignore', 'ipc'] : 'ignore',
+    ...spawnOptions,
+    env: {
+      ...process$1.env,
+      ...spawnOptions.env
+    }
+  });
+  if (useIpc) {
+    promise.process.send(ipc);
+  }
+  return promise;
+}
+const {
+  SOCKET_CLI_FIX_PACKAGE_LOCK_FILE,
+  SOCKET_IPC_HANDSHAKE: SOCKET_IPC_HANDSHAKE$1
+} = constants;
+const fix = {
+  description: 'Fix "fixable" Socket alerts',
+  hidden: true,
+  async run() {
+    const spinner$1 = new spinner.Spinner().start();
+    try {
+      await shadowNpmInstall({
+        ipc: {
+          [SOCKET_IPC_HANDSHAKE$1]: {
+            [SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]: true
+          }
+        }
+      });
+    } catch (e) {
+      console.error(e);
+    } finally {
+      spinner$1.stop();
+    }
+  }
+};
 const commonFlags = {
   help: {
     type: 'boolean',
@@ -261,47 +334,6 @@ const validationFlags = {
   }
 };
-const {
-  API_V0_URL
-} = constants;
-function handleUnsuccessfulApiResponse(_name, result, spinner) {
-  // SocketSdkErrorType['error'] is not typed.
-  const resultErrorMessage = result.error?.message;
-  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
-  if (result.status === 401 || result.status === 403) {
-    spinner.stop();
-    throw new sdk.AuthError(message);
-  }
-  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
-  process.exit(1);
-}
-async function handleApiCall(value, description) {
-  let result;
-  try {
-    result = await value;
-  } catch (cause) {
-    throw new ponyCause.ErrorWithCause(`Failed ${description}`, {
-      cause
-    });
-  }
-  return result;
-}
-async function handleAPIError(code) {
-  if (code === 400) {
-    return 'One of the options passed might be incorrect.';
-  } else if (code === 403) {
-    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
-  }
-}
-async function queryAPI(path, apiKey) {
-  return await fetch(`${API_V0_URL}/${path}`, {
-    method: 'GET',
-    headers: {
-      Authorization: `Basic ${btoa(`${apiKey}:${apiKey}`)}`
-    }
-  });
-}
 function objectSome(obj) {
   for (const key in obj) {
     if (obj[key]) {
@@ -318,6 +350,22 @@ function pick(input, keys) {
   return result;
 }
+function stringJoinWithSeparateFinalSeparator(list, separator = ' and ') {
+  const values = list.filter(Boolean);
+  const {
+    length
+  } = values;
+  if (!length) {
+    return '';
+  }
+  if (length === 1) {
+    return values[0];
+  }
+  const finalValue = values.pop();
+  return `${values.join(', ')}${separator}${finalValue}`;
+}
+// Ordered from most severe to least.
 const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
 function getDesiredSeverities(lowestToInclude) {
   const result = [];
@@ -336,7 +384,7 @@ function formatSeverityCount(severityCount) {
       summary.push(`${severityCount[severity]} ${severity}`);
     }
   }
-  return sdk.stringJoinWithSeparateFinalSeparator(summary);
+  return stringJoinWithSeparateFinalSeparator(summary);
 }
 function getSeverityCount(issues, lowestToInclude) {
   const severityCount = pick({
@@ -346,7 +394,9 @@ function getSeverityCount(issues, lowestToInclude) {
     critical: 0
   }, getDesiredSeverities(lowestToInclude));
   for (const issue of issues) {
-    const value = issue.value;
+    const {
+      value
+    } = issue;
     if (!value) {
       continue;
     }
@@ -357,18 +407,59 @@ function getSeverityCount(issues, lowestToInclude) {
   return severityCount;
 }
-function printFlagList(list, indent, {
+const {
+  API_V0_URL
+} = constants;
+function handleUnsuccessfulApiResponse(_name, result, spinner) {
+  // SocketSdkErrorType['error'] is not typed.
+  const resultErrorMessage = result.error?.message;
+  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
+  if (result.status === 401 || result.status === 403) {
+    spinner.stop();
+    throw new socketUrl.AuthError(message);
+  }
+  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
+  process$1.exit(1);
+}
+async function handleApiCall(value, description) {
+  let result;
+  try {
+    result = await value;
+  } catch (cause) {
+    throw new ponyCause.ErrorWithCause(`Failed ${description}`, {
+      cause
+    });
+  }
+  return result;
+}
+async function handleAPIError(code) {
+  if (code === 400) {
+    return 'One of the options passed might be incorrect.';
+  } else if (code === 403) {
+    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
+  }
+}
+async function queryAPI(path, apiKey) {
+  return await fetch(`${API_V0_URL}/${path}`, {
+    method: 'GET',
+    headers: {
+      Authorization: `Basic ${btoa(`${apiKey}:${apiKey}`)}`
+    }
+  });
+}
+function getFlagListOutput(list, indent, {
   keyPrefix = '--',
   padName
 } = {}) {
-  return printHelpList({
+  return getHelpListOutput({
     ...list
   }, indent, {
     keyPrefix,
     padName
   });
 }
-function printHelpList(list, indent, {
+function getHelpListOutput(list, indent, {
   keyPrefix = '',
   padName = 18
 } = {}) {
@@ -383,8 +474,8 @@ function printHelpList(list, indent, {
 }
 const {
-  SOCKET_PUBLIC_API_KEY: SOCKET_PUBLIC_API_KEY$1
-} = constants;
+  NPM: NPM$4
+} = registryConstants;
 const info = {
   description: 'Look up info regarding a package',
   async run(argv, importMeta, {
@@ -394,15 +485,15 @@ const info = {
     const commandContext = setupCommand$m(name, info.description, argv, importMeta);
     if (commandContext) {
       const spinnerText = commandContext.pkgVersion === 'latest' ? `Looking up data for the latest version of ${commandContext.pkgName}` : `Looking up data for version ${commandContext.pkgVersion} of ${commandContext.pkgName}`;
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      const packageData = await fetchPackageData(commandContext.pkgName, commandContext.pkgVersion, commandContext, spinner);
+      const packageData = await fetchPackageData(commandContext.pkgName, commandContext.pkgVersion, commandContext, spinner$1);
       if (packageData) {
         formatPackageDataOutput(packageData, {
           name,
           ...commandContext
-        }, spinner);
+        }, spinner$1);
       }
     }
   }
@@ -421,7 +512,7 @@ function setupCommand$m(name, description, argv, importMeta) {
       $ ${name} <name>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} webtorrent
@@ -433,7 +524,7 @@ function setupCommand$m(name, description, argv, importMeta) {
     flags
   });
   if (cli.input.length > 1) {
-    throw new sdk.InputError('Only one package lookup supported at once');
+    throw new socketUrl.InputError('Only one package lookup supported at once');
   }
   const {
     0: rawPkgName = ''
@@ -461,7 +552,7 @@ function setupCommand$m(name, description, argv, importMeta) {
 async function fetchPackageData(pkgName, pkgVersion, {
   includeAllIssues
 }, spinner) {
-  const socketSdk = await sdk.setupSdk(sdk.getDefaultKey() ?? SOCKET_PUBLIC_API_KEY$1);
+  const socketSdk = await socketUrl.setupSdk(socketUrl.getPublicToken());
   const result = await handleApiCall(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), 'looking up package');
   const scoreResult = await handleApiCall(socketSdk.getScoreByNPMPackage(pkgName, pkgVersion), 'looking up package score');
   if (result.success === false) {
@@ -508,8 +599,8 @@ function formatPackageDataOutput({
     } else {
       spinner.success('Package has no issues');
     }
-    const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
-    const url = `https://socket.dev/npm/package/${pkgName}/overview/${pkgVersion}`;
+    const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
+    const url = socketUrl.getSocketDevPackageOverviewUrl(NPM$4, pkgName, pkgVersion);
     console.log('\n');
     if (pkgVersion === 'latest') {
       console.log(`Detailed info on socket.dev: ${format.hyperlink(`${pkgName}`, url, {
@@ -525,7 +616,7 @@ function formatPackageDataOutput({
     }
   }
   if (strict && objectSome(severityCount)) {
-    process.exit(1);
+    process$1.exit(1);
   }
 }
 function formatPackageIssuesDetails(packageData, outputMarkdown) {
@@ -546,9 +637,9 @@ function formatPackageIssuesDetails(packageData, outputMarkdown) {
     }
     return acc;
   }, {});
-  const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+  const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
   for (const issue of Object.keys(uniqueIssues)) {
-    const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, `https://socket.dev/npm/issue/${issue}`, {
+    const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, socketUrl.getSocketDevAlertUrl(issue), {
       fallbackToUrl: true
     });
     if (uniqueIssues[issue]?.count === 1) {
@@ -568,7 +659,7 @@ function formatScore(score) {
 }
 const {
-  SOCKET_PUBLIC_API_KEY
+  SOCKET_PUBLIC_API_TOKEN
 } = constants;
 const description$5 = 'Socket API login';
 const flags = {
@@ -597,7 +688,7 @@ const login = {
       Logs into the Socket API by prompting for an API key
       Options
-        ${printFlagList({
+        ${getFlagListOutput({
       'api-base-url': flags['apiBaseUrl'].description,
       'api-proxy': flags['apiProxy'].description
     }, 8)}
@@ -618,30 +709,30 @@ const login = {
       cli.showHelp();
       return;
     }
-    if (!vendor.isInteractive()) {
-      throw new sdk.InputError('Cannot prompt for credentials in a non-interactive shell');
+    if (!isInteractive()) {
+      throw new socketUrl.InputError('Cannot prompt for credentials in a non-interactive shell');
     }
-    const apiKey = (await prompts.password({
-      message: `Enter your ${vendor.terminalLink('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
-    })) || SOCKET_PUBLIC_API_KEY;
+    const apiToken = (await prompts.password({
+      message: `Enter your ${terminalLink('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
+    })) || SOCKET_PUBLIC_API_TOKEN;
     let apiBaseUrl = cli.flags['apiBaseUrl'];
-    apiBaseUrl ??= sdk.getSetting('apiBaseUrl') ?? undefined;
+    apiBaseUrl ??= socketUrl.getSetting('apiBaseUrl') ?? undefined;
     let apiProxy = cli.flags['apiProxy'];
-    apiProxy ??= sdk.getSetting('apiProxy') ?? undefined;
-    const spinner = yoctoSpinner({
+    apiProxy ??= socketUrl.getSetting('apiProxy') ?? undefined;
+    const spinner$1 = new spinner.Spinner({
       text: 'Verifying API key...'
     }).start();
     let orgs;
     try {
-      const sdk$1 = await sdk.setupSdk(apiKey, apiBaseUrl, apiProxy);
-      const result = await sdk$1.getOrganizations();
+      const sdk = await socketUrl.setupSdk(apiToken, apiBaseUrl, apiProxy);
+      const result = await sdk.getOrganizations();
       if (!result.success) {
-        throw new sdk.AuthError();
+        throw new socketUrl.AuthError();
       }
       orgs = result.data;
-      spinner.success('API key verified');
+      spinner$1.success('API key verified');
     } catch {
-      spinner.error('Invalid API key');
+      spinner$1.error('Invalid API key');
       return;
     }
     const enforcedChoices = Object.values(orgs.organizations).filter(nonNullish).filter(org => org.plan === 'enterprise').map(org => ({
@@ -673,12 +764,13 @@ const login = {
         }
       }
     }
-    sdk.updateSetting('enforcedOrgs', enforcedOrgs);
-    const oldKey = sdk.getSetting('apiKey');
-    sdk.updateSetting('apiKey', apiKey);
-    sdk.updateSetting('apiBaseUrl', apiBaseUrl);
-    sdk.updateSetting('apiProxy', apiProxy);
-    spinner.success(`API credentials ${oldKey ? 'updated' : 'set'}`);
+    socketUrl.updateSetting('enforcedOrgs', enforcedOrgs);
+    // TODO: Rename the 'apiKey' setting to 'apiToken'.
+    const oldToken = socketUrl.getSetting('apiKey');
+    socketUrl.updateSetting('apiKey', apiToken);
+    socketUrl.updateSetting('apiBaseUrl', apiBaseUrl);
+    socketUrl.updateSetting('apiProxy', apiProxy);
+    spinner$1.success(`API credentials ${oldToken ? 'updated' : 'set'}`);
   }
 };
@@ -710,11 +802,11 @@ const logout = {
       cli.showHelp();
       return;
     }
-    sdk.updateSetting('apiKey', null);
-    sdk.updateSetting('apiBaseUrl', null);
-    sdk.updateSetting('apiProxy', null);
-    sdk.updateSetting('enforcedOrgs', null);
-    yoctoSpinner().success('Successfully logged out');
+    socketUrl.updateSetting('apiKey', null);
+    socketUrl.updateSetting('apiBaseUrl', null);
+    socketUrl.updateSetting('apiProxy', null);
+    socketUrl.updateSetting('enforcedOrgs', null);
+    new spinner.Spinner().success('Successfully logged out');
   }
 };
@@ -742,48 +834,6 @@ const npx = {
   }
 };
-function existsSync(filepath) {
-  try {
-    return filepath ? fs.existsSync(filepath) : false;
-  } catch {}
-  return false;
-}
-async function findUp(name, {
-  cwd = process.cwd()
-}) {
-  let dir = path.resolve(cwd);
-  const {
-    root
-  } = path.parse(dir);
-  const names = [name].flat();
-  while (dir && dir !== root) {
-    for (const name of names) {
-      const filePath = path.join(dir, name);
-      try {
-        // eslint-disable-next-line no-await-in-loop
-        const stats = await fs.promises.stat(filePath);
-        if (stats.isFile()) {
-          return filePath;
-        }
-      } catch {}
-    }
-    dir = path.dirname(dir);
-  }
-  return undefined;
-}
-async function readFileBinary(filepath, options) {
-  return await fs.promises.readFile(filepath, {
-    ...options,
-    encoding: 'binary'
-  });
-}
-async function readFileUtf8(filepath, options) {
-  return await fs.promises.readFile(filepath, {
-    ...options,
-    encoding: 'utf8'
-  });
-}
 const {
   BINARY_LOCK_EXT,
   BUN: BUN$1,
@@ -791,20 +841,25 @@ const {
   NPM: NPM$2,
   PNPM: PNPM$1,
   VLT: VLT$1,
+  YARN,
   YARN_BERRY: YARN_BERRY$1,
   YARN_CLASSIC: YARN_CLASSIC$1
 } = constants;
 const AGENTS = [BUN$1, NPM$2, PNPM$1, YARN_BERRY$1, YARN_CLASSIC$1, VLT$1];
-const {
-  compare: alphanumericComparator
-} = new Intl.Collator(undefined, {
-  numeric: true,
-  sensitivity: 'base'
-});
+const binByAgent = {
+  __proto__: null,
+  [BUN$1]: BUN$1,
+  [NPM$2]: NPM$2,
+  [PNPM$1]: PNPM$1,
+  [YARN_BERRY$1]: YARN,
+  [YARN_CLASSIC$1]: YARN,
+  [VLT$1]: VLT$1
+};
 async function getAgentExecPath(agent) {
-  return (await which(agent, {
+  const binName = binByAgent[agent];
+  return (await which(binName, {
     nothrow: true
-  })) ?? agent;
+  })) ?? binName;
 }
 async function getAgentVersion(agentExecPath, cwd) {
   let result;
@@ -848,8 +903,8 @@ const readLockFileByAgent = (() => {
       return undefined;
     };
   }
-  const binaryReader = wrapReader(readFileBinary);
-  const defaultReader = wrapReader(async lockPath => await readFileUtf8(lockPath));
+  const binaryReader = wrapReader(socketUrl.readFileBinary);
+  const defaultReader = wrapReader(async lockPath => await socketUrl.readFileUtf8(lockPath));
   return {
     [BUN$1]: wrapReader(async (lockPath, agentExecPath) => {
       const ext = path.extname(lockPath);
@@ -860,7 +915,7 @@ const readLockFileByAgent = (() => {
         const lockBuffer = await binaryReader(lockPath);
         if (lockBuffer) {
           try {
-            return hyrious__bun_lockb.parse(lockBuffer);
+            return index_cjs.parse(lockBuffer);
           } catch {}
         }
         // To print a Yarn lockfile to your console without writing it to disk
@@ -878,18 +933,18 @@ const readLockFileByAgent = (() => {
   };
 })();
 async function detect({
-  cwd = process.cwd(),
+  cwd = process$1.cwd(),
   onUnknown
 } = {}) {
-  let lockPath = await findUp(Object.keys(LOCKS), {
+  let lockPath = await socketUrl.findUp(Object.keys(LOCKS), {
     cwd
   });
   let lockBasename = lockPath ? path.basename(lockPath) : undefined;
   const isHiddenLockFile = lockBasename === '.package-lock.json';
-  const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await findUp('package.json', {
+  const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await socketUrl.findUp('package.json', {
     cwd
   });
-  const pkgPath = existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
+  const pkgPath = pkgJsonPath && fs.existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
   const editablePkgJson = pkgPath ? await packages.readPackageJson(pkgPath, {
     editable: true
   }) : undefined;
@@ -946,7 +1001,7 @@ async function detect({
     }
     const browserslistQuery = pkgJson['browserslist'];
     if (Array.isArray(browserslistQuery)) {
-      const browserslistTargets = browserslist(browserslistQuery).map(s => s.toLowerCase()).sort(alphanumericComparator);
+      const browserslistTargets = browserslist(browserslistQuery).map(s => s.toLowerCase()).sort(sorts.naturalCompare);
       const browserslistNodeTargets = browserslistTargets.filter(v => v.startsWith('node ')).map(v => v.slice(5 /*'node '.length*/));
       if (!targets.browser && browserslistTargets.length) {
         targets.browser = browserslistTargets.length !== browserslistNodeTargets.length;
@@ -985,25 +1040,25 @@ const {
   BUN,
   LOCK_EXT,
   NPM: NPM$1,
+  OVERRIDES,
   PNPM,
-  UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE,
+  RESOLUTIONS,
+  SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE,
+  SOCKET_IPC_HANDSHAKE,
   VLT,
   YARN_BERRY,
   YARN_CLASSIC,
-  abortSignal: abortSignal$2,
-  execPath,
-  rootBinPath
+  abortSignal: abortSignal$2
 } = constants;
 const COMMAND_TITLE = 'Socket Optimize';
-const OVERRIDES_FIELD_NAME = 'overrides';
 const NPM_OVERRIDE_PR_URL = 'https://github.com/npm/cli/pull/7025';
 const PNPM_FIELD_NAME = PNPM;
 const PNPM_WORKSPACE = `${PNPM}-workspace`;
-const RESOLUTIONS_FIELD_NAME = 'resolutions';
 const manifestNpmOverrides = registry.getManifestData(NPM$1);
 const getOverridesDataByAgent = {
+  __proto__: null,
   [BUN](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_BERRY,
       overrides
@@ -1012,7 +1067,7 @@ const getOverridesDataByAgent = {
   // npm overrides documentation:
   // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
   [NPM$1](pkgJson) {
-    const overrides = pkgJson?.overrides ?? {};
+    const overrides = pkgJson?.[OVERRIDES] ?? {};
     return {
       type: NPM$1,
       overrides
@@ -1021,14 +1076,14 @@ const getOverridesDataByAgent = {
   // pnpm overrides documentation:
   // https://pnpm.io/package_json#pnpmoverrides
   [PNPM](pkgJson) {
-    const overrides = pkgJson?.pnpm?.overrides ?? {};
+    const overrides = pkgJson?.pnpm?.[OVERRIDES] ?? {};
     return {
       type: PNPM,
       overrides
     };
   },
   [VLT](pkgJson) {
-    const overrides = pkgJson?.overrides ?? {};
+    const overrides = pkgJson?.[OVERRIDES] ?? {};
     return {
       type: VLT,
       overrides
@@ -1037,7 +1092,7 @@ const getOverridesDataByAgent = {
   // Yarn resolutions documentation:
   // https://yarnpkg.com/configuration/manifest#resolutions
   [YARN_BERRY](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_BERRY,
       overrides
@@ -1046,7 +1101,7 @@ const getOverridesDataByAgent = {
   // Yarn resolutions documentation:
   // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
   [YARN_CLASSIC](pkgJson) {
-    const overrides = pkgJson?.resolutions ?? {};
+    const overrides = pkgJson?.[RESOLUTIONS] ?? {};
     return {
       type: YARN_CLASSIC,
       overrides
@@ -1070,6 +1125,7 @@ const lockIncludesByAgent = (() => {
     `(?<=(?:^\\s*|,\\s*)"?)${escapedName}(?=@)`, 'm').test(lockSrc);
   }
   return {
+    __proto__: null,
     [BUN](lockSrc, name, lockBasename) {
       // This is a bit counterintuitive. When lockBasename ends with a .lockb
       // we treat it as a yarn.lock. When lockBasename ends with a .lock we
@@ -1133,7 +1189,7 @@ const updateManifestByAgent = (() => {
             [field]: undefined
           });
         }
-      } else if (field === OVERRIDES_FIELD_NAME || field === RESOLUTIONS_FIELD_NAME) {
+      } else if (field === OVERRIDES || field === RESOLUTIONS) {
         // Properties with undefined values are omitted when saved as JSON.
         editablePkgJson.update({
           [field]: objects.hasKeys(value) ? value : undefined
@@ -1145,7 +1201,7 @@ const updateManifestByAgent = (() => {
       }
       return;
     }
-    if ((field === OVERRIDES_FIELD_NAME || field === PNPM_FIELD_NAME || field === RESOLUTIONS_FIELD_NAME) && !objects.hasKeys(value)) {
+    if ((field === OVERRIDES || field === PNPM_FIELD_NAME || field === RESOLUTIONS) && !objects.hasKeys(value)) {
       return;
     }
     // Since the field doesn't exist we want to insert it into the package.json
@@ -1154,17 +1210,17 @@ const updateManifestByAgent = (() => {
     const entries = Object.entries(pkgJson);
     let insertIndex = -1;
     let isPlacingHigher = false;
-    if (field === OVERRIDES_FIELD_NAME) {
-      insertIndex = getLowestEntryIndex(entries, [RESOLUTIONS_FIELD_NAME]);
+    if (field === OVERRIDES) {
+      insertIndex = getLowestEntryIndex(entries, [RESOLUTIONS]);
       if (insertIndex === -1) {
         isPlacingHigher = true;
         insertIndex = getHighestEntryIndex(entries, [...depFields, PNPM]);
       }
-    } else if (field === RESOLUTIONS_FIELD_NAME) {
+    } else if (field === RESOLUTIONS) {
       isPlacingHigher = true;
-      insertIndex = getHighestEntryIndex(entries, [...depFields, OVERRIDES_FIELD_NAME, PNPM]);
+      insertIndex = getHighestEntryIndex(entries, [...depFields, OVERRIDES, PNPM]);
     } else if (field === PNPM_FIELD_NAME) {
-      insertIndex = getLowestEntryIndex(entries, [OVERRIDES_FIELD_NAME, RESOLUTIONS_FIELD_NAME]);
+      insertIndex = getLowestEntryIndex(entries, [OVERRIDES, RESOLUTIONS]);
       if (insertIndex === -1) {
         isPlacingHigher = true;
         insertIndex = getHighestEntryIndex(entries, depFields);
@@ -1186,12 +1242,13 @@ const updateManifestByAgent = (() => {
     editablePkgJson.fromJSON(`${JSON.stringify(Object.fromEntries(entries), null, 2)}\n`);
   }
   function updateOverrides(editablePkgJson, overrides) {
-    updatePkgJson(editablePkgJson, OVERRIDES_FIELD_NAME, overrides);
+    updatePkgJson(editablePkgJson, OVERRIDES, overrides);
   }
   function updateResolutions(editablePkgJson, overrides) {
-    updatePkgJson(editablePkgJson, RESOLUTIONS_FIELD_NAME, overrides);
+    updatePkgJson(editablePkgJson, RESOLUTIONS, overrides);
   }
   return {
+    __proto__: null,
     [BUN]: updateResolutions,
     [NPM$1]: updateOverrides,
     [PNPM](editablePkgJson, overrides) {
@@ -1253,6 +1310,7 @@ const lsByAgent = (() => {
     return cleanupQueryStdout(stdout);
   }
   return {
+    __proto__: null,
     async [BUN](agentExecPath, cwd) {
       try {
         // Bun does not support filtering by production packages yet.
@@ -1330,6 +1388,7 @@ const depsIncludesByAgent = (() => {
     return stdout.includes(`"${name}"`);
   }
   return {
+    __proto__: null,
     [BUN]: matchHumanStdout,
     [NPM$1]: matchQueryStdout,
     [PNPM]: matchQueryStdout,
@@ -1339,7 +1398,7 @@ const depsIncludesByAgent = (() => {
   };
 })();
 function createActionMessage(verb, overrideCount, workspaceCount) {
-  return `${verb} ${overrideCount} Socket.dev optimized overrides${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
+  return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
 }
 function getDependencyEntries(pkgJson) {
   const {
@@ -1368,11 +1427,11 @@ async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
   let workspacePatterns;
   if (agent === PNPM) {
     for (const workspacePath of [path.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), path.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
-      if (existsSync(workspacePath)) {
+      // eslint-disable-next-line no-await-in-loop
+      const yml = await socketUrl.safeReadFile(workspacePath, 'utf8');
+      if (yml) {
         try {
-          workspacePatterns = yaml.parse(
-          // eslint-disable-next-line no-await-in-loop
-          await fs$1.readFile(workspacePath, 'utf8'))?.packages;
+          workspacePatterns = yaml.parse(yml)?.packages;
         } catch {}
         if (workspacePatterns) {
           break;
@@ -1512,7 +1571,7 @@ async function addOverrides({
           const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
           const depAlias = depAliasMap.get(origPkgName);
           const regSpecStartsLike = `${NPM$1}:${regPkgName}@`;
-          let newSpec = `${regSpecStartsLike}^${pin ? version : major}`;
+          let newSpec = `${regSpecStartsLike}${pin ? version : `^${major}`}`;
           let thisVersion = version;
           if (depAlias && type === NPM$1) {
             // With npm one may not set an override for a package that one directly
@@ -1529,7 +1588,7 @@ async function addOverrides({
               if (pin) {
                 thisVersion = semver.major(semver.coerce(npa(thisSpec).rawSpec)?.version ?? version) === major ? version : (await packages.fetchPackageManifest(thisSpec))?.version ?? version;
               }
-              newSpec = `${regSpecStartsLike}^${pin ? thisVersion : semver.major(thisVersion)}`;
+              newSpec = `${regSpecStartsLike}${pin ? thisVersion : `^${semver.major(thisVersion)}`}`;
             } else {
               newSpec = oldSpec;
             }
@@ -1597,7 +1656,7 @@ const optimize = {
       pin,
       prod
     } = commandContext;
-    const cwd = process.cwd();
+    const cwd = process$1.cwd();
     const {
       agent,
       agentExecPath,
@@ -1644,13 +1703,13 @@ const optimize = {
     if (lockPath && path.relative(cwd, lockPath).startsWith('.')) {
       console.warn(`⚠️ ${COMMAND_TITLE}: Package ${lockName} found at ${lockPath}`);
     }
-    const spinner = yoctoSpinner({
+    const spinner$1 = new spinner.Spinner({
       text: 'Socket optimizing...'
     });
     const state = createAddOverridesState({
-      spinner
+      spinner: spinner$1
     });
-    spinner.start();
+    spinner$1.start();
     const nodeRange = `>=${minimumNodeVersion}`;
     const manifestEntries = manifestNpmOverrides.filter(({
       1: data
@@ -1668,7 +1727,7 @@ const optimize = {
       prod,
       rootPath: pkgPath
     }, state);
-    spinner.stop();
+    spinner$1.stop();
     const addedCount = state.added.size;
     const updatedCount = state.updated.size;
     const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
@@ -1686,23 +1745,24 @@ const optimize = {
     if (isNpm || pkgJsonChanged) {
       // Always update package-lock.json until the npm overrides PR lands:
       // https://github.com/npm/cli/pull/7025
-      spinner.start(`Updating ${lockName}...`);
+      spinner$1.start(`Updating ${lockName}...`);
       try {
         if (isNpm) {
-          const wrapperPath = path.join(rootBinPath, 'npm-cli.js');
-          const npmSpawnOptions = {
-            signal: abortSignal$2,
-            stdio: 'ignore',
-            env: {
-              ...process.env,
-              [UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE]: '1'
+          const ipc = {
+            [SOCKET_IPC_HANDSHAKE]: {
+              [SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE]: true
             }
           };
-          await spawn(execPath, [wrapperPath, 'install', '--silent'], npmSpawnOptions);
+          await shadowNpmInstall({
+            ipc
+          });
           // TODO: This is a temporary workaround for a `npm ci` bug where it
           // will error out after Socket Optimize generates a lock file. More
           // investigation is needed.
-          await spawn(execPath, [wrapperPath, 'install', '--silent', '--ignore-scripts', '--package-lock-only'], npmSpawnOptions);
+          await shadowNpmInstall({
+            flags: ['--ignore-scripts', '--package-lock-only'],
+            ipc
+          });
         } else {
           // All package managers support the "install" command.
           await spawn(agentExecPath, ['install'], {
@@ -1710,12 +1770,13 @@ const optimize = {
             stdio: 'ignore'
           });
         }
-        spinner.stop();
+        spinner$1.stop();
         if (isNpm) {
           console.log(`💡 Re-run ${COMMAND_TITLE} whenever ${lockName} changes.\n   This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
         }
-      } catch {
-        spinner.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
+      } catch (e) {
+        spinner$1.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
+        console.error(e);
       }
     }
   }
@@ -1742,7 +1803,7 @@ function setupCommand$l(name, description, argv, importMeta) {
       $ ${name}
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name}
@@ -1790,20 +1851,20 @@ function setupCommand$k(name, description, argv, importMeta) {
   });
 }
 async function fetchOrganizations() {
-  const apiKey = sdk.getDefaultKey();
+  const apiKey = socketUrl.getDefaultToken();
   if (!apiKey) {
-    throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+    throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
-  const spinner = yoctoSpinner({
+  const spinner$1 = new spinner.Spinner({
     text: 'Fetching organizations...'
   }).start();
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
   if (result.success === false) {
-    handleUnsuccessfulApiResponse('getOrganizations', result, spinner);
+    handleUnsuccessfulApiResponse('getOrganizations', result, spinner$1);
     return;
   }
-  spinner.stop(`List of organizations associated with your API key: ${colors.italic(apiKey)}`);
+  spinner$1.stop(`List of organizations associated with your API key: ${colors.italic(apiKey)}`);
   const organizations = Object.values(result.data.organizations);
   for (const o of organizations) {
     console.log(`
@@ -1837,7 +1898,7 @@ async function setupCommand$j(name, description, argv, importMeta) {
       $ ${name} <${binName$1} command>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} install
@@ -1862,7 +1923,7 @@ async function setupCommand$j(name, description, argv, importMeta) {
     // The exit code 127 indicates that the command or binary being executed
     // could not be found.
     console.error(`Socket unable to locate ${binName$1}; ensure it is available in the PATH environment variable.`);
-    process.exit(127);
+    process$1.exit(127);
   }
   const spawnPromise = spawn(binPath, argv, {
     signal: abortSignal$1,
@@ -1874,9 +1935,9 @@ async function setupCommand$j(name, description, argv, importMeta) {
       return;
     }
     if (signalName) {
-      process.kill(process.pid, signalName);
+      process$1.kill(process$1.pid, signalName);
     } else if (code !== null) {
-      process.exit(code);
+      process$1.exit(code);
     }
   });
   await spawnPromise;
@@ -1905,7 +1966,7 @@ async function setupCommand$i(name, description, argv, importMeta) {
       $ ${name} <${binName} command>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} install
@@ -1930,7 +1991,7 @@ async function setupCommand$i(name, description, argv, importMeta) {
     // The exit code 127 indicates that the command or binary being executed
     // could not be found.
     console.error(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`);
-    process.exit(127);
+    process$1.exit(127);
   }
   const spawnPromise = spawn(binPath, argv, {
     signal: abortSignal,
@@ -1942,9 +2003,9 @@ async function setupCommand$i(name, description, argv, importMeta) {
       return;
     }
     if (signalName) {
-      process.kill(process.pid, signalName);
+      process$1.kill(process$1.pid, signalName);
     } else if (code !== null) {
-      process.exit(code);
+      process$1.exit(code);
     }
   });
   await spawnPromise;
@@ -1980,7 +2041,7 @@ function setupCommand$h(name, description, argv, importMeta) {
       $ ${name} <report-identifier>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
@@ -2002,7 +2063,7 @@ function setupCommand$h(name, description, argv, importMeta) {
   }
   // Validate the input.
   if (extraInput.length) {
-    throw new sdk.InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`);
+    throw new socketUrl.InputError(`Can only handle a single report ID at a time, but got ${cli.input.length} report ID:s: ${cli.input.join(', ')}`);
   }
   return {
     includeAllIssues: cli.flags['all'],
@@ -2018,8 +2079,8 @@ async function fetchReportData(reportId, {
   strict
 }) {
   // Do the API call
-  const socketSdk = await sdk.setupSdk();
-  const spinner = yoctoSpinner({
+  const socketSdk = await socketUrl.setupSdk();
+  const spinner$1 = new spinner.Spinner({
     text: `Fetching report with ID ${reportId} (this could take a while)`
   }).start();
   let result;
@@ -2034,23 +2095,23 @@ async function fetchReportData(reportId, {
     }
   }
   if (result.success === false) {
-    return handleUnsuccessfulApiResponse('getReport', result, spinner);
+    return handleUnsuccessfulApiResponse('getReport', result, spinner$1);
   }
   // Conclude the status of the API call
   if (strict) {
     if (result.data.healthy) {
-      spinner.success('Report result is healthy and great!');
+      spinner$1.success('Report result is healthy and great!');
     } else {
-      spinner.error('Report result deemed unhealthy for project');
+      spinner$1.error('Report result deemed unhealthy for project');
     }
   } else if (result.data.healthy === false) {
     const severityCount = getSeverityCount(result.data.issues, includeAllIssues ? undefined : 'high');
     const issueSummary = formatSeverityCount(severityCount);
-    spinner.success(`Report has these issues: ${issueSummary}`);
+    spinner$1.success(`Report has these issues: ${issueSummary}`);
   } else {
-    spinner.success('Report has no issues');
+    spinner$1.success('Report has no issues');
   }
   return result.data;
 }
@@ -2064,7 +2125,7 @@ function formatReportDataOutput(data, {
   if (outputJson) {
     console.log(JSON.stringify(data, undefined, 2));
   } else {
-    const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+    const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
     console.log('\nDetailed info on socket.dev: ' + format.hyperlink(reportId, data.url, {
       fallbackToUrl: true
     }));
@@ -2073,7 +2134,7 @@ function formatReportDataOutput(data, {
     }
   }
   if (strict && data.healthy === false) {
-    process.exit(1);
+    process$1.exit(1);
   }
 }
@@ -2088,7 +2149,6 @@ const create$2 = {
       const {
         config,
         cwd,
-        debugLog,
         dryRun,
         includeAllIssues,
         outputJson,
@@ -2100,7 +2160,6 @@ const create$2 = {
       const result = input && (await createReport(packagePaths, {
         config,
         cwd,
-        debugLog,
         dryRun
       }));
       if (result && view) {
@@ -2136,12 +2195,6 @@ async function setupCommand$g(name, description, argv, importMeta) {
     ...commonFlags,
     ...outputFlags,
     ...validationFlags,
-    debug: {
-      type: 'boolean',
-      shortFlag: 'd',
-      default: false,
-      description: 'Output debug information'
-    },
     dryRun: {
       type: 'boolean',
       default: false,
@@ -2168,9 +2221,8 @@ async function setupCommand$g(name, description, argv, importMeta) {
     default ignores from the "ignore-by-default" module.
     Options
-      ${printFlagList({
+      ${getFlagListOutput({
     all: 'Include all issues',
-    debug: 'Output debug information',
     'dry-run': 'Only output what will be done without actually doing it',
     json: 'Output result as json',
     markdown: 'Output result as markdown',
@@ -2200,10 +2252,9 @@ async function setupCommand$g(name, description, argv, importMeta) {
   const {
     dryRun
   } = cli.flags;
-  const debugLog = sdk.createDebugLogger(!dryRun || cli.flags['debug']);
   // TODO: Allow setting a custom cwd and/or configFile path?
-  const cwd = process.cwd();
+  const cwd = process$1.cwd();
   const absoluteConfigPath = path.join(cwd, 'socket.yml');
   const config$1 = await config.readSocketConfig(absoluteConfigPath).catch(cause => {
     if (cause && typeof cause === 'object' && cause instanceof config.SocketValidationError) {
@@ -2215,27 +2266,26 @@ async function setupCommand$g(name, description, argv, importMeta) {
         errors: cause.validationErrors,
         schema: cause.schema
       });
-      throw new sdk.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
+      throw new socketUrl.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
     } else {
       throw new ponyCause.ErrorWithCause('Failed to read socket.yml config', {
         cause
       });
     }
   });
-  const socketSdk = await sdk.setupSdk();
+  const socketSdk = await socketUrl.setupSdk();
   const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, yoctoSpinner());
+    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
     return res.data;
   }).catch(cause => {
     throw new ponyCause.ErrorWithCause('Failed getting supported files for report', {
       cause
     });
   });
-  const packagePaths = await pathResolve.getPackageFiles(cwd, cli.input, config$1, supportedFiles, debugLog);
+  const packagePaths = await pathResolve.getPackageFiles(cwd, cli.input, config$1, supportedFiles);
   return {
     config: config$1,
     cwd,
-    debugLog,
     dryRun,
     includeAllIssues: cli.flags['all'],
     outputJson: cli.flags['json'],
@@ -2248,24 +2298,23 @@ async function setupCommand$g(name, description, argv, importMeta) {
 async function createReport(packagePaths, {
   config,
   cwd,
-  debugLog,
   dryRun
 }) {
-  debugLog('Uploading:', packagePaths.join(`\n${sdk.logSymbols.info} Uploading: `));
+  pathResolve.debugLog('Uploading:', packagePaths.join(`\n${pathResolve.logSymbols.info} Uploading: `));
   if (dryRun) {
     return;
   }
-  const socketSdk = await sdk.setupSdk();
-  const spinner = yoctoSpinner({
+  const socketSdk = await socketUrl.setupSdk();
+  const spinner$1 = new spinner.Spinner({
     text: `Creating report with ${packagePaths.length} package files`
   }).start();
   const apiCall = socketSdk.createReportFromFilePaths(packagePaths, cwd, config?.issueRules);
   const result = await handleApiCall(apiCall, 'creating report');
   if (result.success) {
-    spinner.success();
+    spinner$1.success();
     return result;
   }
-  handleUnsuccessfulApiResponse('createReport', result, spinner);
+  handleUnsuccessfulApiResponse('createReport', result, spinner$1);
   return undefined;
 }
 function formatReportCreationOutput(data, {
@@ -2276,7 +2325,7 @@ function formatReportCreationOutput(data, {
     console.log(JSON.stringify(data, undefined, 2));
     return;
   }
-  const format = new sdk.ColorOrMarkdown(!!outputMarkdown);
+  const format = new socketUrl.ColorOrMarkdown(!!outputMarkdown);
   console.log(`New report: ${format.hyperlink(data.id, data.url, {
     fallbackToUrl: true
   })}`);
@@ -2318,13 +2367,13 @@ async function meowWithSubcommands(subcommands, options) {
       $ ${name} <command>
     Commands
-      ${printHelpList({
-    ...objects.toSortedObject(subcommands),
-    ...objects.toSortedObject(aliases)
+      ${getHelpListOutput({
+    ...objects.toSortedObject(Object.fromEntries(Object.entries(subcommands).filter(entry => !entry[1].hidden))),
+    ...objects.toSortedObject(Object.fromEntries(Object.entries(aliases).filter(entry => !subcommands[entry[1]?.argv[0]]?.hidden)))
   }, 6)}
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} --help
@@ -2355,8 +2404,9 @@ const report = {
   }
 };
-const BASH_FILE = `${os.homedir()}/.bashrc`;
-const ZSH_BASH_FILE = `${os.homedir()}/.zshrc`;
+const HOME_DIR = os.homedir();
+const BASH_FILE = `${HOME_DIR}/.bashrc`;
+const ZSH_BASH_FILE = `${HOME_DIR}/.zshrc`;
 const wrapper = {
   description: 'Enable or disable the Socket npm/npx wrapper',
   async run(argv, importMeta, {
@@ -2372,7 +2422,7 @@ function setupCommand$f(name, description, argv, importMeta) {
       $ ${name} <flag>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} --enable
@@ -2427,21 +2477,18 @@ function setupCommand$f(name, description, argv, importMeta) {
     console.error('There was an issue setting up the alias in your bash profile');
   }
 }
-const installSafeNpm = query => {
-  console.log(`
- _____         _       _
-|   __|___ ___| |_ ___| |_
-|__   | . |  _| '_| -_|  _|
-|_____|___|___|_,_|___|_|
+function addAlias(file) {
+  return fs.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
+    if (err) {
+      return new Error(`There was an error setting up the alias: ${err}`);
+    }
+    console.log(`
+The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
+If you want to disable it at any time, run \`socket wrapper --disable\`
 `);
-  const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout
   });
-  return askQuestion(rl, query);
-};
-const askQuestion = (rl, query) => {
+}
+function askQuestion(rl, query) {
   rl.question(query, ans => {
     if (ans.toLowerCase() === 'y') {
       try {
@@ -2461,19 +2508,31 @@ const askQuestion = (rl, query) => {
       rl.close();
     }
   });
-};
-const addAlias = file => {
-  return fs.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
-    if (err) {
-      return new Error(`There was an error setting up the alias: ${err}`);
-    }
-    console.log(`
-The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
-If you want to disable it at any time, run \`socket wrapper --disable\`
+}
+function checkSocketWrapperAlreadySetup(file) {
+  const fileContent = fs.readFileSync(file, 'utf8');
+  const linesWithSocketAlias = fileContent.split('\n').filter(l => l === 'alias npm="socket npm"' || l === 'alias npx="socket npx"');
+  if (linesWithSocketAlias.length) {
+    console.log(`The Socket npm/npx wrapper is set up in your bash profile (${file}).`);
+    return true;
+  }
+  return false;
+}
+function installSafeNpm(query) {
+  console.log(`
+ _____         _       _
+|   __|___ ___| |_ ___| |_
+|__   | . |  _| '_| -_|  _|
+|_____|___|___|_,_|___|_|
 `);
+  const rl = readline.createInterface({
+    input: process$1.stdin,
+    output: process$1.stdout
   });
-};
-const removeAlias = file => {
+  return askQuestion(rl, query);
+}
+function removeAlias(file) {
   return fs.readFile(file, 'utf8', function (err, data) {
     if (err) {
       console.error(`There was an error removing the alias: ${err}`);
@@ -2490,16 +2549,7 @@ const removeAlias = file => {
       }
     });
   });
-};
-const checkSocketWrapperAlreadySetup = file => {
-  const fileContent = fs.readFileSync(file, 'utf8');
-  const linesWithSocketAlias = fileContent.split('\n').filter(l => l === 'alias npm="socket npm"' || l === 'alias npx="socket npx"');
-  if (linesWithSocketAlias.length) {
-    console.log(`The Socket npm/npx wrapper is set up in your bash profile (${file}).`);
-    return true;
-  }
-  return false;
-};
+}
 const create$1 = {
   description: 'Create a scan',
@@ -2509,15 +2559,15 @@ const create$1 = {
     const name = `${parentName} create`;
     const input = await setupCommand$e(name, create$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Creating a scan... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await createFullScan(input, spinner, apiKey);
+      await createFullScan(input, spinner$1, apiKey);
     }
   }
 };
@@ -2588,7 +2638,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
       $ ${name} [...options]
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} --org=FakeOrg --repo=test-repo --branch=main ./package.json
@@ -2609,10 +2659,10 @@ async function setupCommand$e(name, description, argv, importMeta) {
   const {
     0: orgSlug = ''
   } = cli.input;
-  const cwd = process.cwd();
-  const socketSdk = await sdk.setupSdk();
+  const cwd = process$1.cwd();
+  const socketSdk = await socketUrl.setupSdk();
   const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
-    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, yoctoSpinner());
+    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
     return res.data;
   }).catch(/** @type {(cause: Error) => never} */
   cause => {
@@ -2620,8 +2670,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
       cause
     });
   });
-  const debugLog = sdk.createDebugLogger(false);
-  const packagePaths = await pathResolve.getPackageFilesFullScans(cwd, cli.input, supportedFiles, debugLog);
+  const packagePaths = await pathResolve.getPackageFilesFullScans(cwd, cli.input, supportedFiles);
   const {
     branch: branchName,
     repo: repoName
@@ -2652,7 +2701,7 @@ async function setupCommand$e(name, description, argv, importMeta) {
   };
 }
 async function createFullScan(input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const {
     branchName,
     commitMessage,
@@ -2697,15 +2746,15 @@ const del$1 = {
     const name = `${parentName} del`;
     const input = setupCommand$d(name, del$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Deleting scan...';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await deleteOrgFullScan(input.orgSlug, input.fullScanId, spinner, apiKey);
+      await deleteOrgFullScan(input.orgSlug, input.fullScanId, spinner$1, apiKey);
     }
   }
 };
@@ -2722,7 +2771,7 @@ function setupCommand$d(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan ID>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
@@ -2753,7 +2802,7 @@ function setupCommand$d(name, description, argv, importMeta) {
   };
 }
 async function deleteOrgFullScan(orgSlug, fullScanId, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
   if (result.success) {
     spinner.success('Scan deleted successfully');
@@ -2762,6 +2811,7 @@ async function deleteOrgFullScan(orgSlug, fullScanId, spinner, apiKey) {
   }
 }
+// @ts-ignore
 const list$1 = {
   description: 'List scans for an organization',
   async run(argv, importMeta, {
@@ -2770,15 +2820,15 @@ const list$1 = {
     const name = `${parentName} list`;
     const input = setupCommand$c(name, list$1.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Listing scans... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await listOrgFullScan(input.orgSlug, input, spinner, apiKey);
+      await listOrgFullScan(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -2834,7 +2884,7 @@ function setupCommand$c(name, description, argv, importMeta) {
       $ ${name} <org slug>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg
@@ -2869,7 +2919,7 @@ function setupCommand$c(name, description, argv, importMeta) {
   };
 }
 async function listOrgFullScan(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgFullScanList(orgSlug, input), 'Listing scans');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgFullScanList', result, spinner);
@@ -2914,15 +2964,15 @@ const metadata = {
     const name = `${parentName} metadata`;
     const input = setupCommand$b(name, metadata.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = "Getting scan's metadata... \n";
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await getOrgScanMetadata(input.orgSlug, input.scanID, spinner, apiKey);
+      await getOrgScanMetadata(input.orgSlug, input.scanID, spinner$1, apiKey);
     }
   }
 };
@@ -2939,7 +2989,7 @@ function setupCommand$b(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan id>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
@@ -2970,7 +3020,7 @@ function setupCommand$b(name, description, argv, importMeta) {
   };
 }
 async function getOrgScanMetadata(orgSlug, scanId, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgFullScanMetadata(orgSlug, scanId), 'Listing scans');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result, spinner);
@@ -2988,18 +3038,18 @@ const stream = {
     const name = `${parentName} stream`;
     const input = setupCommand$a(name, stream.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Streaming scan...'
       }).start();
       const result = await getOrgFullScan(input.orgSlug, input.fullScanId, input.file, apiKey);
       if (result?.success) {
-        spinner.stop(input.file ? `Full scan details written to ${input.file}` : '');
+        spinner$1.stop(input.file ? `Full scan details written to ${input.file}` : '');
       } else {
-        handleUnsuccessfulApiResponse('getOrgFullScan', result, spinner);
+        handleUnsuccessfulApiResponse('getOrgFullScan', result, spinner$1);
       }
     }
   }
@@ -3017,7 +3067,7 @@ function setupCommand$a(name, description, argv, importMeta) {
       $ ${name} <org slug> <scan ID> <path to output file>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0 ./stream.txt
@@ -3050,7 +3100,7 @@ function setupCommand$a(name, description, argv, importMeta) {
   };
 }
 async function getOrgFullScan(orgSlug, fullScanId, file, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   return await handleApiCall(socketSdk.getOrgFullScan(orgSlug, fullScanId, file), 'Streaming a scan');
 }
@@ -3083,14 +3133,14 @@ const auditLog = {
     const name = parentName + ' audit-log';
     const input = setupCommand$9(name, auditLog.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: `Looking up audit log for ${input.orgSlug}\n`
       }).start();
-      await fetchOrgAuditLog(input.orgSlug, input, spinner, apiKey);
+      await fetchOrgAuditLog(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3128,7 +3178,7 @@ function setupCommand$9(name, description, argv, importMeta) {
       $ ${name} <org slug>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg
@@ -3167,7 +3217,7 @@ function setupCommand$9(name, description, argv, importMeta) {
   };
 }
 async function fetchOrgAuditLog(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getAuditLogEvents(orgSlug, input), `Looking up audit log for ${orgSlug}\n`);
   if (!result.success) {
     handleUnsuccessfulApiResponse('getAuditLogEvents', result, spinner);
@@ -3207,15 +3257,15 @@ const create = {
     const name = `${parentName} create`;
     const input = setupCommand$8(name, create.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Creating repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await createRepo(input.orgSlug, input, spinner, apiKey);
+      await createRepo(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3265,7 +3315,7 @@ function setupCommand$8(name, description, argv, importMeta) {
       $ ${name} <org slug>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg --repoName=test-repo
@@ -3303,7 +3353,7 @@ function setupCommand$8(name, description, argv, importMeta) {
   };
 }
 async function createRepo(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.createOrgRepo(orgSlug, input), 'creating repository');
   if (result.success) {
     spinner.success('Repository created successfully');
@@ -3320,15 +3370,15 @@ const del = {
     const name = `${parentName} del`;
     const input = setupCommand$7(name, del.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Deleting repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await deleteRepository(input.orgSlug, input.repoName, spinner, apiKey);
+      await deleteRepository(input.orgSlug, input.repoName, spinner$1, apiKey);
     }
   }
 };
@@ -3366,7 +3416,7 @@ function setupCommand$7(name, description, argv, importMeta) {
   };
 }
 async function deleteRepository(orgSlug, repoName, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
   if (result.success) {
     spinner.success('Repository deleted successfully');
@@ -3375,6 +3425,7 @@ async function deleteRepository(orgSlug, repoName, spinner, apiKey) {
   }
 }
+// @ts-ignore
 const list = {
   description: 'List repositories in an organization',
   async run(argv, importMeta, {
@@ -3383,15 +3434,15 @@ const list = {
     const name = `${parentName} list`;
     const input = setupCommand$6(name, list.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Listing repositories... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await listOrgRepos(input.orgSlug, input, spinner, apiKey);
+      await listOrgRepos(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3434,7 +3485,7 @@ function setupCommand$6(name, description, argv, importMeta) {
       $ ${name} <org slug>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg
@@ -3467,7 +3518,7 @@ function setupCommand$6(name, description, argv, importMeta) {
   };
 }
 async function listOrgRepos(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgRepoList(orgSlug, input), 'listing repositories');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgRepoList', result, spinner);
@@ -3502,15 +3553,15 @@ const update = {
     const name = `${parentName} update`;
     const input = setupCommand$5(name, update.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Updating repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await updateRepository(input.orgSlug, input, spinner, apiKey);
+      await updateRepository(input.orgSlug, input, spinner$1, apiKey);
     }
   }
 };
@@ -3560,7 +3611,7 @@ function setupCommand$5(name, description, argv, importMeta) {
       $ ${name} <org slug>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg
@@ -3598,7 +3649,7 @@ function setupCommand$5(name, description, argv, importMeta) {
   };
 }
 async function updateRepository(orgSlug, input, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.updateOrgRepo(orgSlug, input.name, input), 'updating repository');
   if (result.success) {
     spinner.success('Repository updated successfully');
@@ -3607,6 +3658,7 @@ async function updateRepository(orgSlug, input, spinner, apiKey) {
   }
 }
+// @ts-ignore
 const view = {
   description: 'View repositories in an organization',
   async run(argv, importMeta, {
@@ -3615,15 +3667,15 @@ const view = {
     const name = `${parentName} view`;
     const input = setupCommand$4(name, view.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Fetching repository... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await viewRepository(input.orgSlug, input.repositoryName, spinner, apiKey);
+      await viewRepository(input.orgSlug, input.repositoryName, spinner$1, apiKey);
     }
   }
 };
@@ -3640,7 +3692,7 @@ function setupCommand$4(name, description, argv, importMeta) {
       $ ${name} <org slug>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeOrg
@@ -3671,7 +3723,7 @@ function setupCommand$4(name, description, argv, importMeta) {
   };
 }
 async function viewRepository(orgSlug, repoName, spinner, apiKey) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgRepo(orgSlug, repoName), 'fetching repository');
   if (!result.success) {
     handleUnsuccessfulApiResponse('getOrgRepo', result, spinner);
@@ -3725,6 +3777,7 @@ const repo = {
   }
 };
+// @ts-ignore
 const dependencies = {
   description: 'Search for any dependency that is being used in your organization',
   async run(argv, importMeta, {
@@ -3765,7 +3818,7 @@ function setupCommand$3(name, description, argv, importMeta) {
       $ ${name}
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name}
@@ -3793,23 +3846,23 @@ async function searchDeps({
   offset,
   outputJson
 }) {
-  const apiKey = sdk.getDefaultKey();
+  const apiKey = socketUrl.getDefaultToken();
   if (!apiKey) {
-    throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+    throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
-  const spinner = yoctoSpinner({
+  const spinner$1 = new spinner.Spinner({
     text: 'Searching dependencies...'
   }).start();
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.searchDependencies({
     limit,
     offset
   }), 'Searching dependencies');
   if (!result.success) {
-    handleUnsuccessfulApiResponse('searchDependencies', result, spinner);
+    handleUnsuccessfulApiResponse('searchDependencies', result, spinner$1);
     return;
   }
-  spinner.stop('Organization dependencies:');
+  spinner$1.stop('Organization dependencies:');
   if (outputJson) {
     console.log(result.data);
     return;
@@ -3850,18 +3903,18 @@ const analytics = {
     const name = parentName + ' analytics';
     const input = setupCommand$2(name, analytics.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Fetching analytics data'
       }).start();
       if (input.scope === 'org') {
-        await fetchOrgAnalyticsData(input.time, spinner, apiKey, input.outputJson, input.file);
+        await fetchOrgAnalyticsData(input.time, spinner$1, apiKey, input.outputJson, input.file);
       } else {
         if (input.repo) {
-          await fetchRepoAnalyticsData(input.repo, input.time, spinner, apiKey, input.outputJson, input.file);
+          await fetchRepoAnalyticsData(input.repo, input.time, spinner$1, apiKey, input.outputJson, input.file);
         }
       }
     }
@@ -3907,7 +3960,7 @@ function setupCommand$2(name, description, argv, importMeta) {
       $ ${name} --scope=<scope> --time=<time filter>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} --scope=org --time=7
@@ -3925,10 +3978,10 @@ function setupCommand$2(name, description, argv, importMeta) {
     time
   } = cli.flags;
   if (scope !== 'org' && scope !== 'repo') {
-    throw new sdk.InputError("The scope must either be 'org' or 'repo'");
+    throw new socketUrl.InputError("The scope must either be 'org' or 'repo'");
   }
   if (time !== 7 && time !== 30 && time !== 90) {
-    throw new sdk.InputError('The time filter must either be 7, 30 or 90');
+    throw new socketUrl.InputError('The time filter must either be 7, 30 or 90');
   }
   let showHelp = cli.flags['help'];
   if (scope === 'repo' && !repo) {
@@ -3949,7 +4002,7 @@ function setupCommand$2(name, description, argv, importMeta) {
 }
 const METRICS = ['total_critical_alerts', 'total_high_alerts', 'total_medium_alerts', 'total_low_alerts', 'total_critical_added', 'total_medium_added', 'total_low_added', 'total_high_added', 'total_critical_prevented', 'total_high_prevented', 'total_medium_prevented', 'total_low_prevented'];
 async function fetchOrgAnalyticsData(time, spinner, apiKey, outputJson, filePath) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getOrgAnalytics(time.toString()), 'fetching analytics data');
   if (result.success === false) {
     return handleUnsuccessfulApiResponse('getOrgAnalytics', result, spinner);
@@ -4062,7 +4115,7 @@ const formatData = (data, scope) => {
   };
 };
 async function fetchRepoAnalyticsData(repo, time, spinner, apiKey, outputJson, filePath) {
-  const socketSdk = await sdk.setupSdk(apiKey);
+  const socketSdk = await socketUrl.setupSdk(apiKey);
   const result = await handleApiCall(socketSdk.getRepoAnalytics(repo, time.toString()), 'fetching analytics data');
   if (result.success === false) {
     return handleUnsuccessfulApiResponse('getRepoAnalytics', result, spinner);
@@ -4150,15 +4203,15 @@ const get = {
     const name = `${parentName} get`;
     const input = setupCommand$1(name, get.description, argv, importMeta);
     if (input) {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
       const spinnerText = 'Getting diff scan... \n';
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: spinnerText
       }).start();
-      await getDiffScan(input, spinner, apiKey);
+      await getDiffScan(input, spinner$1, apiKey);
     }
   }
 };
@@ -4202,7 +4255,7 @@ function setupCommand$1(name, description, argv, importMeta) {
       $ ${name} <org slug> --before=<before> --after=<after>
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name} FakeCorp --before=aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 --after=aaa1aa1a-aaaa-1111-1a1a-1111111a11a1
@@ -4293,7 +4346,6 @@ const diffScan = {
   }
 };
-// @ts-ignore
 const threatFeed = {
   description: 'Look up the threat feed',
   async run(argv, importMeta, {
@@ -4302,14 +4354,14 @@ const threatFeed = {
     const name = `${parentName} threat-feed`;
     const input = setupCommand(name, threatFeed.description, argv, importMeta);
     {
-      const apiKey = sdk.getDefaultKey();
+      const apiKey = socketUrl.getDefaultToken();
       if (!apiKey) {
-        throw new sdk.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
+        throw new socketUrl.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
       }
-      const spinner = yoctoSpinner({
+      const spinner$1 = new spinner.Spinner({
         text: 'Looking up the threat feed'
       }).start();
-      await fetchThreatFeed(input, spinner, apiKey);
+      await fetchThreatFeed(input, spinner$1, apiKey);
     }
   }
 };
@@ -4353,7 +4405,7 @@ function setupCommand(name, description, argv, importMeta) {
       $ ${name}
     Options
-      ${printFlagList(flags, 6)}
+      ${getFlagListOutput(flags, 6)}
     Examples
       $ ${name}
@@ -4429,7 +4481,7 @@ async function fetchThreatFeed({
     data: formattedOutput
   });
   screen.render();
-  screen.key(['escape', 'q', 'C-c'], () => process.exit(0));
+  screen.key(['escape', 'q', 'C-c'], () => process$1.exit(0));
 }
 const formatResults = data => {
   return data.map(d => {
@@ -4454,6 +4506,7 @@ var cliCommands = {
   cdxgen: cdxgen,
   dependencies: dependencies,
   diffScan: diffScan,
+  fix: fix,
   info: info,
   login: login,
   logout: logout,
@@ -4497,7 +4550,7 @@ void (async () => {
           argv: ['report', 'create', '--view', '--strict']
         }
       },
-      argv: process.argv.slice(2),
+      argv: process$1.argv.slice(2),
       name: 'socket',
       importMeta: {
         url: `${require$$0.pathToFileURL(__filename)}`
@@ -4507,10 +4560,10 @@ void (async () => {
     let errorBody;
     let errorTitle;
     let errorMessage = '';
-    if (err instanceof sdk.AuthError) {
+    if (err instanceof socketUrl.AuthError) {
       errorTitle = 'Authentication error';
       errorMessage = err.message;
-    } else if (err instanceof sdk.InputError) {
+    } else if (err instanceof socketUrl.InputError) {
       errorTitle = 'Invalid input';
       errorMessage = err.message;
       errorBody = err.body;
@@ -4521,10 +4574,10 @@ void (async () => {
     } else {
       errorTitle = 'Unexpected error with no details';
     }
-    console.error(`${sdk.logSymbols.error} ${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
+    console.error(`${pathResolve.logSymbols.error} ${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
     if (errorBody) {
       console.error(`\n${errorBody}`);
     }
-    process.exit(1);
+    process$1.exit(1);
   }
 })();