@socketsecurity/cli 0.14.66 → 0.14.68

package/dist/constants.js

@@ -1,269 +1,323 @@
-'use strict';
+'use strict'
 
-var fs = require('node:fs');
-var os = require('node:os');
-var path = require('node:path');
-var process = require('node:process');
-var registryConstants = require('@socketsecurity/registry/lib/constants');
-var env = require('@socketsecurity/registry/lib/env');
+const fs = require('node:fs')
+const os = require('node:os')
+const path = require('node:path')
+const process = require('node:process')
+const registryConstants = require('@socketsecurity/registry/lib/constants')
+const env = require('@socketsecurity/registry/lib/env')
 
 const {
   NODE_MODULES,
   NPM,
   SOCKET_SECURITY_SCOPE,
   kInternalsSymbol,
-  [kInternalsSymbol]: {
-    createConstantsObject,
-    getIpc
-  }
-} = registryConstants;
-const ALERT_TYPE_CRITICAL_CVE = 'criticalCVE';
-const ALERT_TYPE_CVE = 'cve';
-const ALERT_TYPE_MEDIUM_CVE = 'mediumCVE';
-const ALERT_TYPE_MILD_CVE = 'mildCVE';
-const API_V0_URL = 'https://api.socket.dev/v0/';
-const BINARY_LOCK_EXT = '.lockb';
-const BUN = 'bun';
-const CLI = 'cli';
-const CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER = 'firstPatchedVersionIdentifier';
-const DRY_RUN_LABEL = '[DryRun]';
-const DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`;
-const INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD';
-const INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD';
-const INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD';
-const LOCK_EXT = '.lock';
-const MODULE_SYNC = 'module-sync';
-const NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0';
-const NPM_REGISTRY_URL = 'https://registry.npmjs.org';
-const PNPM = 'pnpm';
-const REDACTED = '<redacted>';
-const REQUIRE = 'require';
-const SHADOW_NPM_BIN = 'shadow-bin';
-const SHADOW_NPM_INJECT = 'shadow-npm-inject';
-const SHADOW_NPM_PATHS = 'shadow-npm-paths';
-const SOCKET = 'socket';
-const SOCKET_CLI_BIN_NAME = 'socket';
-const SOCKET_CLI_BIN_NAME_ALIAS = 'cli';
-const SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG';
-const SOCKET_CLI_FIX = 'SOCKET_CLI_FIX';
-const SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues';
-const SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`;
-const SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN';
-const SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE';
-const SOCKET_CLI_NPM_BIN_NAME = 'socket-npm';
-const SOCKET_CLI_NPX_BIN_NAME = 'socket-npx';
-const SOCKET_CLI_PACKAGE_NAME = 'socket';
-const SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER';
-const SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry';
-const SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry';
-const SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry';
-const SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry';
-const SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`;
-const VLT = 'vlt';
-const WITH_SENTRY = 'with-sentry';
-const YARN = 'yarn';
-const YARN_BERRY = 'yarn/berry';
-const YARN_CLASSIC = 'yarn/classic';
-const YARN_LOCK = 'yarn.lock';
-let _Sentry;
-const LAZY_DIST_TYPE = () => registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE;
+  [kInternalsSymbol]: { createConstantsObject, getIpc }
+} = registryConstants
+const ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'
+const ALERT_TYPE_CVE = 'cve'
+const ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'
+const ALERT_TYPE_MILD_CVE = 'mildCVE'
+const API_V0_URL = 'https://api.socket.dev/v0/'
+const BINARY_LOCK_EXT = '.lockb'
+const BUN = 'bun'
+const CLI = 'cli'
+const CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =
+  'firstPatchedVersionIdentifier'
+const DRY_RUN_LABEL = '[DryRun]'
+const DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`
+const INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'
+const INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'
+const INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'
+const LOCALAPPDATA = 'LOCALAPPDATA'
+const LOCK_EXT = '.lock'
+const MODULE_SYNC = 'module-sync'
+const NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'
+const NPM_REGISTRY_URL = 'https://registry.npmjs.org'
+const PNPM = 'pnpm'
+const REDACTED = '<redacted>'
+const REQUIRE = 'require'
+const SHADOW_NPM_BIN = 'shadow-bin'
+const SHADOW_NPM_INJECT = 'shadow-npm-inject'
+const SHADOW_NPM_PATHS = 'shadow-npm-paths'
+const SOCKET = 'socket'
+const SOCKET_APP_DIR = 'socket/settings'
+const SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'
+const SOCKET_CLI_BIN_NAME = 'socket'
+const SOCKET_CLI_BIN_NAME_ALIAS = 'cli'
+const SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'
+const SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'
+const SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'
+const SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`
+const SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'
+const SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'
+const SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'
+const SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'
+const SOCKET_CLI_PACKAGE_NAME = 'socket'
+const SOCKET_CLI_SAFE_BIN = 'SOCKET_CLI_SAFE_BIN'
+const SOCKET_CLI_SAFE_PROGRESS = 'SOCKET_CLI_SAFE_PROGRESS'
+const SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'
+const SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'
+const SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'
+const SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'
+const SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`
+const SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'
+const SOCKET_SECURITY_API_BASE_URL = 'SOCKET_SECURITY_API_BASE_URL'
+const SOCKET_SECURITY_API_PROXY = 'SOCKET_SECURITY_API_PROXY'
+const SOCKET_SECURITY_API_TOKEN = 'SOCKET_SECURITY_API_TOKEN'
+const VLT = 'vlt'
+const WITH_SENTRY = 'with-sentry'
+const XDG_DATA_HOME = 'XDG_DATA_HOME'
+const YARN = 'yarn'
+const YARN_BERRY = 'yarn/berry'
+const YARN_CLASSIC = 'yarn/classic'
+const YARN_LOCK = 'yarn.lock'
+let _Sentry
+const LAZY_DIST_TYPE = () =>
+  registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE
 const LAZY_ENV = () => {
-  const {
-    env: env$1
-  } = process;
+  const { env: env$1 } = process
   // We inline some environment values so that they CANNOT be influenced by user
   // provided environment variables.
   return Object.freeze({
     // Lazily access registryConstants.ENV.
     ...registryConstants.ENV,
-    // Inlined flag set to determine if this is the Legacy build.
+    // Inlined flag to determine if this is the Legacy build.
     // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]".
     INLINED_SOCKET_CLI_LEGACY_BUILD: true,
-    // Inlined flag set to determine if this is a published build.
+    // Inlined flag to determine if this is a published build.
     // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]".
     INLINED_SOCKET_CLI_PUBLISHED_BUILD: true,
-    // Inlined flag set to determine if this is the Sentry build.
+    // Inlined flag to determine if this is the Sentry build.
     // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]".
     INLINED_SOCKET_CLI_SENTRY_BUILD: false,
-    // Flag set to help debug Socket CLI.
+    // The location of the %localappdata% folder on Windows used to store user-specific,
+    // non-roaming application data, like temporary files, cached data, and program
+    // settings, that are specific to the current machine and user.
+    LOCALAPPDATA: env.envAsString(env$1['LOCALAPPDATA']),
+    // Flag to accepts risks of safe-npm and safe-npx run.
+    SOCKET_CLI_ACCEPT_RISKS: env.envAsBoolean(env$1['SOCKET_CLI_ACCEPT_RISKS']),
+    // Flag to help debug Socket CLI.
     SOCKET_CLI_DEBUG: env.envAsBoolean(env$1['SOCKET_CLI_DEBUG']),
-    // Flag set to make the default API token `undefined`.
-    SOCKET_CLI_NO_API_TOKEN: env.envAsBoolean(env$1['SOCKET_CLI_NO_API_TOKEN'])
-  });
-};
+    // Flag to make the default API token `undefined`.
+    SOCKET_CLI_NO_API_TOKEN: env.envAsBoolean(env$1['SOCKET_CLI_NO_API_TOKEN']),
+    // Flag to view all risks of safe-npm and safe-npx run.
+    SOCKET_CLI_VIEW_ALL_RISKS: env.envAsBoolean(
+      env$1['SOCKET_CLI_VIEW_ALL_RISKS']
+    ),
+    // Flag to change the base URL for all API-calls.
+    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development
+    SOCKET_SECURITY_API_BASE_URL: env.envAsString(
+      env$1['SOCKET_SECURITY_API_BASE_URL']
+    ),
+    // Flag to set the proxy all requests are routed through.
+    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development
+    SOCKET_SECURITY_API_PROXY: env.envAsString(
+      env$1['SOCKET_SECURITY_API_PROXY']
+    ),
+    // Flag to set the API token.
+    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables
+    SOCKET_SECURITY_API_TOKEN:
+      env.envAsString(env$1['SOCKET_SECURITY_API_TOKEN']) ||
+      // Keep 'SOCKET_SECURITY_API_KEY' as an alias of 'SOCKET_SECURITY_API_TOKEN'.
+      // TODO: Remove 'SOCKET_SECURITY_API_KEY' alias.
+      env.envAsString(env$1['SOCKET_SECURITY_API_KEY']),
+    // The location of the base directory on Linux and MacOS used to store
+    // user-specific data files, defaulting to $HOME/.local/share if not set or empty.
+    XDG_DATA_HOME: env.envAsString(env$1['XDG_DATA_HOME'])
+  })
+}
 const lazyBashRcPath = () =>
-// Lazily access constants.homePath.
-path.join(constants.homePath, '.bashrc');
+  // Lazily access constants.homePath.
+  path.join(constants.homePath, '.bashrc')
 const lazyDistCliPath = () =>
-// Lazily access constants.distPath.
-path.join(constants.distPath, 'cli.js');
+  // Lazily access constants.distPath.
+  path.join(constants.distPath, 'cli.js')
 const lazyDistInstrumentWithSentryPath = () =>
-// Lazily access constants.rootDistPath.
-path.join(constants.rootDistPath, 'instrument-with-sentry.js');
+  // Lazily access constants.rootDistPath.
+  path.join(constants.rootDistPath, 'instrument-with-sentry.js')
 const lazyDistPath = () =>
-// Lazily access constants.rootDistPath and constants.DIST_TYPE.
-path.join(constants.rootDistPath, constants.DIST_TYPE);
+  // Lazily access constants.rootDistPath and constants.DIST_TYPE.
+  path.join(constants.rootDistPath, constants.DIST_TYPE)
 const lazyDistShadowNpmBinPath = () =>
-// Lazily access constants.distPath.
-path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`);
+  // Lazily access constants.distPath.
+  path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)
 const lazyDistShadowNpmInjectPath = () =>
-// Lazily access constants.distPath.
-path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`);
-const lazyHomePath = () => os.homedir();
-const lazyMinimumVersionByAgent = () => new Map([
-// Bun >=1.1.39 supports the text-based lockfile.
-// https://bun.sh/blog/bun-lock-text-lockfile
-[BUN, '1.1.39'],
-// The npm version bundled with Node 18.
-// https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch
-[NPM, '10.8.2'],
-// 8.x is the earliest version to support Node 18.
-// https://pnpm.io/installation#compatibility
-// https://www.npmjs.com/package/pnpm?activeTab=versions
-[PNPM, '8.15.9'],
-// 4.x supports >= Node 18.12.0
-// https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400
-[YARN_BERRY, '4.0.0'],
-// Latest 1.x.
-// https://www.npmjs.com/package/yarn?activeTab=versions
-[YARN_CLASSIC, '1.22.22'],
-// vlt does not support overrides so we don't gate on it.
-[VLT, '*']]);
+  // Lazily access constants.distPath.
+  path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)
+const lazyHomePath = () => os.homedir()
+const lazyMinimumVersionByAgent = () =>
+  new Map([
+    // Bun >=1.1.39 supports the text-based lockfile.
+    // https://bun.sh/blog/bun-lock-text-lockfile
+    [BUN, '1.1.39'],
+    // The npm version bundled with Node 18.
+    // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch
+    [NPM, '10.8.2'],
+    // 8.x is the earliest version to support Node 18.
+    // https://pnpm.io/installation#compatibility
+    // https://www.npmjs.com/package/pnpm?activeTab=versions
+    [PNPM, '8.15.9'],
+    // 4.x supports >= Node 18.12.0
+    // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400
+    [YARN_BERRY, '4.0.0'],
+    // Latest 1.x.
+    // https://www.npmjs.com/package/yarn?activeTab=versions
+    [YARN_CLASSIC, '1.22.22'],
+    // vlt does not support overrides so we don't gate on it.
+    [VLT, '*']
+  ])
 const lazyNmBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, `${NODE_MODULES}/.bin`);
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, `${NODE_MODULES}/.bin`)
 
 // Redefine registryConstants.nodeHardenFlags to account for the
 // INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.
 const lazyNodeHardenFlags = () =>
-// The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]".
-// Lazily access constants.WIN32.
-constants.WIN32 ? [] :
-// Harden Node security.
-// https://nodejs.org/en/learn/getting-started/security-best-practices
-// We have contributed the following patches to our dependencies to make
-// Node's --frozen-intrinsics workable.
-// √ https://github.com/SBoudrias/Inquirer.js/pull/1683
-// √ https://github.com/pnpm/components/pull/23
-['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation'];
+  // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]".
+  // Lazily access constants.WIN32.
+  constants.WIN32
+    ? []
+    : // Harden Node security.
+      // https://nodejs.org/en/learn/getting-started/security-best-practices
+      // We have contributed the following patches to our dependencies to make
+      // Node's --frozen-intrinsics workable.
+      // √ https://github.com/SBoudrias/Inquirer.js/pull/1683
+      // √ https://github.com/pnpm/components/pull/23
+      ['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation']
 const lazyRootBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, 'bin');
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, 'bin')
 const lazyRootDistPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, 'dist');
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, 'dist')
 const lazyRootPath = () =>
-// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']".
-path.join(fs.realpathSync.native(__dirname), '..');
+  path.join(
+    fs.realpathSync.native(__dirname),
+    // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']".
+    '..'
+  )
 const lazyShadowBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, SHADOW_NPM_BIN);
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, SHADOW_NPM_BIN)
 const lazyZshRcPath = () =>
-// Lazily access constants.homePath.
-path.join(constants.homePath, '.zshrc');
-const constants = createConstantsObject({
-  ALERT_TYPE_CRITICAL_CVE,
-  ALERT_TYPE_CVE,
-  ALERT_TYPE_MEDIUM_CVE,
-  ALERT_TYPE_MILD_CVE,
-  API_V0_URL,
-  BINARY_LOCK_EXT,
-  BUN,
-  CLI,
-  CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,
-  // Lazily defined values are initialized as `undefined` to keep their key order.
-  DIST_TYPE: undefined,
-  DRY_RUN_LABEL,
-  DRY_RUN_BAIL_TEXT,
-  ENV: undefined,
-  INLINED_SOCKET_CLI_LEGACY_BUILD,
-  INLINED_SOCKET_CLI_PUBLISHED_BUILD,
-  INLINED_SOCKET_CLI_SENTRY_BUILD,
-  LOCK_EXT,
-  MODULE_SYNC,
-  NPM_BUGGY_OVERRIDES_PATCHED_VERSION,
-  NPM_REGISTRY_URL,
-  PNPM,
-  REDACTED,
-  REQUIRE,
-  SHADOW_NPM_BIN,
-  SHADOW_NPM_INJECT,
-  SHADOW_NPM_PATHS,
-  SOCKET,
-  SOCKET_CLI_BIN_NAME,
-  SOCKET_CLI_BIN_NAME_ALIAS,
-  SOCKET_CLI_DEBUG,
-  SOCKET_CLI_FIX,
-  SOCKET_CLI_ISSUES_URL,
-  SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,
-  SOCKET_CLI_LEGACY_PACKAGE_NAME,
-  SOCKET_CLI_NO_API_TOKEN,
-  SOCKET_CLI_NPM_BIN_NAME,
-  SOCKET_CLI_NPX_BIN_NAME,
-  SOCKET_CLI_OPTIMIZE,
-  SOCKET_CLI_PACKAGE_NAME,
-  SOCKET_CLI_SAFE_WRAPPER,
-  SOCKET_CLI_SENTRY_BIN_NAME,
-  SOCKET_CLI_SENTRY_NPM_BIN_NAME,
-  SOCKET_CLI_SENTRY_NPX_BIN_NAME,
-  SOCKET_CLI_SENTRY_PACKAGE_NAME,
-  VLT,
-  WITH_SENTRY,
-  YARN,
-  YARN_BERRY,
-  YARN_CLASSIC,
-  YARN_LOCK,
-  bashRcPath: undefined,
-  distCliPath: undefined,
-  distInstrumentWithSentryPath: undefined,
-  distPath: undefined,
-  distShadowNpmBinPath: undefined,
-  distShadowNpmInjectPath: undefined,
-  homePath: undefined,
-  minimumVersionByAgent: undefined,
-  nmBinPath: undefined,
-  nodeHardenFlags: undefined,
-  rootBinPath: undefined,
-  rootDistPath: undefined,
-  rootPath: undefined,
-  shadowBinPath: undefined,
-  zshRcPath: undefined
-}, {
-  getters: {
-    DIST_TYPE: LAZY_DIST_TYPE,
-    ENV: LAZY_ENV,
-    bashRcPath: lazyBashRcPath,
-    distCliPath: lazyDistCliPath,
-    distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,
-    distPath: lazyDistPath,
-    distShadowNpmBinPath: lazyDistShadowNpmBinPath,
-    distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,
-    homePath: lazyHomePath,
-    minimumVersionByAgent: lazyMinimumVersionByAgent,
-    nmBinPath: lazyNmBinPath,
-    nodeHardenFlags: lazyNodeHardenFlags,
-    rootBinPath: lazyRootBinPath,
-    rootDistPath: lazyRootDistPath,
-    rootPath: lazyRootPath,
-    shadowBinPath: lazyShadowBinPath,
-    zshRcPath: lazyZshRcPath
+  // Lazily access constants.homePath.
+  path.join(constants.homePath, '.zshrc')
+const constants = createConstantsObject(
+  {
+    ALERT_TYPE_CRITICAL_CVE,
+    ALERT_TYPE_CVE,
+    ALERT_TYPE_MEDIUM_CVE,
+    ALERT_TYPE_MILD_CVE,
+    API_V0_URL,
+    BINARY_LOCK_EXT,
+    BUN,
+    CLI,
+    CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,
+    // Lazily defined values are initialized as `undefined` to keep their key order.
+    DIST_TYPE: undefined,
+    DRY_RUN_LABEL,
+    DRY_RUN_BAIL_TEXT,
+    ENV: undefined,
+    INLINED_SOCKET_CLI_LEGACY_BUILD,
+    INLINED_SOCKET_CLI_PUBLISHED_BUILD,
+    INLINED_SOCKET_CLI_SENTRY_BUILD,
+    LOCALAPPDATA,
+    LOCK_EXT,
+    MODULE_SYNC,
+    NPM_BUGGY_OVERRIDES_PATCHED_VERSION,
+    NPM_REGISTRY_URL,
+    PNPM,
+    REDACTED,
+    REQUIRE,
+    SHADOW_NPM_BIN,
+    SHADOW_NPM_INJECT,
+    SHADOW_NPM_PATHS,
+    SOCKET,
+    SOCKET_APP_DIR,
+    SOCKET_CLI_ACCEPT_RISKS,
+    SOCKET_CLI_BIN_NAME,
+    SOCKET_CLI_BIN_NAME_ALIAS,
+    SOCKET_CLI_DEBUG,
+    SOCKET_CLI_FIX,
+    SOCKET_CLI_ISSUES_URL,
+    SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,
+    SOCKET_CLI_LEGACY_PACKAGE_NAME,
+    SOCKET_CLI_NO_API_TOKEN,
+    SOCKET_CLI_NPM_BIN_NAME,
+    SOCKET_CLI_NPX_BIN_NAME,
+    SOCKET_CLI_OPTIMIZE,
+    SOCKET_CLI_PACKAGE_NAME,
+    SOCKET_CLI_SAFE_BIN,
+    SOCKET_CLI_SAFE_PROGRESS,
+    SOCKET_CLI_SENTRY_BIN_NAME,
+    SOCKET_CLI_SENTRY_NPM_BIN_NAME,
+    SOCKET_CLI_SENTRY_NPX_BIN_NAME,
+    SOCKET_CLI_SENTRY_PACKAGE_NAME,
+    SOCKET_CLI_VIEW_ALL_RISKS,
+    SOCKET_SECURITY_API_BASE_URL,
+    SOCKET_SECURITY_API_PROXY,
+    SOCKET_SECURITY_API_TOKEN,
+    VLT,
+    WITH_SENTRY,
+    XDG_DATA_HOME,
+    YARN,
+    YARN_BERRY,
+    YARN_CLASSIC,
+    YARN_LOCK,
+    bashRcPath: undefined,
+    distCliPath: undefined,
+    distInstrumentWithSentryPath: undefined,
+    distPath: undefined,
+    distShadowNpmBinPath: undefined,
+    distShadowNpmInjectPath: undefined,
+    homePath: undefined,
+    minimumVersionByAgent: undefined,
+    nmBinPath: undefined,
+    nodeHardenFlags: undefined,
+    rootBinPath: undefined,
+    rootDistPath: undefined,
+    rootPath: undefined,
+    shadowBinPath: undefined,
+    zshRcPath: undefined
   },
-  internals: {
-    getIpc,
-    getSentry() {
-      return _Sentry;
+  {
+    getters: {
+      DIST_TYPE: LAZY_DIST_TYPE,
+      ENV: LAZY_ENV,
+      bashRcPath: lazyBashRcPath,
+      distCliPath: lazyDistCliPath,
+      distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,
+      distPath: lazyDistPath,
+      distShadowNpmBinPath: lazyDistShadowNpmBinPath,
+      distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,
+      homePath: lazyHomePath,
+      minimumVersionByAgent: lazyMinimumVersionByAgent,
+      nmBinPath: lazyNmBinPath,
+      nodeHardenFlags: lazyNodeHardenFlags,
+      rootBinPath: lazyRootBinPath,
+      rootDistPath: lazyRootDistPath,
+      rootPath: lazyRootPath,
+      shadowBinPath: lazyShadowBinPath,
+      zshRcPath: lazyZshRcPath
     },
-    setSentry(Sentry) {
-      if (_Sentry === undefined) {
-        _Sentry = Sentry;
-        return true;
+    internals: {
+      getIpc,
+      getSentry() {
+        return _Sentry
+      },
+      setSentry(Sentry) {
+        if (_Sentry === undefined) {
+          _Sentry = Sentry
+          return true
+        }
+        return false
       }
-      return false;
-    }
-  },
-  mixin: registryConstants
-});
+    },
+    mixin: registryConstants
+  }
+)
 
-module.exports = constants;
-//# debugId=33c7f51d-a718-4717-859f-3642ad56f813
+module.exports = constants
+//# debugId=a3ca7dec-b2c1-4cc4-a1fb-f0643c3af444
 //# sourceMappingURL=constants.js.map