@socketsecurity/cli 2.0.10 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/CHANGELOG.md +29 -0
  2. package/README.md +4 -0
  3. package/dist/cli.js.bz +0 -0
  4. package/dist/cli.js.bz.sha256 +1 -1
  5. package/dist/index.js +8 -12
  6. package/dist/shadow-npm-inject.js +61021 -32822
  7. package/package.json +12 -20
package/CHANGELOG.md CHANGED
@@ -4,6 +4,35 @@ All notable changes to this project will be documented in this file.
4
4
 
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
6
6
 
7
+ ## [2.1.0](https://github.com/SocketDev/socket-cli/releases/tag/v2.1.0) - 2025-11-02
8
+
9
+ ### Added
10
+ - Unified DLX manifest storage for packages and binary downloads with persistent caching and TTL support
11
+ - Progressive enhancement with ONNX Runtime stub for optional NLP features
12
+ - SHA-256 checksum verification for Python build standalone downloads
13
+ - Optional external alias detection for TypeScript configurations
14
+ - `--reach-use-unreachable-from-precomputation` flag for `scan reach` and `scan create` commands
15
+ to use precomputed unreachable information for improved reachability analysis accuracy
16
+
17
+ ### Changed
18
+ - DLX manifest now uses unified format supporting both npm packages and binary downloads
19
+ - Standardized environment variable naming with SOCKET_CLI_ prefix
20
+ - Preflight downloads now stagger with variable delays (1-3 seconds) to avoid resource contention
21
+
22
+ ### Fixed
23
+ - Bootstrap stream/promises module path corrected for smol builds
24
+ - Bootstrap error handling improved for clearer failure messages
25
+ - Windows path handling now correctly processes UNC paths
26
+
27
+ ## [2.0.10](https://github.com/SocketDev/socket-cli/releases/tag/v2.0.10) - 2025-10-31
28
+
29
+ ### Fixed
30
+ - Tab completion script now resolves CLI package root correctly
31
+ - SDK scan options flattened and repo parameter made conditional
32
+ - Output handling now safely checks for null before calling toString()
33
+ - Environment variable fallbacks from v1.x restored for backward compatibility
34
+ - Directory creation EEXIST errors now handled gracefully
35
+
7
36
  ## [2.0.9](https://github.com/SocketDev/socket-cli/releases/tag/v2.0.9) - 2025-10-31
8
37
 
9
38
  ### Fixed
package/README.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # @socketsecurity/cli
2
2
 
3
+ [![Socket Badge](https://socket.dev/api/badge/npm/package/@socketsecurity/cli)](https://socket.dev/npm/package/@socketsecurity/cli)
4
+ [![npm version](https://img.shields.io/npm/v/@socketsecurity/cli.svg)](https://www.npmjs.com/package/@socketsecurity/cli)
5
+ [![CI](https://github.com/SocketDev/socket-cli/actions/workflows/ci.yml/badge.svg)](https://github.com/SocketDev/socket-cli/actions/workflows/ci.yml)
6
+
3
7
  Full Socket CLI implementation for supply chain security analysis.
4
8
 
5
9
  ## Installation
package/dist/cli.js.bz CHANGED
Binary file
package/dist/cli.js.bz.sha256 CHANGED
@@ -1 +1 @@
1
- b84814c86636740e9512d9727322d0e62289e7bcde7be42419679870b0abd831 cli.js.bz
1
+ 173d2efd4618d75201ec162d1ab4aa2cf2a0bd7b494d70289791f276c22a7aa5 cli.js.bz