node-power-user 2.1.0 → 2.1.1

package/README.md

@@ -93,6 +93,12 @@ Use `--force` to bypass Socket protection (not recommended):
 npu i <package> --force
 ```
 
+### Audit
+Run a Socket supply chain audit on your current dependency tree.
+```shell
+npu audit
+```
+
 ### Outdated Packages
 Compare the versions of installed modules to those in your package.json. When you choose to update, the install step and a full post-install audit are both wrapped with Socket for supply chain protection.
 ```shell

package/dist/cli.js

@@ -8,6 +8,7 @@ const ALIASES = {
   bump: ['-b', '--bump'],
   clean: ['-c', '--clean'],
   global: ['-g', '--global'],
+  audit: ['--audit'],
   install: ['-i', '--install', 'i'],
   open: ['--open', 'repo', '--repo'],
   outdated: ['-o', 'out', '--outdated', '-u', '--update', 'up', 'update'],

package/dist/commands/audit.js

@@ -0,0 +1,18 @@
+// Libraries
+const logger = new (require('../lib/logger'))('node-power-user');
+const socket = require('../lib/socket');
+
+// Module
+module.exports = async function (options) {
+  // Check socket status upfront (blocks if not installed unless --force)
+  await socket.check({ force: options.force });
+
+  // Run audit
+  logger.log('Running Socket audit on current dependency tree...');
+
+  try {
+    await socket.audit({ force: options.force });
+  } catch (e) {
+    logger.error(e.message);
+  }
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "node-power-user",
-  "version": "2.1.0",
+  "version": "2.1.1",
   "description": "Easy tools for every Node.js developer!",
   "main": "dist/index.js",
   "scripts": {