socket 0.14.21 → 0.14.22

package/dist/cli.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts","../src/utils/formatting.ts","../src/utils/sorts.ts","../src/flags.ts","../src/utils/meow-with-subcommands.ts","../src/commands/cdxgen.ts","../src/utils/api-helpers.ts","../src/utils/format-issues.ts","../src/commands/info.ts","../src/commands/login.ts","../src/commands/logout.ts","../src/commands/npm.ts","../src/commands/npx.ts","../src/utils/fs.ts","../src/utils/strings.ts","../src/utils/package-manager-detector.ts","../src/utils/arrays.ts","../src/utils/promises.ts","../src/utils/regexps.ts","../src/commands/optimize.ts","../src/commands/organization.ts","../src/commands/raw-npm.ts","../src/commands/raw-npx.ts","../src/commands/report/view.ts","../src/commands/report/create.ts","../src/commands/report/index.ts","../src/commands/wrapper.ts","../src/commands/scan/create.ts","../src/commands/scan/delete.ts","../src/commands/scan/list.ts","../src/commands/scan/metadata.ts","../src/commands/scan/stream.ts","../src/commands/scan/index.ts","../src/commands/audit-log.ts","../src/commands/repos/create.ts","../src/commands/repos/delete.ts","../src/commands/repos/list.ts","../src/commands/repos/update.ts","../src/commands/repos/view.ts","../src/commands/repos/index.ts","../src/commands/dependencies.ts","../src/commands/analytics.ts","../src/commands/diff-scan/get.ts","../src/commands/diff-scan/index.ts","../src/commands/threat-feed.ts","../src/commands/index.ts"],"names":[],"mappings":""}
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts","../src/utils/formatting.ts","../src/flags.ts","../src/utils/meow-with-subcommands.ts","../src/commands/cdxgen.ts","../src/utils/api-helpers.ts","../src/utils/objects.ts","../src/utils/format-issues.ts","../src/commands/info.ts","../src/commands/login.ts","../src/commands/logout.ts","../src/commands/npm.ts","../src/commands/npx.ts","../src/utils/fs.ts","../src/utils/package-manager-detector.ts","../src/commands/optimize.ts","../src/commands/organization.ts","../src/commands/raw-npm.ts","../src/commands/raw-npx.ts","../src/commands/report/view.ts","../src/commands/report/create.ts","../src/commands/report/index.ts","../src/commands/wrapper.ts","../src/commands/scan/create.ts","../src/commands/scan/delete.ts","../src/commands/scan/list.ts","../src/commands/scan/metadata.ts","../src/commands/scan/stream.ts","../src/commands/scan/index.ts","../src/commands/audit-log.ts","../src/commands/repos/create.ts","../src/commands/repos/delete.ts","../src/commands/repos/list.ts","../src/commands/repos/update.ts","../src/commands/repos/view.ts","../src/commands/repos/index.ts","../src/commands/dependencies.ts","../src/commands/analytics.ts","../src/commands/diff-scan/get.ts","../src/commands/diff-scan/index.ts","../src/commands/threat-feed.ts","../src/commands/index.ts"],"names":[],"mappings":""}

package/dist/cli.js

@@ -14,24 +14,23 @@ var require$$1$4 = require('node:fs/promises');
 var require$$1$3 = require('@npmcli/package-json');
 var require$$5$1 = require('@socketsecurity/registry');
 var require$$7 = require('npm-package-arg');
-var require$$0$1 = require('pacote');
 var require$$3 = require('semver');
-var require$$11 = require('tinyglobby');
-var require$$12 = require('yaml');
+var require$$10$1 = require('tinyglobby');
+var require$$11 = require('yaml');
 var require$$2 = require('@socketregistry/hyrious__bun.lockb');
-var require$$4 = require('browserslist');
-var require$$6$1 = require('which');
+var require$$10 = require('browserslist');
+var require$$8 = require('which');
 var require$$2$1 = require('@apideck/better-ajv-errors');
 var require$$3$1 = require('@socketsecurity/config');
 var pathResolve = require('./path-resolve.js');
 var require$$2$2 = require('node:os');
 var require$$3$2 = require('node:readline');
-var require$$0$2 = require('node:process');
+var require$$0$1 = require('node:process');
 var require$$2$3 = require('node:readline/promises');
 var require$$2$4 = require('chalk-table');
 var require$$2$5 = require('blessed');
 var require$$3$3 = require('blessed-contrib');
-var require$$0$3 = require('node:util');
+var require$$0$2 = require('node:util');
 
 var cli$1 = {};
 
@@ -325,13 +324,36 @@ async function queryAPI(path, apiKey) {
 
 var formatIssues = {};
 
+var objects = {};
+
+Object.defineProperty(objects, "__esModule", {
+  value: true
+});
+objects.objectSome = objectSome;
+objects.pick = pick;
+function objectSome(obj) {
+  for (const key in obj) {
+    if (obj[key]) {
+      return true;
+    }
+  }
+  return false;
+}
+function pick(input, keys) {
+  const result = {};
+  for (const key of keys) {
+    result[key] = input[key];
+  }
+  return result;
+}
+
 Object.defineProperty(formatIssues, "__esModule", {
   value: true
 });
 formatIssues.formatSeverityCount = formatSeverityCount;
 formatIssues.getSeverityCount = getSeverityCount;
 var _misc$2 = sdk.misc;
-var _objects$3 = sdk.objects;
+var _objects$4 = objects;
 const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
 function getDesiredSeverities(lowestToInclude) {
   const result = [];
@@ -353,7 +375,7 @@ function formatSeverityCount(severityCount) {
   return (0, _misc$2.stringJoinWithSeparateFinalSeparator)(summary);
 }
 function getSeverityCount(issues, lowestToInclude) {
-  const severityCount = (0, _objects$3.pick)({
+  const severityCount = (0, _objects$4.pick)({
     low: 0,
     middle: 0,
     high: 0,
@@ -417,7 +439,7 @@ var _chalkMarkdown$3 = sdk.chalkMarkdown;
 var _errors$k = sdk.errors;
 var _formatIssues$1 = formatIssues;
 var _formatting$m = formatting;
-var _objects$2 = sdk.objects;
+var _objects$3 = objects;
 var _sdk$j = sdk.sdk;
 const info = info$1.info = {
   description: 'Look up info regarding a package',
@@ -533,7 +555,7 @@ function formatPackageDataOutput({
       License: Math.floor(score.license.score * 100)
     };
     Object.entries(scoreResult).map(score => console.log(`- ${score[0]}: ${formatScore(score[1])}`));
-    if ((0, _objects$2.objectSome)(severityCount)) {
+    if ((0, _objects$3.objectSome)(severityCount)) {
       const issueSummary = (0, _formatIssues$1.formatSeverityCount)(severityCount);
       console.log('\n');
       spinner[strict ? 'fail' : 'succeed'](`Package has these issues: ${issueSummary}`);
@@ -557,7 +579,7 @@ function formatPackageDataOutput({
       console.log(_chalk$h.default.dim('\nOr rerun', _chalk$h.default.italic(name), 'using the', _chalk$h.default.italic('--json'), 'flag to get full JSON output'));
     }
   }
-  if (strict && (0, _objects$2.objectSome)(severityCount)) {
+  if (strict && (0, _objects$3.objectSome)(severityCount)) {
     process.exit(1);
   }
 }
@@ -890,16 +912,6 @@ async function readFileUtf8(filepath, options) {
 
 var packageManagerDetector = {};
 
-var strings = {};
-
-Object.defineProperty(strings, "__esModule", {
-  value: true
-});
-strings.isNonEmptyString = isNonEmptyString;
-function isNonEmptyString(value) {
-  return typeof value === 'string' && value.length > 0;
-}
-
 Object.defineProperty(packageManagerDetector, "__esModule", {
   value: true
 });
@@ -909,20 +921,20 @@ var _nodePath$3 = require$$1;
 var _packageJson$1 = require$$1$3;
 var _hyrious__bun = require$$2;
 var _promiseSpawn$3 = require$$1$1;
-var _browserslist = require$$4;
+var _browserslist = require$$10;
 var _semver$1 = require$$3;
-var _which = require$$6$1;
+var _which = require$$8;
+var _constants = vendor.constants_1;
+var _objects$2 = vendor.objects;
+var _strings$1 = vendor.strings;
 var _fs$1 = fs;
-var _objects$1 = sdk.objects;
-var _strings$1 = strings;
 const AGENTS = packageManagerDetector.AGENTS = ['bun', 'npm', 'pnpm', 'yarn/berry', 'yarn/classic', 'vlt'];
-const numericCollator = new Intl.Collator(undefined, {
+const {
+  compare: alphaNumericComparator
+} = new Intl.Collator(undefined, {
   numeric: true,
   sensitivity: 'base'
 });
-const {
-  compare: alphaNumericComparator
-} = numericCollator;
 async function getAgentExecPath(agent) {
   return (await _which(agent, {
     nothrow: true
@@ -939,31 +951,6 @@ async function getAgentVersion(agentExecPath, cwd) {
   } catch {}
   return result;
 }
-const maintainedNodeVersions = (() => {
-  // Under the hood browserlist uses the node-releases package which is out of date:
-  // https://github.com/chicoxyzzy/node-releases/issues/37
-  // So we maintain a manual version list for now.
-  // https://nodejs.org/en/about/previous-releases#looking-for-latest-release-of-a-version-branch
-  const manualPrev = '18.20.4';
-  const manualCurr = '20.18.0';
-  const manualNext = '22.10.0';
-  const query = _browserslist('maintained node versions')
-  // Trim value, e.g. 'node 22.5.0' to '22.5.0'.
-  .map(s => s.slice(5 /*'node '.length*/))
-  // Sort ascending.
-  .toSorted(alphaNumericComparator);
-  const queryPrev = query.at(0) ?? manualPrev;
-  const queryCurr = query.at(1) ?? manualCurr;
-  const queryNext = query.at(2) ?? manualNext;
-  const previous = _semver$1.maxSatisfying([queryPrev, manualPrev], `^${_semver$1.major(queryPrev)}`);
-  const current = _semver$1.maxSatisfying([queryCurr, manualCurr], `^${_semver$1.major(queryCurr)}`);
-  const next = _semver$1.maxSatisfying([queryNext, manualNext], `^${_semver$1.major(queryNext)}`);
-  return Object.freeze(Object.assign([previous, current, next], {
-    previous,
-    current,
-    next
-  }));
-})();
 const LOCKS = {
   'bun.lockb': 'bun',
   // If both package-lock.json and npm-shrinkwrap.json are present in the root
@@ -1066,10 +1053,11 @@ async function detect({
     node: true
   };
   let lockSrc;
-  let minimumNodeVersion = maintainedNodeVersions.previous;
+  // Lazily access constants.maintainedNodeVersions.
+  let minimumNodeVersion = _constants.maintainedNodeVersions.previous;
   if (pkgJson) {
     const browserField = pkgJson.browser;
-    if ((0, _strings$1.isNonEmptyString)(browserField) || (0, _objects$1.isObjectObject)(browserField)) {
+    if ((0, _strings$1.isNonEmptyString)(browserField) || (0, _objects$2.isObjectObject)(browserField)) {
       targets.browser = true;
     }
     const nodeRange = pkgJson.engines?.['node'];
@@ -1093,7 +1081,8 @@ async function detect({
         }
       }
     }
-    targets.node = maintainedNodeVersions.some(v => _semver$1.satisfies(v, `>=${minimumNodeVersion}`));
+    // Lazily access constants.maintainedNodeVersions.
+    targets.node = _constants.maintainedNodeVersions.some(v => _semver$1.satisfies(v, `>=${minimumNodeVersion}`));
     lockSrc = typeof lockPath === 'string' ? await readLockFileByAgent[agent](lockPath, agentExecPath) : undefined;
   } else {
     lockPath = undefined;
@@ -1113,88 +1102,6 @@ async function detect({
   };
 }
 
-var promises = {};
-
-var arrays = {};
-
-Object.defineProperty(arrays, "__esModule", {
-  value: true
-});
-arrays.arrayChunk = arrayChunk;
-arrays.arrayUnique = arrayUnique;
-function arrayChunk(arr, size = 2) {
-  const {
-    length
-  } = arr;
-  const chunkSize = Math.min(length, size);
-  const chunks = [];
-  for (let i = 0; i < length; i += chunkSize) {
-    chunks.push(arr.slice(i, i + chunkSize));
-  }
-  return chunks;
-}
-function arrayUnique(arr) {
-  return [...new Set(arr)];
-}
-
-Object.defineProperty(promises, "__esModule", {
-  value: true
-});
-promises.pEach = pEach;
-promises.pEachChunk = pEachChunk;
-var _arrays = arrays;
-async function pEach(array, concurrency, callbackFn, options) {
-  await pEachChunk((0, _arrays.arrayChunk)(array, concurrency), callbackFn, options);
-}
-async function pEachChunk(chunks, callbackFn, options) {
-  const {
-    signal
-  } = {
-    __proto__: null,
-    ...options
-  };
-  for (const chunk of chunks) {
-    if (signal?.aborted) {
-      return;
-    }
-    // eslint-disable-next-line no-await-in-loop
-    await Promise.all(chunk.map(value => signal?.aborted ? undefined : callbackFn(value, {
-      signal
-    })));
-  }
-}
-
-var regexps = {};
-
-Object.defineProperty(regexps, "__esModule", {
-  value: true
-});
-regexps.escapeRegExp = escapeRegExp;
-// Inlined "escape-string-regexp":
-// https://socket.dev/npm/package/escape-string-regexp/overview/5.0.0
-// MIT License
-// Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
-function escapeRegExp(string) {
-  // Escape characters with special meaning either inside or outside character sets.
-  // Use a simple backslash escape when it’s always valid, and a `\xnn` escape when the simpler form would be disallowed by Unicode patterns’ stricter grammar.
-  return string.replace(/[|\\{}()[\]^$+*?.]/g, '\\$&').replace(/-/g, '\\x2d');
-}
-
-var sorts = {};
-
-Object.defineProperty(sorts, "__esModule", {
-  value: true
-});
-sorts.localeCompare = void 0;
-sorts.toSortedObject = toSortedObject;
-const {
-  compare: localeCompare
-} = new Intl.Collator();
-sorts.localeCompare = localeCompare;
-function toSortedObject(object, comparator = localeCompare) {
-  return Object.fromEntries(Object.entries(object).sort((a, b) => comparator(a[0], b[0])));
-}
-
 var _interopRequireDefault$n = vendor.interopRequireDefault.default;
 Object.defineProperty(optimize$1, "__esModule", {
   value: true
@@ -1208,24 +1115,20 @@ var _registry = require$$5$1;
 var _meow$m = _interopRequireDefault$n(vendor.build);
 var _npmPackageArg = require$$7;
 var _ora$i = _interopRequireDefault$n(vendor.ora);
-var _pacote = require$$0$1;
 var _semver = require$$3;
-var _tinyglobby = require$$11;
-var _yaml = require$$12;
-var _constants = sdk.constants;
+var _tinyglobby = require$$10$1;
+var _yaml = require$$11;
+var _packages = vendor.packages;
 var _flags$j = flags$1;
 var _formatting$k = formatting;
 var _fs = fs;
-var _objects = sdk.objects;
+var _objects$1 = vendor.objects;
 var _packageManagerDetector = packageManagerDetector;
-var _promises2 = promises;
-var _regexps = regexps;
-var _sorts$1 = sorts;
-var _strings = strings;
+var _promises2 = vendor.promises;
+var _regexps = vendor.regexps;
+var _strings = vendor.strings;
 //import cacache from 'cacache'
 
-//import { packumentCache, pacoteCachePath } from '../constants'
-
 const COMMAND_TITLE = 'Socket Optimize';
 const OVERRIDES_FIELD_NAME = 'overrides';
 const PNPM_WORKSPACE = 'pnpm-workspace';
@@ -1371,7 +1274,9 @@ const lsByAgent = (() => {
       // `vlt ls --view json` results always have a "name" property.
       const fallback = _id ?? pkgid ?? '';
       const resolvedName = name ?? fallback.slice(0, fallback.indexOf('@', 1));
-      if (resolvedName) {
+      // Add package names, except for those under the `@types` scope as those
+      // are known to only be dev dependencies.
+      if (resolvedName && !resolvedName.startsWith('@types/')) {
         names.add(resolvedName);
       }
     }
@@ -1639,7 +1544,7 @@ async function addOverrides({
       overrides,
       type
     }) => {
-      const overrideExists = (0, _objects.hasOwn)(overrides, origPkgName);
+      const overrideExists = (0, _objects$1.hasOwn)(overrides, origPkgName);
       if (overrideExists || thingScanner(thingToScan, origPkgName)) {
         const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
         const depAlias = depAliasMap.get(origPkgName);
@@ -1659,7 +1564,7 @@ async function addOverrides({
           const thisSpec = oldSpec.startsWith('$') ? depAlias?.id ?? newSpec : oldSpec ?? newSpec;
           if (thisSpec.startsWith(regSpecStartsLike)) {
             if (pin) {
-              thisVersion = _semver.major(_semver.coerce(_npmPackageArg(thisSpec).rawSpec)?.version ?? version) === major ? version : (await fetchPackageManifest(thisSpec))?.version ?? version;
+              thisVersion = _semver.major(_semver.coerce(_npmPackageArg(thisSpec).rawSpec)?.version ?? version) === major ? version : (await (0, _packages.fetchPackageManifest)(thisSpec))?.version ?? version;
             }
             newSpec = `${regSpecStartsLike}^${pin ? thisVersion : _semver.major(thisVersion)}`;
           } else {
@@ -1713,62 +1618,12 @@ async function addOverrides({
       overrides,
       type
     } of overridesDataObjects) {
-      updateManifestByAgent[type](editablePkgJson, (0, _sorts$1.toSortedObject)(overrides));
+      updateManifestByAgent[type](editablePkgJson, (0, _objects$1.toSortedObject)(overrides));
     }
     await editablePkgJson.save();
   }
   return state;
 }
-
-// type ExtractOptions = pacote.Options & {
-//   tmpPrefix?: string
-//   [key: string]: any
-// }
-
-// async function extractPackage(pkgNameOrId: string, options: ExtractOptions | undefined, callback: (tmpDirPath: string) => any) {
-//   if (arguments.length === 2 && typeof options === 'function') {
-//     callback = options
-//     options = undefined
-//   }
-//   const { tmpPrefix, ...extractOptions } = { __proto__: null, ...options }
-//   // cacache.tmp.withTmp DOES return a promise.
-//   await cacache.tmp.withTmp(
-//     pacoteCachePath,
-//     { tmpPrefix },
-//     // eslint-disable-next-line @typescript-eslint/no-misused-promises
-//     async tmpDirPath => {
-//       await pacote.extract(pkgNameOrId, tmpDirPath, {
-//         __proto__: null,
-//         packumentCache,
-//         preferOffline: true,
-//         ...<Omit<typeof extractOptions, '__proto__'>>extractOptions
-//       })
-//       await callback(tmpDirPath)
-//     }
-//   )
-// }
-
-async function fetchPackageManifest(pkgNameOrId, options) {
-  const pacoteOptions = {
-    ...options,
-    packumentCache: _constants.packumentCache,
-    preferOffline: true
-  };
-  const {
-    signal
-  } = pacoteOptions;
-  if (signal?.aborted) {
-    return null;
-  }
-  let result;
-  try {
-    result = await _pacote.manifest(pkgNameOrId, pacoteOptions);
-  } catch {}
-  if (signal?.aborted) {
-    return null;
-  }
-  return result;
-}
 const optimize = optimize$1.optimize = {
   description: 'Optimize dependencies with @socketregistry overrides',
   async run(argv, importMeta, {
@@ -2504,7 +2359,7 @@ Object.defineProperty(meowWithSubcommands$1, "__esModule", {
 meowWithSubcommands$1.meowWithSubcommands = meowWithSubcommands;
 var _meow$g = _interopRequireDefault$h(vendor.build);
 var _formatting$f = formatting;
-var _sorts = sorts;
+var _objects = vendor.objects;
 var _flags$e = flags$1;
 async function meowWithSubcommands(subcommands, options) {
   const {
@@ -2543,8 +2398,8 @@ async function meowWithSubcommands(subcommands, options) {
 
     Commands
       ${(0, _formatting$f.printHelpList)({
-    ...(0, _sorts.toSortedObject)(subcommands),
-    ...(0, _sorts.toSortedObject)(aliases)
+    ...(0, _objects.toSortedObject)(subcommands),
+    ...(0, _objects.toSortedObject)(aliases)
   }, 6)}
 
     Options
@@ -2754,7 +2609,7 @@ Object.defineProperty(create$3, "__esModule", {
   value: true
 });
 create$3.create = void 0;
-var _nodeProcess = require$$0$2;
+var _nodeProcess = require$$0$1;
 var _promises$1 = require$$2$3;
 var _chalk$e = _interopRequireDefault$f(vendor.source);
 var _meow$e = _interopRequireDefault$f(vendor.build);
@@ -4623,7 +4478,7 @@ Object.defineProperty(get$1, "__esModule", {
 });
 get$1.get = void 0;
 var _nodeFs$1 = require$$0;
-var _nodeUtil = require$$0$3;
+var _nodeUtil = require$$0$2;
 var _chalk$1 = _interopRequireDefault$2(vendor.source);
 var _meow$1 = _interopRequireDefault$2(vendor.build);
 var _ora$1 = _interopRequireDefault$2(vendor.ora);

package/dist/link.js

@@ -2,7 +2,7 @@
 
 var require$$0 = require('node:fs');
 var require$$1 = require('node:path');
-var require$$6 = require('which');
+var require$$8 = require('which');
 
 var link = {};
 
@@ -12,7 +12,7 @@ Object.defineProperty(link, "__esModule", {
 link.installLinks = installLinks;
 var _nodeFs = require$$0;
 var _nodePath = require$$1;
-var _which = require$$6;
+var _which = require$$8;
 function installLinks(realDirname, binName) {
   const realShadowBinDir = realDirname;
   // find package manager being shadowed by this process

package/dist/npm-injection.js

@@ -312,7 +312,6 @@ function issueRuleValueDoesNotDefer(issueRule) {
 
 /**
  * Handles booleans for backwards compatibility
-
  */
 function uxForDefinedNonDeferValue(issueRuleValue) {
   if (typeof issueRuleValue === 'boolean') {
@@ -401,7 +400,7 @@ var _ttyServer = ttyServer$1;
 var _chalkMarkdown = sdk.chalkMarkdown;
 var _issueRules = issueRules;
 var _misc = sdk.misc;
-var _objects = sdk.objects;
+var _objects = vendor.objects;
 var _pathResolve = pathResolve.pathResolve;
 var _sdk = sdk.sdk;
 var _settings = sdk.settings;
@@ -519,6 +518,12 @@ async function* batchScan(pkgIds) {
     yield JSON.parse(line);
   }
 }
+
+// Patch adding doOverrideSetsConflict is based on
+// https://github.com/npm/cli/pull/7025.
+function doOverrideSetsConflict(first, second) {
+  return findSpecificOverrideSet(first, second) === undefined;
+}
 function findSocketYmlSync() {
   let prevDir = null;
   let dir = process.cwd();
@@ -805,7 +810,7 @@ class SafeEdge extends Edge {
       }
       // Patch adding "else if" condition is based on
       // https://github.com/npm/cli/pull/7025.
-      else if (this.overrides && this.#safeTo.edgesOut.size && !findSpecificOverrideSet(this.overrides, this.#safeTo.overrides)) {
+      else if (this.overrides && this.#safeTo.edgesOut.size && doOverrideSetsConflict(this.overrides, this.#safeTo.overrides)) {
         // Any inconsistency between the edge's override set and the target's
         // override set is potentially problematic. But we only say the edge is
         // in error if the override sets are plainly conflicting. Note that if
@@ -1015,7 +1020,7 @@ class SafeNode extends Node {
       return false;
     }
     // It's a top level pkg, or a dep of one.
-    if (!this.resolveParent || !this.resolveParent.resolveParent) {
+    if (!this.resolveParent?.resolveParent) {
       return false;
     }
     // No one wants it, remove it.
@@ -1232,7 +1237,7 @@ class SafeNode extends Node {
     }
     // This is an error condition. We can only get here if the new override set
     // is in conflict with the existing.
-    log.silly(`Conflicting override requirements for node ${this.name}`, this);
+    log.silly('Conflicting override sets', this.name);
     return false;
   }
 
@@ -1488,7 +1493,7 @@ void (async () => {
       const socketSdk = await (0, _sdk.setupSdk)(pubToken);
       const orgResult = await socketSdk.getOrganizations();
       if (!orgResult.success) {
-        throw new Error('Failed to fetch Socket organization info: ' + orgResult.error.message);
+        throw new Error(`Failed to fetch Socket organization info: ${orgResult.error.message}`);
       }
       const orgs = [];
       for (const org of Object.values(orgResult.data.organizations)) {
@@ -1500,7 +1505,7 @@ void (async () => {
         organization: org.id
       })));
       if (!result.success) {
-        throw new Error('Failed to fetch API key settings: ' + result.error.message);
+        throw new Error(`Failed to fetch API key settings: ${result.error.message}`);
       }
       return {
         orgs,
@@ -1541,10 +1546,14 @@ void (async () => {
   if (socketYml) {
     settings.entries.push({
       start: socketYml.path,
-      // @ts-ignore
       settings: {
         [socketYml.path]: {
           deferTo: null,
+          // TODO: TypeScript complains about the type not matching. We should
+          // figure out why are providing
+          // issueRules: { [issueName: string]: boolean }
+          // but expecting
+          // issueRules: { [issueName: string]: { action: 'defer' | 'error' | 'ignore' | 'monitor' | 'warn' } }
           issueRules: socketYml.parsed.issueRules
         }
       }

package/dist/path-resolve.js

@@ -4,7 +4,7 @@ var require$$1$1 = require('node:fs/promises');
 var require$$1 = require('node:path');
 var require$$2 = require('ignore');
 var require$$3 = require('micromatch');
-var require$$11 = require('tinyglobby');
+var require$$10 = require('tinyglobby');
 
 var pathResolve = {};
 
@@ -51,7 +51,7 @@ var _promises = require$$1$1;
 var _nodePath = require$$1;
 var _ignore = require$$2;
 var _micromatch = require$$3;
-var _tinyglobby = require$$11;
+var _tinyglobby = require$$10;
 var _ignoreByDefault = ignoreByDefault;
 async function filterGlobResultToSupportedFiles(entries, supportedFiles) {
   const patterns = ['golang', 'npm', 'pypi'].reduce((r, n) => {

package/dist/sdk.d.ts

@@ -1,12 +1,5 @@
 /// <reference types="node" />
 import { SocketSdk } from '@socketsecurity/sdk';
-declare function hasOwn(obj: any, propKey: PropertyKey): boolean;
-declare function isObject(value: any): value is object;
-declare function isObjectObject(value: any): value is {
-    [key: string]: any;
-};
-declare function objectSome(obj: Record<string, any>): boolean;
-declare function pick<T extends Record<string, any>, K extends keyof T>(input: T, keys: K[] | ReadonlyArray<K>): Pick<T, K>;
 declare function createDebugLogger(printDebugLogs?: boolean): typeof console.error;
 declare function isErrnoException(value: unknown): value is NodeJS.ErrnoException;
 declare function stringJoinWithSeparateFinalSeparator(list: (string | undefined)[], separator?: string): string;
@@ -14,9 +7,7 @@ declare const API_V0_URL = "https://api.socket.dev/v0";
 declare const ENV: Readonly<{
     UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: boolean;
 }>;
-declare const packumentCache: Map<any, any>;
-declare const pacoteCachePath: any;
 declare const FREE_API_KEY = "sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api";
 declare function getDefaultKey(): string | undefined;
 declare function setupSdk(apiKey?: string | undefined, apiBaseUrl?: string | undefined, proxy?: string | undefined): Promise<SocketSdk>;
-export { hasOwn, isObject, isObjectObject, objectSome, pick, createDebugLogger, isErrnoException, stringJoinWithSeparateFinalSeparator, API_V0_URL, ENV, packumentCache, pacoteCachePath, FREE_API_KEY, getDefaultKey, setupSdk };
+export { createDebugLogger, isErrnoException, stringJoinWithSeparateFinalSeparator, API_V0_URL, ENV, FREE_API_KEY, getDefaultKey, setupSdk };