npm - socket - Versions diffs - 0.14.21 → 0.14.23 - Mend

socket 0.14.21 → 0.14.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/cli.js CHANGED Viewed

@@ -2,36 +2,35 @@
 'use strict';
 var vendor = require('./vendor.js');
-var require$$0 = require('node:fs');
 var require$$1 = require('node:path');
-var require$$2$6 = require('node:url');
-var require$$6 = require('pony-cause');
+var require$$8$1 = require('node:url');
+var require$$6$1 = require('pony-cause');
+var require$$0 = require('node:fs');
 var require$$1$1 = require('@npmcli/promise-spawn');
-var require$$5 = require('yargs-parser');
+var require$$6 = require('yargs-parser');
 var sdk = require('./sdk.js');
 var require$$1$2 = require('@inquirer/prompts');
 var require$$1$4 = require('node:fs/promises');
 var require$$1$3 = require('@npmcli/package-json');
-var require$$5$1 = require('@socketsecurity/registry');
+var require$$5 = require('@socketsecurity/registry');
 var require$$7 = require('npm-package-arg');
-var require$$0$1 = require('pacote');
-var require$$3 = require('semver');
-var require$$11 = require('tinyglobby');
-var require$$12 = require('yaml');
+var require$$14 = require('semver');
+var require$$15 = require('tinyglobby');
+var require$$16 = require('yaml');
 var require$$2 = require('@socketregistry/hyrious__bun.lockb');
-var require$$4 = require('browserslist');
-var require$$6$1 = require('which');
+var require$$10 = require('browserslist');
+var require$$8 = require('which');
 var require$$2$1 = require('@apideck/better-ajv-errors');
-var require$$3$1 = require('@socketsecurity/config');
+var require$$3 = require('@socketsecurity/config');
 var pathResolve = require('./path-resolve.js');
-var require$$2$2 = require('node:os');
-var require$$3$2 = require('node:readline');
-var require$$0$2 = require('node:process');
-var require$$2$3 = require('node:readline/promises');
-var require$$2$4 = require('chalk-table');
-var require$$2$5 = require('blessed');
-var require$$3$3 = require('blessed-contrib');
-var require$$0$3 = require('node:util');
+var require$$1$5 = require('node:os');
+var require$$3$1 = require('node:readline');
+var require$$0$1 = require('node:process');
+var require$$2$2 = require('node:readline/promises');
+var require$$2$3 = require('chalk-table');
+var require$$2$4 = require('blessed');
+var require$$3$2 = require('blessed-contrib');
+var require$$0$2 = require('node:util');
 var cli$1 = {};
@@ -46,11 +45,12 @@ Object.defineProperty(cdxgen, "__esModule", {
   value: true
 });
 cdxgen.cdxgen = void 0;
-var _nodeFs$4 = require$$0;
+var _nodeFs$3 = require$$0;
 var _nodePath$7 = require$$1;
 var _promiseSpawn$6 = require$$1$1;
+var _objects$6 = vendor.objects;
 var _chalk$j = _interopRequireDefault$s(vendor.source);
-var _yargsParser = require$$5;
+var _yargsParser = require$$6;
 const distPath$4 = __dirname;
 const {
   execPath
@@ -142,18 +142,18 @@ function argvToArray(argv) {
   for (const {
     0: key,
     1: value
-  } of Object.entries(argv)) {
+  } of (0, _objects$6.objectEntries)(argv)) {
     if (key === '_' || key === '--') continue;
     if (key === 'babel' || key === 'install-deps' || key === 'validate') {
       // cdxgen documents no-babel, no-install-deps, and no-validate flags so
       // use them when relevant.
       result.push(`--${value ? key : `no-${key}`}`);
     } else if (value === true) {
-      result.push(`--${key}`);
+      result.push(`--${String(key)}`);
     } else if (typeof value === 'string') {
-      result.push(`--${key}`, String(value));
+      result.push(`--${String(key)}`, String(value));
     } else if (Array.isArray(value)) {
-      result.push(`--${key}`, ...value.map(String));
+      result.push(`--${String(key)}`, ...value.map(String));
     }
   }
   if (argv['--']) {
@@ -177,14 +177,14 @@ cdxgen.cdxgen = {
       return;
     }
     let cleanupPackageLock = false;
-    if (yargv.type !== 'yarn' && nodejsPlatformTypes.includes(yargv.type) && (0, _nodeFs$4.existsSync)('./yarn.lock')) {
-      if ((0, _nodeFs$4.existsSync)('./package-lock.json')) {
+    if (yargv.type !== 'yarn' && nodejsPlatformTypes.includes(yargv.type) && (0, _nodeFs$3.existsSync)('./yarn.lock')) {
+      if ((0, _nodeFs$3.existsSync)('./package-lock.json')) {
         yargv.type = 'npm';
       } else {
         // Use synp to create a package-lock.json from the yarn.lock,
         // based on the node_modules folder, for a more accurate SBOM.
         try {
-          await _promiseSpawn$6(execPath, [await _nodeFs$4.promises.realpath(synpBinPath), '--source-file', './yarn.lock'], {
+          await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(synpBinPath), '--source-file', './yarn.lock'], {
             shell: true
           });
           yargv.type = 'npm';
@@ -195,7 +195,7 @@ cdxgen.cdxgen = {
     if (yargv.output === undefined) {
       yargv.output = 'socket-cdx.json';
     }
-    await _promiseSpawn$6(execPath, [await _nodeFs$4.promises.realpath(cdxgenBinPath), ...argvToArray(yargv)], {
+    await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(cdxgenBinPath), ...argvToArray(yargv)], {
       env: {
         NODE_ENV: '',
         SBOM_SIGN_ALGORITHM,
@@ -207,11 +207,11 @@ cdxgen.cdxgen = {
     });
     if (cleanupPackageLock) {
       try {
-        await _nodeFs$4.promises.unlink('./package-lock.json');
+        await _nodeFs$3.promises.unlink('./package-lock.json');
       } catch {}
     }
     const fullOutputPath = _nodePath$7.join(process.cwd(), yargv.output);
-    if ((0, _nodeFs$4.existsSync)(fullOutputPath)) {
+    if ((0, _nodeFs$3.existsSync)(fullOutputPath)) {
       console.log(_chalk$j.default.cyanBright(`${yargv.output} created!`));
     }
   }
@@ -283,7 +283,7 @@ apiHelpers.handleApiCall = handleApiCall;
 apiHelpers.handleUnsuccessfulApiResponse = handleUnsuccessfulApiResponse;
 apiHelpers.queryAPI = queryAPI;
 var _chalk$i = _interopRequireDefault$r(vendor.source);
-var _ponyCause$4 = require$$6;
+var _ponyCause$4 = require$$6$1;
 var _errors$l = sdk.errors;
 var _constants$1 = sdk.constants;
 function handleUnsuccessfulApiResponse(_name, result, spinner) {
@@ -325,13 +325,36 @@ async function queryAPI(path, apiKey) {
 var formatIssues = {};
+var objects = {};
+Object.defineProperty(objects, "__esModule", {
+  value: true
+});
+objects.objectSome = objectSome;
+objects.pick = pick;
+function objectSome(obj) {
+  for (const key in obj) {
+    if (obj[key]) {
+      return true;
+    }
+  }
+  return false;
+}
+function pick(input, keys) {
+  const result = {};
+  for (const key of keys) {
+    result[key] = input[key];
+  }
+  return result;
+}
 Object.defineProperty(formatIssues, "__esModule", {
   value: true
 });
 formatIssues.formatSeverityCount = formatSeverityCount;
 formatIssues.getSeverityCount = getSeverityCount;
 var _misc$2 = sdk.misc;
-var _objects$3 = sdk.objects;
+var _objects$5 = objects;
 const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
 function getDesiredSeverities(lowestToInclude) {
   const result = [];
@@ -353,7 +376,7 @@ function formatSeverityCount(severityCount) {
   return (0, _misc$2.stringJoinWithSeparateFinalSeparator)(summary);
 }
 function getSeverityCount(issues, lowestToInclude) {
-  const severityCount = (0, _objects$3.pick)({
+  const severityCount = (0, _objects$5.pick)({
     low: 0,
     middle: 0,
     high: 0,
@@ -417,7 +440,7 @@ var _chalkMarkdown$3 = sdk.chalkMarkdown;
 var _errors$k = sdk.errors;
 var _formatIssues$1 = formatIssues;
 var _formatting$m = formatting;
-var _objects$2 = sdk.objects;
+var _objects$4 = objects;
 var _sdk$j = sdk.sdk;
 const info = info$1.info = {
   description: 'Look up info regarding a package',
@@ -533,7 +556,7 @@ function formatPackageDataOutput({
       License: Math.floor(score.license.score * 100)
     };
     Object.entries(scoreResult).map(score => console.log(`- ${score[0]}: ${formatScore(score[1])}`));
-    if ((0, _objects$2.objectSome)(severityCount)) {
+    if ((0, _objects$4.objectSome)(severityCount)) {
       const issueSummary = (0, _formatIssues$1.formatSeverityCount)(severityCount);
       console.log('\n');
       spinner[strict ? 'fail' : 'succeed'](`Package has these issues: ${issueSummary}`);
@@ -557,7 +580,7 @@ function formatPackageDataOutput({
       console.log(_chalk$h.default.dim('\nOr rerun', _chalk$h.default.italic(name), 'using the', _chalk$h.default.italic('--json'), 'flag to get full JSON output'));
     }
   }
-  if (strict && (0, _objects$2.objectSome)(severityCount)) {
+  if (strict && (0, _objects$4.objectSome)(severityCount)) {
     process.exit(1);
   }
 }
@@ -844,11 +867,11 @@ fs.existsSync = existsSync;
 fs.findUp = findUp;
 fs.readFileBinary = readFileBinary;
 fs.readFileUtf8 = readFileUtf8;
-var _nodeFs$3 = require$$0;
+var _nodeFs$2 = require$$0;
 var _nodePath$4 = require$$1;
 function existsSync(filepath) {
   try {
-    return filepath ? (0, _nodeFs$3.existsSync)(filepath) : false;
+    return filepath ? (0, _nodeFs$2.existsSync)(filepath) : false;
   } catch {}
   return false;
 }
@@ -865,7 +888,7 @@ async function findUp(name, {
       const filePath = _nodePath$4.join(dir, name);
       try {
         // eslint-disable-next-line no-await-in-loop
-        const stats = await _nodeFs$3.promises.stat(filePath);
+        const stats = await _nodeFs$2.promises.stat(filePath);
         if (stats.isFile()) {
           return filePath;
         }
@@ -876,13 +899,13 @@ async function findUp(name, {
   return undefined;
 }
 async function readFileBinary(filepath, options) {
-  return await _nodeFs$3.promises.readFile(filepath, {
+  return await _nodeFs$2.promises.readFile(filepath, {
     ...options,
     encoding: 'binary'
   });
 }
 async function readFileUtf8(filepath, options) {
-  return await _nodeFs$3.promises.readFile(filepath, {
+  return await _nodeFs$2.promises.readFile(filepath, {
     ...options,
     encoding: 'utf8'
   });
@@ -890,16 +913,6 @@ async function readFileUtf8(filepath, options) {
 var packageManagerDetector = {};
-var strings = {};
-Object.defineProperty(strings, "__esModule", {
-  value: true
-});
-strings.isNonEmptyString = isNonEmptyString;
-function isNonEmptyString(value) {
-  return typeof value === 'string' && value.length > 0;
-}
 Object.defineProperty(packageManagerDetector, "__esModule", {
   value: true
 });
@@ -909,20 +922,20 @@ var _nodePath$3 = require$$1;
 var _packageJson$1 = require$$1$3;
 var _hyrious__bun = require$$2;
 var _promiseSpawn$3 = require$$1$1;
-var _browserslist = require$$4;
-var _semver$1 = require$$3;
-var _which = require$$6$1;
+var _constants = vendor.constants_1;
+var _objects$3 = vendor.objects;
+var _strings$1 = vendor.strings;
+var _browserslist = require$$10;
+var _semver$1 = require$$14;
+var _which = require$$8;
 var _fs$1 = fs;
-var _objects$1 = sdk.objects;
-var _strings$1 = strings;
 const AGENTS = packageManagerDetector.AGENTS = ['bun', 'npm', 'pnpm', 'yarn/berry', 'yarn/classic', 'vlt'];
-const numericCollator = new Intl.Collator(undefined, {
+const {
+  compare: alphaNumericComparator
+} = new Intl.Collator(undefined, {
   numeric: true,
   sensitivity: 'base'
 });
-const {
-  compare: alphaNumericComparator
-} = numericCollator;
 async function getAgentExecPath(agent) {
   return (await _which(agent, {
     nothrow: true
@@ -939,31 +952,6 @@ async function getAgentVersion(agentExecPath, cwd) {
   } catch {}
   return result;
 }
-const maintainedNodeVersions = (() => {
-  // Under the hood browserlist uses the node-releases package which is out of date:
-  // https://github.com/chicoxyzzy/node-releases/issues/37
-  // So we maintain a manual version list for now.
-  // https://nodejs.org/en/about/previous-releases#looking-for-latest-release-of-a-version-branch
-  const manualPrev = '18.20.4';
-  const manualCurr = '20.18.0';
-  const manualNext = '22.10.0';
-  const query = _browserslist('maintained node versions')
-  // Trim value, e.g. 'node 22.5.0' to '22.5.0'.
-  .map(s => s.slice(5 /*'node '.length*/))
-  // Sort ascending.
-  .toSorted(alphaNumericComparator);
-  const queryPrev = query.at(0) ?? manualPrev;
-  const queryCurr = query.at(1) ?? manualCurr;
-  const queryNext = query.at(2) ?? manualNext;
-  const previous = _semver$1.maxSatisfying([queryPrev, manualPrev], `^${_semver$1.major(queryPrev)}`);
-  const current = _semver$1.maxSatisfying([queryCurr, manualCurr], `^${_semver$1.major(queryCurr)}`);
-  const next = _semver$1.maxSatisfying([queryNext, manualNext], `^${_semver$1.major(queryNext)}`);
-  return Object.freeze(Object.assign([previous, current, next], {
-    previous,
-    current,
-    next
-  }));
-})();
 const LOCKS = {
   'bun.lockb': 'bun',
   // If both package-lock.json and npm-shrinkwrap.json are present in the root
@@ -1066,10 +1054,11 @@ async function detect({
     node: true
   };
   let lockSrc;
-  let minimumNodeVersion = maintainedNodeVersions.previous;
+  // Lazily access constants.maintainedNodeVersions.
+  let minimumNodeVersion = _constants.maintainedNodeVersions.previous;
   if (pkgJson) {
     const browserField = pkgJson.browser;
-    if ((0, _strings$1.isNonEmptyString)(browserField) || (0, _objects$1.isObjectObject)(browserField)) {
+    if ((0, _strings$1.isNonEmptyString)(browserField) || (0, _objects$3.isObjectObject)(browserField)) {
       targets.browser = true;
     }
     const nodeRange = pkgJson.engines?.['node'];
@@ -1093,7 +1082,8 @@ async function detect({
         }
       }
     }
-    targets.node = maintainedNodeVersions.some(v => _semver$1.satisfies(v, `>=${minimumNodeVersion}`));
+    // Lazily access constants.maintainedNodeVersions.
+    targets.node = _constants.maintainedNodeVersions.some(v => _semver$1.satisfies(v, `>=${minimumNodeVersion}`));
     lockSrc = typeof lockPath === 'string' ? await readLockFileByAgent[agent](lockPath, agentExecPath) : undefined;
   } else {
     lockPath = undefined;
@@ -1113,88 +1103,6 @@ async function detect({
   };
 }
-var promises = {};
-var arrays = {};
-Object.defineProperty(arrays, "__esModule", {
-  value: true
-});
-arrays.arrayChunk = arrayChunk;
-arrays.arrayUnique = arrayUnique;
-function arrayChunk(arr, size = 2) {
-  const {
-    length
-  } = arr;
-  const chunkSize = Math.min(length, size);
-  const chunks = [];
-  for (let i = 0; i < length; i += chunkSize) {
-    chunks.push(arr.slice(i, i + chunkSize));
-  }
-  return chunks;
-}
-function arrayUnique(arr) {
-  return [...new Set(arr)];
-}
-Object.defineProperty(promises, "__esModule", {
-  value: true
-});
-promises.pEach = pEach;
-promises.pEachChunk = pEachChunk;
-var _arrays = arrays;
-async function pEach(array, concurrency, callbackFn, options) {
-  await pEachChunk((0, _arrays.arrayChunk)(array, concurrency), callbackFn, options);
-}
-async function pEachChunk(chunks, callbackFn, options) {
-  const {
-    signal
-  } = {
-    __proto__: null,
-    ...options
-  };
-  for (const chunk of chunks) {
-    if (signal?.aborted) {
-      return;
-    }
-    // eslint-disable-next-line no-await-in-loop
-    await Promise.all(chunk.map(value => signal?.aborted ? undefined : callbackFn(value, {
-      signal
-    })));
-  }
-}
-var regexps = {};
-Object.defineProperty(regexps, "__esModule", {
-  value: true
-});
-regexps.escapeRegExp = escapeRegExp;
-// Inlined "escape-string-regexp":
-// https://socket.dev/npm/package/escape-string-regexp/overview/5.0.0
-// MIT License
-// Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
-function escapeRegExp(string) {
-  // Escape characters with special meaning either inside or outside character sets.
-  // Use a simple backslash escape when it’s always valid, and a `\xnn` escape when the simpler form would be disallowed by Unicode patterns’ stricter grammar.
-  return string.replace(/[|\\{}()[\]^$+*?.]/g, '\\$&').replace(/-/g, '\\x2d');
-}
-var sorts = {};
-Object.defineProperty(sorts, "__esModule", {
-  value: true
-});
-sorts.localeCompare = void 0;
-sorts.toSortedObject = toSortedObject;
-const {
-  compare: localeCompare
-} = new Intl.Collator();
-sorts.localeCompare = localeCompare;
-function toSortedObject(object, comparator = localeCompare) {
-  return Object.fromEntries(Object.entries(object).sort((a, b) => comparator(a[0], b[0])));
-}
 var _interopRequireDefault$n = vendor.interopRequireDefault.default;
 Object.defineProperty(optimize$1, "__esModule", {
   value: true
@@ -1204,28 +1112,22 @@ var _promises$2 = require$$1$4;
 var _nodePath$2 = require$$1;
 var _promiseSpawn$2 = require$$1$1;
 var _packageJson = require$$1$3;
-var _registry = require$$5$1;
+var _registry = require$$5;
+var _objects$2 = vendor.objects;
+var _packages = vendor.packages;
+var _promises2 = vendor.promises;
+var _regexps = vendor.regexps;
+var _strings = vendor.strings;
 var _meow$m = _interopRequireDefault$n(vendor.build);
 var _npmPackageArg = require$$7;
 var _ora$i = _interopRequireDefault$n(vendor.ora);
-var _pacote = require$$0$1;
-var _semver = require$$3;
-var _tinyglobby = require$$11;
-var _yaml = require$$12;
-var _constants = sdk.constants;
+var _semver = require$$14;
+var _tinyglobby = require$$15;
+var _yaml = require$$16;
 var _flags$j = flags$1;
 var _formatting$k = formatting;
 var _fs = fs;
-var _objects = sdk.objects;
 var _packageManagerDetector = packageManagerDetector;
-var _promises2 = promises;
-var _regexps = regexps;
-var _sorts$1 = sorts;
-var _strings = strings;
-//import cacache from 'cacache'
-//import { packumentCache, pacoteCachePath } from '../constants'
 const COMMAND_TITLE = 'Socket Optimize';
 const OVERRIDES_FIELD_NAME = 'overrides';
 const PNPM_WORKSPACE = 'pnpm-workspace';
@@ -1371,7 +1273,9 @@ const lsByAgent = (() => {
       // `vlt ls --view json` results always have a "name" property.
       const fallback = _id ?? pkgid ?? '';
       const resolvedName = name ?? fallback.slice(0, fallback.indexOf('@', 1));
-      if (resolvedName) {
+      // Add package names, except for those under the `@types` scope as those
+      // are known to only be dev dependencies.
+      if (resolvedName && !resolvedName.startsWith('@types/')) {
         names.add(resolvedName);
       }
     }
@@ -1639,7 +1543,7 @@ async function addOverrides({
       overrides,
       type
     }) => {
-      const overrideExists = (0, _objects.hasOwn)(overrides, origPkgName);
+      const overrideExists = (0, _objects$2.hasOwn)(overrides, origPkgName);
       if (overrideExists || thingScanner(thingToScan, origPkgName)) {
         const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
         const depAlias = depAliasMap.get(origPkgName);
@@ -1659,7 +1563,7 @@ async function addOverrides({
           const thisSpec = oldSpec.startsWith('$') ? depAlias?.id ?? newSpec : oldSpec ?? newSpec;
           if (thisSpec.startsWith(regSpecStartsLike)) {
             if (pin) {
-              thisVersion = _semver.major(_semver.coerce(_npmPackageArg(thisSpec).rawSpec)?.version ?? version) === major ? version : (await fetchPackageManifest(thisSpec))?.version ?? version;
+              thisVersion = _semver.major(_semver.coerce(_npmPackageArg(thisSpec).rawSpec)?.version ?? version) === major ? version : (await (0, _packages.fetchPackageManifest)(thisSpec))?.version ?? version;
             }
             newSpec = `${regSpecStartsLike}^${pin ? thisVersion : _semver.major(thisVersion)}`;
           } else {
@@ -1708,67 +1612,17 @@ async function addOverrides({
     });
   }
   if (state.added.size > 0 || state.updated.size > 0) {
-    editablePkgJson.update(Object.fromEntries(depEntries));
+    editablePkgJson.update((0, _objects$2.objectFromEntries)(depEntries));
     for (const {
       overrides,
       type
     } of overridesDataObjects) {
-      updateManifestByAgent[type](editablePkgJson, (0, _sorts$1.toSortedObject)(overrides));
+      updateManifestByAgent[type](editablePkgJson, (0, _objects$2.toSortedObject)(overrides));
     }
     await editablePkgJson.save();
   }
   return state;
 }
-// type ExtractOptions = pacote.Options & {
-//   tmpPrefix?: string
-//   [key: string]: any
-// }
-// async function extractPackage(pkgNameOrId: string, options: ExtractOptions | undefined, callback: (tmpDirPath: string) => any) {
-//   if (arguments.length === 2 && typeof options === 'function') {
-//     callback = options
-//     options = undefined
-//   }
-//   const { tmpPrefix, ...extractOptions } = { __proto__: null, ...options }
-//   // cacache.tmp.withTmp DOES return a promise.
-//   await cacache.tmp.withTmp(
-//     pacoteCachePath,
-//     { tmpPrefix },
-//     // eslint-disable-next-line @typescript-eslint/no-misused-promises
-//     async tmpDirPath => {
-//       await pacote.extract(pkgNameOrId, tmpDirPath, {
-//         __proto__: null,
-//         packumentCache,
-//         preferOffline: true,
-//         ...<Omit<typeof extractOptions, '__proto__'>>extractOptions
-//       })
-//       await callback(tmpDirPath)
-//     }
-//   )
-// }
-async function fetchPackageManifest(pkgNameOrId, options) {
-  const pacoteOptions = {
-    ...options,
-    packumentCache: _constants.packumentCache,
-    preferOffline: true
-  };
-  const {
-    signal
-  } = pacoteOptions;
-  if (signal?.aborted) {
-    return null;
-  }
-  let result;
-  try {
-    result = await _pacote.manifest(pkgNameOrId, pacoteOptions);
-  } catch {}
-  if (signal?.aborted) {
-    return null;
-  }
-  return result;
-}
 const optimize = optimize$1.optimize = {
   description: 'Optimize dependencies with @socketregistry overrides',
   async run(argv, importMeta, {
@@ -2137,7 +1991,7 @@ view$3.view = void 0;
 var _chalk$f = _interopRequireDefault$j(vendor.source);
 var _meow$i = _interopRequireDefault$j(vendor.build);
 var _ora$g = _interopRequireDefault$j(vendor.ora);
-var _ponyCause$3 = require$$6;
+var _ponyCause$3 = require$$6$1;
 var _flags$g = flags$1;
 var _apiHelpers$g = apiHelpers;
 var _chalkMarkdown$2 = sdk.chalkMarkdown;
@@ -2277,10 +2131,10 @@ Object.defineProperty(create$5, "__esModule", {
 create$5.create = void 0;
 var _nodePath$1 = require$$1;
 var _betterAjvErrors = require$$2$1;
-var _config = require$$3$1;
+var _config = require$$3;
 var _meow$h = _interopRequireDefault$i(vendor.build);
 var _ora$f = _interopRequireDefault$i(vendor.ora);
-var _ponyCause$2 = require$$6;
+var _ponyCause$2 = require$$6$1;
 var _view$2 = view$3;
 var _flags$f = flags$1;
 var _apiHelpers$f = apiHelpers;
@@ -2504,7 +2358,7 @@ Object.defineProperty(meowWithSubcommands$1, "__esModule", {
 meowWithSubcommands$1.meowWithSubcommands = meowWithSubcommands;
 var _meow$g = _interopRequireDefault$h(vendor.build);
 var _formatting$f = formatting;
-var _sorts = sorts;
+var _objects$1 = vendor.objects;
 var _flags$e = flags$1;
 async function meowWithSubcommands(subcommands, options) {
   const {
@@ -2543,8 +2397,8 @@ async function meowWithSubcommands(subcommands, options) {
     Commands
       ${(0, _formatting$f.printHelpList)({
-    ...(0, _sorts.toSortedObject)(subcommands),
-    ...(0, _sorts.toSortedObject)(aliases)
+    ...(0, _objects$1.toSortedObject)(subcommands),
+    ...(0, _objects$1.toSortedObject)(aliases)
   }, 6)}
     Options
@@ -2593,9 +2447,9 @@ Object.defineProperty(wrapper$1, "__esModule", {
   value: true
 });
 wrapper$1.wrapper = void 0;
-var _nodeFs$2 = require$$0;
-var _nodeOs = require$$2$2;
-var _nodeReadline = require$$3$2;
+var _nodeFs$1 = require$$0;
+var _nodeOs = require$$1$5;
+var _nodeReadline = require$$3$1;
 var _meow$f = _interopRequireDefault$g(vendor.build);
 var _flags$d = flags$1;
 var _formatting$e = formatting;
@@ -2628,7 +2482,7 @@ function setupCommand$f(name, description, argv, importMeta) {
     flags
   });
   if (argv[0] === '--postinstall') {
-    const socketWrapperEnabled = _nodeFs$2.existsSync(BASH_FILE) && checkSocketWrapperAlreadySetup(BASH_FILE) || _nodeFs$2.existsSync(ZSH_BASH_FILE) && checkSocketWrapperAlreadySetup(ZSH_BASH_FILE);
+    const socketWrapperEnabled = _nodeFs$1.existsSync(BASH_FILE) && checkSocketWrapperAlreadySetup(BASH_FILE) || _nodeFs$1.existsSync(ZSH_BASH_FILE) && checkSocketWrapperAlreadySetup(ZSH_BASH_FILE);
     if (!socketWrapperEnabled) {
       installSafeNpm(`The Socket CLI is now successfully installed! 🎉
@@ -2651,23 +2505,23 @@ function setupCommand$f(name, description, argv, importMeta) {
     return;
   }
   if (enable) {
-    if (_nodeFs$2.existsSync(BASH_FILE)) {
+    if (_nodeFs$1.existsSync(BASH_FILE)) {
       const socketWrapperEnabled = checkSocketWrapperAlreadySetup(BASH_FILE);
       !socketWrapperEnabled && addAlias(BASH_FILE);
     }
-    if (_nodeFs$2.existsSync(ZSH_BASH_FILE)) {
+    if (_nodeFs$1.existsSync(ZSH_BASH_FILE)) {
       const socketWrapperEnabled = checkSocketWrapperAlreadySetup(ZSH_BASH_FILE);
       !socketWrapperEnabled && addAlias(ZSH_BASH_FILE);
     }
   } else if (disable) {
-    if (_nodeFs$2.existsSync(BASH_FILE)) {
+    if (_nodeFs$1.existsSync(BASH_FILE)) {
       removeAlias(BASH_FILE);
     }
-    if (_nodeFs$2.existsSync(ZSH_BASH_FILE)) {
+    if (_nodeFs$1.existsSync(ZSH_BASH_FILE)) {
       removeAlias(ZSH_BASH_FILE);
     }
   }
-  if (!_nodeFs$2.existsSync(BASH_FILE) && !_nodeFs$2.existsSync(ZSH_BASH_FILE)) {
+  if (!_nodeFs$1.existsSync(BASH_FILE) && !_nodeFs$1.existsSync(ZSH_BASH_FILE)) {
     console.error('There was an issue setting up the alias in your bash profile');
   }
 }
@@ -2689,10 +2543,10 @@ const askQuestion = (rl, query) => {
   rl.question(query, ans => {
     if (ans.toLowerCase() === 'y') {
       try {
-        if (_nodeFs$2.existsSync(BASH_FILE)) {
+        if (_nodeFs$1.existsSync(BASH_FILE)) {
           addAlias(BASH_FILE);
         }
-        if (_nodeFs$2.existsSync(ZSH_BASH_FILE)) {
+        if (_nodeFs$1.existsSync(ZSH_BASH_FILE)) {
           addAlias(ZSH_BASH_FILE);
         }
       } catch (e) {
@@ -2707,7 +2561,7 @@ const askQuestion = (rl, query) => {
   });
 };
 const addAlias = file => {
-  return _nodeFs$2.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
+  return _nodeFs$1.appendFile(file, 'alias npm="socket npm"\nalias npx="socket npx"\n', err => {
     if (err) {
       return new Error(`There was an error setting up the alias: ${err}`);
     }
@@ -2718,14 +2572,14 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
   });
 };
 const removeAlias = file => {
-  return _nodeFs$2.readFile(file, 'utf8', function (err, data) {
+  return _nodeFs$1.readFile(file, 'utf8', function (err, data) {
     if (err) {
       console.error(`There was an error removing the alias: ${err}`);
       return;
     }
     const linesWithoutSocketAlias = data.split('\n').filter(l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"');
     const updatedFileContent = linesWithoutSocketAlias.join('\n');
-    _nodeFs$2.writeFile(file, updatedFileContent, function (err) {
+    _nodeFs$1.writeFile(file, updatedFileContent, function (err) {
       if (err) {
         console.log(err);
         return;
@@ -2736,7 +2590,7 @@ const removeAlias = file => {
   });
 };
 const checkSocketWrapperAlreadySetup = file => {
-  const fileContent = _nodeFs$2.readFileSync(file, 'utf-8');
+  const fileContent = _nodeFs$1.readFileSync(file, 'utf-8');
   const linesWithSocketAlias = fileContent.split('\n').filter(l => l === 'alias npm="socket npm"' || l === 'alias npx="socket npx"');
   if (linesWithSocketAlias.length) {
     console.log(`The Socket npm/npx wrapper is set up in your bash profile (${file}).`);
@@ -2754,13 +2608,13 @@ Object.defineProperty(create$3, "__esModule", {
   value: true
 });
 create$3.create = void 0;
-var _nodeProcess = require$$0$2;
-var _promises$1 = require$$2$3;
+var _nodeProcess = require$$0$1;
+var _promises$1 = require$$2$2;
 var _chalk$e = _interopRequireDefault$f(vendor.source);
 var _meow$e = _interopRequireDefault$f(vendor.build);
 var _open = _interopRequireDefault$f(vendor.open);
 var _ora$e = _interopRequireDefault$f(vendor.ora);
-var _ponyCause$1 = require$$6;
+var _ponyCause$1 = require$$6$1;
 var _apiHelpers$e = apiHelpers;
 var _errors$f = sdk.errors;
 var _formatting$d = formatting;
@@ -3049,7 +2903,7 @@ Object.defineProperty(list$3, "__esModule", {
 });
 list$3.list = void 0;
 var _chalk$c = _interopRequireDefault$d(vendor.source);
-var _chalkTable$3 = require$$2$4;
+var _chalkTable$3 = require$$2$3;
 var _meow$c = _interopRequireDefault$d(vendor.build);
 var _ora$c = _interopRequireDefault$d(vendor.ora);
 var _flags$b = flags$1;
@@ -3760,7 +3614,7 @@ Object.defineProperty(list$1, "__esModule", {
 });
 list$1.list = void 0;
 var _chalk$6 = _interopRequireDefault$7(vendor.source);
-var _chalkTable$2 = require$$2$4;
+var _chalkTable$2 = require$$2$3;
 var _meow$6 = _interopRequireDefault$7(vendor.build);
 var _ora$6 = _interopRequireDefault$7(vendor.ora);
 var _flags$6 = flags$1;
@@ -4023,7 +3877,7 @@ Object.defineProperty(view$1, "__esModule", {
 });
 view$1.view = void 0;
 var _chalk$4 = _interopRequireDefault$5(vendor.source);
-var _chalkTable$1 = require$$2$4;
+var _chalkTable$1 = require$$2$3;
 var _meow$4 = _interopRequireDefault$5(vendor.build);
 var _ora$4 = _interopRequireDefault$5(vendor.ora);
 var _flags$4 = flags$1;
@@ -4168,7 +4022,7 @@ Object.defineProperty(dependencies$1, "__esModule", {
 });
 dependencies$1.dependencies = void 0;
 var _chalk$3 = _interopRequireDefault$4(vendor.source);
-var _chalkTable = require$$2$4;
+var _chalkTable = require$$2$3;
 var _meow$3 = _interopRequireDefault$4(vendor.build);
 var _ora$3 = _interopRequireDefault$4(vendor.ora);
 var _flags$3 = flags$1;
@@ -4302,8 +4156,8 @@ Object.defineProperty(analytics$1, "__esModule", {
 });
 analytics$1.analytics = void 0;
 var _promises = require$$1$4;
-var _blessed$1 = require$$2$5;
-var _blessedContrib$1 = require$$3$3;
+var _blessed$1 = require$$2$4;
+var _blessedContrib$1 = require$$3$2;
 var _chalk$2 = _interopRequireDefault$3(vendor.source);
 var _meow$2 = _interopRequireDefault$3(vendor.build);
 var _ora$2 = _interopRequireDefault$3(vendor.ora);
@@ -4622,8 +4476,8 @@ Object.defineProperty(get$1, "__esModule", {
   value: true
 });
 get$1.get = void 0;
-var _nodeFs$1 = require$$0;
-var _nodeUtil = require$$0$3;
+var _nodeFs = require$$0;
+var _nodeUtil = require$$0$2;
 var _chalk$1 = _interopRequireDefault$2(vendor.source);
 var _meow$1 = _interopRequireDefault$2(vendor.build);
 var _ora$1 = _interopRequireDefault$2(vendor.ora);
@@ -4744,7 +4598,7 @@ async function getDiffScan({
   }
   spinner.stop();
   if (file && !outputJson) {
-    _nodeFs$1.writeFile(file, JSON.stringify(data), err => {
+    _nodeFs.writeFile(file, JSON.stringify(data), err => {
       err ? console.error(err) : console.log(`Data successfully written to ${file}`);
     });
     return;
@@ -4797,8 +4651,8 @@ Object.defineProperty(threatFeed$1, "__esModule", {
   value: true
 });
 threatFeed$1.threatFeed = void 0;
-var _blessed = require$$2$5;
-var _blessedContrib = require$$3$3;
+var _blessed = require$$2$4;
+var _blessedContrib = require$$3$2;
 var _meow = _interopRequireDefault$1(vendor.build);
 var _ora = _interopRequireDefault$1(vendor.ora);
 var _flags = flags$1;
@@ -5176,20 +5030,23 @@ const getMinDiff = (start, end) => Math.floor((end - start) / 60000);
 var _interopRequireWildcard = vendor.interopRequireWildcard.default;
 var _interopRequireDefault = vendor.interopRequireDefault.default;
-var _nodeFs = require$$0;
 var _nodePath = require$$1;
-var _nodeUrl = require$$2$6;
+var _nodeUrl = require$$8$1;
+var _objects = vendor.objects;
 var _chalk = _interopRequireDefault(vendor.source);
-var _ponyCause = require$$6;
-var _updateNotifier = _interopRequireDefault(vendor.updateNotifier);
+var _ponyCause = require$$6$1;
+var _tinyUpdater = _interopRequireDefault(vendor.dist);
 var cliCommands = _interopRequireWildcard(commands, true);
 var _chalkMarkdown = sdk.chalkMarkdown;
 var _errors = sdk.errors;
 var _meowWithSubcommands = meowWithSubcommands$1;
 const distPath = __dirname;
 const rootPath = _nodePath.resolve(distPath, '..');
-const formattedCliCommands = Object.fromEntries(Object.entries(cliCommands).map(entry => {
-  entry[0] = camelToHyphen(entry[0]);
+const rootPkgJsonPath = _nodePath.join(rootPath, 'package.json');
+const rootPkgJson = require(rootPkgJsonPath);
+const formattedCliCommands = (0, _objects.objectFromEntries)((0, _objects.objectEntries)(cliCommands).map(entry => {
+  const key = entry[0];
+  entry[0] = typeof key === 'string' ? camelToHyphen(key) : key;
   return entry;
 }));
 function camelToHyphen(str) {
@@ -5198,11 +5055,11 @@ function camelToHyphen(str) {
 // TODO: Add autocompletion using https://socket.dev/npm/package/omelette
 void (async () => {
-  try {
-    (0, _updateNotifier.default)({
-      pkg: JSON.parse((0, _nodeFs.readFileSync)(_nodePath.join(rootPath, 'package.json'), 'utf8'))
-    }).notify();
-  } catch {}
+  await (0, _tinyUpdater.default)({
+    name: rootPkgJson.name,
+    version: rootPkgJson.version,
+    ttl: 86_400_000 /* 24 hours in milliseconds */
+  });
   try {
     await (0, _meowWithSubcommands.meowWithSubcommands)(formattedCliCommands, {
       aliases: {
@@ -5218,9 +5075,9 @@ void (async () => {
       }
     });
   } catch (err) {
+    let errorBody;
     let errorTitle;
     let errorMessage = '';
-    let errorBody;
     if (err instanceof _errors.AuthError) {
       errorTitle = 'Authentication error';
       errorMessage = err.message;