socket 0.14.25 → 0.14.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -14
- package/dist/cli.js +358 -300
- package/dist/{chalk-markdown.d.ts → color-or-markdown.d.ts} +2 -2
- package/dist/npm-injection.js +47 -43
- package/dist/sdk.js +37 -36
- package/dist/vendor.js +150 -1498
- package/package.json +22 -24
package/README.md
CHANGED
|
@@ -21,33 +21,44 @@ socket wrapper --enable
|
|
|
21
21
|
|
|
22
22
|
## Commands
|
|
23
23
|
|
|
24
|
-
|
|
24
|
+
### Popular Commands
|
|
25
|
+
|
|
26
|
+
- `socket npm [args...]` and `socket npx [args...]` - Wraps `npm` and `npx` to
|
|
27
|
+
integrate Socket and preempt installation of alerted packages using the
|
|
28
|
+
builtin resolution of `npm` to precisely determine package installations.
|
|
25
29
|
|
|
26
30
|
- `socket optimize` - Optimize dependencies with
|
|
27
|
-
[`@socketregistry`](https://github.com/SocketDev/socket-registry) overrides
|
|
28
|
-
_(👀 [our blog post](https://socket.dev/blog/introducing-socket-optimize)
|
|
31
|
+
[`@socketregistry`](https://github.com/SocketDev/socket-registry) overrides!
|
|
32
|
+
_(👀 [our blog post](https://socket.dev/blog/introducing-socket-optimize))_
|
|
33
|
+
- `--pin` - Pin overrides to their latest version.
|
|
34
|
+
- `--prod` - Add overrides for only production dependencies.
|
|
35
|
+
|
|
36
|
+
### Other Commands
|
|
29
37
|
|
|
30
|
-
|
|
31
|
-
-
|
|
38
|
+
- `socket cdxgen [command]` - Call out to
|
|
39
|
+
[cdxgen](https://cyclonedx.github.io/cdxgen/#/?id=getting-started). See
|
|
40
|
+
[their documentation](https://cyclonedx.github.io/cdxgen/#/CLI?id=getting-help)
|
|
41
|
+
for commands.
|
|
42
|
+
|
|
43
|
+
- `socket info <package@version>` - Look up issues for a package.
|
|
32
44
|
|
|
33
|
-
- `socket raw-npm` and `socket raw-npx` - Temporarily
|
|
34
|
-
'safe-npm' wrapper.
|
|
45
|
+
- `socket raw-npm [args...]` and `socket raw-npx [args...]` - Temporarily
|
|
46
|
+
disable the Socket 'safe-npm' wrapper.
|
|
35
47
|
|
|
36
|
-
- `socket report create <path(s)-to-folder-or-file>` -
|
|
48
|
+
- `socket report create <path(s)-to-folder-or-file>` - Create a report on
|
|
37
49
|
[Socket.dev](https://socket.dev/)
|
|
38
50
|
|
|
39
51
|
Upload the specified `package.json` and lock files for JavaScript, Python, and
|
|
40
52
|
Go dependency manifests. If any folder is specified, the ones found in there
|
|
41
53
|
recursively are uploaded.
|
|
42
54
|
|
|
43
|
-
|
|
44
|
-
`**/pyproject.toml`, and `**/go.mod
|
|
55
|
+
Glob patterns such as `**/package.json`, `**/requirements.txt`,
|
|
56
|
+
`**/pyproject.toml`, and `**/go.mod` is supported.
|
|
45
57
|
|
|
46
|
-
|
|
58
|
+
Intuitively ignores files matching your project's `.gitignore`, the
|
|
47
59
|
`projectIgnorePaths` in your project's
|
|
48
|
-
[`socket.yml`](https://docs.socket.dev/docs/socket-yml) and
|
|
49
|
-
|
|
50
|
-
[default ignores](https://socket.dev/npm/package/ignore-by-default)
|
|
60
|
+
[`socket.yml`](https://docs.socket.dev/docs/socket-yml), and a sensible set of
|
|
61
|
+
[default ignore patterns](https://socket.dev/npm/package/ignore-by-default).
|
|
51
62
|
|
|
52
63
|
- `socket report view <report-id>` - Look up issues and scores from a report.
|
|
53
64
|
|