socket 0.14.28 → 0.14.30

package/dist/{npm-cli.js → require/npm-cli.js}

@@ -5,22 +5,22 @@ var vendor = require('./vendor.js');
 var require$$0 = require('node:fs');
 var require$$1 = require('node:path');
 var require$$1$1 = require('@npmcli/promise-spawn');
+var constants = require('./constants.js');
 var link = require('./link.js');
 var pathResolve = require('./path-resolve.js');
 
-var npmCli$1 = {};
+var npmCli$2 = {};
 
-var npmCli = {};
+var npmCli$1 = {};
 
 var _nodeFs = require$$0;
 var _nodePath = require$$1;
 var _promiseSpawn = require$$1$1;
+var _constants = constants.constants;
 var _link = link.link;
 var _pathResolve = pathResolve.pathResolve;
-const realFilename = (0, _nodeFs.realpathSync)(__filename);
-const realDirname = _nodePath.dirname(realFilename);
-const npmPath = (0, _link.installLinks)(_nodePath.join(realDirname, 'bin'), 'npm');
-const injectionPath = _nodePath.join(realDirname, 'npm-injection.js');
+const npmPath = (0, _link.installLinks)(_constants.shadowBinPath, 'npm');
+const injectionPath = _nodePath.join(_constants.distPath, 'npm-injection.js');
 
 // Adding the `--quiet` and `--no-progress` flags when the `proc-log` module
 // is found to fix a UX issue when running the command with recent versions of
@@ -42,7 +42,7 @@ if (npmArgs.includes('install') && !npmArgs.includes('--no-progress') && !npmArg
   }
 }
 process.exitCode = 1;
-const spawnPromise = _promiseSpawn(process.execPath, ['--require', injectionPath, npmPath, ...npmArgs], {
+const spawnPromise = _promiseSpawn(process.execPath, ['--disable-warning', 'ExperimentalWarning', '--require', injectionPath, npmPath, ...npmArgs], {
   stdio: 'inherit'
 });
 spawnPromise.process.on('exit', (code, signal) => {
@@ -66,7 +66,7 @@ spawnPromise.process.on('exit', (code, signal) => {
 	    return _npmCli.default;
 	  }
 	});
-	var _npmCli = _interopRequireWildcard(npmCli, true);
+	var _npmCli = _interopRequireWildcard(npmCli$1, true);
 	Object.keys(_npmCli).forEach(function (key) {
 	  if (key === "default" || key === "__esModule") return;
 	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
@@ -78,6 +78,8 @@ spawnPromise.process.on('exit', (code, signal) => {
 	    }
 	  });
 	}); 
-} (npmCli$1));
+} (npmCli$2));
+
+var npmCli = /*@__PURE__*/vendor.getDefaultExportFromCjs(npmCli$2);
 
-module.exports = npmCli$1;
+module.exports = npmCli;

package/dist/require/npm-injection.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/{npm-injection.js → require/npm-injection.js}

@@ -1,34 +1,36 @@
 'use strict';
 
 var vendor = require('./vendor.js');
+var constants = require('./constants.js');
+var require$$1$3 = require('node:events');
 var require$$0 = require('node:fs');
+var require$$3$2 = require('node:https');
 var require$$1$1 = require('node:path');
-var require$$1$3 = require('node:events');
-var require$$3$3 = require('node:https');
 var require$$3 = require('node:readline');
 var require$$5 = require('node:stream');
 var require$$7$1 = require('node:timers/promises');
 var require$$5$1 = require('npm-package-arg');
-var require$$3$2 = require('@socketregistry/yocto-spinner');
-var require$$3$1 = require('semver');
+var require$$3$1 = require('@socketregistry/yocto-spinner');
+var require$$4 = require('semver');
 var require$$6$1 = require('@socketsecurity/config');
 var require$$7 = require('@socketsecurity/registry/lib/objects');
+var require$$8 = require('@socketsecurity/registry/lib/packages');
 var require$$1$2 = require('node:net');
 var require$$1 = require('node:os');
 var sdk = require('./sdk.js');
 var pathResolve = require('./path-resolve.js');
 var link = require('./link.js');
 
-var npmInjection$1 = {};
+var npmInjection$2 = {};
 
-var npmInjection = {};
+var npmInjection$1 = {};
 
 var arborist = {};
 
 var ttyServer$1 = {};
 
 var name = "socket";
-var version = "0.14.28";
+var version = "0.14.30";
 var description = "CLI tool for Socket.dev";
 var homepage = "http://github.com/SocketDev/socket-cli";
 var license = "MIT";
@@ -42,9 +44,43 @@ var author = {
 	url: "https://socket.dev"
 };
 var bin = {
-	socket: "dist/cli.js",
-	"socket-npm": "dist/npm-cli.js",
-	"socket-npx": "dist/npx-cli.js"
+	socket: "./bin/cli.js",
+	"socket-npm": "./bin/npm-cli.js",
+	"socket-npx": "./bin/npx-cli.js"
+};
+var exports$1 = {
+	"./bin/cli.js": {
+		"module-sync": {
+			types: "./dist/module-sync/cli.d.ts",
+			"default": "./dist/module-sync/cli.js"
+		},
+		require: {
+			types: "./dist/require/cli.d.ts",
+			"default": "./dist/require/cli.js"
+		}
+	},
+	"./bin/npm-cli.js": {
+		"module-sync": {
+			types: "./dist/module-sync/npm-cli.d.ts",
+			"default": "./dist/module-sync/npm-cli.js"
+		},
+		require: {
+			types: "./dist/require/npm-cli.d.ts",
+			"default": "./dist/require/npm-cli.js"
+		}
+	},
+	"./bin/npx-cli.js": {
+		"module-sync": {
+			types: "./dist/module-sync/npx-cli.d.ts",
+			"default": "./dist/module-sync/npx-cli.js"
+		},
+		require: {
+			types: "./dist/require/npx-cli.d.ts",
+			"default": "./dist/require/npx-cli.js"
+		}
+	},
+	"./package.json": "./package.json",
+	"./translations.json": "./translations.json"
 };
 var scripts = {
 	build: "run-s build:*",
@@ -59,22 +95,22 @@ var scripts = {
 	lint: "oxlint -c=./.oxlintrc.json --ignore-path=./.prettierignore --tsconfig=./tsconfig.json .",
 	"lint:fix": "npm run lint -- --fix && npm run lint:fix:fast",
 	"lint:fix:fast": "prettier --cache --log-level warn --write .",
-	prepare: "husky",
+	prepare: "husky && custompatch",
 	test: "run-s check build:* test:*",
 	"test:c8": "c8 --reporter=none node --test 'test/socket-npm.test.cjs'",
 	"test-ci": "run-s build:* test:*",
-	"test:unit": "tap",
-	"test:coverage": "cp -r .tap/coverage/*.json coverage/tmp && c8 --reporter=lcov --reporter=text --include 'dist/*.js' --exclude 'dist/vendor.js' report"
+	"test:unit": "tap-run",
+	"test:coverage": "cp -r .tap/coverage/*.json coverage/tmp && c8 --reporter=lcov --reporter=text --include 'dist/{module-sync,require}/*.js' --exclude 'dist/require/vendor.js' report"
 };
 var dependencies = {
 	"@apideck/better-ajv-errors": "^0.3.6",
-	"@cyclonedx/cdxgen": "^11.0.3",
+	"@cyclonedx/cdxgen": "^11.0.5",
 	"@inquirer/prompts": "^7.1.0",
 	"@npmcli/promise-spawn": "^8.0.2",
 	"@socketregistry/hyrious__bun.lockb": "1.0.5",
 	"@socketregistry/yocto-spinner": "^1.0.1",
 	"@socketsecurity/config": "^2.1.3",
-	"@socketsecurity/registry": "^1.0.32",
+	"@socketsecurity/registry": "^1.0.33",
 	"@socketsecurity/sdk": "^1.3.0",
 	blessed: "^0.1.81",
 	"blessed-contrib": "^4.11.0",
@@ -99,18 +135,19 @@ var devDependencies = {
 	"@babel/plugin-proposal-export-default-from": "^7.25.9",
 	"@babel/plugin-syntax-dynamic-import": "^7.8.3",
 	"@babel/plugin-transform-export-namespace-from": "^7.25.9",
-	"@babel/plugin-transform-modules-commonjs": "^7.25.9",
+	"@babel/plugin-transform-modules-commonjs": "^7.26.3",
 	"@babel/plugin-transform-runtime": "^7.25.9",
 	"@babel/preset-env": "^7.26.0",
 	"@babel/preset-typescript": "^7.26.0",
 	"@babel/runtime": "^7.26.0",
-	"@eslint/compat": "^1.2.3",
+	"@eslint/compat": "^1.2.4",
 	"@eslint/js": "^9.16.0",
 	"@rollup/plugin-commonjs": "^28.0.1",
 	"@rollup/plugin-json": "^6.1.0",
 	"@rollup/plugin-node-resolve": "^15.3.0",
 	"@rollup/plugin-replace": "^6.0.1",
 	"@rollup/pluginutils": "^5.1.3",
+	"@tapjs/run": "^4.0.1",
 	"@types/blessed": "^0.1.25",
 	"@types/micromatch": "^4.0.9",
 	"@types/mocha": "^10.0.10",
@@ -126,29 +163,29 @@ var devDependencies = {
 	"@typescript-eslint/eslint-plugin": "^8.17.0",
 	"@typescript-eslint/parser": "^8.17.0",
 	c8: "^10.1.2",
+	custompatch: "^1.0.28",
 	eslint: "^9.16.0",
-	"eslint-import-resolver-oxc": "^0.5.0",
+	"eslint-import-resolver-oxc": "^0.6.0",
 	"eslint-plugin-depend": "^0.12.0",
-	"eslint-plugin-import-x": "^4.4.3",
+	"eslint-plugin-import-x": "^4.5.0",
 	"eslint-plugin-n": "^17.14.0",
 	"eslint-plugin-sort-destructure-keys": "^2.0.0",
 	"eslint-plugin-unicorn": "^56.0.1",
 	husky: "^9.1.7",
 	"is-interactive": "^2.0.0",
 	"is-unicode-supported": "^2.1.0",
-	knip: "^5.39.0",
+	knip: "^5.39.2",
 	"magic-string": "^0.30.14",
 	meow: "^13.2.0",
 	"mock-fs": "^5.4.1",
 	nock: "^13.5.6",
 	"npm-run-all2": "^7.0.1",
 	open: "^10.1.0",
-	oxlint: "0.14.0",
-	prettier: "3.4.1",
+	oxlint: "0.14.1",
+	prettier: "3.4.2",
 	"read-package-up": "^11.0.0",
-	rollup: "4.28.0",
+	rollup: "4.28.1",
 	"rollup-plugin-ts": "^3.4.5",
-	tap: "^21.0.1",
 	"terminal-link": "^3.0.0",
 	"tiny-updater": "^3.5.2",
 	"type-coverage": "^2.29.7",
@@ -219,6 +256,7 @@ var require$$6 = {
 	repository: repository,
 	author: author,
 	bin: bin,
+	exports: exports$1,
 	scripts: scripts,
 	dependencies: dependencies,
 	devDependencies: devDependencies,
@@ -232,10 +270,10 @@ Object.defineProperty(ttyServer$1, "__esModule", {
   value: true
 });
 ttyServer$1.createTTYServer = createTTYServer;
-var _nodeFs$2 = require$$0;
+var _nodeFs$1 = require$$0;
 var _nodeNet = require$$1$2;
 var _nodeOs = require$$1;
-var _nodePath$2 = require$$1$1;
+var _nodePath$1 = require$$1$1;
 var _nodeReadline$1 = require$$3;
 var _nodeStream$1 = require$$5;
 var _package = require$$6;
@@ -243,7 +281,7 @@ var _misc$1 = sdk.misc;
 const NEWLINE_CHAR_CODE = 10; /*'\n'*/
 
 const TTY_IPC = process.env['SOCKET_SECURITY_TTY_IPC'];
-const sock = _nodePath$2.join(_nodeOs.tmpdir(), `socket-security-tty-${process.pid}.sock`);
+const sock = _nodePath$1.join(_nodeOs.tmpdir(), `socket-security-tty-${process.pid}.sock`);
 process.env['SOCKET_SECURITY_TTY_IPC'] = sock;
 function createNonStandardTTYServer() {
   return {
@@ -416,7 +454,7 @@ function createStandardTTYServer(isInteractive, npmlog) {
 }
 function tryUnlinkSync(filepath) {
   try {
-    (0, _nodeFs$2.unlinkSync)(filepath);
+    (0, _nodeFs$1.unlinkSync)(filepath);
   } catch (e) {
     if ((0, _misc$1.isErrnoException)(e) && e.code !== 'ENOENT') {
       throw e;
@@ -582,31 +620,30 @@ Object.defineProperty(arborist, "__esModule", {
 arborist.SafeArborist = void 0;
 arborist.installSafeArborist = installSafeArborist;
 var _nodeEvents = require$$1$3;
-var _nodeFs$1 = require$$0;
-var _nodeHttps = require$$3$3;
-var _nodePath$1 = require$$1$1;
+var _nodeFs = require$$0;
+var _nodeHttps = require$$3$2;
+var _nodePath = require$$1$1;
 var _nodeReadline = require$$3;
 var _nodeStream = require$$5;
 var _promises = require$$7$1;
 var _isInteractive = _interopRequireDefault(vendor.isInteractive);
 var _npmPackageArg = require$$5$1;
-var _yoctoSpinner = require$$3$2;
-var _semver = require$$3$1;
+var _yoctoSpinner = require$$3$1;
+var _semver = require$$4;
 var _config = require$$6$1;
 var _objects = require$$7;
+var _packages = require$$8;
 var _ttyServer = ttyServer$1;
-var _constants = sdk.constants;
+var _constants$1 = constants.constants;
 var _colorOrMarkdown = sdk.colorOrMarkdown;
 var _issueRules = issueRules;
 var _misc = sdk.misc;
 var _pathResolve = pathResolve.pathResolve;
 var _sdk = sdk.sdk;
 var _settings = sdk.settings;
-const POTENTIALLY_BUG_ERROR_SNIPPET = 'this is potentially a bug with socket-npm caused by changes to the npm cli';
-const distPath$1 = __dirname;
-const rootPath$1 = _nodePath$1.resolve(distPath$1, '..');
-const npmEntrypoint = (0, _nodeFs$1.realpathSync)(process.argv[1]);
-const npmRootPath = (0, _pathResolve.findRoot)(_nodePath$1.dirname(npmEntrypoint));
+const POTENTIAL_BUG_ERROR_MESSAGE = `This is may be a bug with socket-npm related to changes to the npm CLI.\nPlease report to ${_constants$1.SOCKET_CLI_ISSUES_URL}.`;
+const npmEntrypoint = (0, _nodeFs.realpathSync)(process.argv[1]);
+const npmRootPath = (0, _pathResolve.findRoot)(_nodePath.dirname(npmEntrypoint));
 function tryRequire(...ids) {
   for (const data of ids) {
     let id;
@@ -630,32 +667,29 @@ function tryRequire(...ids) {
   return undefined;
 }
 if (npmRootPath === undefined) {
-  console.error(`Unable to find npm cli install directory, ${POTENTIALLY_BUG_ERROR_SNIPPET}.`);
-  console.error(`Searched parent directories of ${npmEntrypoint}`);
+  console.error(`Unable to find npm CLI install directory.\nSearched parent directories of ${npmEntrypoint}.\n\n${POTENTIAL_BUG_ERROR_MESSAGE}`);
   process.exit(127);
 }
-const LOOP_SENTINEL = 1_000_000;
-const NPM_REGISTRY_URL = 'https://registry.npmjs.org';
-const npmNmPath = _nodePath$1.join(npmRootPath, 'node_modules');
-const arboristPkgPath = _nodePath$1.join(npmNmPath, '@npmcli/arborist');
-const arboristClassPath = _nodePath$1.join(arboristPkgPath, 'lib/arborist/index.js');
-const arboristDepValidPath = _nodePath$1.join(arboristPkgPath, 'lib/dep-valid.js');
-const arboristEdgeClassPath = _nodePath$1.join(arboristPkgPath, 'lib/edge.js');
-const arboristNodeClassPath = _nodePath$1.join(arboristPkgPath, 'lib/node.js');
-const arboristOverrideSetClassPatch = _nodePath$1.join(arboristPkgPath, 'lib/override-set.js');
-const log = tryRequire([_nodePath$1.join(npmNmPath, 'proc-log/lib/index.js'),
+const npmNmPath = _nodePath.join(npmRootPath, 'node_modules');
+const arboristPkgPath = _nodePath.join(npmNmPath, '@npmcli/arborist');
+const arboristClassPath = _nodePath.join(arboristPkgPath, 'lib/arborist/index.js');
+const arboristDepValidPath = _nodePath.join(arboristPkgPath, 'lib/dep-valid.js');
+const arboristEdgeClassPath = _nodePath.join(arboristPkgPath, 'lib/edge.js');
+const arboristNodeClassPath = _nodePath.join(arboristPkgPath, 'lib/node.js');
+const arboristOverrideSetClassPatch = _nodePath.join(arboristPkgPath, 'lib/override-set.js');
+const log = tryRequire([_nodePath.join(npmNmPath, 'proc-log/lib/index.js'),
 // The proc-log DefinitelyTyped definition is incorrect. The type definition
 // is really that of its export log.
-mod => mod.log], _nodePath$1.join(npmNmPath, 'npmlog/lib/log.js'));
+mod => mod.log], _nodePath.join(npmNmPath, 'npmlog/lib/log.js'));
 if (log === undefined) {
-  console.error(`Unable to integrate with npm cli logging infrastructure, ${POTENTIALLY_BUG_ERROR_SNIPPET}.`);
+  console.error(`Unable to integrate with npm CLI logging infrastructure.\n\n${POTENTIAL_BUG_ERROR_MESSAGE}.`);
   process.exit(127);
 }
-const pacote = tryRequire(_nodePath$1.join(npmNmPath, 'pacote'), 'pacote');
+const pacote = tryRequire(_nodePath.join(npmNmPath, 'pacote'), 'pacote');
 const {
   tarball
 } = pacote;
-const translations = require(_nodePath$1.join(rootPath$1, 'translations.json'));
+const translations = require(_nodePath.join(_constants$1.rootPath, 'translations.json'));
 const abortController = new AbortController();
 const {
   signal: abortSignal
@@ -684,11 +718,11 @@ async function uxLookup(settings) {
 }
 async function* batchScan(pkgIds) {
   const query = {
-    packages: pkgIds.map(pkgid => {
+    packages: pkgIds.map(id => {
       const {
         name,
         version
-      } = pkgidParts(pkgid);
+      } = pkgidParts(id);
       return {
         eco: 'npm',
         pkg: name,
@@ -698,7 +732,7 @@ async function* batchScan(pkgIds) {
     })
   };
   // TODO: Migrate to SDK.
-  const pkgDataReq = _nodeHttps.request(`${_constants.API_V0_URL}/scan/batch`, {
+  const pkgDataReq = _nodeHttps.request(`${_constants$1.API_V0_URL}/scan/batch`, {
     method: 'POST',
     headers: {
       Authorization: `Basic ${Buffer.from(`${pubToken}:`).toString('base64url')}`
@@ -730,10 +764,10 @@ function findSocketYmlSync() {
   let prevDir = null;
   let dir = process.cwd();
   while (dir !== prevDir) {
-    let ymlPath = _nodePath$1.join(dir, 'socket.yml');
+    let ymlPath = _nodePath.join(dir, 'socket.yml');
     let yml = maybeReadfileSync(ymlPath);
     if (yml === undefined) {
-      ymlPath = _nodePath$1.join(dir, 'socket.yaml');
+      ymlPath = _nodePath.join(dir, 'socket.yaml');
       yml = maybeReadfileSync(ymlPath);
     }
     if (typeof yml === 'string') {
@@ -747,7 +781,7 @@ function findSocketYmlSync() {
       }
     }
     prevDir = dir;
-    dir = _nodePath$1.join(dir, '..');
+    dir = _nodePath.join(dir, '..');
   }
   return null;
 }
@@ -775,36 +809,46 @@ function findSpecificOverrideSet(first, second) {
 }
 function maybeReadfileSync(filepath) {
   try {
-    return (0, _nodeFs$1.readFileSync)(filepath, 'utf8');
+    return (0, _nodeFs.readFileSync)(filepath, 'utf8');
   } catch {}
   return undefined;
 }
 async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
+  const spinner = _yoctoSpinner({
+    stream: output
+  });
   let result = false;
-  let remaining = pkgs.length;
+  let {
+    length: remaining
+  } = pkgs;
   if (!remaining) {
-    _yoctoSpinner().success('No changes detected');
+    spinner.success('No changes detected');
     return result;
   }
   const getText = () => `Looking up data for ${remaining} packages`;
-  const spinner = _yoctoSpinner({
-    stream: output
-  }).start(getText());
+  spinner.start(getText());
   try {
-    for await (const pkgData of batchScan(pkgs.map(pkg => pkg.pkgid))) {
-      let failures = [];
-      let displayWarning = false;
-      const name = pkgData.pkg;
-      const version = pkgData.ver;
+    for await (const pkgData of batchScan(pkgs.map(p => p.pkgid))) {
+      const {
+        pkg: name,
+        ver: version
+      } = pkgData;
       const id = `${name}@${version}`;
+      let displayWarning = false;
+      let failures = [];
       if (pkgData.type === 'missing') {
         result = true;
         failures.push({
-          type: 'missingDependency'
+          type: 'missingDependency',
+          block: false,
+          raw: undefined
         });
       } else {
         let blocked = false;
         for (const failure of pkgData.value.issues) {
+          const {
+            type
+          } = failure;
           // eslint-disable-next-line no-await-in-loop
           const ux = await uxLookup({
             package: {
@@ -812,36 +856,37 @@ async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
               version
             },
             issue: {
-              type: failure.type
+              type
             }
           });
-          if (ux.display || ux.block) {
+          if (ux.block) {
+            result = true;
+            blocked = true;
+          }
+          if (ux.display) {
+            displayWarning = true;
+          }
+          if (ux.block || ux.display) {
             failures.push({
-              raw: failure,
-              block: ux.block
+              type,
+              block: ux.block,
+              raw: failure
             });
             // Before we ask about problematic issues, check to see if they
             // already existed in the old version if they did, be quiet.
-            const pkg = pkgs.find(pkg => pkg.pkgid === id && pkg.existing?.startsWith(`${name}@`));
+            const pkg = pkgs.find(p => p.pkgid === id && p.existing?.startsWith(`${name}@`));
             if (pkg?.existing) {
+              const oldPkgData =
               // eslint-disable-next-line no-await-in-loop
-              for await (const oldPkgData of batchScan([pkg.existing])) {
-                if (oldPkgData.type === 'success') {
-                  failures = failures.filter(issue => oldPkgData.value.issues.find(oldIssue => oldIssue.type === issue.raw.type) == null);
-                }
+              (await batchScan([pkg.existing]).next()).value;
+              if (oldPkgData.type === 'success') {
+                failures = failures.filter(issue => oldPkgData.value.issues.find(oldIssue => oldIssue.type === issue.type) === undefined);
               }
             }
           }
-          if (ux.block) {
-            result = true;
-            blocked = true;
-          }
-          if (ux.display) {
-            displayWarning = true;
-          }
         }
         if (!blocked) {
-          const pkg = pkgs.find(pkg => pkg.pkgid === id);
+          const pkg = pkgs.find(p => p.pkgid === id);
           if (pkg) {
             await tarball.stream(id, stream => {
               stream.resume();
@@ -853,17 +898,27 @@ async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
         }
       }
       if (displayWarning) {
-        spinner.stop();
-        output?.write(`(socket) ${formatter.hyperlink(id, `https://socket.dev/npm/package/${name}/overview/${version}`)} contains risks:\n`);
-        failures.sort((a, b) => a.raw.type < b.raw.type ? -1 : 1);
+        spinner.stop(`(socket) ${formatter.hyperlink(id, `https://socket.dev/npm/package/${name}/overview/${version}`)} contains risks:`);
+        // Filter issues for blessed packages.
+        if ((0, _packages.isBlessedPackageName)(name)) {
+          failures = failures.filter(({
+            type
+          }) => type !== 'unpopularPackage' && type !== 'unstableOwnership');
+        }
+        failures.sort((a, b) => a.type < b.type ? -1 : 1);
         const lines = new Set();
         for (const failure of failures) {
-          const type = failure.raw.type;
-          if (type) {
-            const issueTypeTranslation = translations.issues[type];
-            // TODO: emoji seems to mis-align terminals sometimes
-            lines.add(`  ${issueTypeTranslation?.title ?? type}${failure.block ? '' : ' (non-blocking)'} - ${issueTypeTranslation?.description ?? ''}\n`);
-          }
+          const {
+            type
+          } = failure;
+          // Based data from { pageProps: { alertTypes } } of:
+          // https://socket.dev/_next/data/94666139314b6437ee4491a0864e72b264547585/en-US.json
+          const info = translations.issues[type];
+          const title = info?.title ?? type;
+          const maybeBlocking = failure.block ? '' : ' (non-blocking)';
+          const maybeDesc = info?.description ? ` - ${info.description}` : '';
+          // TODO: emoji seems to mis-align terminals sometimes
+          lines.add(`  ${title}${maybeBlocking}${maybeDesc}\n`);
         }
         for (const line of lines) {
           output?.write(line);
@@ -875,9 +930,7 @@ async function packagesHaveRiskyIssues(safeArb, _registry, pkgs, output) {
     }
     return result;
   } finally {
-    if (spinner.isSpinning) {
-      spinner.stop();
-    }
+    spinner.stop();
   }
 }
 function pkgidParts(pkgid) {
@@ -889,18 +942,8 @@ function pkgidParts(pkgid) {
     version
   };
 }
-function toPURL(pkgid, resolved) {
-  const repo = resolved.replace(/#[\s\S]*$/u, '').replace(/\?[\s\S]*$/u, '').replace(/\/[^/]*\/-\/[\s\S]*$/u, '');
-  const {
-    name,
-    version
-  } = pkgidParts(pkgid);
-  return {
-    type: 'npm',
-    namespace_and_name: name,
-    version,
-    repository_url: repo
-  };
+function toRepoUrl(resolved) {
+  return resolved.replace(/#[\s\S]*$/, '').replace(/\?[\s\S]*$/, '').replace(/\/[^/]*\/-\/[\s\S]*$/, '');
 }
 function walk(diff_, needInfoOn = []) {
   const queue = [diff_];
@@ -909,7 +952,7 @@ function walk(diff_, needInfoOn = []) {
     length: queueLength
   } = queue;
   while (pos < queueLength) {
-    if (pos === LOOP_SENTINEL) {
+    if (pos === _constants$1.LOOP_SENTINEL) {
       throw new Error('Detected infinite loop while walking Arborist diff');
     }
     const diff = queue[pos++];
@@ -931,12 +974,8 @@ function walk(diff_, needInfoOn = []) {
       if (keep && diff.ideal?.pkgid && diff.ideal.resolved && (!diff.actual || diff.actual.resolved)) {
         needInfoOn.push({
           existing,
-          action: diff.action,
-          location: diff.ideal.location,
           pkgid: diff.ideal.pkgid,
-          newPackage: toPURL(diff.ideal.pkgid, diff.ideal.resolved),
-          oldPackage: diff.actual && diff.actual.resolved ? toPURL(diff.actual.pkgid, diff.actual.resolved) : null,
-          resolved: diff.ideal.resolved
+          repository_url: toRepoUrl(diff.ideal.resolved)
         });
       }
     }
@@ -1485,7 +1524,7 @@ class SafeOverrideSet extends OverrideSet {
       length: queueLength
     } = queue;
     while (pos < queueLength) {
-      if (pos === LOOP_SENTINEL) {
+      if (pos === _constants$1.LOOP_SENTINEL) {
         throw new Error('Detected infinite loop while comparing override sets');
       }
       const {
@@ -1627,10 +1666,10 @@ class SafeArborist extends Arborist {
     options['save'] = old.save;
     options['saveBundle'] = old.saveBundle;
     // Nothing to check, mmm already installed or all private?
-    if (diff.findIndex(c => c.newPackage.repository_url === NPM_REGISTRY_URL) === -1) {
+    if (diff.findIndex(c => c.repository_url === _constants$1.NPM_REGISTRY_URL) === -1) {
       return await this[kRiskyReify](...args);
     }
-    let proceed = _constants.ENV.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE;
+    let proceed = _constants$1.ENV[_constants$1.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE];
     if (!proceed) {
       proceed = await ttyServer.captureTTY(async (input, output) => {
         if (input && output) {
@@ -1767,16 +1806,11 @@ void (async () => {
   _uxLookup = (0, _issueRules.createIssueUXLookup)(settings);
 })();
 
-var _nodeFs = require$$0;
-var _nodePath = require$$1$1;
+var _constants = constants.constants;
 var _arborist = arborist;
 var _link = link.link;
-const distPath = __dirname;
-const rootPath = _nodePath.resolve(distPath, '..');
-const binPath = _nodePath.join(rootPath, 'bin');
-
-// shadow `npm` and `npx` to mitigate subshells
-(0, _link.installLinks)((0, _nodeFs.realpathSync)(binPath), 'npm');
+// Shadow `npm` and `npx` to mitigate subshells.
+(0, _link.installLinks)(_constants.shadowBinPath, 'npm');
 (0, _arborist.installSafeArborist)();
 
 (function (exports) {
@@ -1792,7 +1826,7 @@ const binPath = _nodePath.join(rootPath, 'bin');
 	    return _npmInjection.default;
 	  }
 	});
-	var _npmInjection = _interopRequireWildcard(npmInjection, true);
+	var _npmInjection = _interopRequireWildcard(npmInjection$1, true);
 	Object.keys(_npmInjection).forEach(function (key) {
 	  if (key === "default" || key === "__esModule") return;
 	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
@@ -1804,6 +1838,8 @@ const binPath = _nodePath.join(rootPath, 'bin');
 	    }
 	  });
 	}); 
-} (npmInjection$1));
+} (npmInjection$2));
+
+var npmInjection = /*@__PURE__*/vendor.getDefaultExportFromCjs(npmInjection$2);
 
-module.exports = npmInjection$1;
+module.exports = npmInjection;