socket 0.14.32 → 0.14.34

package/dist/require/constants.js

@@ -1,80 +1,3 @@
-'use strict';
+'use strict'
 
-function _interop(e) {
-  let d
-  if (e) {
-    let c = 0
-    for (const k in e) {
-      d = c++ === 0 && k === 'default' ? e[k] : void 0
-      if (!d) break
-    }
-  }
-  return d ?? e
-}
-
-var require$$0 = _interop(require('node:fs'));
-var require$$1 = _interop(require('node:path'));
-var require$$2 = _interop(require('@socketsecurity/registry/lib/env'));
-var require$$3 = _interop(require('@socketsecurity/registry/lib/constants'));
-var require$$4 = _interop(require('semver'));
-
-var constants = {};
-
-Object.defineProperty(constants, "__esModule", {
-  value: true
-});
-constants.synpBinPath = constants.shadowBinPath = constants.rootPkgJsonPath = constants.rootPath = constants.rootDistPath = constants.rootBinPath = constants.nmBinPath = constants.distPath = constants.cdxgenBinPath = constants.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE = constants.SUPPORTS_SYNC_ESM = constants.SOCKET_PUBLIC_API_KEY = constants.SOCKET_CLI_ISSUES_URL = constants.NPM_REGISTRY_URL = constants.LOOP_SENTINEL = constants.ENV = constants.DIST_TYPE = constants.API_V0_URL = void 0;
-var _nodeFs = require$$0;
-var _nodePath = require$$1;
-var _env = require$$2;
-var _constants = require$$3;
-var _semver = require$$4;
-const {
-  PACKAGE_JSON
-} = _constants;
-const SUPPORTS_SYNC_ESM = constants.SUPPORTS_SYNC_ESM = _semver.satisfies(process.versions.node, '>=22.12');
-constants.API_V0_URL = 'https://api.socket.dev/v0';
-const DIST_TYPE = constants.DIST_TYPE = SUPPORTS_SYNC_ESM ? 'module-sync' : 'require';
-constants.LOOP_SENTINEL = 1_000_000;
-constants.NPM_REGISTRY_URL = 'https://registry.npmjs.org';
-constants.SOCKET_PUBLIC_API_KEY = 'sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api';
-const SOCKET_CLI_ISSUES_URL = constants.SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues';
-const UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE = constants.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE = 'UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE';
-constants.ENV = Object.freeze({
-  // Flag set by the optimize command to bypass the packagesHaveRiskyIssues check.
-  [UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE]: (0, _env.envAsBoolean)(process.env[UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE])
-});
-
-// Dynamically detect the rootPath so constants.ts can be used in tests.
-const rootPath = constants.rootPath = (() => {
-  let oldPath;
-  let currPath = (0, _nodeFs.realpathSync)(__dirname);
-  // Dirname stops when at the filepath root, e.g. '/' for posix and 'C:\\' for win32,
-  // so `currPath` equal `oldPath`.
-  while (currPath !== oldPath) {
-    const pkgJsonPath = _nodePath.join(currPath, PACKAGE_JSON);
-    if ((0, _nodeFs.existsSync)(pkgJsonPath)) {
-      try {
-        // Content matching socket is replaced by
-        // the @rollup/plugin-replace plugin used in .config/rollup.base.config.mjs
-        // with either 'socket' or '@socketsecurity/cli'.
-        if (require(pkgJsonPath)?.name === 'socket') {
-          return currPath;
-        }
-      } catch {}
-    }
-    oldPath = currPath;
-    currPath = _nodePath.dirname(currPath);
-  }
-  throw new TypeError(`Socket CLI initialization error: rootPath cannot be resolved.\n\nPlease report to ${SOCKET_CLI_ISSUES_URL}.`);
-})();
-const rootDistPath = constants.rootDistPath = _nodePath.join(rootPath, 'dist');
-constants.rootBinPath = _nodePath.join(rootPath, 'bin');
-constants.rootPkgJsonPath = _nodePath.join(rootPath, PACKAGE_JSON);
-const nmBinPath = constants.nmBinPath = _nodePath.join(rootPath, 'node_modules/.bin');
-constants.cdxgenBinPath = _nodePath.join(nmBinPath, 'cdxgen');
-constants.distPath = _nodePath.join(rootDistPath, DIST_TYPE);
-constants.shadowBinPath = _nodePath.join(rootPath, 'shadow', DIST_TYPE);
-constants.synpBinPath = _nodePath.join(nmBinPath, 'synp');
-
-exports.constants = constants;
+module.exports = require('../constants.js')

package/dist/require/link.js

@@ -1,20 +1,17 @@
 'use strict';
 
-function _interop(e) {
-  let d
-  if (e) {
-    let c = 0
-    for (const k in e) {
-      d = c++ === 0 && k === 'default' ? e[k] : void 0
-      if (!d) break
-    }
+function _socketInterop(e) {
+  let c = 0
+  for (const k in e ?? {}) {
+    c = c === 0 && k === 'default' ? 1 : 0
+    if (!c) break
   }
-  return d ?? e
+  return c ? e.default : e
 }
 
-var require$$0 = _interop(require('node:fs'));
-var require$$1 = _interop(require('node:path'));
-var require$$4 = _interop(require('which'));
+var require$$0 = require('node:fs');
+var require$$1 = require('node:path');
+var require$$4 = _socketInterop(require('which'));
 
 var link = {};
 

package/dist/require/npm-cli.js

@@ -1,25 +1,22 @@
 #!/usr/bin/env node
 'use strict';
 
-function _interop(e) {
-  let d
-  if (e) {
-    let c = 0
-    for (const k in e) {
-      d = c++ === 0 && k === 'default' ? e[k] : void 0
-      if (!d) break
-    }
+function _socketInterop(e) {
+  let c = 0
+  for (const k in e ?? {}) {
+    c = c === 0 && k === 'default' ? 1 : 0
+    if (!c) break
   }
-  return d ?? e
+  return c ? e.default : e
 }
 
-var vendor = _interop(require('./vendor.js'));
-var require$$0 = _interop(require('node:fs'));
-var require$$1 = _interop(require('node:path'));
-var require$$1$1 = _interop(require('@npmcli/promise-spawn'));
-var constants = _interop(require('./constants.js'));
-var link = _interop(require('./link.js'));
-var pathResolve = _interop(require('./path-resolve.js'));
+var vendor = require('./vendor.js');
+var require$$0 = require('node:fs');
+var require$$1 = require('node:path');
+var require$$1$1 = _socketInterop(require('@npmcli/promise-spawn'));
+var constants = require('./constants.js');
+var link = require('./link.js');
+var pathResolve = require('./path-resolve.js');
 
 var npmCli$2 = {};
 
@@ -31,8 +28,13 @@ var _promiseSpawn = require$$1$1;
 var _constants = constants.constants;
 var _link = link.link;
 var _pathResolve = pathResolve.pathResolve;
-const npmPath = (0, _link.installLinks)(_constants.shadowBinPath, 'npm');
-const injectionPath = _nodePath.join(_constants.distPath, 'npm-injection.js');
+const {
+  distPath,
+  execPath,
+  shadowBinPath
+} = _constants;
+const npmPath = (0, _link.installLinks)(shadowBinPath, 'npm');
+const injectionPath = _nodePath.join(distPath, 'npm-injection.js');
 
 // Adding the `--quiet` and `--no-progress` flags when the `proc-log` module
 // is found to fix a UX issue when running the command with recent versions of
@@ -54,7 +56,9 @@ if (npmArgs.includes('install') && !npmArgs.includes('--no-progress') && !npmArg
   }
 }
 process.exitCode = 1;
-const spawnPromise = _promiseSpawn(process.execPath, ['--disable-warning', 'ExperimentalWarning', '--require', injectionPath, npmPath, ...npmArgs], {
+const spawnPromise = _promiseSpawn(execPath, [
+// Lazily access constants.nodeNoWarningsFlags.
+..._constants.nodeNoWarningsFlags, '--require', injectionPath, npmPath, ...npmArgs], {
   stdio: 'inherit'
 });
 spawnPromise.process.on('exit', (code, signal) => {

package/dist/require/npm-injection.js

@@ -1,37 +1,35 @@
 'use strict';
 
-function _interop(e) {
-  let d
-  if (e) {
-    let c = 0
-    for (const k in e) {
-      d = c++ === 0 && k === 'default' ? e[k] : void 0
-      if (!d) break
-    }
+function _socketInterop(e) {
+  let c = 0
+  for (const k in e ?? {}) {
+    c = c === 0 && k === 'default' ? 1 : 0
+    if (!c) break
   }
-  return d ?? e
+  return c ? e.default : e
 }
 
-var vendor = _interop(require('./vendor.js'));
-var constants = _interop(require('./constants.js'));
-var require$$1$4 = _interop(require('node:events'));
-var require$$0 = _interop(require('node:fs'));
-var require$$3$2 = _interop(require('node:https'));
-var require$$1$1 = _interop(require('node:path'));
-var require$$3 = _interop(require('node:readline'));
-var require$$6$2 = _interop(require('node:timers/promises'));
-var require$$1$3 = _interop(require('@inquirer/confirm'));
-var require$$3$1 = _interop(require('@socketregistry/yocto-spinner'));
-var require$$5$1 = _interop(require('npm-package-arg'));
-var require$$4 = _interop(require('semver'));
-var require$$6$1 = _interop(require('@socketsecurity/config'));
-var require$$7 = _interop(require('@socketsecurity/registry/lib/objects'));
-var require$$1$2 = _interop(require('node:net'));
-var require$$1 = _interop(require('node:os'));
-var require$$5 = _interop(require('node:stream'));
-var sdk = _interop(require('./sdk.js'));
-var pathResolve = _interop(require('./path-resolve.js'));
-var link = _interop(require('./link.js'));
+var vendor = require('./vendor.js');
+var constants = require('./constants.js');
+var require$$1$4 = require('node:events');
+var require$$0 = require('node:fs');
+var require$$3$3 = require('node:https');
+var require$$1$1 = require('node:path');
+var require$$3 = require('node:readline');
+var require$$6$2 = require('node:timers/promises');
+var require$$1$3 = require('@socketsecurity/registry/lib/prompts');
+var require$$3$2 = require('@socketregistry/yocto-spinner');
+var require$$5$1 = _socketInterop(require('npm-package-arg'));
+var require$$3$1 = _socketInterop(require('semver'));
+var require$$6$1 = require('@socketsecurity/config');
+var require$$7 = require('@socketsecurity/registry/lib/objects');
+var require$$8 = require('@socketsecurity/registry/lib/packages');
+var require$$1$2 = require('node:net');
+var require$$1 = require('node:os');
+var require$$5 = require('node:stream');
+var sdk = require('./sdk.js');
+var pathResolve = require('./path-resolve.js');
+var link = require('./link.js');
 
 var npmInjection$2 = {};
 
@@ -42,7 +40,7 @@ var arborist = {};
 var ttyServer$1 = {};
 
 var name = "socket";
-var version = "0.14.32";
+var version = "0.14.34";
 var description = "CLI tool for Socket.dev";
 var homepage = "http://github.com/SocketDev/socket-cli";
 var license = "MIT";
@@ -62,34 +60,19 @@ var bin = {
 };
 var exports$1 = {
 	"./bin/cli.js": {
-		"module-sync": {
-			types: "./dist/module-sync/cli.d.ts",
-			"default": "./dist/module-sync/cli.js"
-		},
-		require: {
-			types: "./dist/require/cli.d.ts",
-			"default": "./dist/require/cli.js"
-		}
+		types: "./dist/module-sync/cli.d.ts",
+		"module-sync": "./dist/module-sync/cli.js",
+		require: "./dist/require/cli.js"
 	},
 	"./bin/npm-cli.js": {
-		"module-sync": {
-			types: "./dist/module-sync/npm-cli.d.ts",
-			"default": "./dist/module-sync/npm-cli.js"
-		},
-		require: {
-			types: "./dist/require/npm-cli.d.ts",
-			"default": "./dist/require/npm-cli.js"
-		}
+		types: "./dist/module-sync/npm-cli.d.ts",
+		"module-sync": "./dist/module-sync/npm-cli.js",
+		require: "./dist/require/npm-cli.js"
 	},
 	"./bin/npx-cli.js": {
-		"module-sync": {
-			types: "./dist/module-sync/npx-cli.d.ts",
-			"default": "./dist/module-sync/npx-cli.js"
-		},
-		require: {
-			types: "./dist/require/npx-cli.d.ts",
-			"default": "./dist/require/npx-cli.js"
-		}
+		types: "./dist/module-sync/npx-cli.d.ts",
+		"module-sync": "./dist/module-sync/npx-cli.js",
+		require: "./dist/require/npx-cli.js"
 	},
 	"./package.json": "./package.json",
 	"./translations.json": "./translations.json"
@@ -108,23 +91,20 @@ var scripts = {
 	"lint:fix": "npm run lint -- --fix && npm run lint:fix:fast",
 	"lint:fix:fast": "prettier --cache --log-level warn --write .",
 	prepare: "husky && custompatch",
-	test: "run-s check build:* test:*",
-	"test:c8": "c8 --reporter=none node --test 'test/socket-npm.test.cjs'",
+	test: "run-s check build:* test:* test:coverage:*",
 	"test-ci": "run-s build:* test:*",
 	"test:unit": "tap-run",
-	"test:coverage": "cp -r .tap/coverage/*.json coverage/tmp && c8 --reporter=lcov --reporter=text --include 'dist/{module-sync,require}/*.js' --exclude 'dist/require/vendor.js' report"
+	"test:coverage:c8": "c8 --reporter=none node --test 'test/socket-npm.test.cjs'",
+	"test:coverage:merge": "cp -r .tap/coverage/*.json coverage/tmp && c8 --reporter=lcov --reporter=text --include 'dist/{module-sync,require}/*.js' --exclude 'dist/require/vendor.js' report"
 };
 var dependencies = {
 	"@apideck/better-ajv-errors": "^0.3.6",
 	"@cyclonedx/cdxgen": "^11.0.5",
-	"@inquirer/confirm": "^5.0.2",
-	"@inquirer/password": "^4.0.3",
-	"@inquirer/select": "^4.0.3",
 	"@npmcli/promise-spawn": "^8.0.2",
 	"@socketregistry/hyrious__bun.lockb": "1.0.5",
 	"@socketregistry/yocto-spinner": "^1.0.1",
 	"@socketsecurity/config": "^2.1.3",
-	"@socketsecurity/registry": "^1.0.35",
+	"@socketsecurity/registry": "^1.0.51",
 	"@socketsecurity/sdk": "^1.3.0",
 	blessed: "^0.1.81",
 	"blessed-contrib": "^4.11.0",
@@ -228,6 +208,8 @@ var overrides = {
 	semver: "$semver",
 	"set-function-length": "npm:@socketregistry/set-function-length@^1",
 	"side-channel": "npm:@socketregistry/side-channel@^1",
+	"tiny-colors": "$yoctocolors-cjs",
+	typedarray: "npm:@socketregistry/typedarray@^1",
 	yaml: "$yaml"
 };
 var resolutions = {
@@ -251,6 +233,8 @@ var resolutions = {
 	semver: "^7.6.3",
 	"set-function-length": "npm:@socketregistry/set-function-length@^1",
 	"side-channel": "npm:@socketregistry/side-channel@^1",
+	"tiny-colors": "npm:yoctocolors-cjs@^2.1.2",
+	typedarray: "npm:@socketregistry/typedarray@^1",
 	yaml: "^2.6.0"
 };
 var engines = {
@@ -321,7 +305,7 @@ function createNonStandardTTYServer() {
                   output: hasOutput
                 },
                 ipc_version: remote_ipc_version
-              } = JSON.parse(lineBuff.subarray(0, eolIndex).toString('utf-8'));
+              } = JSON.parse(lineBuff.subarray(0, eolIndex).toString('utf8'));
               lineBuff = null;
               captured = true;
               if (remote_ipc_version !== _package.version) {
@@ -479,12 +463,12 @@ function createTTYServer(isInteractive, npmlog) {
   return !isInteractive && TTY_IPC ? createNonStandardTTYServer() : createStandardTTYServer(isInteractive, npmlog);
 }
 
-var issueRules = {};
+var alertRules = {};
 
-Object.defineProperty(issueRules, "__esModule", {
+Object.defineProperty(alertRules, "__esModule", {
   value: true
 });
-issueRules.createAlertUXLookup = createAlertUXLookup;
+alertRules.createAlertUXLookup = createAlertUXLookup;
 //#region UX Constants
 
 const IGNORE_UX = {
@@ -507,7 +491,7 @@ const ERROR_UX = {
  * all issue rules and finds the first defined value that does not defer otherwise
  * uses the defaultValue. Takes the value and converts into a UX workflow
  */
-function resolveIssueRuleUX(entriesOrderedIssueRules, defaultValue) {
+function resolveAlertRuleUX(orderedRulesCollection, defaultValue) {
   if (defaultValue === true || defaultValue == null) {
     defaultValue = {
       action: 'error'
@@ -520,9 +504,9 @@ function resolveIssueRuleUX(entriesOrderedIssueRules, defaultValue) {
   let block = false;
   let display = false;
   let needDefault = true;
-  iterate_entries: for (const issueRuleArr of entriesOrderedIssueRules) {
-    for (const rule of issueRuleArr) {
-      if (issueRuleValueDoesNotDefer(rule)) {
+  iterate_entries: for (const rules of orderedRulesCollection) {
+    for (const rule of rules) {
+      if (ruleValueDoesNotDefer(rule)) {
         needDefault = false;
         const narrowingFilter = uxForDefinedNonDeferValue(rule);
         block = block || narrowingFilter.block;
@@ -548,13 +532,13 @@ function resolveIssueRuleUX(entriesOrderedIssueRules, defaultValue) {
 /**
  * Negative form because it is narrowing the type
  */
-function issueRuleValueDoesNotDefer(issueRule) {
-  if (issueRule === undefined) {
+function ruleValueDoesNotDefer(rule) {
+  if (rule === undefined) {
     return false;
-  } else if (issueRule !== null && typeof issueRule === 'object') {
+  } else if (rule !== null && typeof rule === 'object') {
     const {
       action
-    } = issueRule;
+    } = rule;
     if (action === undefined || action === 'defer') {
       return false;
     }
@@ -565,13 +549,13 @@ function issueRuleValueDoesNotDefer(issueRule) {
 /**
  * Handles booleans for backwards compatibility
  */
-function uxForDefinedNonDeferValue(issueRuleValue) {
-  if (typeof issueRuleValue === 'boolean') {
-    return issueRuleValue ? ERROR_UX : IGNORE_UX;
+function uxForDefinedNonDeferValue(ruleValue) {
+  if (typeof ruleValue === 'boolean') {
+    return ruleValue ? ERROR_UX : IGNORE_UX;
   }
   const {
     action
-  } = issueRuleValue;
+  } = ruleValue;
   if (action === 'warn') {
     return WARN_UX;
   } else if (action === 'ignore') {
@@ -593,9 +577,9 @@ function createAlertUXLookup(settings) {
     if (ux) {
       return ux;
     }
-    const entriesOrderedIssueRules = [];
+    const orderedRulesCollection = [];
     for (const settingsEntry of settings.entries) {
-      const orderedIssueRules = [];
+      const orderedRules = [];
       let target = settingsEntry.start;
       while (target !== null) {
         const resolvedTarget = settingsEntry.settings[target];
@@ -604,11 +588,11 @@ function createAlertUXLookup(settings) {
         }
         const issueRuleValue = resolvedTarget.issueRules?.[type];
         if (typeof issueRuleValue !== 'undefined') {
-          orderedIssueRules.push(issueRuleValue);
+          orderedRules.push(issueRuleValue);
         }
         target = resolvedTarget.deferTo ?? null;
       }
-      entriesOrderedIssueRules.push(orderedIssueRules);
+      orderedRulesCollection.push(orderedRules);
     }
     const defaultValue = settings.defaults.issueRules[type];
     let resolvedDefaultValue = {
@@ -623,7 +607,7 @@ function createAlertUXLookup(settings) {
         action: defaultValue.action ?? 'error'
       };
     }
-    ux = resolveIssueRuleUX(entriesOrderedIssueRules, resolvedDefaultValue);
+    ux = resolveAlertRuleUX(orderedRulesCollection, resolvedDefaultValue);
     cachedUX.set(type, ux);
     return ux;
   };
@@ -637,26 +621,37 @@ arborist.SafeArborist = void 0;
 arborist.installSafeArborist = installSafeArborist;
 var _nodeEvents = require$$1$4;
 var _nodeFs = require$$0;
-var _nodeHttps = require$$3$2;
+var _nodeHttps = require$$3$3;
 var _nodePath = require$$1$1;
 var _nodeReadline = require$$3;
 var _promises = require$$6$2;
-var _confirm = require$$1$3;
-var _yoctoSpinner = require$$3$1;
+var _prompts = require$$1$3;
+var _yoctoSpinner = require$$3$2;
 var _isInteractive = _interopRequireDefault(vendor.isInteractive);
 var _npmPackageArg = require$$5$1;
-var _semver = require$$4;
+var _semver = require$$3$1;
 var _config = require$$6$1;
 var _objects = require$$7;
+var _packages = require$$8;
 var _ttyServer = ttyServer$1;
 var _constants$1 = constants.constants;
 var _colorOrMarkdown = sdk.colorOrMarkdown;
-var _issueRules = issueRules;
+var _alertRules = alertRules;
 var _misc = sdk.misc;
 var _pathResolve = pathResolve.pathResolve;
 var _sdk = sdk.sdk;
 var _settings = sdk.settings;
-const POTENTIAL_BUG_ERROR_MESSAGE = `This is may be a bug with socket-npm related to changes to the npm CLI.\nPlease report to ${_constants$1.SOCKET_CLI_ISSUES_URL}.`;
+const {
+  API_V0_URL,
+  ENV,
+  LOOP_SENTINEL,
+  NPM_REGISTRY_URL,
+  SOCKET_CLI_ISSUES_URL,
+  SOCKET_PUBLIC_API_KEY,
+  UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE,
+  rootPath
+} = _constants$1;
+const POTENTIAL_BUG_ERROR_MESSAGE = `This is may be a bug with socket-npm related to changes to the npm CLI.\nPlease report to ${SOCKET_CLI_ISSUES_URL}.`;
 const npmEntrypoint = (0, _nodeFs.realpathSync)(process.argv[1]);
 const npmRootPath = (0, _pathResolve.findRoot)(_nodePath.dirname(npmEntrypoint));
 function tryRequire(...ids) {
@@ -704,7 +699,7 @@ const pacote = tryRequire(_nodePath.join(npmNmPath, 'pacote'), 'pacote');
 const {
   tarball
 } = pacote;
-const translations = require(_nodePath.join(_constants$1.rootPath, 'translations.json'));
+const translations = require(_nodePath.join(rootPath, 'translations.json'));
 const abortController = new AbortController();
 const {
   signal: abortSignal
@@ -717,7 +712,7 @@ const OverrideSet = require(arboristOverrideSetClassPatch);
 const kCtorArgs = Symbol('ctorArgs');
 const kRiskyReify = Symbol('riskyReify');
 const formatter = new _colorOrMarkdown.ColorOrMarkdown(false);
-const pubToken = (0, _sdk.getDefaultKey)() ?? _constants$1.SOCKET_PUBLIC_API_KEY;
+const pubToken = (0, _sdk.getDefaultKey)() ?? SOCKET_PUBLIC_API_KEY;
 const ttyServer = (0, _ttyServer.createTTYServer)((0, _isInteractive.default)({
   stream: process.stdin
 }), log);
@@ -732,7 +727,7 @@ async function uxLookup(settings) {
   return _uxLookup(settings);
 }
 async function* batchScan(pkgIds) {
-  const req = _nodeHttps.request(`${_constants$1.API_V0_URL}/purl?alerts=true`, {
+  const req = _nodeHttps.request(`${API_V0_URL}/purl?alerts=true`, {
     method: 'POST',
     headers: {
       Authorization: `Basic ${Buffer.from(`${pubToken}:`).toString('base64url')}`
@@ -848,7 +843,7 @@ async function getPackagesAlerts(safeArb, _registry, pkgs, output) {
       const {
         version
       } = artifact;
-      const name = `${artifact.namespace ? `${artifact.namespace}/` : ''}${artifact.name}`;
+      const name = (0, _packages.resolvePackageName)(artifact);
       const id = `${name}@${artifact.version}`;
       let blocked = false;
       let displayWarning = false;
@@ -881,20 +876,16 @@ async function getPackagesAlerts(safeArb, _registry, pkgs, output) {
           });
           // Before we ask about problematic issues, check to see if they
           // already existed in the old version if they did, be quiet.
-          const pkg = pkgs.find(p => p.pkgid === id && p.existing?.startsWith(`${name}@`));
-          if (pkg?.existing) {
-            // const oldArtifact: SocketArtifact =
-            //   // eslint-disable-next-line no-await-in-loop
-            //   (await batchScan([pkg.existing]).next()).value
-            // console.log('oldArtifact', oldArtifact)
-            // if (oldArtifact.type === 'success') {
-            //   issues = issues.filter(
-            //     ({ type }) =>
-            //       oldPkgData.value.issues.find(
-            //         oldIssue => oldIssue.type === type
-            //       ) === undefined
-            //   )
-            // }
+          const existing = pkgs.find(p => p.existing?.startsWith(`${name}@`))?.existing;
+          if (existing) {
+            const oldArtifact =
+            // eslint-disable-next-line no-await-in-loop
+            (await batchScan([existing]).next()).value;
+            if (oldArtifact?.alerts?.length) {
+              alerts = alerts.filter(({
+                type
+              }) => !oldArtifact.alerts?.find(a => a.type === type));
+            }
           }
         }
       }
@@ -950,30 +941,38 @@ function walk(diff_, needInfoOn = []) {
     length: queueLength
   } = queue;
   while (pos < queueLength) {
-    if (pos === _constants$1.LOOP_SENTINEL) {
+    if (pos === LOOP_SENTINEL) {
       throw new Error('Detected infinite loop while walking Arborist diff');
     }
     const diff = queue[pos++];
     if (!diff) {
       continue;
     }
-    if (diff.action) {
-      const sameVersion = diff.actual?.package.version === diff.ideal?.package.version;
+    const {
+      action
+    } = diff;
+    if (action) {
+      const oldNode = diff.actual;
+      const oldPkgid = oldNode?.pkgid;
+      const pkgNode = diff.ideal;
+      const pkgid = pkgNode?.pkgid;
+      let existing;
       let keep = false;
-      let existing = null;
-      if (diff.action === 'CHANGE') {
-        if (!sameVersion) {
-          existing = diff.actual.pkgid;
+      if (action === 'CHANGE') {
+        if (pkgNode?.package.version !== oldNode?.package.version) {
           keep = true;
+          if (oldNode?.package.name && oldNode.package.name === pkgNode?.package.name) {
+            existing = oldPkgid;
+          }
         }
       } else {
-        keep = diff.action !== 'REMOVE';
+        keep = action !== 'REMOVE';
       }
-      if (keep && diff.ideal?.pkgid && diff.ideal.resolved && (!diff.actual || diff.actual.resolved)) {
+      if (keep && pkgid && pkgNode.resolved && (!oldNode || oldNode.resolved)) {
         needInfoOn.push({
           existing,
-          pkgid: diff.ideal.pkgid,
-          repository_url: toRepoUrl(diff.ideal.resolved)
+          pkgid,
+          repository_url: toRepoUrl(pkgNode.resolved)
         });
       }
     }
@@ -1522,7 +1521,7 @@ class SafeOverrideSet extends OverrideSet {
       length: queueLength
     } = queue;
     while (pos < queueLength) {
-      if (pos === _constants$1.LOOP_SENTINEL) {
+      if (pos === LOOP_SENTINEL) {
         throw new Error('Detected infinite loop while comparing override sets');
       }
       const {
@@ -1664,10 +1663,10 @@ class SafeArborist extends Arborist {
     options['save'] = old.save;
     options['saveBundle'] = old.saveBundle;
     // Nothing to check, mmm already installed or all private?
-    if (diff.findIndex(c => c.repository_url === _constants$1.NPM_REGISTRY_URL) === -1) {
+    if (diff.findIndex(c => c.repository_url === NPM_REGISTRY_URL) === -1) {
       return await this[kRiskyReify](...args);
     }
-    let proceed = _constants$1.ENV[_constants$1.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE];
+    let proceed = ENV[UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE];
     if (!proceed) {
       proceed = await ttyServer.captureTTY(async (input, output) => {
         if (input && output) {
@@ -1675,7 +1674,7 @@ class SafeArborist extends Arborist {
           if (!alerts.length) {
             return true;
           }
-          return await _confirm({
+          return await (0, _prompts.confirm)({
             message: 'Accept risks of installing these packages?',
             default: false
           }, {
@@ -1784,14 +1783,18 @@ void (async () => {
       }
     });
   }
-  _uxLookup = (0, _issueRules.createAlertUXLookup)(settings);
+  _uxLookup = (0, _alertRules.createAlertUXLookup)(settings);
 })();
 
 var _constants = constants.constants;
 var _arborist = arborist;
 var _link = link.link;
+const {
+  shadowBinPath
+} = _constants;
+
 // Shadow `npm` and `npx` to mitigate subshells.
-(0, _link.installLinks)(_constants.shadowBinPath, 'npm');
+(0, _link.installLinks)(shadowBinPath, 'npm');
 (0, _arborist.installSafeArborist)();
 
 (function (exports) {