socket 0.14.48 → 0.14.49

package/dist/module-sync/cli.js

@@ -54,8 +54,8 @@ var index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs');
 var sorts = require('@socketsecurity/registry/lib/sorts');
 var strings = require('@socketsecurity/registry/lib/strings');
 var yaml = _socketInterop(require('yaml'));
-var npm$1 = require('./npm.js');
 var npmPaths = require('./npm-paths.js');
+var npm$1 = require('./npm.js');
 var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
 var config$A = require('@socketsecurity/config');
 var readline = require('node:readline/promises');
@@ -1285,6 +1285,51 @@ async function runAction(githubEventBefore, githubEventAfter) {
   }
 }
 
+const {
+  API_V0_URL
+} = constants;
+function handleUnsuccessfulApiResponse(_name, result, spinner) {
+  // SocketSdkErrorType['error'] is not typed.
+  const resultErrorMessage = result.error?.message;
+  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
+  if (result.status === 401 || result.status === 403) {
+    spinner.stop();
+    throw new index.AuthError(message);
+  }
+  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
+  process$1.exit(1);
+}
+async function handleApiCall(value, description) {
+  let result;
+  try {
+    result = await value;
+  } catch (cause) {
+    throw new Error(`Failed ${description}`, {
+      cause
+    });
+  }
+  return result;
+}
+async function handleAPIError(code) {
+  if (code === 400) {
+    return 'One of the options passed might be incorrect.';
+  } else if (code === 403) {
+    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
+  }
+}
+function getLastFiveOfApiToken(token) {
+  // Get the last 5 characters of the API token before the trailing "_api".
+  return token.slice(-9, -4);
+}
+async function queryAPI(path, apiToken) {
+  return await fetch(`${API_V0_URL}/${path}`, {
+    method: 'GET',
+    headers: {
+      Authorization: `Basic ${btoa(`${apiToken}:${apiToken}`)}`
+    }
+  });
+}
+
 function getFlagListOutput(list, indent, {
   keyPrefix = '--',
   padName
@@ -1452,6 +1497,7 @@ function meowOrExit({
   if (constants.ENV[SOCKET_CLI_SHOW_BANNER]) {
     console.log(getAsciiHeader(command));
   }
+
   // This exits if .printHelp() is called either by meow itself or by us.
   const cli = meow({
     argv,
@@ -1469,15 +1515,15 @@ function meowOrExit({
 }
 function getAsciiHeader(command) {
   const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['SOCKET_CLI_VERSION_HASH']".
-  "0.14.48:61ff8dc:8fc87ff3:pub";
+  "0.14.49:216163f:fdc0b2b7:pub";
   const nodeVersion = process.version;
-  // Get the last 5 characters of the API token before the trailing "_api".
-  const lastFiveCharsOfApiToken = index.getSetting('apiToken')?.slice(-9, -4) || 'no';
+  const apiToken = index.getSetting('apiToken');
+  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
   const relCwd = process.cwd().replace(new RegExp(`^${regexps.escapeRegExp(constants.homePath)}`, 'i'), '~/');
   const body = `
    _____         _       _        /---------------
   |   __|___ ___| |_ ___| |_      | Socket.dev CLI ver ${cliVersion}
-  |__   | . |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token set: ${lastFiveCharsOfApiToken}
+  |__   | . |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token set: ${shownToken}
   |_____|___|___|_,_|___|_|.dev   | Command: \`${command}\`, cwd: ${relCwd}`.trimStart();
   return `   ${body}\n`;
 }
@@ -1533,49 +1579,10 @@ async function run$z(argv, importMeta, {
   });
   const githubEventBefore = String(cli.flags['githubEventBefore'] || '');
   const githubEventAfter = String(cli.flags['githubEventAfter'] || '');
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
-  await runAction(githubEventBefore, githubEventAfter);
-}
-
-const {
-  API_V0_URL
-} = constants;
-function handleUnsuccessfulApiResponse(_name, result, spinner) {
-  // SocketSdkErrorType['error'] is not typed.
-  const resultErrorMessage = result.error?.message;
-  const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
-  if (result.status === 401 || result.status === 403) {
-    spinner.stop();
-    throw new index.AuthError(message);
-  }
-  spinner.error(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
-  process$1.exit(1);
-}
-async function handleApiCall(value, description) {
-  let result;
-  try {
-    result = await value;
-  } catch (cause) {
-    throw new Error(`Failed ${description}`, {
-      cause
-    });
-  }
-  return result;
-}
-async function handleAPIError(code) {
-  if (code === 400) {
-    return 'One of the options passed might be incorrect.';
-  } else if (code === 403) {
-    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
   }
-}
-async function queryAPI(path, apiToken) {
-  return await fetch(`${API_V0_URL}/${path}`, {
-    method: 'GET',
-    headers: {
-      Authorization: `Basic ${btoa(`${apiToken}:${apiToken}`)}`
-    }
-  });
+  await runAction(githubEventBefore, githubEventAfter);
 }
 
 // Note: Widgets does not seem to actually work as code :'(
@@ -1850,7 +1857,9 @@ async function run$y(argv, importMeta, {
       - Repository name using --repo when scope is "repo" ${badRepo ? colors.red('(bad!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API token.');
@@ -1978,7 +1987,9 @@ async function run$x(argv, importMeta, {
     - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -2200,7 +2211,9 @@ async function run$w(argv, importMeta, {
   if (yargv.output === undefined) {
     yargv.output = 'socket-cdx.json';
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runCycloneDX(yargv);
 }
 
@@ -2303,7 +2316,9 @@ async function run$v(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
 
   // TODO: markdown flag is ignored
   await findDependencies({
@@ -2425,7 +2440,9 @@ async function run$u(argv, importMeta, {
       - Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -2458,7 +2475,7 @@ const cmdDiffScan = {
   }
 };
 
-// import { detect } from '../../utils/package-manager-detector'
+// import { detect } from '../../utils/package-environment-detector'
 
 const {
   NPM: NPM$d
@@ -2593,7 +2610,9 @@ async function run$t(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runFix();
 }
 
@@ -2856,7 +2875,9 @@ async function run$s(argv, importMeta, {
   const versionSeparator = rawPkgName.lastIndexOf('@');
   const pkgName = versionSeparator < 1 ? rawPkgName : rawPkgName.slice(0, versionSeparator);
   const pkgVersion = versionSeparator < 1 ? 'latest' : rawPkgName.slice(versionSeparator + 1);
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await getPackageInfo({
     commandName: `${parentName} ${config$s.commandName}`,
     includeAllIssues: Boolean(cli.flags['all']),
@@ -2985,7 +3006,9 @@ async function run$r(argv, importMeta, {
   });
   let apiBaseUrl = cli.flags['apiBaseUrl'];
   let apiProxy = cli.flags['apiProxy'];
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   if (!isInteractive()) {
     throw new index.InputError('Cannot prompt for credentials in a non-interactive shell');
   }
@@ -3036,7 +3059,9 @@ async function run$q(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   attemptLogout();
 }
 
@@ -3265,7 +3290,9 @@ async function run$p(argv, importMeta, {
   if (cli.flags['gradleOpts']) {
     gradleOpts = cli.flags['gradleOpts'].split(' ').map(s => s.trim()).filter(Boolean);
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await convertGradleToMaven(target, bin, out, verbose, gradleOpts);
 }
 
@@ -3489,7 +3516,9 @@ async function run$o(argv, importMeta, {
   if (cli.flags['sbtOpts']) {
     sbtOpts = cli.flags['sbtOpts'].split(' ').map(s => s.trim()).filter(Boolean);
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await convertSbtToMaven(target, bin, out, verbose, sbtOpts);
 }
 
@@ -3557,7 +3586,9 @@ async function run$n(argv, importMeta, {
       subArgs.push('--cwd', cwd);
     }
     subArgs.push(dir);
-    if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+    if (cli.flags['dryRun']) {
+      return console.log('[DryRun] Bailing now');
+    }
     await cmdManifestScala.run(subArgs, importMeta, {
       parentName
     });
@@ -3569,7 +3600,9 @@ async function run$n(argv, importMeta, {
       // This command takes the cwd as first arg.
       subArgs.push(cwd);
     }
-    if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+    if (cli.flags['dryRun']) {
+      return console.log('[DryRun] Bailing now');
+    }
     await cmdManifestGradle.run(subArgs, importMeta, {
       parentName
     });
@@ -3732,7 +3765,9 @@ async function run$m(argv, importMeta, {
   if (cli.flags['gradleOpts']) {
     gradleOpts = cli.flags['gradleOpts'].split(' ').map(s => s.trim()).filter(Boolean);
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await convertGradleToMaven(target, bin, out, verbose, gradleOpts);
 }
 
@@ -3810,7 +3845,9 @@ async function run$k(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await wrapNpm(argv);
 }
 
@@ -3852,7 +3889,9 @@ async function run$j(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await wrapNpx(argv);
 }
 
@@ -3884,7 +3923,9 @@ async function run$i(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   throw new Error('This error was intentionally left blank');
 }
 
@@ -3902,16 +3943,7 @@ function matchHumanStdout(stdout, name) {
 function matchQueryStdout(stdout, name) {
   return stdout.includes(`"${name}"`);
 }
-const depsIncludesByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN$6]: matchHumanStdout,
-  [NPM$9]: matchQueryStdout,
-  [PNPM$7]: matchQueryStdout,
-  [VLT$6]: matchQueryStdout,
-  [YARN_BERRY$6]: matchHumanStdout,
-  [YARN_CLASSIC$6]: matchHumanStdout
-};
+const depsIncludesByAgent = new Map([[BUN$6, matchHumanStdout], [NPM$9, matchQueryStdout], [PNPM$7, matchQueryStdout], [VLT$6, matchQueryStdout], [YARN_BERRY$6, matchHumanStdout], [YARN_CLASSIC$6, matchHumanStdout]]);
 
 const {
   BINARY_LOCK_EXT,
@@ -4011,15 +4043,15 @@ const readLockFileByAgent = (() => {
     [YARN_CLASSIC$5]: defaultReader
   };
 })();
-async function detect({
+async function detectPackageEnvironment({
   cwd = process$1.cwd(),
   onUnknown
 } = {}) {
   let lockPath = await index.findUp(Object.keys(LOCKS), {
     cwd
   });
-  let lockBasename = lockPath ? path.basename(lockPath) : undefined;
-  const isHiddenLockFile = lockBasename === '.package-lock.json';
+  let lockName = lockPath ? path.basename(lockPath) : undefined;
+  const isHiddenLockFile = lockName === '.package-lock.json';
   const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await index.findUp('package.json', {
     cwd
   });
@@ -4044,8 +4076,8 @@ async function detect({
       }
     }
   }
-  if (agent === undefined && !isHiddenLockFile && typeof pkgJsonPath === 'string' && typeof lockBasename === 'string') {
-    agent = LOCKS[lockBasename];
+  if (agent === undefined && !isHiddenLockFile && typeof pkgJsonPath === 'string' && typeof lockName === 'string') {
+    agent = LOCKS[lockName];
   }
   if (agent === undefined) {
     agent = NPM$8;
@@ -4096,14 +4128,14 @@ async function detect({
     targets.node = constants.maintainedNodeVersions.some(v => semver.satisfies(v, `>=${minimumNodeVersion}`));
     lockSrc = typeof lockPath === 'string' ? await readLockFileByAgent[agent](lockPath, agentExecPath) : undefined;
   } else {
-    lockBasename = undefined;
+    lockName = undefined;
     lockPath = undefined;
   }
   return {
     agent,
     agentExecPath,
     agentVersion,
-    lockBasename,
+    lockName,
     lockPath,
     lockSrc,
     minimumNodeVersion,
@@ -4117,74 +4149,53 @@ async function detect({
 
 const {
   BUN: BUN$4,
-  NPM: NPM$7,
   VLT: VLT$4,
   YARN_BERRY: YARN_BERRY$4
 } = constants;
 const COMMAND_TITLE$2 = 'Socket Optimize';
-const manifestNpmOverrides = registry.getManifestData(NPM$7);
-async function detectAndValidatePackageManager(cwd, prod) {
+async function detectAndValidatePackageEnvironment(cwd, options) {
   const {
-    agent,
-    agentExecPath,
-    agentVersion,
-    lockBasename,
-    lockPath,
-    lockSrc,
-    minimumNodeVersion,
-    npmExecPath,
-    pkgJson,
-    pkgPath,
-    supported
-  } = await detect({
+    logger,
+    prod
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const details = await detectPackageEnvironment({
     cwd,
     onUnknown(pkgManager) {
-      console.warn(`⚠️ ${COMMAND_TITLE$2}: Unknown package manager${pkgManager ? ` ${pkgManager}` : ''}, defaulting to npm`);
+      logger?.warn(`⚠️ ${COMMAND_TITLE$2}: Unknown package manager${pkgManager ? ` ${pkgManager}` : ''}, defaulting to npm`);
     }
   });
-  if (!supported) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: No supported Node or browser range detected`);
+  if (!details.supported) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: No supported Node or browser range detected`);
     return;
   }
-  if (agent === VLT$4) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: ${agent} does not support overrides. Soon, though ⚡`);
+  if (details.agent === VLT$4) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: ${details.agent} does not support overrides. Soon, though ⚡`);
     return;
   }
-  const lockName = lockPath && lockBasename ? lockBasename : 'lock file';
-  if (lockBasename === undefined || lockSrc === undefined) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: No ${lockName} found`);
+  const lockName = details.lockName ?? 'lock file';
+  if (details.lockName === undefined || details.lockSrc === undefined) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: No ${lockName} found`);
     return;
   }
-  if (lockSrc.trim() === '') {
-    console.error(`✖️ ${COMMAND_TITLE$2}: ${lockName} is empty`);
+  if (details.lockSrc.trim() === '') {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: ${lockName} is empty`);
     return;
   }
-  if (pkgPath === undefined) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: No package.json found`);
+  if (details.pkgPath === undefined) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: No package.json found`);
     return;
   }
-  if (prod && (agent === BUN$4 || agent === YARN_BERRY$4)) {
-    console.error(`✖️ ${COMMAND_TITLE$2}: --prod not supported for ${agent}${agentVersion ? `@${agentVersion.toString()}` : ''}`);
+  if (prod && (details.agent === BUN$4 || details.agent === YARN_BERRY$4)) {
+    logger?.error(`✖️ ${COMMAND_TITLE$2}: --prod not supported for ${details.agent}${details.agentVersion ? `@${details.agentVersion.toString()}` : ''}`);
     return;
   }
-  if (lockPath && path.relative(cwd, lockPath).startsWith('.')) {
-    console.warn(`⚠️ ${COMMAND_TITLE$2}: Package ${lockName} found at ${lockPath}`);
+  if (details.lockPath && path.relative(cwd, details.lockPath).startsWith('.')) {
+    logger?.warn(`⚠️ ${COMMAND_TITLE$2}: Package ${lockName} found at ${details.lockPath}`);
   }
-  const nodeRange = `>=${minimumNodeVersion}`;
-  const manifestEntries = manifestNpmOverrides.filter(({
-    1: data
-  }) => semver.satisfies(semver.coerce(data.engines.node), nodeRange));
-  return {
-    agent,
-    agentExecPath,
-    lockBasename,
-    lockName,
-    lockSrc,
-    manifestEntries,
-    npmExecPath,
-    pkgJson,
-    pkgPath
-  };
+  return details;
 }
 
 function getDependencyEntries(pkgJson) {
@@ -4213,7 +4224,7 @@ function getDependencyEntries(pkgJson) {
 
 const {
   BUN: BUN$3,
-  NPM: NPM$6,
+  NPM: NPM$7,
   OVERRIDES: OVERRIDES$1,
   PNPM: PNPM$5,
   RESOLUTIONS: RESOLUTIONS$1,
@@ -4234,7 +4245,7 @@ function getOverridesDataBun(pkgJson) {
 function getOverridesDataNpm(pkgJson) {
   const overrides = pkgJson?.[OVERRIDES$1] ?? {};
   return {
-    type: NPM$6,
+    type: NPM$7,
     overrides
   };
 }
@@ -4275,16 +4286,7 @@ function getOverridesDataClassic(pkgJson) {
     overrides
   };
 }
-const getOverridesDataByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN$3]: getOverridesDataBun,
-  [NPM$6]: getOverridesDataNpm,
-  [PNPM$5]: getOverridesDataPnpm,
-  [VLT$3]: getOverridesDataVlt,
-  [YARN_BERRY$3]: getOverridesDataYarn,
-  [YARN_CLASSIC$4]: getOverridesDataClassic
-};
+const overridesDataByAgent = new Map([[BUN$3, getOverridesDataBun], [NPM$7, getOverridesDataNpm], [PNPM$5, getOverridesDataPnpm], [VLT$3, getOverridesDataVlt], [YARN_BERRY$3, getOverridesDataYarn], [YARN_CLASSIC$4, getOverridesDataClassic]]);
 
 const {
   PNPM: PNPM$4
@@ -4332,7 +4334,7 @@ function workspacePatternToGlobPattern(workspace) {
 const {
   BUN: BUN$2,
   LOCK_EXT,
-  NPM: NPM$5,
+  NPM: NPM$6,
   PNPM: PNPM$3,
   VLT: VLT$2,
   YARN_BERRY: YARN_BERRY$2,
@@ -4343,12 +4345,12 @@ function lockIncludesNpm(lockSrc, name) {
   //   "name":
   return lockSrc.includes(`"${name}":`);
 }
-function lockIncludesBun(lockSrc, name, lockBasename) {
-  // This is a bit counterintuitive. When lockBasename ends with a .lockb
-  // we treat it as a yarn.lock. When lockBasename ends with a .lock we
+function lockIncludesBun(lockSrc, name, lockName) {
+  // This is a bit counterintuitive. When lockName ends with a .lockb
+  // we treat it as a yarn.lock. When lockName ends with a .lock we
   // treat it as a package-lock.json. The bun.lock format is not identical
   // package-lock.json, however it close enough for npmLockIncludes to work.
-  const lockScanner = lockBasename?.endsWith(LOCK_EXT) ? lockIncludesNpm : lockIncludesYarn;
+  const lockScanner = lockName?.endsWith(LOCK_EXT) ? lockIncludesNpm : lockIncludesYarn;
   return lockScanner(lockSrc, name);
 }
 function lockIncludesPnpm(lockSrc, name) {
@@ -4376,20 +4378,11 @@ function lockIncludesYarn(lockSrc, name) {
   //   , name@
   `(?<=(?:^\\s*|,\\s*)"?)${escapedName}(?=@)`, 'm').test(lockSrc);
 }
-const lockIncludesByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN$2]: lockIncludesBun,
-  [NPM$5]: lockIncludesNpm,
-  [PNPM$3]: lockIncludesPnpm,
-  [VLT$2]: lockIncludesVlt,
-  [YARN_BERRY$2]: lockIncludesYarn,
-  [YARN_CLASSIC$3]: lockIncludesYarn
-};
+const lockIncludesByAgent = new Map([[BUN$2, lockIncludesBun], [NPM$6, lockIncludesNpm], [PNPM$3, lockIncludesPnpm], [VLT$2, lockIncludesVlt], [YARN_BERRY$2, lockIncludesYarn], [YARN_CLASSIC$3, lockIncludesYarn]]);
 
 const {
   BUN: BUN$1,
-  NPM: NPM$4,
+  NPM: NPM$5,
   PNPM: PNPM$2,
   VLT: VLT$1,
   YARN_BERRY: YARN_BERRY$1,
@@ -4459,7 +4452,7 @@ async function lsNpm(agentExecPath, cwd) {
 }
 async function lsPnpm(agentExecPath, cwd, options) {
   const npmExecPath = options?.npmExecPath;
-  if (npmExecPath && npmExecPath !== NPM$4) {
+  if (npmExecPath && npmExecPath !== NPM$5) {
     const result = await npmQuery(npmExecPath, cwd);
     if (result) {
       return result;
@@ -4510,7 +4503,7 @@ const lsByAgent = {
   // @ts-ignore
   __proto__: null,
   [BUN$1]: lsBun,
-  [NPM$4]: lsNpm,
+  [NPM$5]: lsNpm,
   [PNPM$2]: lsPnpm,
   [VLT$1]: lsVlt,
   [YARN_BERRY$1]: lsYarnBerry,
@@ -4519,7 +4512,7 @@ const lsByAgent = {
 
 const {
   BUN,
-  NPM: NPM$3,
+  NPM: NPM$4,
   OVERRIDES,
   PNPM: PNPM$1,
   RESOLUTIONS,
@@ -4623,55 +4616,75 @@ function updateResolutions(editablePkgJson, overrides) {
 function pnpmUpdatePkgJson(editablePkgJson, overrides) {
   updatePkgJson(editablePkgJson, PNPM_FIELD_NAME, overrides);
 }
-const updateManifestByAgent = {
-  // @ts-ignore
-  __proto__: null,
-  [BUN]: updateResolutions,
-  [NPM$3]: updateOverrides,
-  [PNPM$1]: pnpmUpdatePkgJson,
-  [VLT]: updateOverrides,
-  [YARN_BERRY]: updateResolutions,
-  [YARN_CLASSIC$1]: updateResolutions
-};
+const updateManifestByAgent = new Map([[BUN, updateResolutions], [NPM$4, updateOverrides], [PNPM$1, pnpmUpdatePkgJson], [VLT, updateOverrides], [YARN_BERRY, updateResolutions], [YARN_CLASSIC$1, updateResolutions]]);
 
 const {
-  NPM: NPM$2,
-  SOCKET_CLI_SAFE_WRAPPER,
+  NPM: NPM$3,
   abortSignal: abortSignal$2
 } = constants;
+function runAgentInstall(agent, agentExecPath, options) {
+  // All package managers support the "install" command.
+  if (agent === NPM$3) {
+    return npm$1.safeNpmInstall(options);
+  }
+  const {
+    args = [],
+    spinner,
+    ...spawnOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const isSilent = !npmPaths.isDebug();
+  const isSpinning = spinner?.isSpinning ?? false;
+  if (!isSilent) {
+    spinner?.stop();
+  }
+  let spawnPromise = spawn(agentExecPath, ['install', ...args], {
+    signal: abortSignal$2,
+    stdio: isSilent ? 'ignore' : 'inherit',
+    ...spawnOptions,
+    env: {
+      ...process.env,
+      ...spawnOptions.env
+    }
+  });
+  if (!isSilent && isSpinning) {
+    const oldSpawnPromise = spawnPromise;
+    spawnPromise = spawnPromise.finally(() => {
+      spinner?.start();
+    });
+    spawnPromise.process = oldSpawnPromise.process;
+    spawnPromise.stdin = spawnPromise.stdin;
+  }
+  return spawnPromise;
+}
+
+const {
+  NPM: NPM$2
+} = constants;
 const COMMAND_TITLE$1 = 'Socket Optimize';
 const NPM_OVERRIDE_PR_URL = 'https://github.com/npm/cli/pull/8089';
-async function updatePackageLockJson(lockName, agentExecPath, agent, spinner) {
-  spinner.start(`Updating ${lockName}...`);
+async function updatePackageLockJson(pkgEnvDetails, options) {
+  const {
+    logger,
+    spinner
+  } = {
+    __proto__: null,
+    ...options
+  };
+  spinner?.start(`Updating ${pkgEnvDetails.lockName}...`);
   try {
-    if (agent === NPM$2) {
-      const ipc = {
-        [SOCKET_CLI_SAFE_WRAPPER]: true
-      };
-      await npm$1.safeNpmInstall({
-        ipc
-      });
-      // TODO: This is a temporary workaround for a `npm ci` bug where it
-      //       will error out after Socket Optimize generates a lock file.
-      //       More investigation is needed.
-      await npm$1.safeNpmInstall({
-        args: ['--ignore-scripts', '--package-lock-only'],
-        ipc
-      });
-    } else {
-      // All package managers support the "install" command.
-      await spawn(agentExecPath, ['install'], {
-        signal: abortSignal$2,
-        stdio: 'ignore'
-      });
-    }
-    spinner.stop();
-    if (agent === NPM$2) {
-      console.log(`💡 Re-run ${COMMAND_TITLE$1} whenever ${lockName} changes.\n   This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
+    await runAgentInstall(pkgEnvDetails.agent, pkgEnvDetails.agentExecPath, {
+      spinner
+    });
+    spinner?.stop();
+    if (pkgEnvDetails.agent === NPM$2) {
+      logger?.log(`💡 Re-run ${COMMAND_TITLE$1} whenever ${pkgEnvDetails.lockName} changes.\n   This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
     }
   } catch (e) {
-    spinner.error(`${COMMAND_TITLE$1}: ${agent} install failed to update ${lockName}`);
-    console.error(e);
+    spinner?.error(`${COMMAND_TITLE$1}: ${pkgEnvDetails.agent} install failed to update ${pkgEnvDetails.lockName}`);
+    logger?.error(e);
   }
 }
 
@@ -4681,91 +4694,85 @@ const {
   YARN_CLASSIC
 } = constants;
 const COMMAND_TITLE = 'Socket Optimize';
+const manifestNpmOverrides = registry.getManifestData(NPM$1);
 async function applyOptimization(cwd, pin, prod) {
-  const pkgMgrData = await detectAndValidatePackageManager(cwd, prod);
-  if (!pkgMgrData) return;
-  const {
-    agent,
-    agentExecPath,
-    lockBasename,
-    lockName,
-    lockSrc,
-    manifestEntries,
-    npmExecPath,
-    pkgJson,
-    pkgPath
-  } = pkgMgrData;
+  const logger = console;
+  const pkgEnvDetails = await detectAndValidatePackageEnvironment(cwd, {
+    logger,
+    prod
+  });
+  if (!pkgEnvDetails) {
+    return;
+  }
   const spinner$1 = new spinner.Spinner({
     text: 'Socket optimizing...'
   });
   spinner$1.start();
-  const state = await addOverrides({
-    agent,
-    agentExecPath,
-    lockBasename,
-    lockSrc,
-    manifestEntries,
-    npmExecPath,
+  const state = await addOverrides(pkgEnvDetails.pkgPath, pkgEnvDetails, {
+    logger,
     pin,
-    pkgJson,
-    pkgPath,
     prod,
-    rootPath: pkgPath
-  }, createAddOverridesState(spinner$1));
+    spinner: spinner$1
+  });
   spinner$1.stop();
   const addedCount = state.added.size;
   const updatedCount = state.updated.size;
   const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
   if (pkgJsonChanged) {
     if (updatedCount > 0) {
-      console.log(`${createActionMessage('Updated', updatedCount, state.updatedInWorkspaces.size)}${addedCount ? '.' : '🚀'}`);
+      logger?.log(`${createActionMessage('Updated', updatedCount, state.updatedInWorkspaces.size)}${addedCount ? '.' : '🚀'}`);
     }
     if (addedCount > 0) {
-      console.log(`${createActionMessage('Added', addedCount, state.addedInWorkspaces.size)} 🚀`);
+      logger?.log(`${createActionMessage('Added', addedCount, state.addedInWorkspaces.size)} 🚀`);
     }
   } else {
-    console.log('Congratulations! Already Socket.dev optimized 🎉');
+    logger?.log('Congratulations! Already Socket.dev optimized 🎉');
   }
-  if (agent === NPM$1 || pkgJsonChanged) {
+  if (pkgEnvDetails.agent === NPM$1 || pkgJsonChanged) {
     // Always update package-lock.json until the npm overrides PR lands:
     // https://github.com/npm/cli/pull/8089
-    await updatePackageLockJson(lockName, agentExecPath, agent, spinner$1);
+    await updatePackageLockJson(pkgEnvDetails, {
+      logger,
+      spinner: spinner$1
+    });
   }
 }
 function createActionMessage(verb, overrideCount, workspaceCount) {
   return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
 }
-function createAddOverridesState(spinner) {
-  return {
-    added: new Set(),
-    addedInWorkspaces: new Set(),
+async function addOverrides(pkgPath, pkgEnvDetails, options) {
+  const {
+    agent,
+    agentExecPath,
+    lockName,
+    lockSrc,
+    npmExecPath,
+    pkgPath: rootPath
+  } = pkgEnvDetails;
+  const {
+    logger,
+    pin,
+    prod,
     spinner,
-    updated: new Set(),
-    updatedInWorkspaces: new Set(),
-    warnedPnpmWorkspaceRequiresNpm: false
+    state = {
+      added: new Set(),
+      addedInWorkspaces: new Set(),
+      updated: new Set(),
+      updatedInWorkspaces: new Set(),
+      warnedPnpmWorkspaceRequiresNpm: false
+    }
+  } = {
+    __proto__: null,
+    ...options
   };
-}
-async function addOverrides({
-  agent,
-  agentExecPath,
-  lockBasename,
-  lockSrc,
-  manifestEntries,
-  npmExecPath,
-  pin,
-  pkgJson: editablePkgJson,
-  pkgPath,
-  prod,
-  rootPath
-}, state) {
+  let {
+    pkgJson: editablePkgJson
+  } = pkgEnvDetails;
   if (editablePkgJson === undefined) {
     editablePkgJson = await packages.readPackageJson(pkgPath, {
       editable: true
     });
   }
-  const {
-    spinner
-  } = state;
   const {
     content: pkgJson
   } = editablePkgJson;
@@ -4776,7 +4783,7 @@ async function addOverrides({
   const isWorkspace = !!workspaceGlobs;
   if (isWorkspace && agent === PNPM && npmExecPath === NPM$1 && !state.warnedPnpmWorkspaceRequiresNpm) {
     state.warnedPnpmWorkspaceRequiresNpm = true;
-    console.warn(`⚠️ ${COMMAND_TITLE}: pnpm workspace support requires \`npm ls\`, falling back to \`pnpm list\``);
+    logger?.warn(`⚠️ ${COMMAND_TITLE}: pnpm workspace support requires \`npm ls\`, falling back to \`pnpm list\``);
   }
   const thingToScan = isLockScanned ? lockSrc : await lsByAgent[agent](agentExecPath, pkgPath, {
     npmExecPath
@@ -4785,18 +4792,22 @@ async function addOverrides({
   // first two parameters. AgentLockIncludesFn accepts an optional third
   // parameter which AgentDepsIncludesFn will ignore so we cast thingScanner
   // as an AgentLockIncludesFn type.
-  const thingScanner = isLockScanned ? lockIncludesByAgent[agent] : depsIncludesByAgent[agent];
+  const thingScanner = isLockScanned ? lockIncludesByAgent.get(agent) : depsIncludesByAgent.get(agent);
   const depEntries = getDependencyEntries(pkgJson);
   const overridesDataObjects = [];
   if (pkgJson['private'] || isWorkspace) {
-    overridesDataObjects.push(getOverridesDataByAgent[agent](pkgJson));
+    overridesDataObjects.push(overridesDataByAgent.get(agent)(pkgJson));
   } else {
-    overridesDataObjects.push(getOverridesDataByAgent[NPM$1](pkgJson), getOverridesDataByAgent[YARN_CLASSIC](pkgJson));
+    overridesDataObjects.push(overridesDataByAgent.get(NPM$1)(pkgJson), overridesDataByAgent.get(YARN_CLASSIC)(pkgJson));
   }
   if (spinner) {
     spinner.text = `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`;
   }
   const depAliasMap = new Map();
+  const nodeRange = `>=${pkgEnvDetails.minimumNodeVersion}`;
+  const manifestEntries = manifestNpmOverrides.filter(({
+    1: data
+  }) => semver.satisfies(semver.coerce(data.engines.node), nodeRange));
   // Chunk package names to process them in parallel 3 at a time.
   await promises.pEach(manifestEntries, 3, async ({
     1: data
@@ -4839,7 +4850,7 @@ async function addOverrides({
         type
       }) => {
         const overrideExists = objects.hasOwn(overrides, origPkgName);
-        if (overrideExists || thingScanner(thingToScan, origPkgName, lockBasename)) {
+        if (overrideExists || thingScanner(thingToScan, origPkgName, lockName)) {
           const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
           const origDepAlias = depAliasMap.get(origPkgName);
           const sockRegDepAlias = depAliasMap.get(sockRegPkgName);
@@ -4884,18 +4895,12 @@ async function addOverrides({
     });
     // Chunk package names to process them in parallel 3 at a time.
     await promises.pEach(workspacePkgJsonPaths, 3, async workspacePkgJsonPath => {
-      const otherState = await addOverrides({
-        agent,
-        agentExecPath,
-        lockBasename,
-        lockSrc,
-        manifestEntries,
-        npmExecPath,
+      const otherState = await addOverrides(path.dirname(workspacePkgJsonPath), pkgEnvDetails, {
+        logger,
         pin,
-        pkgPath: path.dirname(workspacePkgJsonPath),
         prod,
-        rootPath
-      }, createAddOverridesState(spinner));
+        spinner
+      });
       for (const key of ['added', 'addedInWorkspaces', 'updated', 'updatedInWorkspaces']) {
         for (const value of otherState[key]) {
           state[key].add(value);
@@ -4909,7 +4914,7 @@ async function addOverrides({
       overrides,
       type
     } of overridesDataObjects) {
-      updateManifestByAgent[type](editablePkgJson, objects.toSortedObject(overrides));
+      updateManifestByAgent.get(type)(editablePkgJson, objects.toSortedObject(overrides));
     }
     await editablePkgJson.save();
   }
@@ -4960,32 +4965,74 @@ async function run$h(argv, importMeta, {
     parentName
   });
   const cwd = process$1.cwd();
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await applyOptimization(cwd, Boolean(cli.flags['pin']), Boolean(cli.flags['prod']));
 }
 
-async function getOrganizations() {
+async function getOrganization(format = 'text') {
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
   }
+  await printOrganizationsFromToken(apiToken, format);
+}
+async function printOrganizationsFromToken(apiToken, format = 'text') {
   const spinner$1 = new spinner.Spinner({
     text: 'Fetching organizations...'
   }).start();
   const socketSdk = await index.setupSdk(apiToken);
   const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
-  if (result.success === false) {
+  if (!result.success) {
     handleUnsuccessfulApiResponse('getOrganizations', result, spinner$1);
     return;
   }
-  spinner$1.stop(`List of organizations associated with your API key: ${colors.italic(apiToken)}`);
+  spinner$1.stop();
   const organizations = Object.values(result.data.organizations);
-  for (const o of organizations) {
-    console.log(`
-Name: ${o?.name}
-ID: ${o?.id}
-Plan: ${o?.plan}
-    `);
+  const lastFiveOfApiToken = getLastFiveOfApiToken(apiToken);
+  switch (format) {
+    case 'json':
+      {
+        console.log(JSON.stringify(organizations.map(o => ({
+          name: o.name,
+          id: o.id,
+          plan: o.plan
+        })), null, 2));
+        return;
+      }
+    case 'markdown':
+      {
+        // | Syntax      | Description |
+        // | ----------- | ----------- |
+        // | Header      | Title       |
+        // | Paragraph   | Text        |
+        let mw1 = 4;
+        let mw2 = 2;
+        let mw3 = 4;
+        for (const o of organizations) {
+          mw1 = Math.max(mw1, o.name.length);
+          mw2 = Math.max(mw2, o.id.length);
+          mw3 = Math.max(mw3, o.plan.length);
+        }
+        console.log('# Organizations\n');
+        console.log(`List of organizations associated with your API key, ending with: ${colors.italic(lastFiveOfApiToken)}\n`);
+        console.log(`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`);
+        console.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
+        for (const o of organizations) {
+          console.log(`| ${(o.name || '').padEnd(mw1, ' ')} | ${(o.id || '').padEnd(mw2, ' ')} | ${(o.plan || '').padEnd(mw3, ' ')} |`);
+        }
+        console.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
+        return;
+      }
+    default:
+      {
+        console.log(`List of organizations associated with your API key, ending with: ${colors.italic(lastFiveOfApiToken)}\n`);
+        // Just dump
+        for (const o of organizations) {
+          console.log(`- Name: ${colors.bold(o.name)}, ID: ${colors.bold(o.id)}, Plan: ${colors.bold(o.plan)}`);
+        }
+      }
   }
 }
 
@@ -4993,13 +5040,19 @@ const config$g = {
   commandName: 'organizations',
   description: 'List organizations associated with the API key used',
   hidden: false,
-  flags: {},
+  flags: {
+    ...commonFlags,
+    ...outputFlags
+  },
   help: (command, _config) => `
     Usage
       $ ${command}
+
+    Options
+      ${getFlagListOutput(config$g.flags, 6)}
   `
 };
-const cmdOrganizations = {
+const cmdOrganization = {
   description: config$g.description,
   hidden: config$g.hidden,
   run: run$g
@@ -5013,8 +5066,23 @@ async function run$g(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
-  await getOrganizations();
+  const json = Boolean(cli.flags['json']);
+  const markdown = Boolean(cli.flags['markdown']);
+  if (json && markdown) {
+    // Use exit status of 2 to indicate incorrect usage, generally invalid
+    // options or missing arguments.
+    // https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
+    process.exitCode = 2;
+    console.error(`
+      ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
+      - The json and markdown flags cannot be both set, pick one
+    `);
+    return;
+  }
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
+  await getOrganization(json ? 'json' : markdown ? 'markdown' : 'text');
 }
 
 const {
@@ -5073,7 +5141,9 @@ async function run$f(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runRawNpm(argv);
 }
 
@@ -5133,7 +5203,9 @@ async function run$e(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await runRawNpx(argv);
 }
 
@@ -5331,7 +5403,9 @@ async function run$d(argv, importMeta, {
   const view = Boolean(cli.flags['view']);
 
   // Note exiting earlier to skirt a hidden auth requirement
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const socketConfig = await getSocketConfig(absoluteConfigPath);
   const result = await createReport(socketConfig, cli.input, {
     cwd,
@@ -5407,7 +5481,9 @@ async function run$c(argv, importMeta, {
       - Can only handle a single report ID ${extraInput.length < 2 ? colors.red(`(received ${extraInput.length}!)`) : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   await viewReport(reportId, {
     all: Boolean(cli.flags['all']),
     commandName: `${parentName} ${config$c.commandName}`,
@@ -5543,7 +5619,9 @@ async function run$b(argv, importMeta, {
       - Repository name using --repoName ${!repoName ? colors.red('(missing!)') : typeof repoName !== 'string' ? colors.red('(invalid!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5619,7 +5697,9 @@ async function run$a(argv, importMeta, {
       - At least one TARGET (e.g. \`.\` or \`./package.json\`\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5744,7 +5824,9 @@ async function run$9(argv, importMeta, {
       - At least one TARGET (e.g. \`.\` or \`./package.json\`\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5870,7 +5952,9 @@ async function run$8(argv, importMeta, {
       - At least one TARGET (e.g. \`.\` or \`./package.json\`\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -5972,7 +6056,9 @@ async function run$7(argv, importMeta, {
       - Repository name using --repoName ${!repoName ? colors.red('(missing!)') : typeof repoName !== 'string' ? colors.red('(invalid!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6148,7 +6234,9 @@ async function run$6(argv, importMeta, {
   const cwd = cli.flags['cwd'] && cli.flags['cwd'] !== 'process.cwd()' ? String(cli.flags['cwd']) : process$1.cwd();
 
   // Note exiting earlier to skirt a hidden auth requirement
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const socketSdk = await index.setupSdk();
   const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
     if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, new spinner.Spinner());
@@ -6255,7 +6343,9 @@ async function run$5(argv, importMeta, {
       - Full Scan ID to delete as second argument ${!fullScanId ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6385,7 +6475,9 @@ async function run$4(argv, importMeta, {
     - Org name as the argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6464,7 +6556,9 @@ async function run$3(argv, importMeta, {
       - Full Scan ID to inspect as second argument ${!fullScanId ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6532,7 +6626,9 @@ async function run$2(argv, importMeta, {
       - Full Scan ID to fetch as second argument ${!fullScanId ? colors.red('(missing!)') : colors.green('(ok)')}\n`);
     return;
   }
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6695,7 +6791,9 @@ async function run$1(argv, importMeta, {
     importMeta,
     parentName
   });
-  if (cli.flags['dryRun']) return console.log('[DryRun] Bailing now');
+  if (cli.flags['dryRun']) {
+    return console.log('[DryRun] Bailing now');
+  }
   const apiToken = index.getDefaultToken();
   if (!apiToken) {
     throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
@@ -6924,7 +7022,7 @@ void (async () => {
       npx: cmdNpx,
       oops: cmdOops,
       optimize: cmdOptimize,
-      organization: cmdOrganizations,
+      organization: cmdOrganization,
       'raw-npm': cmdRawNpm,
       'raw-npx': cmdRawNpx,
       report: cmdReport,
@@ -6976,5 +7074,5 @@ void (async () => {
     await index.captureException(e);
   }
 })();
-//# debugId=2303041b-c570-4dda-ac6a-10845950c7af
+//# debugId=9211012b-2bab-40e6-b115-6389952c7273
 //# sourceMappingURL=cli.js.map