socket 0.15.31 → 0.15.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/dist/cli.js +202 -69
  2. package/dist/cli.js.map +1 -1
  3. package/dist/constants.js +3 -3
  4. package/dist/constants.js.map +1 -1
  5. package/dist/utils.js +96 -69
  6. package/dist/utils.js.map +1 -1
  7. package/external/@socketsecurity/registry/external/@inquirer/confirm.js +0 -1
  8. package/external/@socketsecurity/registry/external/@inquirer/input.js +0 -1
  9. package/external/@socketsecurity/registry/external/@inquirer/password.js +0 -1
  10. package/external/@socketsecurity/registry/external/@inquirer/search.js +0 -1
  11. package/external/@socketsecurity/registry/external/@inquirer/select.js +0 -1
  12. package/external/@socketsecurity/registry/external/@npmcli/package-json/index.js +0 -1
  13. package/external/@socketsecurity/registry/external/@npmcli/package-json/lib/read-package.js +0 -1
  14. package/external/@socketsecurity/registry/external/@npmcli/package-json/lib/sort.js +0 -1
  15. package/external/@socketsecurity/registry/external/@npmcli/promise-spawn.js +0 -1
  16. package/external/@socketsecurity/registry/external/@socketregistry/is-unicode-supported.js +0 -1
  17. package/external/@socketsecurity/registry/external/@socketregistry/packageurl-js.js +0 -1
  18. package/external/@socketsecurity/registry/external/@socketregistry/yocto-spinner.js +0 -1
  19. package/external/@socketsecurity/registry/external/@yarnpkg/extensions.js +0 -1
  20. package/external/@socketsecurity/registry/external/browserslist.js +0 -1
  21. package/external/@socketsecurity/registry/external/cacache.js +0 -1
  22. package/external/@socketsecurity/registry/external/fast-sort.js +0 -1
  23. package/external/@socketsecurity/registry/external/libnpmpack.js +0 -1
  24. package/external/@socketsecurity/registry/external/make-fetch-happen.js +0 -1
  25. package/external/@socketsecurity/registry/external/normalize-package-data.js +0 -1
  26. package/external/@socketsecurity/registry/external/npm-package-arg.js +0 -1
  27. package/external/@socketsecurity/registry/external/pacote.js +0 -1
  28. package/external/@socketsecurity/registry/external/picomatch.js +0 -1
  29. package/external/@socketsecurity/registry/external/semver.js +0 -1
  30. package/external/@socketsecurity/registry/external/signal-exit.js +0 -1
  31. package/external/@socketsecurity/registry/external/spdx-correct.js +0 -1
  32. package/external/@socketsecurity/registry/external/spdx-expression-parse.js +0 -1
  33. package/external/@socketsecurity/registry/external/tinyglobby.js +0 -1
  34. package/external/@socketsecurity/registry/external/validate-npm-package-name.js +0 -1
  35. package/external/@socketsecurity/registry/external/which.js +0 -1
  36. package/external/@socketsecurity/registry/external/yoctocolors-cjs.js +0 -1
  37. package/external/@socketsecurity/registry/lib/debug.js +0 -2
  38. package/package.json +2 -2
package/dist/cli.js CHANGED
@@ -3655,7 +3655,6 @@ async function outputFixResult(result, outputKind) {
3655
3655
  }
3656
3656
  logger.logger.log('');
3657
3657
  logger.logger.success('Finished!');
3658
- logger.logger.log('');
3659
3658
  }
3660
3659
 
3661
3660
  function formatBranchName(name) {
@@ -3712,6 +3711,7 @@ async function gitCleanFdx(cwd = process.cwd()) {
3712
3711
  cwd,
3713
3712
  stdio: 'ignore'
3714
3713
  };
3714
+ // TODO: propagate CResult?
3715
3715
  await spawn.spawn('git', ['clean', '-fdx'], stdioIgnoreOptions);
3716
3716
  }
3717
3717
  async function gitCreateAndPushBranch(branch, commitMsg, filepaths, options) {
@@ -3796,12 +3796,24 @@ async function gitResetHard(branch = 'HEAD', cwd = process.cwd()) {
3796
3796
  await spawn.spawn('git', ['reset', '--hard', branch], stdioIgnoreOptions);
3797
3797
  }
3798
3798
  async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
3799
- const stdioPipeOptions = {
3800
- cwd
3801
- };
3802
- const stdout = (await spawn.spawn('git', ['diff', '--name-only'], stdioPipeOptions)).stdout.trim();
3803
- const rawFiles = stdout.split('\n') ?? [];
3804
- return rawFiles.map(relPath => path$1.normalizePath(relPath));
3799
+ try {
3800
+ const stdioPipeOptions = {
3801
+ cwd
3802
+ };
3803
+ const stdout = (await spawn.spawn('git', ['diff', '--name-only'], stdioPipeOptions)).stdout.trim();
3804
+ const rawFiles = stdout.split('\n') ?? [];
3805
+ return {
3806
+ ok: true,
3807
+ data: rawFiles.map(relPath => path$1.normalizePath(relPath))
3808
+ };
3809
+ } catch (e) {
3810
+ debug.debugFn('Unexpected error trying to run git diff --name-only');
3811
+ return {
3812
+ ok: false,
3813
+ message: 'Git Error',
3814
+ cause: 'Unexpected error while trying to ask git whether repo is dirty'
3815
+ };
3816
+ }
3805
3817
  }
3806
3818
 
3807
3819
  let _octokit;
@@ -4236,8 +4248,13 @@ async function npmFix(pkgEnvDetails, {
4236
4248
  }));
4237
4249
  } catch (e) {
4238
4250
  spinner?.stop();
4239
- logger.logger.error(e?.message || 'Unknown Socket batch PURL API error.');
4240
- return;
4251
+ debug.debugFn('API Error thrown:');
4252
+ debug.debugFn(e);
4253
+ return {
4254
+ ok: false,
4255
+ message: 'API Error',
4256
+ cause: e?.message || 'Unknown Socket batch PURL API error.'
4257
+ };
4241
4258
  }
4242
4259
  const infoByPkgName = utils.getCveInfoFromAlertsMap(alertsMap, {
4243
4260
  limit
@@ -4245,7 +4262,12 @@ async function npmFix(pkgEnvDetails, {
4245
4262
  if (!infoByPkgName) {
4246
4263
  spinner?.stop();
4247
4264
  logger.logger.info('No fixable vulns found.');
4248
- return;
4265
+ return {
4266
+ ok: true,
4267
+ data: {
4268
+ fixed: false
4269
+ }
4270
+ };
4249
4271
  }
4250
4272
 
4251
4273
  // Lazily access constants.ENV properties.
@@ -4257,9 +4279,14 @@ async function npmFix(pkgEnvDetails, {
4257
4279
  // Process the workspace root last since it will add an override to package.json.
4258
4280
  pkgEnvDetails.editablePkgJson.filename];
4259
4281
  const handleInstallFail = () => {
4260
- logger.logger.error(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
4282
+ debug.debugFn(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
4261
4283
  logger.logger.dedent();
4262
4284
  spinner?.dedent();
4285
+ return {
4286
+ ok: false,
4287
+ message: 'Installation failure',
4288
+ cause: `Unexpected condition: ${pkgEnvDetails.agent} install failed.`
4289
+ };
4263
4290
  };
4264
4291
  spinner?.stop();
4265
4292
  let count = 0;
@@ -4411,9 +4438,15 @@ async function npmFix(pkgEnvDetails, {
4411
4438
  spinner?.stop();
4412
4439
  if (!errored && isCi) {
4413
4440
  try {
4414
- const moddedFilepaths =
4415
4441
  // eslint-disable-next-line no-await-in-loop
4416
- (await gitUnstagedModifiedFiles(cwd)).filter(p => {
4442
+ const result = await gitUnstagedModifiedFiles(cwd);
4443
+ if (!result.ok) {
4444
+ // Do we fail if this fails? If this git command
4445
+ // fails then probably other git commands do too?
4446
+ logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
4447
+ continue infosLoop;
4448
+ }
4449
+ const moddedFilepaths = result.data.filter(p => {
4417
4450
  const basename = path.basename(p);
4418
4451
  return basename === 'package.json' || basename === 'package-lock.json';
4419
4452
  });
@@ -4451,8 +4484,7 @@ async function npmFix(pkgEnvDetails, {
4451
4484
  });
4452
4485
  if (!maybeActualTree) {
4453
4486
  // Exit early if install fails.
4454
- handleInstallFail();
4455
- return;
4487
+ return handleInstallFail();
4456
4488
  }
4457
4489
  actualTree = maybeActualTree;
4458
4490
  continue infosLoop;
@@ -4528,8 +4560,7 @@ async function npmFix(pkgEnvDetails, {
4528
4560
  spinner?.stop();
4529
4561
  if (!maybeActualTree) {
4530
4562
  // Exit early if install fails.
4531
- handleInstallFail();
4532
- return;
4563
+ return handleInstallFail();
4533
4564
  }
4534
4565
  actualTree = maybeActualTree;
4535
4566
  }
@@ -4556,6 +4587,12 @@ async function npmFix(pkgEnvDetails, {
4556
4587
  spinner?.dedent();
4557
4588
  }
4558
4589
  spinner?.stop();
4590
+ return {
4591
+ ok: true,
4592
+ data: {
4593
+ fixed: true
4594
+ }
4595
+ }; // true? did we actually change anything?
4559
4596
  }
4560
4597
 
4561
4598
  const {
@@ -4655,8 +4692,11 @@ async function pnpmFix(pkgEnvDetails, {
4655
4692
  // Check !lockfileContent to make TypeScript happy.
4656
4693
  if (!lockfile || !lockfileContent) {
4657
4694
  spinner?.stop();
4658
- logger.logger.error('Required pnpm-lock.yaml not found or usable.');
4659
- return;
4695
+ return {
4696
+ ok: false,
4697
+ message: 'Missing lockfile',
4698
+ cause: 'Required pnpm-lock.yaml not found or usable'
4699
+ };
4660
4700
  }
4661
4701
  let alertsMap;
4662
4702
  try {
@@ -4667,8 +4707,13 @@ async function pnpmFix(pkgEnvDetails, {
4667
4707
  }));
4668
4708
  } catch (e) {
4669
4709
  spinner?.stop();
4670
- logger.logger.error(e?.message || 'Unknown Socket batch PURL API error.');
4671
- return;
4710
+ debug.debugFn('Unexpected Socket batch PURL API error:');
4711
+ debug.debugFn(e);
4712
+ return {
4713
+ ok: false,
4714
+ message: 'API Error',
4715
+ cause: e?.message || 'Unknown Socket batch PURL API error.'
4716
+ };
4672
4717
  }
4673
4718
  const infoByPkgName = utils.getCveInfoFromAlertsMap(alertsMap, {
4674
4719
  limit
@@ -4676,7 +4721,12 @@ async function pnpmFix(pkgEnvDetails, {
4676
4721
  if (!infoByPkgName) {
4677
4722
  spinner?.stop();
4678
4723
  logger.logger.info('No fixable vulns found.');
4679
- return;
4724
+ return {
4725
+ ok: true,
4726
+ data: {
4727
+ fixed: false
4728
+ }
4729
+ };
4680
4730
  }
4681
4731
 
4682
4732
  // Lazily access constants.ENV properties.
@@ -4688,9 +4738,13 @@ async function pnpmFix(pkgEnvDetails, {
4688
4738
  // Process the workspace root last since it will add an override to package.json.
4689
4739
  pkgEnvDetails.editablePkgJson.filename];
4690
4740
  const handleInstallFail = () => {
4691
- logger.logger.error(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
4692
4741
  logger.logger.dedent();
4693
4742
  spinner?.dedent();
4743
+ return {
4744
+ ok: false,
4745
+ message: 'Install failed',
4746
+ cause: `Unexpected condition: ${pkgEnvDetails.agent} install failed`
4747
+ };
4694
4748
  };
4695
4749
  spinner?.stop();
4696
4750
  let count = 0;
@@ -4750,8 +4804,7 @@ async function pnpmFix(pkgEnvDetails, {
4750
4804
  }
4751
4805
  if (!actualTree) {
4752
4806
  // Exit early if install fails.
4753
- handleInstallFail();
4754
- return;
4807
+ return handleInstallFail();
4755
4808
  }
4756
4809
  const oldVersions = arrays.arrayUnique(shadowInject.findPackageNodes(actualTree, name).map(n => n.version).filter(Boolean));
4757
4810
  if (!oldVersions.length) {
@@ -4910,9 +4963,13 @@ async function pnpmFix(pkgEnvDetails, {
4910
4963
  spinner?.stop();
4911
4964
  if (!errored && isCi) {
4912
4965
  try {
4913
- const moddedFilepaths =
4914
4966
  // eslint-disable-next-line no-await-in-loop
4915
- (await gitUnstagedModifiedFiles(cwd)).filter(p => {
4967
+ const result = await gitUnstagedModifiedFiles(cwd);
4968
+ if (!result.ok) {
4969
+ logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
4970
+ continue;
4971
+ }
4972
+ const moddedFilepaths = result.data.filter(p => {
4916
4973
  const basename = path.basename(p);
4917
4974
  return basename === 'package.json' || basename === 'pnpm-lock.yaml';
4918
4975
  });
@@ -4958,8 +5015,7 @@ async function pnpmFix(pkgEnvDetails, {
4958
5015
  continue infosLoop;
4959
5016
  }
4960
5017
  // Exit early if install fails.
4961
- handleInstallFail();
4962
- return;
5018
+ return handleInstallFail();
4963
5019
  }
4964
5020
 
4965
5021
  // eslint-disable-next-line no-await-in-loop
@@ -5044,11 +5100,14 @@ async function pnpmFix(pkgEnvDetails, {
5044
5100
  lockfileContent = maybeLockfileContent;
5045
5101
  } else {
5046
5102
  // Exit early if install fails.
5047
- handleInstallFail();
5048
- return;
5103
+ return handleInstallFail();
5049
5104
  }
5050
5105
  }
5051
- logger.logger.fail(`Update failed for ${oldId} in ${workspace}.`, ...(error ? [error] : []));
5106
+ return {
5107
+ ok: false,
5108
+ message: 'Update failed',
5109
+ cause: `Update failed for ${oldId} in ${workspace}${error ? '; ' + error : ''}`
5110
+ };
5052
5111
  }
5053
5112
  if (++count >= limit) {
5054
5113
  logger.logger.dedent();
@@ -5071,6 +5130,12 @@ async function pnpmFix(pkgEnvDetails, {
5071
5130
  spinner?.dedent();
5072
5131
  }
5073
5132
  spinner?.stop();
5133
+ return {
5134
+ ok: true,
5135
+ data: {
5136
+ fixed: true
5137
+ }
5138
+ }; // or, did we change anything?
5074
5139
  }
5075
5140
 
5076
5141
  const {
@@ -5086,11 +5151,14 @@ async function runFix({
5086
5151
  test,
5087
5152
  testScript
5088
5153
  }) {
5089
- // TODO: make detectAndValidatePackageEnvironment return a CResult<pkgEnvDetails> and propagate it
5090
- const pkgEnvDetails = await utils.detectAndValidatePackageEnvironment(cwd, {
5154
+ const result = await utils.detectAndValidatePackageEnvironment(cwd, {
5091
5155
  cmdName: CMD_NAME$1,
5092
5156
  logger: logger.logger
5093
5157
  });
5158
+ if (!result.ok) {
5159
+ return result;
5160
+ }
5161
+ const pkgEnvDetails = result.data;
5094
5162
  if (!pkgEnvDetails) {
5095
5163
  return {
5096
5164
  ok: false,
@@ -5103,8 +5171,7 @@ async function runFix({
5103
5171
  agent
5104
5172
  } = pkgEnvDetails;
5105
5173
  if (agent === NPM$8) {
5106
- // TODO: make npmFix return a CResult and propagate it
5107
- await npmFix(pkgEnvDetails, {
5174
+ return await npmFix(pkgEnvDetails, {
5108
5175
  autoMerge,
5109
5176
  cwd,
5110
5177
  limit,
@@ -5114,8 +5181,7 @@ async function runFix({
5114
5181
  testScript
5115
5182
  });
5116
5183
  } else if (agent === PNPM$6) {
5117
- // TODO: make pnpmFix return a CResult and propagate it
5118
- await pnpmFix(pkgEnvDetails, {
5184
+ return await pnpmFix(pkgEnvDetails, {
5119
5185
  autoMerge,
5120
5186
  cwd,
5121
5187
  limit,
@@ -5131,10 +5197,6 @@ async function runFix({
5131
5197
  cause: `${agent} is not supported by this command at the moment.`
5132
5198
  };
5133
5199
  }
5134
- return {
5135
- ok: true,
5136
- data: undefined
5137
- };
5138
5200
  }
5139
5201
 
5140
5202
  async function handleFix({
@@ -5219,10 +5281,14 @@ const config$F = {
5219
5281
  },
5220
5282
  help: (command, config) => `
5221
5283
  Usage
5222
- $ ${command}
5284
+ $ ${command} [options] [CWD=.]
5223
5285
 
5224
5286
  Options
5225
5287
  ${utils.getFlagListOutput(config.flags, 6)}
5288
+
5289
+ Examples
5290
+ $ ${command}
5291
+ $ ${command} ./proj/tree --autoMerge
5226
5292
  `
5227
5293
  };
5228
5294
  const cmdFix = {
@@ -5249,7 +5315,6 @@ async function run$F(argv, importMeta, {
5249
5315
  rangeStyle,
5250
5316
  test
5251
5317
  } = cli.flags;
5252
- // TODO: impl json/md further
5253
5318
  const outputKind = utils.getOutputKind(json, markdown);
5254
5319
  let [cwd = '.'] = cli.input;
5255
5320
  // Note: path.resolve vs .join:
@@ -7951,34 +8016,43 @@ async function updateLockfile(pkgEnvDetails, options) {
7951
8016
  }
7952
8017
  } catch (e) {
7953
8018
  spinner?.stop();
7954
- logger?.fail(utils.cmdPrefixMessage(cmdName, `${pkgEnvDetails.agent} install failed to update ${pkgEnvDetails.lockName}`));
7955
- logger?.error(e);
8019
+ debug.debugFn(e);
8020
+ return {
8021
+ ok: false,
8022
+ message: 'Update failed',
8023
+ cause: utils.cmdPrefixMessage(cmdName, `${pkgEnvDetails.agent} install failed to update ${pkgEnvDetails.lockName}`)
8024
+ };
7956
8025
  }
7957
8026
  if (isSpinning) {
7958
8027
  spinner?.start();
7959
8028
  } else {
7960
8029
  spinner?.stop();
7961
8030
  }
8031
+ return {
8032
+ ok: true,
8033
+ data: undefined
8034
+ };
7962
8035
  }
7963
8036
 
7964
8037
  const {
7965
8038
  VLT
7966
8039
  } = constants;
7967
- function createActionMessage(verb, overrideCount, workspaceCount) {
7968
- return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
7969
- }
7970
8040
  async function applyOptimization(cwd, pin, prod) {
7971
- const pkgEnvDetails = await utils.detectAndValidatePackageEnvironment(cwd, {
8041
+ const result = await utils.detectAndValidatePackageEnvironment(cwd, {
7972
8042
  cmdName: CMD_NAME,
7973
8043
  logger: logger.logger,
7974
8044
  prod
7975
8045
  });
7976
- if (!pkgEnvDetails) {
7977
- return;
8046
+ if (!result.ok) {
8047
+ return result;
7978
8048
  }
8049
+ const pkgEnvDetails = result.data;
7979
8050
  if (pkgEnvDetails.agent === VLT) {
7980
- logger.logger.warn(utils.cmdPrefixMessage(CMD_NAME, `${VLT} does not support overrides. Soon, though ⚡`));
7981
- return;
8051
+ return {
8052
+ ok: false,
8053
+ message: 'Unsupported',
8054
+ cause: utils.cmdPrefixMessage(CMD_NAME, `${VLT} does not support overrides. Soon, though ⚡`)
8055
+ };
7982
8056
  }
7983
8057
 
7984
8058
  // Lazily access constants.spinner.
@@ -7996,22 +8070,66 @@ async function applyOptimization(cwd, pin, prod) {
7996
8070
  const updatedCount = state.updated.size;
7997
8071
  const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
7998
8072
  if (pkgJsonChanged || pkgEnvDetails.features.npmBuggyOverrides) {
7999
- await updateLockfile(pkgEnvDetails, {
8073
+ const result = await updateLockfile(pkgEnvDetails, {
8000
8074
  cmdName: CMD_NAME,
8001
8075
  logger: logger.logger,
8002
8076
  spinner
8003
8077
  });
8078
+ if (!result.ok) {
8079
+ return result;
8080
+ }
8004
8081
  }
8005
8082
  spinner.stop();
8006
- if (updatedCount > 0) {
8007
- logger.logger?.log(`${createActionMessage('Updated', updatedCount, state.updatedInWorkspaces.size)}${addedCount ? '.' : '🚀'}`);
8083
+ return {
8084
+ ok: true,
8085
+ data: {
8086
+ addedCount,
8087
+ updatedCount,
8088
+ pkgJsonChanged,
8089
+ updatedInWorkspaces: state.updatedInWorkspaces.size,
8090
+ addedInWorkspaces: state.addedInWorkspaces.size
8091
+ }
8092
+ };
8093
+ }
8094
+
8095
+ async function outputOptimizeResult(result, outputKind) {
8096
+ if (!result.ok) {
8097
+ process.exitCode = result.code ?? 1;
8098
+ }
8099
+ if (outputKind === 'json') {
8100
+ logger.logger.log(utils.serializeResultJson(result));
8101
+ return;
8102
+ }
8103
+ if (!result.ok) {
8104
+ logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
8105
+ return;
8106
+ }
8107
+ const data = result.data;
8108
+ if (data.updatedCount > 0) {
8109
+ logger.logger?.log(`${createActionMessage('Updated', data.updatedCount, data.updatedInWorkspaces)}${data.addedCount ? '.' : '🚀'}`);
8008
8110
  }
8009
- if (addedCount > 0) {
8010
- logger.logger?.log(`${createActionMessage('Added', addedCount, state.addedInWorkspaces.size)} 🚀`);
8111
+ if (data.addedCount > 0) {
8112
+ logger.logger?.log(`${createActionMessage('Added', data.addedCount, data.addedInWorkspaces)} 🚀`);
8011
8113
  }
8012
- if (!pkgJsonChanged) {
8114
+ if (!data.pkgJsonChanged) {
8013
8115
  logger.logger?.log('Scan complete. No Socket.dev optimized overrides applied.');
8014
8116
  }
8117
+ logger.logger.log('');
8118
+ logger.logger.success('Finished!');
8119
+ logger.logger.log('');
8120
+ }
8121
+ function createActionMessage(verb, overrideCount, workspaceCount) {
8122
+ return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
8123
+ }
8124
+
8125
+ async function handleOptimize({
8126
+ cwd,
8127
+ outputKind,
8128
+ pin,
8129
+ prod
8130
+ }) {
8131
+ const result = await applyOptimization(cwd, pin, prod);
8132
+ await outputOptimizeResult(result, outputKind);
8015
8133
  }
8016
8134
 
8017
8135
  const {
@@ -8036,14 +8154,14 @@ const config$q = {
8036
8154
  },
8037
8155
  help: (command, config) => `
8038
8156
  Usage
8039
- $ ${command}
8157
+ $ ${command} [options] [CWD=.]
8040
8158
 
8041
8159
  Options
8042
8160
  ${utils.getFlagListOutput(config.flags, 6)}
8043
8161
 
8044
8162
  Examples
8045
8163
  $ ${command}
8046
- $ ${command} --pin
8164
+ $ ${command} ./proj/tree --pin
8047
8165
  `
8048
8166
  };
8049
8167
  const cmdOptimize = {
@@ -8060,15 +8178,29 @@ async function run$q(argv, importMeta, {
8060
8178
  importMeta,
8061
8179
  parentName
8062
8180
  });
8063
-
8064
- // TODO: impl json/md
8065
-
8066
- const cwd = process.cwd();
8181
+ const {
8182
+ json,
8183
+ markdown
8184
+ } = cli.flags;
8185
+ const {
8186
+ pin,
8187
+ prod
8188
+ } = cli.flags;
8189
+ const outputKind = utils.getOutputKind(json, markdown);
8190
+ let [cwd = '.'] = cli.input;
8191
+ // Note: path.resolve vs .join:
8192
+ // If given path is absolute then cwd should not affect it.
8193
+ cwd = path.resolve(process.cwd(), cwd);
8067
8194
  if (cli.flags['dryRun']) {
8068
8195
  logger.logger.log(DRY_RUN_BAILING_NOW$o);
8069
8196
  return;
8070
8197
  }
8071
- await applyOptimization(cwd, Boolean(cli.flags['pin']), Boolean(cli.flags['prod']));
8198
+ await handleOptimize({
8199
+ cwd,
8200
+ pin: Boolean(pin),
8201
+ outputKind,
8202
+ prod: Boolean(prod)
8203
+ });
8072
8204
  }
8073
8205
 
8074
8206
  async function fetchOrganization() {
@@ -11716,7 +11848,8 @@ async function handleCreateGithubScan({
11716
11848
  logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
11717
11849
  return;
11718
11850
  }
11719
- logger.logger.success('Ok! Finished!');
11851
+ logger.logger.log('');
11852
+ logger.logger.success('Finished!');
11720
11853
  }
11721
11854
 
11722
11855
  const {
@@ -13449,5 +13582,5 @@ void (async () => {
13449
13582
  await utils.captureException(e);
13450
13583
  }
13451
13584
  })();
13452
- //# debugId=e400d892-bcd3-4bf3-a6e0-ddafe9d984ad
13585
+ //# debugId=2fd0bc0c-3a6c-42d6-8ccd-1745d5682e7e
13453
13586
  //# sourceMappingURL=cli.js.map