socket 1.0.65 → 1.0.67

package/dist/cli.js

@@ -23,29 +23,45 @@ var sorts = require('../external/@socketsecurity/registry/lib/sorts');
 var regexps = require('../external/@socketsecurity/registry/lib/regexps');
 var fs$2 = require('../external/@socketsecurity/registry/lib/fs');
 var shadowNpmInject = require('./shadow-npm-inject.js');
-var objects = require('../external/@socketsecurity/registry/lib/objects');
+var require$$7 = require('../external/@socketsecurity/registry/lib/objects');
 var shadowNpmBin = require('./shadow-npm-bin.js');
-var require$$7 = require('../external/@socketsecurity/registry/lib/promises');
+var require$$8 = require('../external/@socketsecurity/registry/lib/promises');
 var require$$1 = require('node:util');
 var os = require('node:os');
 var promises = require('node:stream/promises');
 
-async function fetchOrgAnalyticsData(time) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchOrgAnalyticsData(time, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getOrgAnalytics(time.toString()), 'analytics data');
+  return await utils.handleApiCall(sockSdk.getOrgAnalytics(time.toString()), {
+    desc: 'analytics data'
+  });
 }
 
-async function fetchRepoAnalyticsData(repo, time) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchRepoAnalyticsData(repo, time, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getRepoAnalytics(repo, time.toString()), 'analytics data');
+  return await utils.handleApiCall(sockSdk.getRepoAnalytics(repo, time.toString()), {
+    desc: 'analytics data'
+  });
 }
 
 // Note: Widgets does not seem to actually work as code :'(
@@ -446,18 +462,28 @@ async function run$P(argv, importMeta, {
   });
 }
 
-async function fetchAuditLog({
-  logType,
-  orgSlug,
-  outputKind,
-  page,
-  perPage
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchAuditLog(config, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
+  const {
+    logType,
+    orgSlug,
+    outputKind,
+    page,
+    perPage
+  } = {
+    __proto__: null,
+    ...config
+  };
   return await utils.handleApiCall(sockSdk.getAuditLogEvents(orgSlug, {
     // I'm not sure this is used at all.
     outputJson: String(outputKind === 'json'),
@@ -467,7 +493,9 @@ async function fetchAuditLog({
     type: logType,
     page: String(page),
     per_page: String(perPage)
-  }), `audit log for ${orgSlug}`);
+  }), {
+    desc: `audit log for ${orgSlug}`
+  });
 }
 
 const require$4 = require$$5.createRequire(require('node:url').pathToFileURL(__filename).href);
@@ -538,10 +566,10 @@ async function outputAsJson(auditLogs, {
       desc: 'Audit logs for given query',
       // Lazily access constants.ENV.VITEST.
       generated: constants.ENV.VITEST ? REDACTED : new Date().toISOString(),
-      org: orgSlug,
       logType,
-      page,
       nextPage: auditLogs.data.nextPage,
+      org: orgSlug,
+      page,
       perPage,
       logs: auditLogs.data.results.map(log => {
         // Note: The subset is pretty arbitrary
@@ -708,11 +736,11 @@ async function handleAuditLog({
   perPage
 }) {
   const auditLogs = await fetchAuditLog({
+    logType,
     orgSlug,
     outputKind,
     page,
-    perPage,
-    logType
+    perPage
   });
   await outputAuditLog(auditLogs, {
     logType,
@@ -860,68 +888,34 @@ async function run$O(argv, importMeta, {
   });
 }
 
-// Use the config defaultOrg when set, otherwise discover from remote
-async function getDefaultOrgSlug() {
-  const defaultOrgResult = utils.getConfigValueOrUndef('defaultOrg');
-  if (defaultOrgResult) {
-    debug.debugFn('notice', 'use: default org', defaultOrgResult);
-    return {
-      ok: true,
-      data: defaultOrgResult
-    };
-  }
-  const sockSdkCResult = await utils.setupSdk();
-  if (!sockSdkCResult.ok) {
-    return sockSdkCResult;
-  }
-  const sockSdk = sockSdkCResult.data;
-  const result = await utils.handleApiCall(sockSdk.getOrganizations(), 'list of organizations');
-  if (!result.ok) {
-    return result;
-  }
-  const orgs = result.data.organizations;
-  const keys = Object.keys(orgs);
-  if (!keys[0]) {
-    return {
-      ok: false,
-      message: 'Failed to establish identity',
-      data: `API did not return any organization associated with the current API token. Unable to continue.`
-    };
-  }
-  const slug = (keys[0] in orgs && orgs?.[keys[0]]?.name) ?? undefined;
-  if (!slug) {
-    return {
-      ok: false,
-      message: 'Failed to establish identity',
-      data: `Was unable to determine the default organization for the current API token. Unable to continue.`
-    };
-  }
-  debug.debugFn('notice', 'resolve: org', slug);
-  return {
-    ok: true,
-    message: 'Retrieved default org from server',
-    data: slug
+async function fetchCreateOrgFullScan(packagePaths, orgSlug, config, options) {
+  const {
+    branchName,
+    commitHash,
+    commitMessage,
+    committers,
+    pullRequest,
+    repoName
+  } = {
+    __proto__: null,
+    ...config
   };
-}
-
-const {
-  SOCKET_DEFAULT_REPOSITORY: SOCKET_DEFAULT_REPOSITORY$3
-} = constants;
-async function fetchCreateOrgFullScan(packagePaths, orgSlug, defaultBranch, pendingHead, tmp, cwd, {
-  branchName,
-  commitHash,
-  commitMessage,
-  committers,
-  pullRequest,
-  repoName
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+  const {
+    cwd = process.cwd(),
+    defaultBranch,
+    pendingHead,
+    sdkOptions,
+    tmp
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  const repo = repoName || (await utils.getRepoName(cwd)) || SOCKET_DEFAULT_REPOSITORY$3;
-  return await utils.handleApiCall(sockSdk.createOrgFullScan(orgSlug, {
+  return await utils.handleApiCall(sockSdk.createOrgFullScan(orgSlug, packagePaths, cwd, {
     ...(branchName ? {
       branch: branchName
     } : {}),
@@ -938,28 +932,44 @@ async function fetchCreateOrgFullScan(packagePaths, orgSlug, defaultBranch, pend
     ...(pullRequest ? {
       pull_request: String(pullRequest)
     } : {}),
-    // The repo is mandatory, this is server default for repo.
-    repo,
+    repo: repoName,
     set_as_pending_head: String(pendingHead),
     tmp: String(tmp)
-  }, packagePaths, cwd), 'to create a scan');
+  }), {
+    desc: 'to create a scan'
+  });
 }
 
-async function fetchSupportedScanFileNames() {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchSupportedScanFileNames(options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getReportSupportedFiles(), 'supported scan file types');
+  return await utils.handleApiCall(sockSdk.getSupportedScanFiles(), {
+    desc: 'supported scan file types'
+  });
 }
 
 /**
  * This fetches all the relevant pieces of data to generate a report, given a
  * full scan ID.
  */
-async function fetchReportData(orgSlug, scanId, includeLicensePolicy) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchScanData(orgSlug, scanId, options) {
+  const {
+    includeLicensePolicy,
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
@@ -1438,8 +1448,10 @@ async function handleScanReport({
   scanId,
   short
 }) {
-  const result = await fetchReportData(orgSlug, scanId, includeLicensePolicy);
-  await outputScanReport(result, {
+  const scanDataCResult = await fetchScanData(orgSlug, scanId, {
+    includeLicensePolicy
+  });
+  await outputScanReport(scanDataCResult, {
     filePath,
     fold,
     scanId: scanId,
@@ -2036,13 +2048,18 @@ async function handleCreateNewScan({
     logger.logger.log('[ReadOnly] Bailing now');
     return;
   }
-  const fullScanCResult = await fetchCreateOrgFullScan(packagePaths, orgSlug, defaultBranch, pendingHead, tmp, cwd, {
+  const fullScanCResult = await fetchCreateOrgFullScan(packagePaths, orgSlug, {
     commitHash,
     commitMessage,
     committers,
     pullRequest,
     repoName,
     branchName
+  }, {
+    cwd,
+    defaultBranch,
+    pendingHead,
+    tmp
   });
   if (fullScanCResult.ok && report) {
     if (fullScanCResult.data?.id) {
@@ -2069,40 +2086,39 @@ async function handleCreateNewScan({
   }
 }
 
-const {
-  SOCKET_DEFAULT_BRANCH: SOCKET_DEFAULT_BRANCH$2,
-  SOCKET_DEFAULT_REPOSITORY: SOCKET_DEFAULT_REPOSITORY$2
-} = constants;
-async function handleCI(autoManifest) {
+async function handleCi(autoManifest) {
   // ci: {
   //   description: 'Alias for "report create --view --strict"',
   //     argv: ['report', 'create', '--view', '--strict']
   // }
-  const result = await getDefaultOrgSlug();
-  if (!result.ok) {
-    process.exitCode = result.code ?? 1;
+  const orgSlugCResult = await utils.getDefaultOrgSlug();
+  if (!orgSlugCResult.ok) {
+    process.exitCode = orgSlugCResult.code ?? 1;
     // Always assume json mode.
-    logger.logger.log(utils.serializeResultJson(result));
+    logger.logger.log(utils.serializeResultJson(orgSlugCResult));
     return;
   }
+  const orgSlug = orgSlugCResult.data;
   const cwd = process.cwd();
-
-  // TODO: does it makes sense to use custom branch/repo names here? probably socket.yml, right
+  // Lazily access constants.SOCKET_DEFAULT_BRANCH.
+  const branchName = (await utils.gitBranch(cwd)) || constants.SOCKET_DEFAULT_BRANCH;
+  // Lazily access constants.SOCKET_DEFAULT_REPOSITORY.
+  const repoName = (await utils.getRepoName(cwd)) || constants.SOCKET_DEFAULT_REPOSITORY;
   await handleCreateNewScan({
     autoManifest,
-    branchName: (await utils.gitBranch(cwd)) || SOCKET_DEFAULT_BRANCH$2,
+    branchName,
     commitMessage: '',
     commitHash: '',
     committers: '',
-    cwd: process.cwd(),
+    cwd,
     defaultBranch: false,
     interactive: false,
-    orgSlug: result.data,
+    orgSlug,
     outputKind: 'json',
     // When 'pendingHead' is true, it requires 'branchName' set and 'tmp' false.
     pendingHead: true,
     pullRequest: 0,
-    repoName: (await utils.getRepoName(cwd)) || SOCKET_DEFAULT_REPOSITORY$2,
+    repoName,
     readOnly: false,
     report: true,
     targets: ['.'],
@@ -2168,7 +2184,7 @@ async function run$N(argv, importMeta, {
     logger.logger.log(DRY_RUN_BAILING_NOW$K);
     return;
   }
-  await handleCI(Boolean(cli.flags['autoManifest']));
+  await handleCi(Boolean(cli.flags['autoManifest']));
 }
 
 async function discoverConfigValue(key) {
@@ -2275,43 +2291,35 @@ async function discoverConfigValue(key) {
   };
 }
 async function getDefaultOrgFromToken() {
-  const sockSdkCResult = await utils.setupSdk();
-  if (!sockSdkCResult.ok) {
+  const orgsCResult = await utils.fetchOrganization();
+  if (!orgsCResult.ok) {
     return undefined;
   }
-  const sockSdk = sockSdkCResult.data;
-  const result = await utils.handleApiCall(sockSdk.getOrganizations(), 'list of organizations');
-  if (result.ok) {
-    const arr = Array.from(Object.values(result.data.organizations)).map(({
-      slug
-    }) => slug);
-    if (arr.length === 0) {
-      return undefined;
-    }
-    if (arr.length === 1) {
-      return arr[0];
-    }
-    return arr;
+  const {
+    organizations
+  } = orgsCResult.data;
+  const slugs = Array.from(Object.values(organizations)).map(o => o.slug);
+  if (slugs.length === 0) {
+    return undefined;
   }
-  return undefined;
+  if (slugs.length === 1) {
+    return slugs[0];
+  }
+  return slugs;
 }
 async function getEnforceableOrgsFromToken() {
-  const sockSdkCResult = await utils.setupSdk();
-  if (!sockSdkCResult.ok) {
+  const orgsCResult = await utils.fetchOrganization();
+  if (!orgsCResult.ok) {
     return undefined;
   }
-  const sockSdk = sockSdkCResult.data;
-  const result = await utils.handleApiCall(sockSdk.getOrganizations(), 'list of organizations');
-  if (result.ok) {
-    const arr = Array.from(Object.values(result.data.organizations)).map(({
-      slug
-    }) => slug);
-    if (arr.length === 0) {
-      return undefined;
-    }
-    return arr;
+  const {
+    organizations
+  } = orgsCResult.data;
+  const slugs = Array.from(Object.values(organizations)).map(o => o.slug);
+  if (!slugs.length) {
+    return undefined;
   }
-  return undefined;
+  return slugs;
 }
 
 async function outputConfigAuto(key, result, outputKind) {
@@ -3566,9 +3574,9 @@ async function getActualTree(cwd = process.cwd()) {
 
 const {
   BUN: BUN$4,
-  NPM: NPM$8,
+  NPM: NPM$7,
   OVERRIDES: OVERRIDES$2,
-  PNPM: PNPM$8,
+  PNPM: PNPM$7,
   RESOLUTIONS: RESOLUTIONS$1,
   VLT: VLT$5,
   YARN_BERRY: YARN_BERRY$4,
@@ -3587,7 +3595,7 @@ function getOverridesDataBun(pkgEnvDetails, pkgJson = pkgEnvDetails.editablePkgJ
 function getOverridesDataNpm(pkgEnvDetails, pkgJson = pkgEnvDetails.editablePkgJson.content) {
   const overrides = pkgJson?.[OVERRIDES$2] ?? {};
   return {
-    type: NPM$8,
+    type: NPM$7,
     overrides
   };
 }
@@ -3595,9 +3603,9 @@ function getOverridesDataNpm(pkgEnvDetails, pkgJson = pkgEnvDetails.editablePkgJ
 // pnpm overrides documentation:
 // https://pnpm.io/package_json#pnpmoverrides
 function getOverridesDataPnpm(pkgEnvDetails, pkgJson = pkgEnvDetails.editablePkgJson.content) {
-  const overrides = pkgJson?.[PNPM$8]?.[OVERRIDES$2] ?? {};
+  const overrides = pkgJson?.[PNPM$7]?.[OVERRIDES$2] ?? {};
   return {
-    type: PNPM$8,
+    type: PNPM$7,
     overrides
   };
 }
@@ -3632,7 +3640,7 @@ function getOverridesData(pkgEnvDetails, pkgJson) {
   switch (pkgEnvDetails.agent) {
     case BUN$4:
       return getOverridesDataBun(pkgEnvDetails, pkgJson);
-    case PNPM$8:
+    case PNPM$7:
       return getOverridesDataPnpm(pkgEnvDetails, pkgJson);
     case VLT$5:
       return getOverridesDataVlt(pkgEnvDetails, pkgJson);
@@ -3640,7 +3648,7 @@ function getOverridesData(pkgEnvDetails, pkgJson) {
       return getOverridesDataYarn(pkgEnvDetails, pkgJson);
     case YARN_CLASSIC$4:
       return getOverridesDataYarnClassic(pkgEnvDetails, pkgJson);
-    case NPM$8:
+    case NPM$7:
     default:
       return getOverridesDataNpm(pkgEnvDetails, pkgJson);
   }
@@ -4131,7 +4139,8 @@ async function install$1(pkgEnvDetails, options) {
     __proto__: null,
     ...options
   };
-  const args = ['--ignore-scripts', '--no-audit', '--no-fund', '--no-progress', '--no-save', '--silent', ...(extraArgs ?? [])];
+  const useDebug = debug.isDebug('stdio');
+  const args = ['--ignore-scripts', '--no-audit', '--no-fund', '--no-progress', ...(useDebug ? [] : ['--silent']), ...(extraArgs ?? [])];
   const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
   debug.debugFn('stdio', `spawn: ${quotedCmd}`);
   const isSpinning = spinner?.isSpinning;
@@ -4141,7 +4150,7 @@ async function install$1(pkgEnvDetails, options) {
     await utils.runAgentInstall(pkgEnvDetails, {
       args,
       spinner,
-      stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
+      stdio: useDebug ? 'inherit' : 'ignore'
     });
   } catch (e) {
     debug.debugFn('error', `caught: ${quotedCmd} failed`);
@@ -4266,7 +4275,7 @@ async function outputFixResult(result, outputKind) {
 
 const {
   OVERRIDES: OVERRIDES$1,
-  PNPM: PNPM$7
+  PNPM: PNPM$6
 } = constants;
 async function install(pkgEnvDetails, options) {
   const {
@@ -4383,15 +4392,15 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
       const {
         overrides: oldOverrides
       } = getOverridesDataPnpm(pkgEnvDetails, editablePkgJson.content);
-      const oldPnpmSection = editablePkgJson.content[PNPM$7];
+      const oldPnpmSection = editablePkgJson.content[PNPM$6];
       const overrideKey = `${packument.name}@${vulnerableVersionRange}`;
       revertOverrides = undefined;
       revertOverridesSrc = utils.extractOverridesFromPnpmLockSrc(lockSrc);
       if (isWorkspaceRoot) {
         revertOverrides = {
-          [PNPM$7]: oldPnpmSection ? {
+          [PNPM$6]: oldPnpmSection ? {
             ...oldPnpmSection,
-            [OVERRIDES$1]: objects.hasKeys(oldOverrides) ? {
+            [OVERRIDES$1]: require$$7.hasKeys(oldOverrides) ? {
               ...oldOverrides,
               [overrideKey]: undefined
             } : undefined
@@ -4400,7 +4409,7 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
         // Update overrides in the root package.json so that when `pnpm install`
         // generates pnpm-lock.yaml it updates transitive dependencies too.
         editablePkgJson.update({
-          [PNPM$7]: {
+          [PNPM$6]: {
             ...oldPnpmSection,
             [OVERRIDES$1]: {
               ...oldOverrides,
@@ -4451,16 +4460,13 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
   }, fixConfig);
 }
 
-const {
-  NPM: NPM$7,
-  PNPM: PNPM$6
-} = constants;
 async function handleFix({
   autoMerge,
   cwd,
   ghsas,
   limit,
   minSatisfying,
+  orgSlug,
   outputKind,
   prCheck,
   purls,
@@ -4470,49 +4476,66 @@ async function handleFix({
   testScript,
   unknownFlags
 }) {
-  let {
-    length: ghsasCount
-  } = ghsas;
-  if (ghsasCount) {
-    spinner?.start('Fetching GHSA IDs...');
-    if (ghsasCount === 1 && ghsas[0] === 'auto') {
-      const autoCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd], {
-        cwd,
-        spinner
-      });
-      spinner?.stop();
-      if (autoCResult.ok) {
-        ghsas = utils.cmdFlagValueToArray(/(?<=Vulnerabilities found: )[^\n]+/.exec(autoCResult.data)?.[0]);
-        ghsasCount = ghsas.length;
-      } else {
-        debug.debugFn('error', 'fail: Coana CLI');
-        debug.debugDir('inspect', {
-          message: autoCResult.message,
-          cause: autoCResult.cause
-        });
-        ghsas = [];
-        ghsasCount = 0;
+  if (ghsas.length === 1 && ghsas[0] === 'auto') {
+    let lastCResult;
+    const sockSdkCResult = await utils.setupSdk();
+    lastCResult = sockSdkCResult;
+    const sockSdk = sockSdkCResult.ok ? sockSdkCResult.data : undefined;
+    const supportedFilesCResult = sockSdk ? await fetchSupportedScanFileNames() : undefined;
+    if (supportedFilesCResult) {
+      lastCResult = supportedFilesCResult;
+    }
+    const supportedFiles = supportedFilesCResult?.ok ? supportedFilesCResult.data : undefined;
+    const packagePaths = supportedFiles ? await utils.getPackageFilesForScan(['.'], supportedFiles, {
+      cwd
+    }) : [];
+    const uploadCResult = sockSdk ? await utils.handleApiCall(sockSdk?.uploadManifestFiles(orgSlug, packagePaths), {
+      desc: 'upload manifests'
+    }) : undefined;
+    if (uploadCResult) {
+      lastCResult = uploadCResult;
+    }
+    const tarHash = uploadCResult?.ok ? uploadCResult.data.tarHash : '';
+    const idsOutputCResult = tarHash ? await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash], {
+      cwd,
+      spinner,
+      env: {
+        SOCKET_ORG_SLUG: orgSlug
       }
-      spinner?.start();
+    }) : undefined;
+    if (idsOutputCResult) {
+      lastCResult = idsOutputCResult;
     }
-    if (ghsasCount) {
-      spinner?.info(`Found ${ghsasCount} GHSA ${words.pluralize('ID', ghsasCount)}.`);
-      const applyFixesCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--apply-fixes-to', ...ghsas, ...unknownFlags], {
-        cwd,
-        spinner
-      });
-      spinner?.stop();
-      if (!applyFixesCResult.ok) {
-        debug.debugFn('error', 'fail: Coana CLI');
-        debug.debugDir('inspect', {
-          message: applyFixesCResult.message,
-          cause: applyFixesCResult.cause
-        });
+    const idsOutput = idsOutputCResult?.ok ? idsOutputCResult.data : '';
+    const ids = utils.cmdFlagValueToArray(/(?<=Vulnerabilities found: )[^\n]+/.exec(idsOutput)?.[0]);
+    const fixCResult = ids.length ? await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...ids, ...unknownFlags], {
+      cwd,
+      spinner,
+      env: {
+        SOCKET_ORG_SLUG: orgSlug
       }
-      await outputFixResult(applyFixesCResult, outputKind);
+    }) : undefined;
+    if (fixCResult) {
+      lastCResult = fixCResult;
+    }
+    // const fixCResult = await spawnCoana(
+    //   [
+    //     cwd,
+    //     '--socket-mode',
+    //     DOT_SOCKET_DOT_FACTS_JSON,
+    //     '--manifests-tar-hash',
+    //     tarHash,
+    //     ...unknownFlags,
+    //   ],
+    //   { cwd, spinner, env: { SOCKET_ORG_SLUG: orgSlug } },
+    // )
+    debug.debugDir('inspect', {
+      lastCResult
+    });
+    if (!lastCResult.ok) {
+      await outputFixResult(lastCResult, outputKind);
       return;
     }
-    spinner?.infoAndStop('No GHSA IDs found.');
     await outputFixResult({
       ok: true,
       data: ''
@@ -4538,11 +4561,17 @@ async function handleFix({
     }, outputKind);
     return;
   }
+
+  // Lazily access constants.
+  const {
+    NPM,
+    PNPM
+  } = constants;
   const {
     agent,
     agentVersion
   } = pkgEnvDetails;
-  if (agent !== NPM$7 && agent !== PNPM$6) {
+  if (agent !== NPM && agent !== PNPM) {
     await outputFixResult({
       ok: false,
       message: 'Not supported.',
@@ -4551,7 +4580,7 @@ async function handleFix({
     return;
   }
   logger.logger.info(`Fixing packages for ${agent} v${agentVersion}.\n`);
-  const fixer = agent === NPM$7 ? npmFix : pnpmFix;
+  const fixer = agent === NPM ? npmFix : pnpmFix;
   await outputFixResult(await fixer(pkgEnvDetails, {
     autoMerge,
     cwd,
@@ -4589,7 +4618,8 @@ const config$H = {
       type: 'string',
       default: [],
       description: `Provide a list of ${vendor.terminalLinkExports('GHSA IDs', 'https://docs.github.com/en/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database#about-ghsa-ids')} to compute fixes for, as either a comma separated value or as multiple flags.\n                        Use '--ghsa auto' to automatically lookup GHSA IDs and compute fixes for them.`,
-      isMultiple: true
+      isMultiple: true,
+      hidden: true
     },
     limit: {
       type: 'number',
@@ -4714,6 +4744,14 @@ async function run$H(argv, importMeta, {
     autoMerge = true;
     test = true;
   }
+  const orgSlugCResult = await utils.getDefaultOrgSlug();
+  if (!orgSlugCResult.ok) {
+    process.exitCode = orgSlugCResult.code ?? 1;
+    // Always assume json mode.
+    // logger.log(serializeResultJson(orgSlugCResult))
+    return;
+  }
+  const orgSlug = orgSlugCResult.data;
   const ghsas = utils.cmdFlagValueToArray(cli.flags['ghsa']);
   const limit = (cli.flags['limit'] ? parseInt(String(cli.flags['limit'] || ''), 10) : Infinity) || Infinity;
   const maxSatisfying = Boolean(cli.flags['maxSatisfying']);
@@ -4728,6 +4766,7 @@ async function run$H(argv, importMeta, {
     limit,
     minSatisfying,
     prCheck,
+    orgSlug,
     outputKind,
     purls,
     rangeStyle,
@@ -5022,22 +5061,31 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
     };
   }
   const apiToken = apiTokenInput || SOCKET_PUBLIC_API_TOKEN;
-  const sdk = await utils.setupSdk(apiToken, apiBaseUrl, apiProxy);
-  if (!sdk.ok) {
+  const sockSdkCResult = await utils.setupSdk({
+    apiBaseUrl,
+    apiProxy,
+    apiToken
+  });
+  if (!sockSdkCResult.ok) {
     process.exitCode = 1;
-    logger.logger.fail(utils.failMsgWithBadge(sdk.message, sdk.cause));
+    logger.logger.fail(utils.failMsgWithBadge(sockSdkCResult.message, sockSdkCResult.cause));
     return;
   }
-  const result = await utils.handleApiCall(sdk.data.getOrganizations(), 'token verification');
-  if (!result.ok) {
+  const sockSdk = sockSdkCResult.data;
+  const orgsCResult = await utils.handleApiCall(sockSdk.getOrganizations(), {
+    desc: 'token verification'
+  });
+  if (!orgsCResult.ok) {
     process.exitCode = 1;
-    logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
+    logger.logger.fail(utils.failMsgWithBadge(orgsCResult.message, orgsCResult.cause));
     return;
   }
-  const orgs = result.data;
-  const orgSlugs = Object.values(orgs.organizations).map(obj => obj.slug);
+  const {
+    organizations
+  } = orgsCResult.data;
+  const orgSlugs = Object.values(organizations).map(obj => obj.slug);
   logger.logger.success(`API key verified: ${orgSlugs}`);
-  const enforcedChoices = Object.values(orgs.organizations).filter(org => org?.plan === 'enterprise').map(org => ({
+  const enforcedChoices = Object.values(organizations).filter(org => org?.plan === 'enterprise').map(org => ({
     name: org.name ?? 'undefined',
     value: org.id
   }));
@@ -7348,8 +7396,8 @@ function updatePkgJsonField(editablePkgJson, field, value) {
   if (oldValue) {
     // The field already exists so we simply update the field value.
     if (field === PNPM$1) {
-      const isPnpmObj = objects.isObject(oldValue);
-      if (objects.hasKeys(value)) {
+      const isPnpmObj = require$$7.isObject(oldValue);
+      if (require$$7.hasKeys(value)) {
         editablePkgJson.update({
           [field]: {
             ...(isPnpmObj ? oldValue : {}),
@@ -7361,7 +7409,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
         });
       } else {
         // Properties with undefined values are omitted when saved as JSON.
-        editablePkgJson.update(objects.hasKeys(oldValue) ? {
+        editablePkgJson.update(require$$7.hasKeys(oldValue) ? {
           [field]: {
             ...(isPnpmObj ? oldValue : {}),
             overrides: undefined
@@ -7373,7 +7421,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
     } else if (field === OVERRIDES || field === RESOLUTIONS) {
       // Properties with undefined values are omitted when saved as JSON.
       editablePkgJson.update({
-        [field]: objects.hasKeys(value) ? value : undefined
+        [field]: require$$7.hasKeys(value) ? value : undefined
       });
     } else {
       editablePkgJson.update({
@@ -7382,7 +7430,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
     }
     return;
   }
-  if ((field === OVERRIDES || field === PNPM$1 || field === RESOLUTIONS) && !objects.hasKeys(value)) {
+  if ((field === OVERRIDES || field === PNPM$1 || field === RESOLUTIONS) && !require$$7.hasKeys(value)) {
     return;
   }
   // Since the field doesn't exist we want to insert it into the package.json
@@ -7517,7 +7565,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
   let loggedAddingText = false;
 
   // Chunk package names to process them in parallel 3 at a time.
-  await require$$7.pEach(manifestEntries, 3, async ({
+  await require$$8.pEach(manifestEntries, 3, async ({
     1: data
   }) => {
     const {
@@ -7531,11 +7579,11 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
     for (const {
       1: depObj
     } of depEntries) {
-      const sockSpec = objects.hasOwn(depObj, sockRegPkgName) ? depObj[sockRegPkgName] : undefined;
+      const sockSpec = require$$7.hasOwn(depObj, sockRegPkgName) ? depObj[sockRegPkgName] : undefined;
       if (sockSpec) {
         depAliasMap.set(sockRegPkgName, sockSpec);
       }
-      const origSpec = objects.hasOwn(depObj, origPkgName) ? depObj[origPkgName] : undefined;
+      const origSpec = require$$7.hasOwn(depObj, origPkgName) ? depObj[origPkgName] : undefined;
       if (origSpec) {
         let thisSpec = origSpec;
         // Add package aliases for direct dependencies to avoid npm EOVERRIDE
@@ -7571,11 +7619,11 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
         npmExecPath
       });
       // Chunk package names to process them in parallel 3 at a time.
-      await require$$7.pEach(overridesDataObjects, 3, async ({
+      await require$$8.pEach(overridesDataObjects, 3, async ({
         overrides,
         type
       }) => {
-        const overrideExists = objects.hasOwn(overrides, origPkgName);
+        const overrideExists = require$$7.hasOwn(overrides, origPkgName);
         if (overrideExists || thingScanner(pkgEnvDetails, thingToScan, origPkgName, lockName)) {
           const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
           const origDepAlias = depAliasMap.get(origPkgName);
@@ -7625,7 +7673,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
   });
   if (isWorkspace) {
     // Chunk package names to process them in parallel 3 at a time.
-    await require$$7.pEach(workspacePkgJsonPaths, 3, async workspacePkgJsonPath => {
+    await require$$8.pEach(workspacePkgJsonPaths, 3, async workspacePkgJsonPath => {
       const otherState = await addOverrides(pkgEnvDetails, path.dirname(workspacePkgJsonPath), {
         logger,
         pin,
@@ -7646,7 +7694,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
         overrides,
         type
       } of overridesDataObjects) {
-        updateManifest(type, pkgEnvDetails.editablePkgJson, objects.toSortedObject(overrides));
+        updateManifest(type, pkgEnvDetails.editablePkgJson, require$$7.toSortedObject(overrides));
       }
     }
     await pkgEnvDetails.editablePkgJson.save();
@@ -7891,19 +7939,31 @@ async function run$r(argv, importMeta, {
   });
 }
 
-async function fetchDependencies({
-  limit,
-  offset
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchDependencies(config, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
+  const {
+    limit,
+    offset
+  } = {
+    __proto__: null,
+    ...config
+  };
   return await utils.handleApiCall(sockSdk.searchDependencies({
     limit,
     offset
-  }), 'organization dependencies');
+  }), {
+    desc: 'organization dependencies'
+  });
 }
 
 // @ts-ignore
@@ -8068,13 +8128,21 @@ async function run$q(argv, importMeta, {
   });
 }
 
-async function fetchLicensePolicy(orgSlug) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchLicensePolicy(orgSlug, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getOrgLicensePolicy(orgSlug), 'organization license policy');
+  return await utils.handleApiCall(sockSdk.getOrgLicensePolicy(orgSlug), {
+    desc: 'organization license policy'
+  });
 }
 
 async function outputLicensePolicy(result, outputKind) {
@@ -8196,13 +8264,21 @@ async function run$p(argv, importMeta, {
   await handleLicensePolicy(orgSlug, outputKind);
 }
 
-async function fetchSecurityPolicy(orgSlug) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchSecurityPolicy(orgSlug, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getOrgSecurityPolicy(orgSlug), 'organization security policy');
+  return await utils.handleApiCall(sockSdk.getOrgSecurityPolicy(orgSlug), {
+    desc: 'organization security policy'
+  });
 }
 
 async function outputSecurityPolicy(result, outputKind) {
@@ -8327,15 +8403,6 @@ async function run$o(argv, importMeta, {
   await handleSecurityPolicy(orgSlug, outputKind);
 }
 
-async function fetchOrganization() {
-  const sockSdkCResult = await utils.setupSdk();
-  if (!sockSdkCResult.ok) {
-    return sockSdkCResult;
-  }
-  const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getOrganizations(), 'organization list');
-}
-
 async function outputOrganizationList(result, outputKind = 'text') {
   if (!result.ok) {
     process.exitCode = result.code ?? 1;
@@ -8387,7 +8454,7 @@ async function outputOrganizationList(result, outputKind = 'text') {
 }
 
 async function handleOrganizationList(outputKind = 'text') {
-  const data = await fetchOrganization();
+  const data = await utils.fetchOrganization();
   await outputOrganizationList(data, outputKind);
 }
 
@@ -8486,13 +8553,21 @@ const cmdOrganizationPolicy = {
   }
 };
 
-async function fetchQuota() {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchQuota(options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getQuota(), 'token quota');
+  return await utils.handleApiCall(sockSdk.getQuota(), {
+    desc: 'token quota'
+  });
 }
 
 async function outputQuota(result, outputKind = 'text') {
@@ -8951,20 +9026,28 @@ async function run$l(argv, importMeta, {
   await handlePurlDeepScore(purls[0] || '', outputKind);
 }
 
-async function fetchPurlsShallowScore(purls) {
-  logger.logger.info(`Requesting shallow score data for ${purls.length} package urls (purl): ${purls.join(', ')}`);
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchPurlsShallowScore(purls, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
+  logger.logger.info(`Requesting shallow score data for ${purls.length} package urls (purl): ${purls.join(', ')}`);
   const result = await utils.handleApiCall(sockSdk.batchPackageFetch({
-    alerts: 'true'
-  }, {
     components: purls.map(purl => ({
       purl
     }))
-  }), 'looking up package');
+  }, {
+    alerts: 'true'
+  }), {
+    desc: 'looking up package'
+  });
   if (!result.ok) {
     return result;
   }
@@ -9460,26 +9543,35 @@ async function run$i(argv, importMeta, {
   await runRawNpx(argv);
 }
 
-async function fetchCreateRepo({
-  default_branch,
-  description,
-  homepage,
-  orgSlug,
-  repoName,
-  visibility
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchCreateRepo(config, options) {
+  const {
+    defaultBranch,
+    description,
+    homepage,
+    orgSlug,
+    repoName,
+    visibility
+  } = config;
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
   return await utils.handleApiCall(sockSdk.createOrgRepo(orgSlug, {
-    name: repoName,
+    default_branch: defaultBranch,
     description,
     homepage,
-    default_branch,
+    name: repoName,
     visibility
-  }), 'to create a repository');
+  }), {
+    desc: 'to create a repository'
+  });
 }
 
 function outputCreateRepo(result, requestedName, outputKind) {
@@ -9501,7 +9593,7 @@ function outputCreateRepo(result, requestedName, outputKind) {
 }
 
 async function handleCreateRepo({
-  default_branch,
+  defaultBranch,
   description,
   homepage,
   orgSlug,
@@ -9509,7 +9601,7 @@ async function handleCreateRepo({
   visibility
 }, outputKind) {
   const data = await fetchCreateRepo({
-    default_branch,
+    defaultBranch,
     description,
     homepage,
     orgSlug,
@@ -9639,18 +9731,26 @@ async function run$h(argv, importMeta, {
     repoName: String(repoName),
     description: String(cli.flags['repoDescription'] || ''),
     homepage: String(cli.flags['homepage'] || ''),
-    default_branch: String(cli.flags['defaultBranch'] || ''),
+    defaultBranch: String(cli.flags['defaultBranch'] || ''),
     visibility: String(cli.flags['visibility'] || 'private')
   }, outputKind);
 }
 
-async function fetchDeleteRepo(orgSlug, repoName) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchDeleteRepo(orgSlug, repoName, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.deleteOrgRepo(orgSlug, repoName), 'to delete a repository');
+  return await utils.handleApiCall(sockSdk.deleteOrgRepo(orgSlug, repoName), {
+    desc: 'to delete a repository'
+  });
 }
 
 async function outputDeleteRepo(result, repoName, outputKind) {
@@ -9768,12 +9868,16 @@ async function run$g(argv, importMeta, {
   await handleDeleteRepo(orgSlug, repoName, outputKind);
 }
 
-async function fetchListAllRepos({
-  direction,
-  orgSlug,
-  sort
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchListAllRepos(orgSlug, options) {
+  const {
+    direction,
+    sdkOptions,
+    sort
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
@@ -9796,7 +9900,9 @@ async function fetchListAllRepos({
       per_page: String(100),
       // max
       page: String(nextPage)
-    }), 'list of repositories');
+    }), {
+      desc: 'list of repositories'
+    });
     if (!orgRepoListCResult.ok) {
       debug.debugFn('error', 'fail: fetch repo');
       debug.debugDir('inspect', {
@@ -9816,14 +9922,24 @@ async function fetchListAllRepos({
   };
 }
 
-async function fetchListRepos({
-  direction,
-  orgSlug,
-  page,
-  per_page,
-  sort
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchListRepos(config, options) {
+  const {
+    direction,
+    orgSlug,
+    page,
+    perPage,
+    sort
+  } = {
+    __proto__: null,
+    ...config
+  };
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
@@ -9831,9 +9947,11 @@ async function fetchListRepos({
   return await utils.handleApiCall(sockSdk.getOrgRepoList(orgSlug, {
     sort,
     direction,
-    per_page: String(per_page),
+    per_page: String(perPage),
     page: String(page)
-  }), 'list of repositories');
+  }), {
+    desc: 'list of repositories'
+  });
 }
 
 // @ts-ignore
@@ -9899,13 +10017,12 @@ async function handleListRepos({
   orgSlug,
   outputKind,
   page,
-  per_page,
+  perPage,
   sort
 }) {
   if (all) {
-    const data = await fetchListAllRepos({
+    const data = await fetchListAllRepos(orgSlug, {
       direction,
-      orgSlug,
       sort
     });
     await outputListRepos(data, outputKind, 0, 0, sort, Infinity, direction);
@@ -9914,14 +10031,14 @@ async function handleListRepos({
       direction,
       orgSlug,
       page,
-      per_page,
+      perPage,
       sort
     });
     if (!data.ok) {
       await outputListRepos(data, outputKind, 0, 0, '', 0, direction);
     } else {
       // Note: nextPage defaults to 0, is null when there's no next page
-      await outputListRepos(data, outputKind, page, data.data.nextPage, sort, per_page, direction);
+      await outputListRepos(data, outputKind, page, data.data.nextPage, sort, perPage, direction);
     }
   }
 }
@@ -10054,32 +10171,44 @@ async function run$f(argv, importMeta, {
     orgSlug,
     outputKind,
     page: Number(cli.flags['page']) || 1,
-    per_page: Number(cli.flags['perPage']) || 30,
+    perPage: Number(cli.flags['perPage']) || 30,
     sort: String(cli.flags['sort'] || 'created_at')
   });
 }
 
-async function fetchUpdateRepo({
-  default_branch,
-  description,
-  homepage,
-  orgSlug,
-  repoName,
-  visibility
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchUpdateRepo(config, options) {
+  const {
+    defaultBranch,
+    description,
+    homepage,
+    orgSlug,
+    repoName,
+    visibility
+  } = {
+    __proto__: null,
+    ...config
+  };
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
   return await utils.handleApiCall(sockSdk.updateOrgRepo(orgSlug, repoName, {
-    orgSlug,
-    name: repoName,
+    default_branch: defaultBranch,
     description,
     homepage,
-    default_branch,
+    name: repoName,
+    orgSlug,
     visibility
-  }), 'to update a repository');
+  }), {
+    desc: 'to update a repository'
+  });
 }
 
 async function outputUpdateRepo(result, repoName, outputKind) {
@@ -10098,7 +10227,7 @@ async function outputUpdateRepo(result, repoName, outputKind) {
 }
 
 async function handleUpdateRepo({
-  default_branch,
+  defaultBranch,
   description,
   homepage,
   orgSlug,
@@ -10106,7 +10235,7 @@ async function handleUpdateRepo({
   visibility
 }, outputKind) {
   const data = await fetchUpdateRepo({
-    default_branch,
+    defaultBranch,
     description,
     homepage,
     orgSlug,
@@ -10238,18 +10367,26 @@ async function run$e(argv, importMeta, {
     repoName: String(repoName),
     description: String(cli.flags['repoDescription'] || ''),
     homepage: String(cli.flags['homepage'] || ''),
-    default_branch: String(cli.flags['defaultBranch'] || ''),
+    defaultBranch: String(cli.flags['defaultBranch'] || ''),
     visibility: String(cli.flags['visibility'] || 'private')
   }, outputKind);
 }
 
-async function fetchViewRepo(orgSlug, repoName) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchViewRepo(orgSlug, repoName, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getOrgRepo(orgSlug, repoName), 'repository data');
+  return await utils.handleApiCall(sockSdk.getOrgRepo(orgSlug, repoName), {
+    desc: 'repository data'
+  });
 }
 
 // @ts-ignore
@@ -10691,7 +10828,7 @@ async function run$c(argv, importMeta, {
   if (detected.count > 0 && !autoManifest) {
     logger.logger.info(`Detected ${detected.count} manifest targets we could try to generate. Please set the --autoManifest flag if you want to include languages covered by \`socket manifest auto\` in the Scan.`);
   }
-  if (updatedInput && orgSlug && targets?.length) {
+  if (updatedInput && orgSlug && targets.length) {
     logger.logger.info('Note: You can invoke this command next time to skip the interactive questions:');
     logger.logger.info('```');
     logger.logger.info(`    socket scan create [other flags...] ${orgSlug} ${targets.join(' ')}`);
@@ -10759,20 +10896,28 @@ async function run$c(argv, importMeta, {
     pendingHead: Boolean(pendingHead),
     pullRequest: Number(pullRequest),
     readOnly: Boolean(readOnly),
-    repoName: repoName,
+    repoName,
     report,
     targets,
     tmp: Boolean(tmp)
   });
 }
 
-async function fetchDeleteOrgFullScan(orgSlug, scanId) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchDeleteOrgFullScan(orgSlug, scanId, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.deleteOrgFullScan(orgSlug, scanId), 'to delete a scan');
+  return await utils.handleApiCall(sockSdk.deleteOrgFullScan(orgSlug, scanId), {
+    desc: 'to delete a scan'
+  });
 }
 
 async function outputDeleteScan(result, outputKind) {
@@ -11206,10 +11351,6 @@ async function run$a(argv, importMeta, {
   });
 }
 
-// Supported manifest file name patterns
-// Keep in mind that we have to request these files through the GitHub API; that cost is much heavier than local disk searches
-// TODO: get this list from API instead? Is that too much? Has to fetch through gh api...
-const SUPPORTED_FILE_PATTERNS = [/.*[-.]spdx\.json/, /bom\.json/, /.*[-.]cyclonedx\.json/, /.*[-.]cyclonedx\.xml/, /package\.json/, /package-lock\.json/, /npm-shrinkwrap\.json/, /yarn\.lock/, /pnpm-lock\.yaml/, /pnpm-lock\.yml/, /pnpm-workspace\.yaml/, /pnpm-workspace\.yml/, /pipfile/, /pyproject\.toml/, /poetry\.lock/, /requirements[\\/].*\.txt/, /requirements-.*\.txt/, /requirements_.*\.txt/, /requirements\.frozen/, /setup\.py/, /pipfile\.lock/, /go\.mod/, /go\.sum/, /pom\.xml/, /.*\..*proj/, /.*\.props/, /.*\.targets/, /.*\.nuspec/, /nuget\.config/, /packages\.config/, /packages\.lock\.json/];
 async function createScanFromGithub({
   all,
   githubApiUrl,
@@ -11223,9 +11364,8 @@ async function createScanFromGithub({
   let targetRepos = repos.trim().split(',').map(r => r.trim()).filter(Boolean);
   if (all || targetRepos.length === 0) {
     // Fetch from Socket API
-    const result = await fetchListAllRepos({
+    const result = await fetchListAllRepos(orgSlug, {
       direction: 'asc',
-      orgSlug,
       sort: 'name'
     });
     if (!result.ok) {
@@ -11264,7 +11404,7 @@ async function createScanFromGithub({
   let scansCreated = 0;
   for (const repoSlug of targetRepos) {
     // eslint-disable-next-line no-await-in-loop
-    const result = await scanRepo(repoSlug, {
+    const scanCResult = await scanRepo(repoSlug, {
       githubApiUrl,
       githubToken,
       orgSlug,
@@ -11272,8 +11412,13 @@ async function createScanFromGithub({
       outputKind,
       repos
     });
-    if (result.ok && result.data.scanCreated) {
-      scansCreated += 1;
+    if (scanCResult.ok) {
+      const {
+        scanCreated
+      } = scanCResult.data;
+      if (scanCreated) {
+        scansCreated += 1;
+      }
     }
   }
   logger.logger.success(targetRepos.length, 'GitHub repos detected');
@@ -11459,7 +11604,9 @@ async function testAndDownloadManifestFile({
   tmpDir
 }) {
   debug.debugFn('notice', 'testing: file', file);
-  if (!SUPPORTED_FILE_PATTERNS.some(regex => regex.test(file))) {
+  const supportedFilesCResult = await fetchSupportedScanFileNames();
+  const supportedFiles = supportedFilesCResult.ok ? supportedFilesCResult.data : undefined;
+  if (!supportedFiles || !utils.isReportSupportedFile(file, supportedFiles)) {
     debug.debugFn('notice', '  - skip: not a known pattern');
     // Not an error.
     return {
@@ -11840,7 +11987,7 @@ async function handleCreateGithubScan({
   outputKind,
   repos
 }) {
-  const result = await createScanFromGithub({
+  const ghScanCResult = await createScanFromGithub({
     all: Boolean(all),
     githubApiUrl,
     githubToken,
@@ -11850,7 +11997,7 @@ async function handleCreateGithubScan({
     outputKind,
     repos: String(repos || '')
   });
-  await outputScanGithub(result, outputKind);
+  await outputScanGithub(ghScanCResult, outputKind);
 }
 
 const {
@@ -12057,21 +12204,31 @@ async function run$9(argv, importMeta, {
   });
 }
 
-async function fetchListScans({
-  branch,
-  direction,
-  from_time,
-  orgSlug,
-  page,
-  per_page,
-  repo,
-  sort
-}) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchOrgFullScanList(config, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
+  const {
+    branch,
+    direction,
+    from_time,
+    orgSlug,
+    page,
+    perPage,
+    repo,
+    sort
+  } = {
+    __proto__: null,
+    ...config
+  };
   return await utils.handleApiCall(sockSdk.getOrgFullScanList(orgSlug, {
     ...(branch ? {
       branch
@@ -12081,10 +12238,12 @@ async function fetchListScans({
     } : {}),
     sort,
     direction,
-    per_page: String(per_page),
+    per_page: String(perPage),
     page: String(page),
     from: from_time
-  }), 'list of scans');
+  }), {
+    desc: 'list of scans'
+  });
 }
 
 // @ts-ignore
@@ -12141,17 +12300,17 @@ async function handleListScans({
   orgSlug,
   outputKind,
   page,
-  per_page,
+  perPage,
   repo,
   sort
 }) {
-  const data = await fetchListScans({
+  const data = await fetchOrgFullScanList({
     branch,
     direction,
     from_time,
     orgSlug,
     page,
-    per_page,
+    perPage,
     repo,
     sort
   });
@@ -12311,19 +12470,27 @@ async function run$8(argv, importMeta, {
     orgSlug,
     outputKind,
     page: Number(cli.flags['page'] || 1),
-    per_page: Number(cli.flags['perPage'] || 30),
+    perPage: Number(cli.flags['perPage'] || 30),
     repo: repo ? String(repo) : '',
     sort: String(cli.flags['sort'] || '')
   });
 }
 
-async function fetchScanMetadata(orgSlug, scanId) {
-  const sockSdkCResult = await utils.setupSdk();
+async function fetchScanMetadata(orgSlug, scanId, options) {
+  const {
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
   const sockSdk = sockSdkCResult.data;
-  return await utils.handleApiCall(sockSdk.getOrgFullScanMetadata(orgSlug, scanId), 'meta data for a full scan');
+  return await utils.handleApiCall(sockSdk.getOrgFullScanMetadata(orgSlug, scanId), {
+    desc: 'meta data for a full scan'
+  });
 }
 
 async function outputScanMetadata(result, scanId, outputKind) {
@@ -13190,8 +13357,15 @@ async function handleScanView(orgSlug, scanId, filePath, outputKind) {
   await outputScanView(data, orgSlug, scanId, filePath, outputKind);
 }
 
-async function streamScan(orgSlug, scanId, file) {
-  const sockSdkCResult = await utils.setupSdk();
+async function streamScan(orgSlug, scanId, options) {
+  const {
+    file,
+    sdkOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const sockSdkCResult = await utils.setupSdk(sdkOptions);
   if (!sockSdkCResult.ok) {
     return sockSdkCResult;
   }
@@ -13199,7 +13373,9 @@ async function streamScan(orgSlug, scanId, file) {
   logger.logger.info('Requesting data from API...');
 
   // Note: this will write to stdout or target file. It's not a noop
-  return await utils.handleApiCall(sockSdk.getOrgFullScan(orgSlug, scanId, file === '-' ? undefined : file), 'a scan');
+  return await utils.handleApiCall(sockSdk.getOrgFullScan(orgSlug, scanId, file === '-' ? undefined : file), {
+    desc: 'a scan'
+  });
 }
 
 const {
@@ -13309,7 +13485,9 @@ async function run$3(argv, importMeta, {
     return;
   }
   if (json && stream) {
-    await streamScan(orgSlug, scanId, file);
+    await streamScan(orgSlug, scanId, {
+      file
+    });
   } else {
     await handleScanView(orgSlug, scanId, file, outputKind);
   }
@@ -14345,5 +14523,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=6c157721-65fa-49fb-ac36-a3c9bac032c6
+//# debugId=8e302883-9371-47ef-9c9a-742aa1ae2a85
 //# sourceMappingURL=cli.js.map