socket 1.0.96 → 1.0.97

package/dist/cli.js

@@ -3,7 +3,7 @@
 
 var require$$0 = require('node:url');
 var vendor = require('./vendor.js');
-var require$$6 = require('../external/@socketsecurity/registry/lib/debug');
+var require$$8 = require('../external/@socketsecurity/registry/lib/debug');
 var logger = require('../external/@socketsecurity/registry/lib/logger');
 var utils = require('./utils.js');
 var fs = require('node:fs/promises');
@@ -24,10 +24,10 @@ var packages = require('../external/@socketsecurity/registry/lib/packages');
 var sorts = require('../external/@socketsecurity/registry/lib/sorts');
 var regexps = require('../external/@socketsecurity/registry/lib/regexps');
 var shadowNpmInject = require('./shadow-npm-inject.js');
-var require$$7 = require('../external/@socketsecurity/registry/lib/objects');
+var require$$9 = require('../external/@socketsecurity/registry/lib/objects');
 var path$1 = require('../external/@socketsecurity/registry/lib/path');
 var shadowNpmBin = require('./shadow-npm-bin.js');
-var require$$8 = require('../external/@socketsecurity/registry/lib/promises');
+var require$$10 = require('../external/@socketsecurity/registry/lib/promises');
 var require$$1 = require('node:util');
 var os = require('node:os');
 var promises = require('node:stream/promises');
@@ -409,7 +409,7 @@ async function run$P(argv, importMeta, {
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
   const noLegacy = !cli.flags['scope'] && !cli.flags['repo'] && !cli.flags['time'];
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
@@ -617,8 +617,8 @@ ${table}
   } catch (e) {
     process.exitCode = 1;
     logger.logger.fail('There was a problem converting the logs to Markdown, please try the `--json` flag');
-    require$$6.debugFn('error', 'caught: markdown conversion error');
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('error', 'caught: markdown conversion error');
+    require$$8.debugDir('inspect', {
       error: e
     });
     return 'Failed to generate the markdown report';
@@ -840,7 +840,7 @@ async function run$O(argv, importMeta, {
   const noLegacy = !cli.flags['type'];
   let [typeFilter = ''] = cli.input;
   typeFilter = String(typeFilter);
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -1028,8 +1028,8 @@ async function fetchScanData(orgSlug, scanId, options) {
         return JSON.parse(line);
       } catch (e) {
         ok = false;
-        require$$6.debugFn('error', 'caught: JSON.parse error');
-        require$$6.debugDir('inspect', {
+        require$$8.debugFn('error', 'caught: JSON.parse error');
+        require$$8.debugDir('inspect', {
           error: e,
           line
         });
@@ -1676,28 +1676,28 @@ sockJson, cwd = process.cwd()) {
     sbt: false
   };
   if (sockJson?.defaults?.manifest?.sbt?.disabled) {
-    require$$6.debugLog('notice', '[DEBUG] - sbt auto-detection is disabled in socket.json');
+    require$$8.debugLog('notice', '[DEBUG] - sbt auto-detection is disabled in socket.json');
   } else if (fs$1.existsSync(path.join(cwd, 'build.sbt'))) {
-    require$$6.debugLog('notice', '[DEBUG] - Detected a Scala sbt build file');
+    require$$8.debugLog('notice', '[DEBUG] - Detected a Scala sbt build file');
     output.sbt = true;
     output.count += 1;
   }
   if (sockJson?.defaults?.manifest?.gradle?.disabled) {
-    require$$6.debugLog('notice', '[DEBUG] - gradle auto-detection is disabled in socket.json');
+    require$$8.debugLog('notice', '[DEBUG] - gradle auto-detection is disabled in socket.json');
   } else if (fs$1.existsSync(path.join(cwd, 'gradlew'))) {
-    require$$6.debugLog('notice', '[DEBUG] - Detected a gradle build file');
+    require$$8.debugLog('notice', '[DEBUG] - Detected a gradle build file');
     output.gradle = true;
     output.count += 1;
   }
   if (sockJson?.defaults?.manifest?.conda?.disabled) {
-    require$$6.debugLog('notice', '[DEBUG] - conda auto-detection is disabled in socket.json');
+    require$$8.debugLog('notice', '[DEBUG] - conda auto-detection is disabled in socket.json');
   } else {
     const envyml = path.join(cwd, 'environment.yml');
     const hasEnvyml = fs$1.existsSync(envyml);
     const envyaml = path.join(cwd, 'environment.yaml');
     const hasEnvyaml = !hasEnvyml && fs$1.existsSync(envyaml);
     if (hasEnvyml || hasEnvyaml) {
-      require$$6.debugLog('notice', '[DEBUG] - Detected an environment.yml Conda file');
+      require$$8.debugLog('notice', '[DEBUG] - Detected an environment.yml Conda file');
       output.conda = true;
       output.count += 1;
     }
@@ -2203,7 +2203,7 @@ async function handleCreateNewScan({
     return;
   }
   logger.logger.success(`Found ${packagePaths.length} local ${words.pluralize('file', packagePaths.length)}`);
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     packagePaths
   });
   if (readOnly) {
@@ -2431,7 +2431,7 @@ async function discoverConfigValue(key) {
     };
   }
   if (key === 'defaultOrg') {
-    const hasApiToken = utils.hasDefaultToken();
+    const hasApiToken = utils.hasDefaultApiToken();
     if (!hasApiToken) {
       return {
         ok: false,
@@ -2461,7 +2461,7 @@ async function discoverConfigValue(key) {
     };
   }
   if (key === 'enforcedOrgs') {
-    const hasApiToken = utils.hasDefaultToken();
+    const hasApiToken = utils.hasDefaultApiToken();
     if (!hasApiToken) {
       return {
         ok: false,
@@ -3254,7 +3254,7 @@ async function coanaFix(fixConfig) {
     lastCResult = fixCResult;
   }
   spinner?.stop();
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     lastCResult
   });
   return lastCResult.ok ? {
@@ -3366,15 +3366,15 @@ function getPrsForPurl(fixEnv, partialPurl) {
       prs.push(pr);
     }
   }
-  if (require$$6.isDebug('notice,silly')) {
+  if (require$$8.isDebug('notice,silly')) {
     const fullName = packages.resolvePackageName(partialPurlObj);
     if (prs.length) {
-      require$$6.debugFn('notice', `found: ${prs.length} PRs for ${fullName}`);
-      require$$6.debugDir('silly', {
+      require$$8.debugFn('notice', `found: ${prs.length} PRs for ${fullName}`);
+      require$$8.debugDir('silly', {
         prs
       });
     } else if (fixEnv.prs.length) {
-      require$$6.debugFn('notice', `miss: 0 PRs found for ${fullName}`);
+      require$$8.debugFn('notice', `miss: 0 PRs found for ${fullName}`);
     }
   }
   return prs;
@@ -3388,14 +3388,14 @@ function getOctokit() {
       SOCKET_CLI_GITHUB_TOKEN
     } = constants.ENV;
     if (!SOCKET_CLI_GITHUB_TOKEN) {
-      require$$6.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
+      require$$8.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
     }
     const octokitOptions = {
       auth: SOCKET_CLI_GITHUB_TOKEN,
       // Lazily access constants.ENV.GITHUB_API_URL.
       baseUrl: constants.ENV.GITHUB_API_URL
     };
-    require$$6.debugDir('inspect', {
+    require$$8.debugDir('inspect', {
       octokitOptions
     });
     _octokit = new vendor.Octokit(octokitOptions);
@@ -3410,7 +3410,7 @@ function getOctokitGraphql() {
       SOCKET_CLI_GITHUB_TOKEN
     } = constants.ENV;
     if (!SOCKET_CLI_GITHUB_TOKEN) {
-      require$$6.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
+      require$$8.debugFn('notice', 'miss: SOCKET_CLI_GITHUB_TOKEN env var');
     }
     _octokitGraphql = vendor.graphql2.defaults({
       headers: {
@@ -3494,14 +3494,14 @@ async function cleanupPrs(owner, repo, options) {
           pull_number: prNum,
           state: 'closed'
         });
-        require$$6.debugFn('notice', `pr: closing ${prRef} for ${prToVersion}`);
+        require$$8.debugFn('notice', `pr: closing ${prRef} for ${prToVersion}`);
         // Remove entry from parent object.
         context.parent.splice(context.index, 1);
         // Mark cache to be saved.
         cachesToSave.set(context.cacheKey, context.data);
         return null;
       } catch (e) {
-        require$$6.debugFn('error', `pr: failed to close ${prRef} for ${prToVersion}\n`, e?.message || 'unknown error');
+        require$$8.debugFn('error', `pr: failed to close ${prRef} for ${prToVersion}\n`, e?.message || 'unknown error');
       }
     }
     // Update stale PRs.
@@ -3514,7 +3514,7 @@ async function cleanupPrs(owner, repo, options) {
           base: match.headRefName,
           head: match.baseRefName
         });
-        require$$6.debugFn('notice', `pr: updating stale ${prRef}`);
+        require$$8.debugFn('notice', `pr: updating stale ${prRef}`);
         // Update entry entry.
         if (context.apiType === 'graphql') {
           context.entry.mergeStateStatus = 'CLEAN';
@@ -3525,7 +3525,7 @@ async function cleanupPrs(owner, repo, options) {
         cachesToSave.set(context.cacheKey, context.data);
       } catch (e) {
         const message = e?.message || 'Unknown error';
-        require$$6.debugFn('error', `pr: failed to update ${prRef} - ${message}`);
+        require$$8.debugFn('error', `pr: failed to update ${prRef} - ${message}`);
       }
     }
     return match;
@@ -3726,7 +3726,7 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
       base: baseBranch,
       body: getSocketPullRequestBody(purlObj, newVersion, workspace)
     };
-    require$$6.debugDir('inspect', {
+    require$$8.debugDir('inspect', {
       octokitPullsCreateParams
     });
     return await octokit.pulls.create(octokitPullsCreateParams);
@@ -3737,7 +3737,7 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
       const details = errors.map(d => `- ${d.message?.trim() ?? `${d.resource}.${d.field} (${d.code})`}`).join('\n');
       message += `:\n${details}`;
     }
-    require$$6.debugFn('error', message);
+    require$$8.debugFn('error', message);
   }
   return null;
 }
@@ -3748,16 +3748,16 @@ async function setGitRemoteGithubRepoUrl(owner, repo, token, cwd = process.cwd()
   const url = `https://x-access-token:${token}@${host}/${owner}/${repo}`;
   const stdioIgnoreOptions = {
     cwd,
-    stdio: require$$6.isDebug('stdio') ? 'inherit' : 'ignore'
+    stdio: require$$8.isDebug('stdio') ? 'inherit' : 'ignore'
   };
   const quotedCmd = `\`git remote set-url origin ${url}\``;
-  require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
+  require$$8.debugFn('stdio', `spawn: ${quotedCmd}`);
   try {
     await spawn.spawn('git', ['remote', 'set-url', 'origin', url], stdioIgnoreOptions);
     return true;
   } catch (e) {
-    require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('error', `caught: ${quotedCmd} failed`);
+    require$$8.debugDir('inspect', {
       error: e
     });
   }
@@ -3770,7 +3770,7 @@ function ciRepoInfo() {
     GITHUB_REPOSITORY
   } = constants.ENV;
   if (!GITHUB_REPOSITORY) {
-    require$$6.debugFn('notice', 'miss: GITHUB_REPOSITORY env var');
+    require$$8.debugFn('notice', 'miss: GITHUB_REPOSITORY env var');
   }
   const ownerSlashRepo = GITHUB_REPOSITORY;
   const slashIndex = ownerSlashRepo.indexOf('/');
@@ -3794,9 +3794,9 @@ async function getFixEnv() {
   // but some CI checks are passing,
   constants.ENV.CI || gitEmail || gitUser || githubToken) &&
   // then log about it when in debug mode.
-  require$$6.isDebug('notice')) {
+  require$$8.isDebug('notice')) {
     const envVars = [...(constants.ENV.CI ? [] : ['process.env.CI']), ...(gitEmail ? [] : ['process.env.SOCKET_CLI_GIT_USER_EMAIL']), ...(gitUser ? [] : ['process.env.SOCKET_CLI_GIT_USER_NAME']), ...(githubToken ? [] : ['process.env.GITHUB_TOKEN'])];
-    require$$6.debugFn('notice', `miss: fixEnv.isCi is false, expected ${arrays.joinAnd(envVars)} to be set`);
+    require$$8.debugFn('notice', `miss: fixEnv.isCi is false, expected ${arrays.joinAnd(envVars)} to be set`);
   }
   let repoInfo = null;
   if (isCi) {
@@ -3804,7 +3804,7 @@ async function getFixEnv() {
   }
   if (!repoInfo) {
     if (isCi) {
-      require$$6.debugFn('notice', 'falling back to `git remote get-url origin`');
+      require$$8.debugFn('notice', 'falling back to `git remote get-url origin`');
     }
     repoInfo = await utils.getRepoInfo();
   }
@@ -3936,7 +3936,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
     pkgPath: rootPath
   } = pkgEnvDetails;
   const fixEnv = await getFixEnv();
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     fixEnv
   });
   const {
@@ -3952,19 +3952,19 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
   } = fixConfig;
   let count = 0;
   const infoByPartialPurl = utils.getCveInfoFromAlertsMap(alertsMap, {
-    exclude: {
-      upgradable: true
+    filter: {
+      upgradable: false
     }
   });
   if (!infoByPartialPurl) {
     spinner?.stop();
     logger.logger.info('No fixable vulns found.');
     if (alertsMap.size) {
-      require$$6.debugDir('inspect', {
+      require$$8.debugDir('inspect', {
         alertsMap
       });
     } else {
-      require$$6.debugFn('inspect', '{ alertsMap: Map(0) {} }');
+      require$$8.debugFn('inspect', '{ alertsMap: Map(0) {} }');
     }
     return {
       ok: true,
@@ -3973,14 +3973,14 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
       }
     };
   }
-  if (require$$6.isDebug('notice,inspect')) {
+  if (require$$8.isDebug('notice,inspect')) {
     spinner?.stop();
     const partialPurls = Array.from(infoByPartialPurl.keys());
     const {
       length: purlsCount
     } = partialPurls;
-    require$$6.debugFn('notice', `found: ${purlsCount} ${words.pluralize('PURL', purlsCount)} with CVEs`);
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('notice', `found: ${purlsCount} ${words.pluralize('PURL', purlsCount)} with CVEs`);
+    require$$8.debugDir('inspect', {
       partialPurls
     });
     spinner?.start();
@@ -4029,14 +4029,14 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
     const name = packages.resolvePackageName(partialPurlObj);
     const infos = Array.from(infoEntry[1].values());
     if (!infos.length) {
-      require$$6.debugFn('notice', `miss: CVEs expected, but not found, for ${name}`);
+      require$$8.debugFn('notice', `miss: CVEs expected, but not found, for ${name}`);
       continue infoEntriesLoop;
     }
     logger.logger.log(`Processing '${name}'`);
     logger.logger.indent();
     spinner?.indent();
     if (registry.getManifestData(partialPurlObj.type, name)) {
-      require$$6.debugFn('notice', `found: Socket Optimize variant for ${name}`);
+      require$$8.debugFn('notice', `found: Socket Optimize variant for ${name}`);
     }
     // eslint-disable-next-line no-await-in-loop
     const packument = await packages.fetchPackagePackument(name);
@@ -4046,7 +4046,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
       // Skip to next package.
       continue infoEntriesLoop;
     }
-    require$$6.debugDir('inspect', {
+    require$$8.debugDir('inspect', {
       infos
     });
     const availableVersions = Object.keys(packument.versions);
@@ -4097,7 +4097,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
       }
       const oldVersions = arrays.arrayUnique(shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.version).filter(Boolean));
       if (!oldVersions.length) {
-        require$$6.debugFn('notice', `skip: ${name} not found`);
+        require$$8.debugFn('notice', `skip: ${name} not found`);
         cleanupInfoEntriesLoop();
         // Skip to next package.
         continue infoEntriesLoop;
@@ -4113,8 +4113,8 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
       const seenVersions = new Set();
       let hasAnnouncedWorkspace = false;
       let workspaceLogCallCount = logger.logger.logCallCount;
-      if (require$$6.isDebug('notice')) {
-        require$$6.debugFn('notice', `check: workspace ${workspace}`);
+      if (require$$8.isDebug('notice')) {
+        require$$8.debugFn('notice', `check: workspace ${workspace}`);
         hasAnnouncedWorkspace = true;
         workspaceLogCallCount = logger.logger.logCallCount;
       }
@@ -4123,7 +4123,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
         const oldPurl = utils.idToPurl(oldId, partialPurlObj.type);
         const node = shadowNpmInject.findPackageNode(actualTree, name, oldVersion);
         if (!node) {
-          require$$6.debugFn('notice', `skip: ${oldId} not found`);
+          require$$8.debugFn('notice', `skip: ${oldId} not found`);
           continue oldVersionsLoop;
         }
         infosLoop: for (const {
@@ -4143,7 +4143,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
             continue infosLoop;
           }
           if (vendor.semverExports.gte(oldVersion, newVersion)) {
-            require$$6.debugFn('silly', `skip: ${oldId} is >= ${newVersion}`);
+            require$$8.debugFn('silly', `skip: ${oldId} is >= ${newVersion}`);
             continue infosLoop;
           }
           const branch = getSocketBranchName(oldPurl, newVersion, workspace);
@@ -4152,14 +4152,14 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
           }
           const pr = prCheck ? prs.find(p => p.headRefName === branch) : undefined;
           if (pr) {
-            require$$6.debugFn('notice', `skip: PR #${pr.number} for ${name}@${newVersion} exists`);
+            require$$8.debugFn('notice', `skip: PR #${pr.number} for ${name}@${newVersion} exists`);
             seenBranches.add(branch);
             continue infosLoop;
           }
           if (fixEnv.isCi && (
           // eslint-disable-next-line no-await-in-loop
           await utils.gitRemoteBranchExists(branch, cwd))) {
-            require$$6.debugFn('notice', `skip: remote branch "${branch}" for ${name}@${newVersion} exists`);
+            require$$8.debugFn('notice', `skip: remote branch "${branch}" for ${name}@${newVersion} exists`);
             seenBranches.add(branch);
             continue infosLoop;
           }
@@ -4188,7 +4188,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
 
           // eslint-disable-next-line no-await-in-loop
           if (!(await hasModifiedFiles(cwd))) {
-            require$$6.debugFn('notice', `skip: no changes for ${name}@${newVersion}`);
+            require$$8.debugFn('notice', `skip: no changes for ${name}@${newVersion}`);
             seenVersions.add(newVersion);
             // Reset things just in case.
             if (fixEnv.isCi) {
@@ -4244,7 +4244,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
 
           // Check repoInfo to make TypeScript happy.
           if (!errored && fixEnv.isCi && fixEnv.repoInfo) {
-            require$$6.debugFn('notice', 'pr: creating');
+            require$$8.debugFn('notice', 'pr: creating');
             try {
               const pushed =
               // eslint-disable-next-line no-await-in-loop
@@ -4329,7 +4329,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
               errored = true;
             }
           } else if (fixEnv.isCi) {
-            require$$6.debugFn('notice', 'skip: PR creation');
+            require$$8.debugFn('notice', 'skip: PR creation');
           }
           if (fixEnv.isCi) {
             spinner?.start();
@@ -4381,7 +4381,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
           } else {
             changed = true;
           }
-          require$$6.debugFn('notice', 'increment: count', count + 1);
+          require$$8.debugFn('notice', 'increment: count', count + 1);
           if (++count >= limit) {
             cleanupInfoEntriesLoop();
             // Exit main loop.
@@ -4421,14 +4421,12 @@ function getFixAlertsMapOptions(options = {}) {
     __proto__: null,
     consolidate: true,
     nothrow: true,
+    onlyFixable: true,
     ...options,
-    include: {
-      __proto__: null,
+    filter: utils.toFilterConfig({
       existing: true,
-      unfixable: false,
-      upgradable: false,
-      ...options?.include
-    }
+      ...require$$9.getOwn(options, 'filter')
+    })
   };
 }
 
@@ -4441,7 +4439,7 @@ async function install$1(pkgEnvDetails, options) {
     __proto__: null,
     ...options
   };
-  const useDebug = require$$6.isDebug('stdio');
+  const useDebug = require$$8.isDebug('stdio');
   const args = [
   // If "true", npm does not run scripts specified in package.json files.
   // Note that commands explicitly intended to run a particular script, such
@@ -4472,7 +4470,7 @@ async function install$1(pkgEnvDetails, options) {
   const wasSpinning = !!spinner?.isSpinning;
   spinner?.stop();
   const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
-  require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
+  require$$8.debugFn('stdio', `spawn: ${quotedCmd}`);
   try {
     await utils.runAgentInstall(pkgEnvDetails, {
       args,
@@ -4483,8 +4481,8 @@ async function install$1(pkgEnvDetails, options) {
     const result = {
       error
     };
-    require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
-    require$$6.debugDir('inspect', result);
+    require$$8.debugFn('error', `caught: ${quotedCmd} failed`);
+    require$$8.debugDir('inspect', result);
     return result;
   }
   const treeResult = await getActualTree(cwd);
@@ -4494,8 +4492,8 @@ async function install$1(pkgEnvDetails, options) {
     }
     return treeResult;
   }
-  require$$6.debugFn('error', 'caught: await arb.loadActual() error');
-  require$$6.debugDir('inspect', treeResult);
+  require$$8.debugFn('error', 'caught: await arb.loadActual() error');
+  require$$8.debugDir('inspect', treeResult);
   if (wasSpinning) {
     spinner.start();
   }
@@ -4528,8 +4526,8 @@ async function npmFix(pkgEnvDetails, fixConfig) {
         actualTree = await arb.reify();
       } catch (e) {
         spinner?.stop();
-        require$$6.debugFn('error', 'caught: await arb.reify() error');
-        require$$6.debugDir('inspect', {
+        require$$8.debugFn('error', 'caught: await arb.reify() error');
+        require$$8.debugDir('inspect', {
           error: e
         });
         return {
@@ -4542,8 +4540,8 @@ async function npmFix(pkgEnvDetails, fixConfig) {
     }
   } catch (e) {
     spinner?.stop();
-    require$$6.debugFn('error', 'caught: Socket batch PURL API error');
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('error', 'caught: Socket batch PURL API error');
+    require$$8.debugDir('inspect', {
       error: e
     });
     return {
@@ -4650,19 +4648,19 @@ async function install(pkgEnvDetails, options) {
   const wasSpinning = !!spinner?.isSpinning;
   spinner?.stop();
   const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
-  require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
+  require$$8.debugFn('stdio', `spawn: ${quotedCmd}`);
   try {
     await utils.runAgentInstall(pkgEnvDetails, {
       args,
       spinner,
-      stdio: require$$6.isDebug('stdio') ? 'inherit' : 'ignore'
+      stdio: require$$8.isDebug('stdio') ? 'inherit' : 'ignore'
     });
   } catch (error) {
     const result = {
       error
     };
-    require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
-    require$$6.debugDir('inspect', result);
+    require$$8.debugFn('error', `caught: ${quotedCmd} failed`);
+    require$$8.debugDir('inspect', result);
     return result;
   }
   const treeResult = await getActualTree(cwd);
@@ -4672,8 +4670,8 @@ async function install(pkgEnvDetails, options) {
     }
     return treeResult;
   }
-  require$$6.debugFn('error', 'caught: await arb.loadActual() error');
-  require$$6.debugDir('inspect', treeResult);
+  require$$8.debugFn('error', 'caught: await arb.loadActual() error');
+  require$$8.debugDir('inspect', treeResult);
   if (wasSpinning) {
     spinner.start();
   }
@@ -4726,8 +4724,8 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
     alertsMap = purls.length ? await utils.getAlertsMapFromPurls(purls, getFixAlertsMapOptions()) : await utils.getAlertsMapFromPnpmLockfile(lockfile, getFixAlertsMapOptions());
   } catch (e) {
     spinner?.stop();
-    require$$6.debugFn('error', 'caught: Socket batch PURL API error');
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('error', 'caught: Socket batch PURL API error');
+    require$$8.debugDir('inspect', {
       error: e
     });
     return {
@@ -4755,7 +4753,7 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
         revertOverrides = {
           [PNPM$6]: oldPnpmSection ? {
             ...oldPnpmSection,
-            [OVERRIDES$1]: require$$7.hasKeys(oldOverrides) ? {
+            [OVERRIDES$1]: require$$9.hasKeys(oldOverrides) ? {
               ...oldOverrides,
               [overrideKey]: undefined
             } :
@@ -4883,7 +4881,7 @@ async function handleFix({
     }, outputKind);
     return;
   }
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     pkgEnvDetails
   });
 
@@ -5175,9 +5173,9 @@ async function setupTabCompletion(targetName) {
 
   // Target dir is something like ~/.local/share/socket/settings/completion (linux)
   const targetDir = path.dirname(targetPath);
-  require$$6.debugFn('notice', 'target: path + dir', targetPath, targetDir);
+  require$$8.debugFn('notice', 'target: path + dir', targetPath, targetDir);
   if (!fs$1.existsSync(targetDir)) {
-    require$$6.debugFn('notice', 'create: target dir');
+    require$$8.debugFn('notice', 'create: target dir');
     fs$1.mkdirSync(targetDir, {
       recursive: true
     });
@@ -6086,7 +6084,7 @@ async function run$B(argv, importMeta, {
   }
   const sockJson = utils.readOrDefaultSocketJson(cwd);
   const detected = await detectManifestActions(sockJson, cwd);
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     detected
   });
   if (dryRun) {
@@ -6350,7 +6348,7 @@ async function run$z(argv, importMeta, {
   // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   const sockJson = utils.readOrDefaultSocketJson(cwd);
-  require$$6.debugFn('inspect', 'override: socket.json gradle', sockJson?.defaults?.manifest?.gradle);
+  require$$8.debugFn('inspect', 'override: socket.json gradle', sockJson?.defaults?.manifest?.gradle);
   let {
     bin,
     gradleOpts,
@@ -6509,7 +6507,7 @@ async function run$y(argv, importMeta, {
   // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   const sockJson = utils.readOrDefaultSocketJson(cwd);
-  require$$6.debugFn('inspect', 'override: socket.json gradle', sockJson?.defaults?.manifest?.gradle);
+  require$$8.debugFn('inspect', 'override: socket.json gradle', sockJson?.defaults?.manifest?.gradle);
   let {
     bin,
     gradleOpts,
@@ -6675,7 +6673,7 @@ async function run$x(argv, importMeta, {
   // TODO: Implement json/md further.
   const outputKind = utils.getOutputKind(json, markdown);
   const sockJson = utils.readOrDefaultSocketJson(cwd);
-  require$$6.debugFn('inspect', 'override: socket.json sbt', sockJson?.defaults?.manifest?.sbt);
+  require$$8.debugFn('inspect', 'override: socket.json sbt', sockJson?.defaults?.manifest?.sbt);
   let {
     bin,
     out,
@@ -6775,7 +6773,7 @@ async function outputManifestSetup(result) {
 
 async function setupManifestConfig(cwd, defaultOnReadError = false) {
   const detected = await detectManifestActions(null, cwd);
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     detected
   });
 
@@ -7787,8 +7785,8 @@ function updatePkgJsonField(editablePkgJson, field, value) {
   if (oldValue) {
     // The field already exists so we simply update the field value.
     if (field === PNPM$1) {
-      const isPnpmObj = require$$7.isObject(oldValue);
-      if (require$$7.hasKeys(value)) {
+      const isPnpmObj = require$$9.isObject(oldValue);
+      if (require$$9.hasKeys(value)) {
         editablePkgJson.update({
           [field]: {
             ...(isPnpmObj ? oldValue : {}),
@@ -7800,7 +7798,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
         });
       } else {
         // Properties with undefined values are deleted when saved as JSON.
-        editablePkgJson.update(require$$7.hasKeys(oldValue) ? {
+        editablePkgJson.update(require$$9.hasKeys(oldValue) ? {
           [field]: {
             ...(isPnpmObj ? oldValue : {}),
             overrides: undefined
@@ -7812,7 +7810,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
     } else if (field === OVERRIDES || field === RESOLUTIONS) {
       // Properties with undefined values are deleted when saved as JSON.
       editablePkgJson.update({
-        [field]: require$$7.hasKeys(value) ? value : undefined
+        [field]: require$$9.hasKeys(value) ? value : undefined
       });
     } else {
       editablePkgJson.update({
@@ -7821,7 +7819,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
     }
     return;
   }
-  if ((field === OVERRIDES || field === PNPM$1 || field === RESOLUTIONS) && !require$$7.hasKeys(value)) {
+  if ((field === OVERRIDES || field === PNPM$1 || field === RESOLUTIONS) && !require$$9.hasKeys(value)) {
     return;
   }
   // Since the field doesn't exist we want to insert it into the package.json
@@ -7956,7 +7954,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
   let loggedAddingText = false;
 
   // Chunk package names to process them in parallel 3 at a time.
-  await require$$8.pEach(manifestEntries, async ({
+  await require$$10.pEach(manifestEntries, async ({
     1: data
   }) => {
     const {
@@ -7970,11 +7968,11 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
     for (const {
       1: depObj
     } of depEntries) {
-      const sockSpec = require$$7.hasOwn(depObj, sockRegPkgName) ? depObj[sockRegPkgName] : undefined;
+      const sockSpec = require$$9.hasOwn(depObj, sockRegPkgName) ? depObj[sockRegPkgName] : undefined;
       if (sockSpec) {
         depAliasMap.set(sockRegPkgName, sockSpec);
       }
-      const origSpec = require$$7.hasOwn(depObj, origPkgName) ? depObj[origPkgName] : undefined;
+      const origSpec = require$$9.hasOwn(depObj, origPkgName) ? depObj[origPkgName] : undefined;
       if (origSpec) {
         let thisSpec = origSpec;
         // Add package aliases for direct dependencies to avoid npm EOVERRIDE
@@ -8010,11 +8008,11 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
         npmExecPath
       });
       // Chunk package names to process them in parallel 3 at a time.
-      await require$$8.pEach(overridesDataObjects, async ({
+      await require$$10.pEach(overridesDataObjects, async ({
         overrides,
         type
       }) => {
-        const overrideExists = require$$7.hasOwn(overrides, origPkgName);
+        const overrideExists = require$$9.hasOwn(overrides, origPkgName);
         if (overrideExists || thingScanner(pkgEnvDetails, thingToScan, origPkgName, lockName)) {
           const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
           const origDepAlias = depAliasMap.get(origPkgName);
@@ -8068,7 +8066,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
   });
   if (isWorkspace) {
     // Chunk package names to process them in parallel 3 at a time.
-    await require$$8.pEach(workspacePkgJsonPaths, async workspacePkgJsonPath => {
+    await require$$10.pEach(workspacePkgJsonPaths, async workspacePkgJsonPath => {
       const otherState = await addOverrides(pkgEnvDetails, path.dirname(workspacePkgJsonPath), {
         logger,
         pin,
@@ -8091,7 +8089,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
         overrides,
         type
       } of overridesDataObjects) {
-        updateManifest(type, pkgEnvDetails.editablePkgJson, require$$7.toSortedObject(overrides));
+        updateManifest(type, pkgEnvDetails.editablePkgJson, require$$9.toSortedObject(overrides));
       }
     }
     await pkgEnvDetails.editablePkgJson.save();
@@ -8123,8 +8121,8 @@ async function updateLockfile(pkgEnvDetails, options) {
     }
   } catch (e) {
     spinner?.stop();
-    require$$6.debugFn('error', 'fail: update');
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('error', 'fail: update');
+    require$$8.debugDir('inspect', {
       error: e
     });
     if (wasSpinning) {
@@ -8503,7 +8501,7 @@ async function run$q(argv, importMeta, {
     offset
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
@@ -8642,7 +8640,7 @@ async function run$p(argv, importMeta, {
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
   const interactive = !!cli.flags['interactive'];
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -8779,7 +8777,7 @@ async function run$o(argv, importMeta, {
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
   const interactive = !!cli.flags['interactive'];
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -8903,7 +8901,7 @@ async function run$n(argv, importMeta, {
     markdown
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
@@ -9036,7 +9034,7 @@ async function run$m(argv, importMeta, {
   const dryRun = !!cli.flags['dryRun'];
   const json = Boolean(cli.flags['json']);
   const markdown = Boolean(cli.flags['markdown']);
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
@@ -9385,7 +9383,7 @@ async function run$l(argv, importMeta, {
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
   const [ecosystem = '', purl] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
   const {
     purls,
@@ -9492,7 +9490,7 @@ function formatReportCard(artifact, colorize) {
     colorize
   });
   if (!artifact.ecosystem) {
-    require$$6.debugFn('notice', 'miss: artifact ecosystem', artifact);
+    require$$8.debugFn('notice', 'miss: artifact ecosystem', artifact);
   }
   const purl = `pkg:${artifact.ecosystem}/${artifact.name}${artifact.version ? '@' + artifact.version : ''}`;
 
@@ -10115,7 +10113,7 @@ async function run$h(argv, importMeta, {
   const interactive = !!cli.flags['interactive'];
   const noLegacy = !cli.flags['repoName'];
   const [repoName = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -10252,7 +10250,7 @@ async function run$g(argv, importMeta, {
   const interactive = !!cli.flags['interactive'];
   const noLegacy = !cli.flags['repoName'];
   const [repoName = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -10545,7 +10543,7 @@ async function run$f(argv, importMeta, {
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
   const interactive = !!cli.flags['interactive'];
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -10741,7 +10739,7 @@ async function run$e(argv, importMeta, {
   const interactive = !!cli.flags['interactive'];
   const noLegacy = !cli.flags['repoName'];
   const [repoName = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -10904,7 +10902,7 @@ async function run$d(argv, importMeta, {
   const interactive = !!cli.flags['interactive'];
   const noLegacy = !cli.flags['repoName'];
   const [repoName = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -11265,7 +11263,7 @@ async function run$c(argv, importMeta, {
   // We're going to need an api token to suggest data because those suggestions
   // must come from data we already know. Don't error on missing api token yet.
   // If the api-token is not set, ignore it for the sake of suggestions.
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
   const pendingHead = tmp ? false : pendingHeadFlag;
 
@@ -11481,7 +11479,7 @@ async function run$b(argv, importMeta, {
   const dryRun = !!cli.flags['dryRun'];
   const interactive = !!cli.flags['interactive'];
   const [scanId = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug, defaultOrgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -11636,13 +11634,15 @@ async function handleMarkdown(data) {
       logger.logger.log(`  ... and ${data.artifacts.updated.length - 10} more`);
     }
   }
-  logger.logger.log(`- Unchanged packages: ${data.artifacts.unchanged.length}`);
-  if (data.artifacts.unchanged.length > 0) {
-    data.artifacts.unchanged.slice(0, 10).forEach(artifact => {
+  const unchanged = data.artifacts.unchanged ?? [];
+  logger.logger.log(`- Unchanged packages: ${unchanged.length}`);
+  if (unchanged.length > 0) {
+    const firstUpToTen = unchanged.slice(0, 10);
+    for (const artifact of firstUpToTen) {
       logger.logger.log(`  - ${artifact.type} ${artifact.name}@${artifact.version}`);
-    });
-    if (data.artifacts.unchanged.length > 10) {
-      logger.logger.log(`  ... and ${data.artifacts.unchanged.length - 10} more`);
+    }
+    if (unchanged.length > 10) {
+      logger.logger.log(`  ... and ${unchanged.length - 10} more`);
     }
   }
   logger.logger.log('');
@@ -11789,7 +11789,7 @@ async function run$a(argv, importMeta, {
   if (id2.startsWith(SOCKET_SBOM_URL_PREFIX)) {
     id2 = id2.slice(SOCKET_SBOM_URL_PREFIX_LENGTH);
   }
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -11968,7 +11968,7 @@ async function scanOneRepo(repoSlug, {
     };
   }
   const tmpDir = fs$1.mkdtempSync(path.join(os.tmpdir(), repoSlug));
-  require$$6.debugFn('notice', 'init: temp dir for scan root', tmpDir);
+  require$$8.debugFn('notice', 'init: temp dir for scan root', tmpDir);
   const downloadResult = await testAndDownloadManifestFiles({
     files,
     tmpDir,
@@ -12089,11 +12089,11 @@ async function testAndDownloadManifestFile({
   repoApiUrl,
   tmpDir
 }) {
-  require$$6.debugFn('notice', 'testing: file', file);
+  require$$8.debugFn('notice', 'testing: file', file);
   const supportedFilesCResult = await fetchSupportedScanFileNames();
   const supportedFiles = supportedFilesCResult.ok ? supportedFilesCResult.data : undefined;
   if (!supportedFiles || !utils.isReportSupportedFile(file, supportedFiles)) {
-    require$$6.debugFn('notice', '  - skip: not a known pattern');
+    require$$8.debugFn('notice', '  - skip: not a known pattern');
     // Not an error.
     return {
       ok: true,
@@ -12102,7 +12102,7 @@ async function testAndDownloadManifestFile({
       }
     };
   }
-  require$$6.debugFn('notice', 'found: manifest file, going to attempt to download it;', file);
+  require$$8.debugFn('notice', 'found: manifest file, going to attempt to download it;', file);
   const result = await downloadManifestFile({
     file,
     tmpDir,
@@ -12124,9 +12124,9 @@ async function downloadManifestFile({
   repoApiUrl,
   tmpDir
 }) {
-  require$$6.debugFn('notice', 'request: download url from GitHub');
+  require$$8.debugFn('notice', 'request: download url from GitHub');
   const fileUrl = `${repoApiUrl}/contents/${file}?ref=${defaultBranch}`;
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     fileUrl
   });
   const downloadUrlResponse = await fetch(fileUrl, {
@@ -12135,9 +12135,9 @@ async function downloadManifestFile({
       Authorization: `Bearer ${githubToken}`
     }
   });
-  require$$6.debugFn('notice', 'complete: request');
+  require$$8.debugFn('notice', 'complete: request');
   const downloadUrlText = await downloadUrlResponse.text();
-  require$$6.debugFn('inspect', 'response: raw download url', downloadUrlText);
+  require$$8.debugFn('inspect', 'response: raw download url', downloadUrlText);
   let downloadUrl;
   try {
     downloadUrl = JSON.parse(downloadUrlText).download_url;
@@ -12150,7 +12150,7 @@ async function downloadManifestFile({
     };
   }
   const localPath = path.join(tmpDir, file);
-  require$$6.debugFn('notice', 'download: manifest file started', downloadUrl, '->', localPath);
+  require$$8.debugFn('notice', 'download: manifest file started', downloadUrl, '->', localPath);
 
   // Now stream the file to that file...
   const result = await streamDownloadWithFetch(localPath, downloadUrl);
@@ -12159,7 +12159,7 @@ async function downloadManifestFile({
     logger.logger.fail(`Failed to download manifest file, skipping to next file. File: ${file}`);
     return result;
   }
-  require$$6.debugFn('notice', 'download: manifest file completed');
+  require$$8.debugFn('notice', 'download: manifest file completed');
   return {
     ok: true,
     data: undefined
@@ -12211,7 +12211,7 @@ async function streamDownloadWithFetch(localPath, downloadUrl) {
     };
   } catch (error) {
     logger.logger.fail('An error was thrown while trying to download a manifest file... url:', downloadUrl);
-    require$$6.debugDir('inspect', {
+    require$$8.debugDir('inspect', {
       error
     });
 
@@ -12235,7 +12235,7 @@ async function streamDownloadWithFetch(localPath, downloadUrl) {
       // If error was due to bad HTTP status
       detailedError += ` (HTTP Status: ${response.status} ${response.statusText})`;
     }
-    require$$6.debugFn('error', detailedError);
+    require$$8.debugFn('error', detailedError);
     return {
       ok: false,
       message: 'Download Failed',
@@ -12252,14 +12252,14 @@ async function getLastCommitDetails({
 }) {
   logger.logger.info(`Requesting last commit for default branch ${defaultBranch} for ${orgGithub}/${repoSlug}...`);
   const commitApiUrl = `${repoApiUrl}/commits?sha=${defaultBranch}&per_page=1`;
-  require$$6.debugFn('inspect', 'url: commit', commitApiUrl);
+  require$$8.debugFn('inspect', 'url: commit', commitApiUrl);
   const commitResponse = await fetch(commitApiUrl, {
     headers: {
       Authorization: `Bearer ${githubToken}`
     }
   });
   const commitText = await commitResponse.text();
-  require$$6.debugFn('inspect', 'response: commit', commitText);
+  require$$8.debugFn('inspect', 'response: commit', commitText);
   let lastCommit;
   try {
     lastCommit = JSON.parse(commitText)?.[0];
@@ -12346,7 +12346,7 @@ async function getRepoDetails({
   repoSlug
 }) {
   const repoApiUrl = `${githubApiUrl}/repos/${orgGithub}/${repoSlug}`;
-  require$$6.debugDir('inspect', {
+  require$$8.debugDir('inspect', {
     repoApiUrl
   });
   const repoDetailsResponse = await fetch(repoApiUrl, {
@@ -12357,7 +12357,7 @@ async function getRepoDetails({
   });
   logger.logger.success(`Request completed.`);
   const repoDetailsText = await repoDetailsResponse.text();
-  require$$6.debugFn('inspect', 'response: repo', repoDetailsText);
+  require$$8.debugFn('inspect', 'response: repo', repoDetailsText);
   let repoDetails;
   try {
     repoDetails = JSON.parse(repoDetailsText);
@@ -12396,7 +12396,7 @@ async function getRepoBranchTree({
 }) {
   logger.logger.info(`Requesting default branch file tree; branch \`${defaultBranch}\`, repo \`${orgGithub}/${repoSlug}\`...`);
   const treeApiUrl = `${repoApiUrl}/git/trees/${defaultBranch}?recursive=1`;
-  require$$6.debugFn('inspect', 'url: tree', treeApiUrl);
+  require$$8.debugFn('inspect', 'url: tree', treeApiUrl);
   const treeResponse = await fetch(treeApiUrl, {
     method: 'GET',
     headers: {
@@ -12404,7 +12404,7 @@ async function getRepoBranchTree({
     }
   });
   const treeText = await treeResponse.text();
-  require$$6.debugFn('inspect', 'response: tree', treeText);
+  require$$8.debugFn('inspect', 'response: tree', treeText);
   let treeDetails;
   try {
     treeDetails = JSON.parse(treeText);
@@ -12433,7 +12433,7 @@ async function getRepoBranchTree({
     };
   }
   if (!treeDetails.tree || !Array.isArray(treeDetails.tree)) {
-    require$$6.debugDir('inspect', {
+    require$$8.debugDir('inspect', {
       treeDetails: {
         tree: treeDetails.tree
       }
@@ -12627,7 +12627,7 @@ async function run$9(argv, importMeta, {
   // We're going to need an api token to suggest data because those suggestions
   // must come from data we already know. Don't error on missing api token yet.
   // If the api-token is not set, ignore it for the sake of suggestions.
-  const hasSocketApiToken = utils.hasDefaultToken();
+  const hasSocketApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
 
   // If the current cwd is unknown and is used as a repo slug anyways, we will
@@ -12905,7 +12905,7 @@ async function run$8(argv, importMeta, {
   const noLegacy = !cli.flags['repo'];
   const [repo = '', branchArg = ''] = cli.input;
   const branch = String(branchFlag || branchArg || '');
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -13065,7 +13065,7 @@ async function run$7(argv, importMeta, {
   const dryRun = !!cli.flags['dryRun'];
   const interactive = !!cli.flags['interactive'];
   const [scanId = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -13277,7 +13277,7 @@ async function run$6(argv, importMeta, {
     targets = await suggestTarget();
   }
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
     nook: true,
@@ -13426,7 +13426,7 @@ async function run$5(argv, importMeta, {
   const dryRun = !!cli.flags['dryRun'];
   const interactive = !!cli.flags['interactive'];
   const [scanId = '', file = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -13848,8 +13848,8 @@ async function fetchScan(orgSlug, scanId) {
       return JSON.parse(line);
     } catch (e) {
       ok = false;
-      require$$6.debugFn('error', 'caught: JSON.parse error');
-      require$$6.debugDir('inspect', {
+      require$$8.debugFn('error', 'caught: JSON.parse error');
+      require$$8.debugDir('inspect', {
         error: e,
         line
       });
@@ -14036,7 +14036,7 @@ async function run$3(argv, importMeta, {
   const dryRun = !!cli.flags['dryRun'];
   const interactive = !!cli.flags['interactive'];
   const [scanId = '', file = ''] = cli.input;
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -14475,7 +14475,7 @@ async function run$2(argv, importMeta, {
   if (argSet.size) {
     logger.logger.info(`Warning: ignoring these excessive args: ${Array.from(argSet).join(', ')}`);
   }
-  const hasApiToken = utils.hasDefaultToken();
+  const hasApiToken = utils.hasDefaultApiToken();
   const [orgSlug] = await utils.determineOrgSlug(String(orgFlag || ''), interactive, dryRun);
   const outputKind = utils.getOutputKind(json, markdown);
   const wasValidInput = utils.checkCommandInput(outputKind, {
@@ -14740,8 +14740,8 @@ Do you want to install "safe npm" (this will create an alias to the socket-npm c
       }
     }
   } catch (e) {
-    require$$6.debugFn('error', 'caught: tab completion setup error');
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('error', 'caught: tab completion setup error');
+    require$$8.debugDir('inspect', {
       error: e
     });
     // Ignore. Skip tab completion setup.
@@ -15048,8 +15048,8 @@ void (async () => {
     });
   } catch (e) {
     process.exitCode = 1;
-    require$$6.debugFn('error', 'Uncaught error (BAD!):');
-    require$$6.debugDir('inspect', {
+    require$$8.debugFn('error', 'Uncaught error (BAD!):');
+    require$$8.debugDir('inspect', {
       error: e
     });
     let errorBody;
@@ -15095,7 +15095,7 @@ void (async () => {
       logger.logger.error('\n');
       logger.logger.fail(utils.failMsgWithBadge(errorTitle, errorMessage));
       if (errorBody) {
-        require$$6.debugDir('inspect', {
+        require$$8.debugDir('inspect', {
           errorBody
         });
       }
@@ -15103,5 +15103,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=9a03c00b-a929-45e3-8075-54853c769f02
+//# debugId=6fac2505-850a-4521-994a-eda179c5047a
 //# sourceMappingURL=cli.js.map