socket 1.1.119 → 1.1.121

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/CHANGELOG.md +14 -1
  2. package/dist/cli.js +653 -96
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +4 -4
  5. package/dist/constants.js.map +1 -1
  6. package/dist/tsconfig.dts.tsbuildinfo +1 -1
  7. package/dist/types/commands/config/handle-config-get.d.mts.map +1 -1
  8. package/dist/types/commands/config/handle-config-set.d.mts.map +1 -1
  9. package/dist/types/commands/config/output-config-set.d.mts.map +1 -1
  10. package/dist/types/commands/manifest/bazel/bazel-cquery.d.mts.map +1 -1
  11. package/dist/types/commands/manifest/bazel/bazel-query-runner.d.mts.map +1 -1
  12. package/dist/types/commands/manifest/bazel/bazel-repo-discovery.d.mts +28 -1
  13. package/dist/types/commands/manifest/bazel/bazel-repo-discovery.d.mts.map +1 -1
  14. package/dist/types/commands/manifest/bazel/cmd-manifest-bazel.d.mts +5 -0
  15. package/dist/types/commands/manifest/bazel/cmd-manifest-bazel.d.mts.map +1 -1
  16. package/dist/types/commands/manifest/bazel/extract_bazel_to_maven.d.mts +43 -3
  17. package/dist/types/commands/manifest/bazel/extract_bazel_to_maven.d.mts.map +1 -1
  18. package/dist/types/commands/manifest/generate_auto_manifest.d.mts.map +1 -1
  19. package/dist/types/commands/scan/cmd-scan-create.d.mts.map +1 -1
  20. package/dist/types/commands/scan/perform-reachability-analysis.d.mts +2 -0
  21. package/dist/types/commands/scan/perform-reachability-analysis.d.mts.map +1 -1
  22. package/dist/types/utils/auto-manifest-config.d.mts +55 -0
  23. package/dist/types/utils/auto-manifest-config.d.mts.map +1 -0
  24. package/dist/types/utils/config.d.mts.map +1 -1
  25. package/dist/types/utils/meow-with-subcommands.d.mts.map +1 -1
  26. package/dist/types/utils/socket-json.d.mts +1 -0
  27. package/dist/types/utils/socket-json.d.mts.map +1 -1
  28. package/dist/utils.js +98 -12
  29. package/dist/utils.js.map +1 -1
  30. package/package.json +2 -2
package/CHANGELOG.md CHANGED
@@ -4,6 +4,19 @@ All notable changes to this project will be documented in this file.
4
4
 
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
6
6
 
7
+ ## [1.1.121](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.121) - 2026-06-17
8
+
9
+ ### Fixed
10
+ - `socket config set` now persists correctly when a Socket API token is supplied via an environment variable. Previously, setting `SOCKET_CLI_API_TOKEN` / `SOCKET_SECURITY_API_TOKEN` put the entire config into read-only mode, so `socket config set <key> <value>` silently failed to save (and a later `socket config get` showed nothing) while still printing `OK`. A token from the environment now overrides authentication only: unrelated keys such as `defaultOrg` are written to disk as expected, and the env-supplied token itself is still never persisted.
11
+ - `socket config set` no longer reports a misleading `OK` when the value genuinely cannot be saved. When the config is fully overridden (and therefore ephemeral) via `--config`, `SOCKET_CLI_CONFIG`, or `SOCKET_CLI_NO_API_TOKEN`, the command now fails with a clear error explaining that the value was not saved, instead of pretending it succeeded.
12
+
13
+ ## [1.1.120](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.120) - 2026-06-12
14
+
15
+ ### Changed
16
+ - `socket scan create --reach` now applies your project's build-tool settings from `socket.json` (configured via `socket manifest setup`) — custom build-tool binary, include/exclude configs, and Gradle/sbt options — when resolving dependencies for Gradle and sbt reachability analysis, instead of always invoking the build tool with defaults.
17
+ - `socket scan create --auto-manifest --reach` now fails with an error when a build tool fails during manifest generation, rather than tolerating it. Plain `--reach` (without `--auto-manifest`) keeps generating manifests on a best-effort basis.
18
+ - Updated the Coana CLI to v `15.4.5`.
19
+
7
20
  ## [1.1.119](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.119) - 2026-06-11
8
21
 
9
22
  ### Changed
@@ -101,7 +114,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
101
114
  ### Changed
102
115
  - Updated the Coana CLI to v `15.3.9`.
103
116
 
104
- ## [1.1.98](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.98) - 2026-05-22
117
+ ## [1.1.102](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.98) - 2026-05-22
105
118
 
106
119
  ### Added
107
120
  - **`socket manifest gradle --facts [beta]`** (and its `socket manifest kotlin --facts` alias) — Emit a `.socket.facts.json` dependency graph from a Gradle build for `socket scan create` to consume as a pregenerated SBOM. Toggle also exposed via the `socket manifest setup` wizard for use with `--auto-manifest`.