CLI tool for Socket.dev

npm install -g socket
socket --help

• socket npm [args...] and socket npx [args...] - Wraps npm and npx to integrate Socket.dev and preempt installation of alerted packages using the builtin resolution of npm to precisely determine package installations.

• socket optimize - Optimize dependencies with @socketregistry overrides (👀 our blog post)

  • --pin - Pin overrides to their latest version.
  • --prod - Add overrides for only production dependencies.

• socket cdxgen [command] - Call out to cdxgen. See their documentation for commands.

All aliases support the flags and arguments of the commands they alias.

• socket ci - alias for socket scan create --report which creates a report for the current directory and quits with an exit code if the result is unhealthy.

• --json - Outputs result as JSON which can be piped into jq and other tools.
• --markdown - Outputs result as Markdown which can be copied into issues, pull requests, or chats.

• --dry-run - Run a command without uploading anything.
• --debug - Output additional debug.
• --help - Prints help documentation for a command.
• --max-old-space-size - Set Node's --max-old-space-size value.
• --max-semi-space-size - Set Node's --max-semi-space-size value.
• --version - Prints the Socket CLI version.

The CLI reads and uses data from a socket.yml file in the folder you run it in. It supports the version 2 of the socket.yml file format and makes use of the projectIgnorePaths to excludes files when creating a report.

• SOCKET_CLI_ACCEPT_RISKS - Accept risks of a safe-npm and safe-npx run.
• SOCKET_CLI_API_TOKEN - Set the Socket API token.
• SOCKET_CLI_CONFIG - A JSON stringified Socket configuration object.
• SOCKET_CLI_GIT_USER_EMAIL - The git config user.email used by Socket CLI.
  Defaults: github-actions[bot]@users.noreply.github.com
  
• SOCKET_CLI_GIT_USER_NAME - The git config user.name used by Socket CLI.
  Defaults: github-actions[bot]
  
• SOCKET_CLI_GITHUB_TOKEN - A classic GitHub personal access token with the "repo" scope or a fine-grained access token with at least read/write permissions set for "Contents" and "Pull Request".
  Aliases: GITHUB_TOKEN
  
• SOCKET_CLI_NO_API_TOKEN - Make the default API token undefined.
• SOCKET_CLI_NPM_PATH - The absolute location of the npm directory.
• SOCKET_CLI_ORG_SLUG - Specify the Socket organization slug.
• SOCKET_CLI_VIEW_ALL_RISKS - View all risks of a safe-npm and safe-npx run.

To run dev locally you can run these steps

npm install
npm run build
npm exec socket

• DEBUG - Enable debug logging based on the debug package.
• SOCKET_CLI_API_BASE_URL - Change the base URL for all API-calls.
  Defaults: The "apiBaseUrl" value of socket/settings local app data if present, else https://api.socket.dev/v0/.
  
• SOCKET_CLI_API_PROXY - Set the proxy that all requests are routed through.
  For example, if set to http://127.0.0.1:9090, then all request are proxied through that proxy.
  Aliases: HTTPS_PROXY, https_proxy, HTTP_PROXY, and http_proxy
  
• SOCKET_CLI_DEBUG - Enable debug logging in Socket CLI.
  💡 Not needed if DEBUG is specified.

• @socketsecurity/sdk - The SDK used by Socket CLI.

• Announcement blog post
• Socket API Reference - The API used by Socket CLI.
• Socket GitHub App - The plug-and-play GitHub App.