{"id":13492162,"url":"https://github.com/SocketDev/socket-cli","last_synced_at":"2025-03-28T09:33:58.162Z","repository":{"id":63360077,"uuid":"554765897","full_name":"SocketDev/socket-cli","owner":"SocketDev","description":"The Socket CLI","archived":false,"fork":false,"pushed_at":"2025-03-24T16:21:55.000Z","size":5029,"stargazers_count":130,"open_issues_count":6,"forks_count":20,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-03-24T17:29:29.044Z","etag":null,"topics":["cli","security"],"latest_commit_sha":null,"homepage":"https://socket.dev/npm/package/socket","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SocketDev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-20T11:06:04.000Z","updated_at":"2025-03-22T05:21:25.000Z","dependencies_parsed_at":"2023-11-28T22:24:26.501Z","dependency_job_id":"72530b3a-4dad-480a-9c47-337bc27be2ba","html_url":"https://github.com/SocketDev/socket-cli","commit_stats":{"total_commits":71,"total_committers":3,"mean_commits":"23.666666666666668","dds":"0.19718309859154926","last_synced_commit":"f45cbd408c0575dfe205cf968596f4506f15f44d"},"previous_names":["socketdev/socket-cli"],"tags_count":112,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SocketDev%2Fsocket-cli","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SocketDev%2Fsocket-cli/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SocketDev%2Fsocket-cli/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SocketDev%2Fsocket-cli/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SocketDev","download_url":"https://codeload.github.com/SocketDev/socket-cli/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246004237,"owners_count":20708165,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","security"],"created_at":"2024-07-31T19:01:03.640Z","updated_at":"2025-03-28T09:33:58.156Z","avatar_url":"https://github.com/SocketDev.png","language":"TypeScript","funding_links":[],"categories":["TypeScript"],"sub_categories":[],"readme":"# Socket CLI\n\n[![Socket Badge](https://socket.dev/api/badge/npm/package/socket)](https://socket.dev/npm/package/socket)\n[![Follow @SocketSecurity](https://img.shields.io/twitter/follow/SocketSecurity?style=social)](https://twitter.com/SocketSecurity)\n\n\u003e CLI tool for [Socket.dev](https://socket.dev/)\n\n## Usage\n\n```bash\nnpm install -g socket\nsocket --help\n```\n\n## Commands\n\n- `socket npm [args...]` and `socket npx [args...]` - Wraps `npm` and `npx` to\n  integrate Socket and preempt installation of alerted packages using the\n  builtin resolution of `npm` to precisely determine package installations.\n\n- `socket optimize` - Optimize dependencies with\n  [`@socketregistry`](https://github.com/SocketDev/socket-registry) overrides!\n  _(👀 [our blog post](https://socket.dev/blog/introducing-socket-optimize))_\n\n  - `--pin` - Pin overrides to their latest version.\n  - `--prod` - Add overrides for only production dependencies.\n\n- `socket cdxgen [command]` - Call out to\n  [cdxgen](https://cyclonedx.github.io/cdxgen/#/?id=getting-started). See\n  [their documentation](https://cyclonedx.github.io/cdxgen/#/CLI?id=getting-help)\n  for commands.\n\n## Aliases\n\nAll aliases support the flags and arguments of the commands they alias.\n\n- `socket ci` - alias for `socket report create --view --strict` which creates a\n  report and quits with an exit code if the result is unhealthy. Use like eg.\n  `socket ci .` for a report for the current folder\n\n## Flags\n\n### Command specific flags\n\n- `--view` - when set on `socket report create` the command will immediately do\n  a `socket report view` style view of the created report, waiting for the\n  server to complete it\n\n### Output flags\n\n- `--json` - outputs result as json which you can then pipe into\n  [`jq`](https://stedolan.github.io/jq/) and other tools\n- `--markdown` - outputs result as markdown which you can then copy into an\n  issue, PR or even chat\n\n## Strictness flags\n\n- `--all` - by default only `high` and `critical` issues are included, by\n  setting this flag all issues will be included\n- `--strict` - when set, exits with an error code if report result is deemed\n  unhealthy\n\n### Other flags\n\n- `--dry-run` - like all CLI tools that perform an action should have, we have a\n  dry run flag. Eg. `socket report create` supports running the command without\n  actually uploading anything\n- `--debug` - outputs additional debug output. Great for debugging, geeks and us\n  who develop. Hopefully you will never _need_ it, but it can still be fun,\n  right?\n- `--help` - prints the help for the current command. All CLI tools should have\n  this flag\n- `--version` - prints the version of the tool. All CLI tools should have this\n  flag\n\n## Configuration files\n\nThe CLI reads and uses data from a\n[`socket.yml` file](https://docs.socket.dev/docs/socket-yml) in the folder you\nrun it in. It supports the version 2 of the `socket.yml` file format and makes\nuse of the `projectIgnorePaths` to excludes files when creating a report.\n\n## Environment variables\n\n- `SOCKET_SECURITY_API_TOKEN` - if set, this will be used as the API-key\n\n## Contributing\n\n### Setup\n\nTo run dev locally you can run these steps\n\n```\nnpm install\nnpm run build:dist\nnpm exec socket\n```\n\nThat should invoke it from local sources. If you make changes you run\n`build:dist` again.\n\n### Environment variables for development\n\n- `SOCKET_SECURITY_API_BASE_URL` - if set, this will be the base for all\n  API-calls. Defaults to `https://api.socket.dev/v0/`\n- `SOCKET_SECURITY_API_PROXY` - if set to something like\n  [`http://127.0.0.1:9090`](https://docs.proxyman.io/troubleshooting/couldnt-see-any-requests-from-3rd-party-network-libraries),\n  then all request will be proxied through that proxy\n\n## Similar projects\n\n- [`@socketsecurity/sdk`](https://github.com/SocketDev/socket-sdk-js) - the SDK\n  used in this CLI\n\n## See also\n\n- [Announcement blog post](https://socket.dev/blog/announcing-socket-cli-preview)\n- [Socket API Reference](https://docs.socket.dev/reference) - the API used in\n  this CLI\n- [Socket GitHub App](https://github.com/apps/socket-security) - the\n  plug-and-play GitHub App\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSocketDev%2Fsocket-cli","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSocketDev%2Fsocket-cli","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSocketDev%2Fsocket-cli/lists"}