Skip to content

README.md

Latest commit

 

History

History
104 lines (74 loc) · 3.6 KB

README.md

File metadata and controls

104 lines (74 loc) · 3.6 KB

Socket CLI

Socket Badge CI Coverage

Follow @SocketSecurity Follow @socket.dev on Bluesky

CLI for Socket.dev — bring Socket's supply-chain security analysis to your terminal and CI.

Why this repo exists

Socket CLI is the command-line interface to Socket.dev, letting you scan dependencies, audit packages, and gate installs from your terminal or CI. This repository is the source for the published socket package on npm; end-user documentation lives on socket.dev and the socket npm page.

Install

npm install -g socket

Then run:

socket --help

Usage

# Scan a package
socket package npm/express@4.18.0

# Scan your project's dependencies
socket scan create

# Audit an install before it runs
socket npm install

See the Socket docs for the full command reference.

Development

Contributor commands 
git clone https://github.com/SocketDev/socket-cli.git
cd socket-cli
pnpm install
pnpm run build
pnpm test

Requires Node.js (see .node-version) and pnpm (see the packageManager field in package.json).

Command Description
pnpm run build Smart build (skips unchanged)
pnpm run build --force Force rebuild everything
pnpm run build:cli Build CLI package only
pnpm run build:sea Build SEA binaries
pnpm dev Watch mode (auto-rebuild)
pnpm test Run all tests
pnpm testu Update test snapshots
pnpm run check Lint + typecheck
pnpm run fix Auto-fix lint + formatting

Run the built CLI from source:

node packages/cli/dist/index.js --help

Enable debug logging:

SOCKET_CLI_DEBUG=1 node packages/cli/dist/index.js <command>

Key development environment variables:

Variable Description
SOCKET_CLI_DEBUG Enable debug logging (1)
SOCKET_CLI_API_TOKEN Socket API token
SOCKET_CLI_ORG_SLUG Socket organization slug
SOCKET_CLI_API_BASE_URL Override API endpoint
SOCKET_CLI_NO_API_TOKEN Disable default API token

Further contributor reading:

License

MIT