{"library":"socket","title":"Socket CLI","type":"library","description":"CLI tool for Socket.dev security analysis of npm dependencies. Current stable version is 1.1.86, with a history of active releases (multiple releases in 2025). Provides commands for scanning, fixing CVEs, optimizing dependencies, and managing security patches. Key differentiators: wraps npm/npx for real-time security scanning, supports SBOM generation via cdxgen, offers automated CVE fixing and dependency optimization via @socketregistry overrides. ESM-only, requires Node.js >=18.20.8 and pnpm >=10.33.0.","language":"javascript","status":"active","last_verified":"Sat Apr 25","install":{"commands":["npm install socket"],"cli":{"name":"socket","version":null}},"imports":["import socket from 'socket'","import { run } from 'socket'","import type { Config } from 'socket'"],"auth":{"required":false,"env_vars":[]},"links":{"homepage":"https://socket.dev","github":"https://github.com/SocketDev/socket-cli","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/socket","openapi_spec":null,"status_page":null,"smithery":null},"quickstart":{"code":"import { run } from 'socket';\n\nconst argv = ['npm', 'install', 'express'];\nconst config = {\n  apiToken: process.env.SOCKET_CLI_API_TOKEN ?? '',\n  orgSlug: process.env.SOCKET_CLI_ORG_SLUG ?? '',\n  dryRun: true,\n  debug: false,\n};\n\ntry {\n  await run(argv, config);\n} catch (err) {\n  console.error('Socket scan failed:', err);\n  process.exit(1);\n}","lang":"typescript","description":"Demonstrates programmatic usage of socket CLI with environment variable configuration and dry-run mode.","tag":null,"tag_description":null,"last_tested":null,"results":[]},"compatibility":null}