All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog.
1.1.133 - 2026-07-01
- Updated the Coana CLI to v
15.6.4.
1.1.132 - 2026-06-30
- More reliable reachability for Gradle, sbt, and Maven projects with dynamic versions (git versions, CI build numbers, timestamps): the build is resolved once and its artifact paths reused, avoiding spurious "failed to install" errors.
socket manifestand--auto-manifestnow prefer your project's build-tool wrapper (./gradlew,./mvnw) when present, falling back togradle/mvnon PATH.- Updated the Coana CLI to v
15.6.3.
1.1.131 - 2026-06-29
- Updated the Coana CLI to v
15.6.2.
1.1.130 - 2026-06-29
- Reachability analysis no longer fails to start in pnpm workspaces that define a
.pnpmfile.cjs. Socket now launches its bundled analysis tools without running the project's pnpm hooks, so a broken or environment-specific hook (for example, one that loads a file managed by Git LFS) can no longer stop a scan before it begins.
1.1.129 - 2026-06-26
- Updated the Coana CLI to v
15.6.1.
1.1.128 - 2026-06-25
- Updated the Coana CLI to v
15.5.10.
- Scans now skip Python virtual environments when collecting manifest files. Folders named
.venv, and any folder containing apyvenv.cfgmarker (coveringvenv,env, and custom-named environments), are excluded — sosocket scan, reachability, andsocket fixstay focused on your project's own manifests instead of the thousands installed inside a virtualenv.
1.1.127 - 2026-06-24
- Updated the Coana CLI to v
15.5.9.
1.1.126 - 2026-06-22
- Reachability analysis types are now referred to by descriptive names in command help, output, and docs: Full application reachability (formerly Tier 1), Precomputed reachability (formerly Tier 2), and Dependency reachability (formerly Tier 3).
- Updated the Coana CLI to v
15.5.7.
1.1.125 - 2026-06-22
- New
socket manifest mavencommand generates a Socket facts file (.socket.facts.json) directly from a Mavenpom.xmlproject. Like the Gradle and sbt generators, it auto-detects your project, plugs intosocket manifest autoand thesocket manifest setupconfigurator, and accepts--maven-optsto pass options through to Maven (e.g.--maven-opts="-P release -s settings.xml"), plus--binto point at a wrapper such as./mvnw.
- Updated the Coana CLI to v
15.5.5.
1.1.124 - 2026-06-19
socket scan create --reachaccepts a new--reach-retain-facts-fileflag. By default the CLI deletes the.socket.facts.jsonreachability report from the scan directory after a successful scan; pass this flag to keep it (e.g. for inspection or debugging). Important: you must delete the retained.socket.facts.jsonbefore running a fresh full application reachability scan — a stale file left in place is picked up as a pre-generated input and silently overrides fresh analysis, so the new scan results will not be reliable.
- Updated the Coana CLI to v
15.5.4.
1.1.123 - 2026-06-18
socket scan create --reachandsocket scan reachnow accept unit suffixes on--reach-analysis-timeout(s,m,h— e.g.90s,10m,1h) and--reach-analysis-memory-limit(MB,GB— e.g.512MB,8GB). Plain numbers keep working as before.
- Updated the Coana CLI to v
15.5.0.
1.1.122 - 2026-06-17
- Updated the Coana CLI to v
15.4.6.
1.1.121 - 2026-06-17
socket config setnow persists correctly when a Socket API token is supplied via an environment variable. Previously, settingSOCKET_CLI_API_TOKEN/SOCKET_SECURITY_API_TOKENput the entire config into read-only mode, sosocket config set <key> <value>silently failed to save (and a latersocket config getshowed nothing) while still printingOK. A token from the environment now overrides authentication only: unrelated keys such asdefaultOrgare written to disk as expected, and the env-supplied token itself is still never persisted.socket config setno longer reports a misleadingOKwhen the value genuinely cannot be saved. When the config is fully overridden (and therefore ephemeral) via--config,SOCKET_CLI_CONFIG, orSOCKET_CLI_NO_API_TOKEN, the command now fails with a clear error explaining that the value was not saved, instead of pretending it succeeded.
1.1.120 - 2026-06-12
socket scan create --reachnow applies your project's build-tool settings fromsocket.json(configured viasocket manifest setup) — custom build-tool binary, include/exclude configs, and Gradle/sbt options — when resolving dependencies for Gradle and sbt reachability analysis, instead of always invoking the build tool with defaults.socket scan create --auto-manifest --reachnow fails with an error when a build tool fails during manifest generation, rather than tolerating it. Plain--reach(without--auto-manifest) keeps generating manifests on a best-effort basis.- Updated the Coana CLI to v
15.4.5.
1.1.119 - 2026-06-11
- Updated the Coana CLI to v
15.3.26.
1.1.118 - 2026-06-08
- Updated the Coana CLI to v
15.3.24.
1.1.117 - 2026-06-08
- The published package no longer bundles the unused Terminus bitmap font (pulled in transitively by the vendored
blesseddependency), so its declared license is nowMITinstead ofMIT AND OFL-1.1.
1.1.116 - 2026-06-06
- Updated the Coana CLI to v
15.3.22.
1.1.115 - 2026-06-04
socket manifest gradle,kotlin, andscala(including sbt-based projects) now stream the underlying build-tool and Coana output and surface the real failure reason. Previously a generation failure could collapse to an unhelpfulCoana command failed (exit code 1): command failedwith no detail, hiding actionable hints such as unresolved dependencies (re-run with--ignore-unresolved/--exclude-configs, or--pomfor the legacypom.xmloutput).
1.1.114 - 2026-06-04
socket manifest gradle,kotlin, andscalanow generate a Socket facts file (.socket.facts.json) by default; pass--pomto generatepom.xmlmanifests instead.- Replaced
--configswith--include-configsand--exclude-configsonsocket manifest gradle/kotlin/scalafor finer control over which build configurations are resolved. - Updated the Coana CLI to v
15.3.21.
1.1.113 - 2026-06-03
socket manifest bazel [beta]— Generate Bazel JVM SBOM manifests by runningbazel queryagainst discovered Maven repos in a Bazel workspace. Closes the inline-Maven-declaration gap that lockfile-only parsing misses for repos like envoy, ray, tensorflow, tink-java, and or-tools. Auto-detects Bzlmod and legacyWORKSPACE.socket scan create --auto-manifestnow covers Bazel workspaces in addition to Gradle/Scala/Kotlin/Conda. Repos withMODULE.bazel,WORKSPACE, orWORKSPACE.bazelare detected automatically and their Maven dependencies extracted as part of the standard scan-create flow.- Bazel PyPI extraction —
socket manifest bazel --ecosystem pypinow generatesrequirements.txtfor Python Bazel workspaces. Discovers customrules_pythonpip hub names with Bazel command output first, queriespy_library/py_binary/py_testdependencies, resolves canonical pinned versions fromrequirements_lock.txt, and emits PEP 503-normalizedname==versionlines. Supports both Bzlmod (pip.parse) and legacyWORKSPACE(pip_parse/pip_install) configurations. PyPI remains explicit opt-in forsocket scan create --auto-manifestuntil real-world no-lockfile recovery is validated.
- Bazel diagnostics —
socket manifest bazel --verbosenow emits bounded subprocess traces with argv, cwd, duration, exit status, output sizes, and failure stderr tails to make customer log-only triage safer and faster. - Updated the Coana CLI to v
15.3.20.
1.1.112 - 2026-05-29
socket fixandsocket scan createno longer abort withEACCES: permission denied, scandirwhen the project contains a directory the running user cannot read (for example a postgrespgdatadata directory owned by another uid, or a Docker volume mount). Manifest discovery walks a project for.gitignorefiles before applying any path exclusions; that walk now honors--exclude-pathsandsocket.ymlprojectIgnorePaths, and skips unreadable directories rather than crashing. This makes--exclude-pathseffective for unreadable directories — previously the crash happened before the exclusion was ever applied.
1.1.111 - 2026-05-29
- Updated the Coana CLI to v
15.3.15.
1.1.110 - 2026-05-29
- Resolved intermittent ~5-second timeouts affecting manifest uploads for reachability analysis and
socket fix, along with other long-running API requests. Socket CLI now uses an explicit HTTP agent for all API traffic, so slow uploads and large streaming responses are no longer dropped prematurely.
1.1.109 - 2026-05-28
socket fix --exclude-paths— Skip matching paths from the scan entirely: manifests under these paths are not uploaded, and fixes are not applied to workspaces under them. Use this to skip directories the current user cannot read (e.g. a postgrespgdatadirectory inside the repo) so they do not abort manifest collection. The pre-existing--excludeflag keeps its previous fix-application-only semantic but is now hidden in--helpin favor of--exclude-paths.
1.1.108 - 2026-05-28
- Updated the Coana CLI to v
15.3.12.
1.1.107 - 2026-05-28
socket manifest gradle --facts [beta](and itskotlinalias) gained--configsand--ignore-unresolved, matchingsocket manifest scala --facts.--configstakes comma-separated glob patterns (e.g.*CompileClasspath,*RuntimeClasspath) to restrict resolution to matching Gradle configurations; unresolved dependencies are now a fatal error by default — pass--ignore-unresolvedfor the previous lenient behavior.socket manifest scala --facts --configsnow accepts glob patterns too (e.g.*Test*) for consistency with the gradle command. Bare names (no*/?) keep working as exact-name filters, so existing usages are unchanged.
socket manifest gradle --factsnow works on Gradle builds with the configuration cache enabled (default on Gradle 9), which previously failed withTask.project at execution timeerrors.
1.1.106 - 2026-05-27
socket manifest scala --facts [beta]— Emit a.socket.facts.jsondependency graph from an sbt build forsocket scan createto consume as a pregenerated SBOM. Toggle also exposed via thesocket manifest setupwizard for use with--auto-manifest.
1.1.105 - 2026-05-27
- Updated the Coana CLI to v
15.3.11.
1.1.104 - 2026-05-26
- Coana CLI invocation: strip
npm_package_*env vars before spawning the npm-install fallback. Preventsspawn E2BIGfailures in large monorepos where the parent process has hundreds ofnpm_package_*env vars populated from the rootpackage.json. Preservesnpm_config_*(registry / proxy / cache from.npmrc).
1.1.103 - 2026-05-26
- Updated the Coana CLI to v
15.3.9.
1.1.102 - 2026-05-22
socket manifest gradle --facts [beta](and itssocket manifest kotlin --factsalias) — Emit a.socket.facts.jsondependency graph from a Gradle build forsocket scan createto consume as a pregenerated SBOM. Toggle also exposed via thesocket manifest setupwizard for use with--auto-manifest.
- Updated the Coana CLI to v
15.3.8.
1.1.101 - 2026-05-22
- Updated the Coana CLI to v
15.3.6.
1.1.100 - 2026-05-21
- Updated the Coana CLI to v
15.3.4.
1.1.99 - 2026-05-20
- Updated the Coana CLI to v
15.3.1. - Forward a
SOCKET_CALLER_USER_AGENTenv var (socket/<version> node/<nodeVersion> <platform>/<arch>) to the Coana CLI on spawn. Coana appends this to its outbound axiosUser-Agentso backend traffic identifies the originating Socket CLI alongside the Coana version.
1.1.98 - 2026-05-20
socket scan create --reachnow uploads the reachability facts file as brotli on the wire, shrinking mono-repo upload sizes by roughly 85% with no change to the on-disk or stored format. Faster scan submissions on slow connections.
1.1.97 - 2026-05-18
- Updated the Coana CLI to v
15.3.0.
1.1.96 - 2026-05-15
- Updated the Coana CLI to v
15.2.8.
1.1.95 - 2026-05-15
- Updated the Coana CLI to v
15.2.7.
1.1.94 - 2026-05-12
socket manifest scalanow copies sbt-generated.pomfiles out of each subproject'starget/directory to the project root aspom.xml, so Socket scan (which discovers**/pom.xmland respects.gitignore) picks them up automatically. Use--outto override the destination filename.
1.1.93 - 2026-05-08
socket fix --ecosystemsnow accepts values case-insensitively (e.g.NPM,npm, andNpmare all valid), matching the existing behavior of--package-managers.- Updated the Coana CLI to v
15.2.4.
1.1.92 - 2026-05-05
- Updated the Coana CLI to v
15.2.2.
1.1.91 - 2026-05-01
- New
socket scan createandsocket scan reachflags let you keep reachability analysis going when it would otherwise halt:--reach-continue-on-analysis-errors,--reach-continue-on-install-errors,--reach-continue-on-missing-lock-files, and--reach-continue-on-no-source-files. Each falls back to precomputed (Tier 2) results so you still get a scan when individual workspaces hit timeouts, install failures, missing lock files, or empty source trees.
1.1.90 - 2026-04-30
socket fixnow accepts a--package-managersflag to narrow fix computation to specific package managers within an ecosystem (e.g. only PNPM in a monorepo that mixes pnpm/yarn/npm). Accepts space- or comma-separated values and is case-insensitive. When combined with--ecosystems, both filters must match.
- Updated the Coana CLI to v
15.2.0.
1.1.89 - 2026-04-30
socket scan createnow matches manifest filenames case-insensitively, so capitalized files such asPipfileandPipfile.lockare no longer silently dropped from the scan.
1.1.88 - 2026-04-29
- Updated the Coana CLI to v
15.1.0.
1.1.87 - 2026-04-28
- Updated the Coana CLI to v
14.12.222.
1.1.86 - 2026-04-24
socket fixnow fails with a clear error when a.socket.facts.jsonanalysis artifact is present alongside manifest files, prompting you to delete it before re-running
1.1.85 - 2026-04-20
- Updated the Coana CLI to v
14.12.219.
1.1.84 - 2026-04-17
- Updated the Coana CLI to v
14.12.218.
1.1.83 - 2026-04-14
socket fixnow shows a clear error when a vulnerability ID (GHSA, CVE, or PURL) is passed as a positional argument instead of with--id, with a helpful "Did you mean" suggestionsocket fixnow shows a clear error when the target directory does not exist, instead of a confusing API error about missing files
1.1.82 - 2026-04-13
- Updated the Coana CLI to v
14.12.213.
1.1.81 - 2026-04-10
- Updated the Coana CLI to v
14.12.211.
1.1.80 - 2026-04-10
- Updated the Coana CLI to v
14.12.209.
1.1.79 - 2026-04-08
- Updated the Coana CLI to v
14.12.205.
1.1.78 - 2026-04-01
socket scan create,socket scan reach, andsocket fixnow respectprojectIgnorePathsfromsocket.ymlwhen collecting files
1.1.77 - 2026-04-01
- Improved error message when using
--reachwith an invalid, expired, or revoked API token. Previously showed a misleading "Unable to verify plan permissions" error; now clearly indicates the authentication failure.
- Updated the Coana CLI to v
14.12.201.
1.1.74 - 2026-03-19
- Fixed
socket scan create --reachfailing with input validation errors when no explicit target is passed. In non-TTY environments (e.g. Jenkins CI), the interactive prompt to confirm the current directory would silently fail, causing all reach validations to error. Now defaults to.(cwd) when--reachis used without a target.
- Updated the Coana CLI to v
14.12.200.
1.1.73 - 2026-03-13
- Updated the Coana CLI to v
14.12.197.
1.1.72 - 2026-03-12
- Updated the Coana CLI to v
14.12.196.
1.1.71 - 2026-03-11
- Updated the Coana CLI to v
14.12.195.
1.1.70 - 2026-03-11
- Updated the Coana CLI to v
14.12.194.
1.1.69 - 2026-03-10
- Updated the Coana CLI to v
14.12.192.
1.1.68 - 2026-03-09
- Updated the Coana CLI to v
14.12.191.
1.1.67 - 2026-03-06
- Updated
@socketsecurity/socket-patchto v2.0.0, now powered by a native Rust binary for faster patch operations - The
socket patchcommand now directly invokes the platform-specific Rust binary instead of a Node.js wrapper - Enhanced
socket patchdocumentation with a complete subcommand reference and quick-start guide
1.1.66 - 2026-03-02
- Updated the Coana CLI to v
14.12.189.
1.1.65 - 2026-02-26
- Improved API error messages to include the request URL, making it easier to debug which endpoint failed
1.1.64 - 2026-02-25
- Updated the Coana CLI to v
14.12.183.
1.1.63 - 2026-02-04
- Updated the Coana CLI to v
14.12.182.
1.1.62 - 2026-01-30
- Updated the Coana CLI to v
14.12.178.
1.1.61 - 2026-01-29
- Updated the Coana CLI to v
14.12.174.
1.1.60 - 2026-01-28
- Updated the Coana CLI to v
14.12.173.
1.1.59 - 2026-01-19
- Updated the Coana CLI to v
14.12.162.
1.1.58 - 2026-01-14
- Analysis splitting is now disabled by default for reachability scans.
- Added
--reach-enable-analysis-splittingflag to opt-in to multiple analysis runs per workspace when needed. - Deprecated
--reach-disable-analysis-splittingflag (now a no-op for backwards compatibility). - Updated the Coana CLI to v
14.12.154.
1.1.57 - 2026-01-10
- Updated
@socketsecurity/socket-patchto v1.2.0, which includes:- Progress spinner for scan command
- Improved test coverage
1.1.56 - 2026-01-10
- Fixed heap overflow when scanning large monorepos with 100k+ files by implementing streaming-based filtering.
1.1.55 - 2026-01-09
- Updated the Coana CLI to v
14.12.148.
1.1.54 - 2026-01-09
- Updated the Coana CLI to v
14.12.143.
1.1.53 - 2026-01-06
- The
scan_typequery argument is now set to'socket_tier1'when runningsocket scan create --reach. This change ensures Tier 1 alerts from scans are ingested into the organization-level alerts correctly.
1.1.52 - 2026-01-02
- Added
--silenceflag tosocket fixto suppress intermediate output and show only the final result.
- Updated the Coana CLI to v
14.12.139.
1.1.51 - 2025-12-23
- Added internal
--reach-lazy-modeflag for reachability analysis.
- Updated the Coana CLI to v
14.12.138.
1.1.50 - 2025-12-19
- Fixed exit code when blocking alerts are found
1.1.49 - 2025-12-17
- Added initial telemetry functionality to track CLI usage and help improve the Socket experience.
- Fixed error propagation when npm package finalization failed in
socket fix.
- Updated the Coana CLI to v
14.12.134.
1.1.48 - 2025-12-16
- Updated the Coana CLI to v
14.12.130.
1.1.47 - 2025-12-15
- Added
--debugflag tosocket fixto enable verbose logging in the Coana CLI.
- Updated the Coana CLI to v
14.12.127.
1.1.46 - 2025-12-12
- Updated the Coana CLI to v
14.12.126.
1.1.45 - 2025-12-10
- Updated the Coana CLI to v
14.12.122.
- Added
--reach-use-only-pregenerated-sbomsto run the Tier 1 reachability based only on pre-computed CDX and SPDX SBOMs (all other manifests are excluded).
1.1.44 - 2025-12-09
- Updated the Coana CLI to v
14.12.118.
1.1.43 - 2025-12-08
- Added
--allflag tosocket fixfor explicitly processing all vulnerabilities in local mode. Cannot be used with--id.
- Running
socket fixin local mode without--allor--idis deprecated. A warning is shown when neither flag is provided. In a future release, one of these flags will be required.
1.1.42 - 2025-12-04
- Added
--ecosystemsflag tosocket fix.
- Updated the Coana CLI to v
14.12.113. - Rename
--limitflag to--pr-limitforsocket fix, but keep old flag as an alias. Note:--pr-limithas no effect in local mode, use--idoptions instead. - Process all vulnerabilities with
socket fixwhen no--idoptions are provided.
1.1.41 - 2025-12-02
- Added
--reach-versionflag tosocket scan createandsocket scan reachto override the @coana-tech/cli version used for reachability analysis. - Added
--fix-versionflag tosocket fixto override the @coana-tech/cli version used for fix analysis.
1.1.40 - 2025-12-02
- Fix a bug where vulnerabilities were not found correctly during
socket fix.
- Updated the Coana CLI to v
14.12.110.
1.1.39 - 2025-12-01
- Added the
--output <scan-report.json>flag tosocket scan reach.
- Updated the Coana CLI to v
14.12.107.
1.1.38 - 2025-11-26
- Enhanced CVE to GHSA conversion with improved error detection and caching for more reliable vulnerability lookups
1.1.37 - 2025-11-26
- Fix a bug where setting target path could cause incorrect manifest file paths for commands
socket scan reach <target>,socket scan create --reach <target>, andsocket fix <target>.
1.1.36 - 2025-11-26
- Fix a bug where the reachability analysis would hang on runs with analysis errors.
- Updated
@coana-tech/clito 14.12.100
1.1.35 - 2025-11-25
- Added
--reach-debugflag to enable verbose logging in the reachability Coana CLI
- Updated
@coana-tech/clito 14.12.100
1.1.34 - 2025-11-21
- The target path is now properly considered when conducting reachability analysis:
socket scan reach <target>andsocket scan create --reach <target>. - Fixed a bug where manifest files
<target>were not included in a scan when the target was pointing to a directory.
1.1.33 - 2025-11-20
- Updated
@coana-tech/clito 14.12.94
- Enhanced error badge visibility with improved text color contrast
1.1.32 - 2025-11-20
- Updated
@coana-tech/clito 14.12.90 - Updated
@cyclonedx/cdxgento 11.11.0
- Resolved
--limitflag behavior to correctly restrict vulnerability processing insocket fixlocal mode - Exclude
.socket.facts.jsonfiles fromsocket fixmanifest uploads
1.1.31 - 2025-11-19
- Enhanced pull request descriptions to remove duplicate package listings for cleaner, more readable output
1.1.30 - 2025-11-18
- Enhanced
SOCKET_CLI_COANA_LOCAL_PATHto support compiled Coana CLI binaries alongside Node.js script files
- Resolved PR creation workflow to properly recreate pull requests after closing or merging
- Corrected API token selection to honor
SOCKET_CLI_API_TOKENenvironment variable in package alert requests
1.1.29 - 2025-11-16
- Added options
--reach-concurrency <number>and--reach-disable-analysis-splittingforsocket scan create --reach
1.1.28 - 2025-11-13
- Backported
socket fixwith--jsonimprovements
1.1.27 - 2025-11-12
- Backported
--excludeand--includeflags forsocket fixcommand from v2
1.1.26 - 2025-11-08
- Debug logging of API requests/responses
1.1.23 - 2025-09-22
- Enhanced
--no-apply-fixesflag naming for improved clarity (previously--dont-apply-fixes) - Streamlined documentation and help text for better user experience
- Improved
pnpm dlxoperations by removing unnecessary--ignore-scriptsflag
- Resolved JSON example formatting in usage documentation
- Enhanced test reliability for cdxgen on Windows platforms
- Improved error handling in optimize command for pnpm environments
1.1.22 - 2025-09-20
- Rename
--only-computeflag to--dont-apply-fixesforsocket fix, but keep old flag as an alias.
- Resolved interactive prompts in
socket optimizewhen using pnpm - Sanitize extracted git repository names to be compatible with the Socket API.
1.1.21 - 2025-09-20
- New
--compact-headerflag for streamlined CLI output display
- Enhanced package manager interception for improved security scanning
- Improved detection of temporary package execution environments
- Enhanced error handling in
socket optimizewith proper exit codes
1.1.20 - 2025-09-19
- Terminal link support for enhanced command output formatting
- Resolved Windows compatibility issues with package manager execution
1.1.19 - 2025-09-19
- Enhanced testing capabilities for malware detection features
1.1.18 - 2025-09-18
- Enhanced compatibility with older Node.js versions
1.1.17 - 2025-09-18
- Enhanced Windows compatibility for package manager operations
1.1.16 - 2025-09-16
- Enhanced pnpm wrapper compatibility with dlx commands
1.1.15 - 2025-09-16
- Improved
socket fixerror messages for missing environment variables
- Resolved path handling issue in
socket optimizecommand
1.1.14 - 2025-09-17
- Enhanced third-party tool integration
1.1.13 - 2025-09-16
- New
--output-fileflag forsocket fixto save computed fixes to a JSON file - New
--only-computeflag forsocket fixto compute fixes without applying them
1.1.12 - 2025-09-15
- Enhanced security alert processing for more reliable operations
1.1.11 - 2025-09-12
- Improved multipart upload reliability with Socket SDK update
1.1.10 - 2025-09-11
- Enhanced command argument filtering for improved compatibility with npm and cdxgen integrations
1.1.9 - 2025-09-11
- Enhanced
socket fix --idto accept CVE IDs and PURLs in addition to GHSA IDs
- Correct SOCKET_CLI_API_TIMEOUT environment variable lookup
1.1.8 - 2025-09-11
- Clearer permission error messages to help resolve access issues
1.1.7 - 2025-09-11
- Control spinner display with new
--no-spinnerflag
- Enhanced proxy support for flexible network configurations
1.1.6 - 2025-09-10
- Improved pull request operations with better cache management
1.1.5 - 2025-09-10
- Enhanced reachability analysis spinner for consistent feedback
- Better working directory control with
--cwdflag improvements
1.1.4 - 2025-09-09
- Track release changes with CHANGELOG.md
- Enhanced development workflow with contributor guidance
- Control scan output detail with
--report-levelflag
1.1.1 - 2025-09-04
- Faster command completion with improved tab functionality
- Smoother user experience with better loading indicators
- Removed legacy
--testand--test-scriptflags fromsocket fix - Continued cleanup of legacy
socket fixcode
1.1.0 - 2025-09-03
- See package versions directly in
socket npmsecurity reports
- Clearer feedback for repeat
socket npminstallations - More reliable handling of scan timeouts
- Streamlined repeat installs by hiding redundant audit info
- More reliable file system operations
- Better configuration value handling
- Cleaned up legacy
socket fixcode
1.0.111 - 2025-09-03
- Reimplemented
--range-styleflag forsocket fix
- Enhanced CI/CD compatibility for reachability analysis and fixes
1.0.110 - 2025-09-03
- Enhanced reachability analysis and
socket fixfor better output handling
1.0.109 - 2025-09-03
- Improved build environment handling for better compatibility
1.0.108 - 2025-09-03
- Cleaner output from wrapped commands for focused results
1.0.107 - 2025-09-02
- Restored build stability for reliable deployments
1.0.106 - 2025-09-02
- Control reachability analysis caching with new
--reach-skip-cacheflag
1.0.104 - 2025-08-29
- Enhanced security advisory resolution for accurate vulnerability tracking
1.0.103 - 2025-08-29
- Improved GitHub Security Advisory processing
1.0.102 - 2025-08-29
- Enhanced command flag processing for better reliability
1.0.100 - 2025-08-29
- Richer debugging output for security advisory analysis
1.0.96 - 2025-08-27
- Streamlined organization selection for reachability analysis
1.0.89 - 2025-08-15
- Comprehensive manifest scanning with
socket scan create --reach
1.0.85 - 2025-08-01
- Flexible npm path configuration via
SOCKET_CLI_NPM_PATHenvironment variable
1.0.82 - 2025-07-30
- Memory optimization controls with
--max-old-space-sizeand--max-semi-space-sizeflags
1.0.80 - 2025-07-29
- Enhanced file discovery feedback in
socket scan create
1.0.73 - 2025-07-14
- Automatic detection of
.socket.facts.jsonconfiguration files
1.0.69 - 2025-07-10
- Skip pull request checks with new
--no-pr-checkflag forsocket fix
1.0.10 - 2025-06-28
- Enhanced performance and reliability across all commands
1.0.9 - 2025-06-28
- Improved stability and command execution speed
1.0.8 - 2025-06-27
- Faster command processing with optimized internals
1.0.7 - 2025-06-25
- Enhanced reliability through improved code quality
1.0.6 - 2025-06-25
- Smoother user experience with targeted improvements
1.0.5 - 2025-06-25
- Faster command execution with performance enhancements
1.0.4 - 2025-06-25
- More stable operations with targeted fixes
1.0.3 - 2025-06-25
- Load npm config as part of
socket fix
1.0.2 - 2025-06-25
- Added spinner to reachability scan
1.0.1 - 2025-06-24
- Package manager version logging to info
- Organization persistence when selecting orgs
- Made
socket fixcommand reuse implementations for better efficiency - Normalized options passed to
socket fix - Improved banner spacing logic
- Enhanced default org feedback and call-to-action
1.0.0 - 2025-06-13
- Official v1.0.0 release
- Added
socket org depsalias command
- Moved dependencies command to a subcommand of organization
- Improved UX for threat-feed and audit-logs
- Removed Node 18 deprecation warnings
- Removed v1 preparation flags
0.15.64 - 2025-06-13
- Improved
socket fixerror handling when server rejects request
- Final pre-v1.0.0 stability improvements
0.15.63 - 2025-06-12
- Enhanced debugging capabilities
0.15.62 - 2025-06-12
- Avoided double installing during
socket fixoperations
0.15.61 - 2025-06-11
- Memory management for
socket fixwith packument cache clearing
0.15.60 - 2025-06-10
- Widened Node.js test matrix
- Removed Node 18 support due to native-ts compatibility
0.15.59 - 2025-06-09
- Reduced Node version restrictions on CLI
0.15.57 - 2025-06-06
- Added
socket threat-feedsearch flags
0.15.56 - 2025-05-07
socket manifest setupfor project configuration- Enhanced debugging output and error handling
0.15.0 - 2025-05-07
- Enhanced
socket threat-feedwith new API endpoints socket.jsonconfiguration support- Improved
socket fixerror handling
- Avoid double installing with
socket fix - CI/CD improvements reducing GitHub Action dependencies for
socket fix
0.14.155 - 2025-05-07
SOCKET_CLI_API_BASE_URLfor base URL configurationDISABLE_GITHUB_CACHEenvironment variablecdxgenlifecycle logging and documentation hyperlinks
- Set
exitCode=1when login steps fail - Fixed Socket package URLs
- Band-aid fix for
socket analytics - Improved handling of non-SDK API calls
- Enhanced JSON-safe API handling
- Updated
cdxgenflags and configuration
0.14.0 - 2024-10-10
socket optimizeto apply Socket registry overrides- Suggestion flows to
socket scan create - JSON/markdown output support for
socket repos list - Enhanced organization command with
--jsonand--markdownflags SOCKET_CLI_NO_API_TOKENenvironment variable support- Improved test snapshot updating
- Spinner management in report flow and after API errors
- API error handling for non-SDK calls
- Package URL corrections
- Added Node permissions for shadow-bin
0.13.0 - 2024-09-06
socket threat-feedfor security threat information
0.12.0 - 2024-08-30
- Diff Scan command for comparing scan results
- Analytics enhancements and data visualization
- Feature to save analytics data to local files
0.11.0 - 2024-08-05
- Organization listing capability
0.10.0 - 2024-07-17
- Analytics command with graphical data visualization
- Interactive charts and graphs
0.9.0 - 2023-12-01
- Automatic latest version fetching for
socket info - Package scoring integration
- Human-readable issue rendering with clickable links
- Enhanced package analysis with scores
- Smart defaults for package version resolution
- Improved issue visualization and reporting
0.8.0 - 2023-08-10
- Configuration-based warnings from settings
- Enhanced
socket npminstallation safety checks
- Dropped Node 14 support (EOL April 2023)
- Added Node 16 manual testing due to c8 segfault issues
0.7.1 - 2023-06-13
- Python report creation capabilities
- CLI login/logout functionality
- Lockfile handling to ensure saves on
socket npm install - Report creation issues
- Python uploads via CLI
- Switched to base64 encoding for certain operations
0.6.0 - 2023-04-11
- Enhanced update notifier for npm wrapper
- TTY IPC to mitigate sub-shell prompts
0.5.0 - 2023-03-16
- npm/npx wrapper commands (
socket npm,socket npx) - npm provenance and publish action support
- Reusable consistent flags across commands
0.4.0 - 2023-01-20
- Persistent authentication - CLI remembers API key for full duration
- Comprehensive TypeScript integration and type checks
- Enhanced development tooling and dependencies
0.3.0 - 2022-12-13
- Support for globbed input and ignores for package scanning
--strictand--allflags to commands- Configuration support using
@socketsecurity/config
- Improved error handling and messaging
- Stricter TypeScript configuration
- Improved tests
0.2.1 - 2022-11-23
- Update notifier to inform users of new CLI versions
0.2.0 - 2022-11-23
- New
socket report viewfor viewing existing reports --viewflag toreport createfor immediate viewing- Enhanced report creation and viewing capabilities
- Synced up report create command with report view functionality
- Synced up info command with report view
- Improved examples in
--helpoutput
- Updated documentation and README with new features
0.1.2 - 2022-11-17
- Node 19 testing support
- Improved documentation
0.1.1 - 2022-11-07
- Extended README documentation
- Removed accidental debug code
0.1.0 - 2022-11-07
- Initial Socket CLI release
socket infofor package security informationsocket report createfor generating security reports- Basic CLI infrastructure and configuration