Socket
Socket
Sign inDemoInstall

Product

Socket CLI v0.9.0 Now Available

We just released v0.9.0 of the Socket CLI with some improvements to the socket info command so you can get useful information about an npm package, right in the terminal.

Socket CLI v0.9.0 Now Available

Charlie Gerard

December 1, 2023


We just released v0.9.0 of the Socket CLI with some improvements to the socket info command so you can get useful information about an npm package, right in the terminal.

View a package's scores#

In this release, we display the package's scores whenever you run the socket info command so you can easily get an idea of the security status of an npm package.

We use a similar rating and color coding system as on the Socket website to indicate the score health. Green represents a healthy metric with low risk, orange is medium, and red is a poor metric with potential high risk.

For example, this is what the output looks like for TypeScript version 5.3.2.

View a package's issues#

If an npm package has security issues, the socket info command will now display a list of these issues, with a link to get more information for each issue.

If you want to learn more about other issues, check out the comprehensive list of issues Socket detects.

Use dist tags#

If you do not know the exact version of a package, you can now use its dist tags. For example, you can run the command socket info typescript@dev to get the scores and issues for the dev release of the TypeScript package.

Also, if you'd like to get information about the latest version of a package, you can use the latest dist tag or only use the package name, without specifying a version, for example, socket info typescript.

What's next#

We're regularly making improvements to the Socket CLI, working towards a version 1.0 release. If you'd like to learn more about all the commands and features available, please check out our docs!

Subscribe to our newsletter

Get notified when we publish new security blog posts!

Try it now

Ready to block malicious and vulnerable dependencies?

Install GitHub AppBook a demo

Related posts

Back to all posts
SocketSocket SOC 2 Logo

Product

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc