Add env vars to help

jdalton · jdalton · commit 8faa89245b42 · 2025-08-07T08:44:34.000-04:00
diff --git a/README.md b/README.md
@@ -16,14 +16,14 @@ socket --help
 
 - `socket npm [args...]` and `socket npx [args...]` - Wraps `npm` and `npx` to
   integrate [Socket.dev] and preempt installation of alerted packages using the
-  builtin resolution of `npm` to precisely determine package installations.
+  builtin resolution of `npm` to precisely determine package installations
 
 - `socket optimize` - Optimize dependencies with
   [`@socketregistry`](https://github.com/SocketDev/socket-registry) overrides
   _(👀 [our blog post](https://socket.dev/blog/introducing-socket-optimize))_
 
-  - `--pin` - Pin overrides to their latest version.
-  - `--prod` - Add overrides for only production dependencies.
+  - `--pin` - Pin overrides to their latest version
+  - `--prod` - Add overrides for only production dependencies
 
 - `socket cdxgen [command]` - Call out to
   [cdxgen](https://cyclonedx.github.io/cdxgen/#/?id=getting-started). See
@@ -34,23 +34,23 @@ socket --help
 
 All aliases support the flags and arguments of the commands they alias.
 
-- `socket ci` - alias for `socket scan create --report` which creates a report for the current directory and quits with an exit code if the result is unhealthy.
+- `socket ci` - alias for `socket scan create --report` which creates a report for the current directory and quits with an exit code if the result is unhealthy
 
 ## Flags
 
 ### Output flags
 
-- `--json` - Outputs result as JSON which can be piped into [`jq`](https://stedolan.github.io/jq/) and other tools.
-- `--markdown` - Outputs result as Markdown which can be copied into issues, pull requests, or chats.
+- `--json` - Outputs result as JSON which can be piped into [`jq`](https://stedolan.github.io/jq/) and other tools
+- `--markdown` - Outputs result as Markdown which can be copied into issues, pull requests, or chats
 
 ### Other flags
 
-- `--dry-run` - Run a command without uploading anything.
-- `--debug` - Output additional debug.
-- `--help` - Prints help documentation for a command.
-- `--max-old-space-size` - Set Node's [`--max-old-space-size`](https://nodejs.org/api/cli.html#--max-old-space-sizesize-in-mib) value.
-- `--max-semi-space-size` - Set Node's [`--max-semi-space-size`](https://nodejs.org/api/cli.html#--max-semi-space-sizesize-in-mib) value.
-- `--version` - Prints the Socket CLI version.
+- `--dry-run` - Run a command without uploading anything
+- `--debug` - Output additional debug
+- `--help` - Prints help documentation for a command
+- `--max-old-space-size` - Set Node's [`--max-old-space-size`](https://nodejs.org/api/cli.html#--max-old-space-sizesize-in-mib) value
+- `--max-semi-space-size` - Set Node's [`--max-semi-space-size`](https://nodejs.org/api/cli.html#--max-semi-space-sizesize-in-mib) value
+- `--version` - Prints the Socket CLI version
 
 ## Configuration files
 
@@ -61,19 +61,19 @@ use of the `projectIgnorePaths` to excludes files when creating a report.
 
 ## Environment variables
 
-- `SOCKET_CLI_ACCEPT_RISKS` - Accept risks of a safe-npm and safe-npx run.
-- `SOCKET_CLI_API_TOKEN` - Set the Socket API token.
-- `SOCKET_CLI_CONFIG` - A JSON stringified Socket configuration object.
-- `SOCKET_CLI_GIT_USER_EMAIL` - The git config `user.email` used by Socket CLI.<br>
+- `SOCKET_CLI_ACCEPT_RISKS` - Accept risks of a safe-npm or safe-npx run
+- `SOCKET_CLI_API_TOKEN` - Set the Socket API token
+- `SOCKET_CLI_CONFIG` - A JSON stringified Socket configuration object
+- `SOCKET_CLI_GIT_USER_EMAIL` - The git config `user.email` used by Socket CLI<br>
   *Defaults:* `github-actions[bot]@users.noreply.github.com`<br>
-- `SOCKET_CLI_GIT_USER_NAME` - The git config `user.name` used by Socket CLI.<br>
+- `SOCKET_CLI_GIT_USER_NAME` - The git config `user.name` used by Socket CLI<br>
   *Defaults:* `github-actions[bot]`<br>
-- `SOCKET_CLI_GITHUB_TOKEN` - A classic [GitHub personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) with the "repo" scope or a fine-grained access token with at least read/write permissions set for "Contents" and "Pull Request".<br>
+- `SOCKET_CLI_GITHUB_TOKEN` - A classic or fine-grained [GitHub personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) with the "repo" scope or at least read/write permissions set for "Contents" and "Pull Request"<br>
   *Aliases:* `GITHUB_TOKEN`<br>
-- `SOCKET_CLI_NO_API_TOKEN` - Make the default API token `undefined`.
-- `SOCKET_CLI_NPM_PATH` - The absolute location of the npm directory.
-- `SOCKET_CLI_ORG_SLUG` - Specify the Socket organization slug.
-- `SOCKET_CLI_VIEW_ALL_RISKS` - View all risks of a safe-npm and safe-npx run.
+- `SOCKET_CLI_NO_API_TOKEN` - Make the default API token `undefined`
+- `SOCKET_CLI_NPM_PATH` - The absolute location of the npm directory
+- `SOCKET_CLI_ORG_SLUG` - Specify the Socket organization slug
+- `SOCKET_CLI_VIEW_ALL_RISKS` - View all risks of a safe-npm or safe-npx run
 
 ## Contributing
 
@@ -89,23 +89,22 @@ npm exec socket
 
 ### Environment variables for development
 
-- `DEBUG` - Enable debug logging based on the [`debug`](https://socket.dev/npm/package/debug) package.
-- `SOCKET_CLI_API_BASE_URL` - Change the base URL for all API-calls.<br>
-  *Defaults:* The "apiBaseUrl" value of socket/settings local app data if present, else `https://api.socket.dev/v0/`.<br>
-- `SOCKET_CLI_API_PROXY` - Set the proxy that all requests are routed through.<br>
-  For example, if set to [`http://127.0.0.1:9090`](https://docs.proxyman.io/troubleshooting/couldnt-see-any-requests-from-3rd-party-network-libraries), then all request are proxied through that proxy.<br>
+- `SOCKET_CLI_API_BASE_URL` - Change the base URL for all API-calls<br>
+  *Defaults:* The "apiBaseUrl" value of socket/settings local app data if present, else `https://api.socket.dev/v0/`<br>
+- `SOCKET_CLI_API_PROXY` - Set the proxy that all requests are routed through<br>
+  For example, if set to [`http://127.0.0.1:9090`](https://docs.proxyman.io/troubleshooting/couldnt-see-any-requests-from-3rd-party-network-libraries), then all request are proxied through that proxy<br>
   *Aliases:* `HTTPS_PROXY`, `https_proxy`, `HTTP_PROXY`, and `http_proxy`<br>
-- `SOCKET_CLI_DEBUG` - Enable debug logging in Socket CLI.<br>
-  :bulb: Not needed if `DEBUG` is specified.
+- `SOCKET_CLI_DEBUG` - Enable debug logging in Socket CLI
+- `DEBUG` - Enable debug logging based on the [`debug`](https://socket.dev/npm/package/debug) package
 
 ## Similar projects
 
-- [`@socketsecurity/sdk`](https://github.com/SocketDev/socket-sdk-js) - The SDK used by Socket CLI.
+- [`@socketsecurity/sdk`](https://github.com/SocketDev/socket-sdk-js) - The SDK used by Socket CLI
 
 ## See also
 
 - [Announcement blog post](https://socket.dev/blog/announcing-socket-cli-preview)
-- [Socket API Reference](https://docs.socket.dev/reference) - The API used by Socket CLI.
-- [Socket GitHub App](https://github.com/apps/socket-security) - The plug-and-play GitHub App.
+- [Socket API Reference](https://docs.socket.dev/reference) - The API used by Socket CLI
+- [Socket GitHub App](https://github.com/apps/socket-security) - The plug-and-play GitHub App
 
 [Socket.dev]: https://socket.dev/
diff --git a/src/commands/cli.test.mts b/src/commands/cli.test.mts
@@ -53,6 +53,26 @@ describe('socket root command', async () => {
           uninstall                 Uninstall Socket CLI tab completion
           wrapper                   Enable or disable the Socket npm/npx wrapper
 
+        Environment variables
+
+          SOCKET_CLI_ACCEPT_RISKS   Accept risks of a safe-npm or safe-npx run
+          SOCKET_CLI_API_TOKEN      Set the Socket API token
+          SOCKET_CLI_CONFIG.        A JSON stringified Socket configuration object
+          SOCKET_CLI_GIT_USER_EMAIL The git config \`user.email\` used by Socket CLI
+          SOCKET_CLI_GIT_USER_NAME  The git config user.name used by Socket CLI
+          SOCKET_CLI_GITHUB_TOKEN   A classic or fine-grained GitHub personal access token (\\u200bhttps://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens\\u200b)
+          SOCKET_CLI_NO_API_TOKEN   Make the default API token \`undefined\`
+          SOCKET_CLI_NPM_PATH       The absolute location of the npm directory
+          SOCKET_CLI_ORG_SLUG       Specify the Socket organization slug
+          SOCKET_CLI_VIEW_ALL_RISKS View all risks of a safe-npm or safe-npx run
+
+        Environment variables for development
+
+          SOCKET_CLI_API_BASE_URL   Change the base URL for all API-calls
+          SOCKET_CLI_API_PROXY      Set the proxy that all requests are routed through
+          SOCKET_CLI_DEBUG          Enable debug logging in Socket CLI
+          DEBUG                     Enable debug logging based on the debug (\\u200bhttps://socket.dev/npm/package/debug\\u200b) package
+
         Options       (Note: All CLI commands have these flags even when not displayed in their help)
 
           --config                 Override the local config with this JSON
diff --git a/src/utils/meow-with-subcommands.mts b/src/utils/meow-with-subcommands.mts
@@ -1,4 +1,5 @@
 import meow from 'meow'
+import terminalLink from 'terminal-link'
 
 import { joinAnd } from '@socketsecurity/registry/lib/arrays'
 import { logger } from '@socketsecurity/registry/lib/logger'
@@ -354,6 +355,26 @@ export async function meowWithSubcommands(
       `      logout                    ${subcommands['logout']?.description}`,
       `      uninstall                 ${subcommands['uninstall']?.description}`,
       `      wrapper                   ${subcommands['wrapper']?.description}`,
+      '',
+      '    Environment variables',
+      '',
+      '      SOCKET_CLI_ACCEPT_RISKS   Accept risks of a safe-npm or safe-npx run',
+      '      SOCKET_CLI_API_TOKEN      Set the Socket API token',
+      '      SOCKET_CLI_CONFIG.        A JSON stringified Socket configuration object',
+      '      SOCKET_CLI_GIT_USER_EMAIL The git config `user.email` used by Socket CLI',
+      '      SOCKET_CLI_GIT_USER_NAME  The git config `user.name` used by Socket CLI',
+      `      SOCKET_CLI_GITHUB_TOKEN   A classic or fine-grained ${terminalLink('GitHub personal access token', 'https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens')}`,
+      '      SOCKET_CLI_NO_API_TOKEN   Make the default API token `undefined`',
+      '      SOCKET_CLI_NPM_PATH       The absolute location of the npm directory',
+      '      SOCKET_CLI_ORG_SLUG       Specify the Socket organization slug',
+      '      SOCKET_CLI_VIEW_ALL_RISKS View all risks of a safe-npm or safe-npx run',
+      '',
+      '    Environment variables for development',
+      '',
+      '      SOCKET_CLI_API_BASE_URL   Change the base URL for all API-calls',
+      '      SOCKET_CLI_API_PROXY      Set the proxy that all requests are routed through',
+      '      SOCKET_CLI_DEBUG          Enable debug logging in Socket CLI',
+      `      DEBUG                     Enable debug logging based on the ${terminalLink('debug', 'https://socket.dev/npm/package/debug')} package`,
     ].join('\n')
   }
 
