Add list, remove, and gc commands to socket-patch CLI

- Add list command to display patches from local manifest with detailed information
- Add remove command to remove patches by PURL or UUID
- Add gc (garbage collection) command to clean up unused blob files
- Support --json output for list command
- Support --dry-run for gc command

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

Author: mikolalysenko

src/cli.ts

@@ -4,13 +4,19 @@ import yargs from 'yargs'
 import { hideBin } from 'yargs/helpers'
 import { applyCommand } from './commands/apply.js'
 import { downloadCommand } from './commands/download.js'
+import { listCommand } from './commands/list.js'
+import { removeCommand } from './commands/remove.js'
+import { gcCommand } from './commands/gc.js'
 
 async function main(): Promise<void> {
   await yargs(hideBin(process.argv))
     .scriptName('socket-patch')
     .usage('$0 <command> [options]')
     .command(applyCommand)
     .command(downloadCommand)
+    .command(listCommand)
+    .command(removeCommand)
+    .command(gcCommand)
     .demandCommand(1, 'You must specify a command')
     .help()
     .alias('h', 'help')

src/commands/gc.ts

@@ -0,0 +1,96 @@
+import * as fs from 'fs/promises'
+import * as path from 'path'
+import type { CommandModule } from 'yargs'
+import {
+  PatchManifestSchema,
+  DEFAULT_PATCH_MANIFEST_PATH,
+} from '../schema/manifest-schema.js'
+import {
+  cleanupUnusedBlobs,
+  formatCleanupResult,
+} from '../utils/cleanup-blobs.js'
+
+interface GCArgs {
+  cwd: string
+  'manifest-path': string
+  'dry-run': boolean
+}
+
+async function garbageCollect(
+  manifestPath: string,
+  dryRun: boolean,
+): Promise<void> {
+  // Read and parse manifest
+  const manifestContent = await fs.readFile(manifestPath, 'utf-8')
+  const manifestData = JSON.parse(manifestContent)
+  const manifest = PatchManifestSchema.parse(manifestData)
+
+  // Find .socket directory (contains blobs)
+  const socketDir = path.dirname(manifestPath)
+  const blobsPath = path.join(socketDir, 'blobs')
+
+  // Run cleanup
+  const cleanupResult = await cleanupUnusedBlobs(manifest, blobsPath, dryRun)
+
+  // Display results
+  if (cleanupResult.blobsChecked === 0) {
+    console.log('No blobs directory found, nothing to clean up.')
+  } else if (cleanupResult.blobsRemoved === 0) {
+    console.log(
+      `Checked ${cleanupResult.blobsChecked} blob(s), all are in use.`,
+    )
+  } else {
+    console.log(formatCleanupResult(cleanupResult, dryRun))
+
+    if (!dryRun) {
+      console.log('\nGarbage collection complete.')
+    }
+  }
+}
+
+export const gcCommand: CommandModule<{}, GCArgs> = {
+  command: 'gc',
+  describe: 'Clean up unused blob files from .socket/blobs directory',
+  builder: yargs => {
+    return yargs
+      .option('cwd', {
+        describe: 'Working directory',
+        type: 'string',
+        default: process.cwd(),
+      })
+      .option('manifest-path', {
+        alias: 'm',
+        describe: 'Path to patch manifest file',
+        type: 'string',
+        default: DEFAULT_PATCH_MANIFEST_PATH,
+      })
+      .option('dry-run', {
+        alias: 'd',
+        describe: 'Show what would be removed without actually removing',
+        type: 'boolean',
+        default: false,
+      })
+  },
+  handler: async argv => {
+    try {
+      const manifestPath = path.isAbsolute(argv['manifest-path'])
+        ? argv['manifest-path']
+        : path.join(argv.cwd, argv['manifest-path'])
+
+      // Check if manifest exists
+      try {
+        await fs.access(manifestPath)
+      } catch {
+        console.error(`Manifest not found at ${manifestPath}`)
+        process.exit(1)
+      }
+
+      await garbageCollect(manifestPath, argv['dry-run'])
+      process.exit(0)
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : String(err)
+      console.error(`Error: ${errorMessage}`)
+      process.exit(1)
+    }
+  },
+}

src/commands/list.ts

@@ -0,0 +1,151 @@
+import * as fs from 'fs/promises'
+import * as path from 'path'
+import type { CommandModule } from 'yargs'
+import {
+  PatchManifestSchema,
+  DEFAULT_PATCH_MANIFEST_PATH,
+} from '../schema/manifest-schema.js'
+
+interface ListArgs {
+  cwd: string
+  'manifest-path': string
+  json: boolean
+}
+
+async function listPatches(
+  manifestPath: string,
+  outputJson: boolean,
+): Promise<void> {
+  // Read and parse manifest
+  const manifestContent = await fs.readFile(manifestPath, 'utf-8')
+  const manifestData = JSON.parse(manifestContent)
+  const manifest = PatchManifestSchema.parse(manifestData)
+
+  const patchEntries = Object.entries(manifest.patches)
+
+  if (patchEntries.length === 0) {
+    if (outputJson) {
+      console.log(JSON.stringify({ patches: [] }, null, 2))
+    } else {
+      console.log('No patches found in manifest.')
+    }
+    return
+  }
+
+  if (outputJson) {
+    // Output as JSON for machine consumption
+    const jsonOutput = {
+      patches: patchEntries.map(([purl, patch]) => ({
+        purl,
+        uuid: patch.uuid,
+        exportedAt: patch.exportedAt,
+        tier: patch.tier,
+        license: patch.license,
+        description: patch.description,
+        files: Object.keys(patch.files),
+        vulnerabilities: Object.entries(patch.vulnerabilities).map(
+          ([id, vuln]) => ({
+            id,
+            cves: vuln.cves,
+            summary: vuln.summary,
+            severity: vuln.severity,
+            description: vuln.description,
+          }),
+        ),
+      })),
+    }
+    console.log(JSON.stringify(jsonOutput, null, 2))
+  } else {
+    // Human-readable output
+    console.log(`Found ${patchEntries.length} patch(es):\n`)
+
+    for (const [purl, patch] of patchEntries) {
+      console.log(`Package: ${purl}`)
+      console.log(`  UUID: ${patch.uuid}`)
+      console.log(`  Tier: ${patch.tier}`)
+      console.log(`  License: ${patch.license}`)
+      console.log(`  Exported: ${patch.exportedAt}`)
+
+      if (patch.description) {
+        console.log(`  Description: ${patch.description}`)
+      }
+
+      // List vulnerabilities
+      const vulnEntries = Object.entries(patch.vulnerabilities)
+      if (vulnEntries.length > 0) {
+        console.log(`  Vulnerabilities (${vulnEntries.length}):`)
+        for (const [id, vuln] of vulnEntries) {
+          const cveList = vuln.cves.length > 0 ? ` (${vuln.cves.join(', ')})` : ''
+          console.log(`    - ${id}${cveList}`)
+          console.log(`      Severity: ${vuln.severity}`)
+          console.log(`      Summary: ${vuln.summary}`)
+        }
+      }
+
+      // List files being patched
+      const fileList = Object.keys(patch.files)
+      if (fileList.length > 0) {
+        console.log(`  Files patched (${fileList.length}):`)
+        for (const filePath of fileList) {
+          console.log(`    - ${filePath}`)
+        }
+      }
+
+      console.log('') // Empty line between patches
+    }
+  }
+}
+
+export const listCommand: CommandModule<{}, ListArgs> = {
+  command: 'list',
+  describe: 'List all patches in the local manifest',
+  builder: yargs => {
+    return yargs
+      .option('cwd', {
+        describe: 'Working directory',
+        type: 'string',
+        default: process.cwd(),
+      })
+      .option('manifest-path', {
+        alias: 'm',
+        describe: 'Path to patch manifest file',
+        type: 'string',
+        default: DEFAULT_PATCH_MANIFEST_PATH,
+      })
+      .option('json', {
+        describe: 'Output as JSON',
+        type: 'boolean',
+        default: false,
+      })
+  },
+  handler: async argv => {
+    try {
+      const manifestPath = path.isAbsolute(argv['manifest-path'])
+        ? argv['manifest-path']
+        : path.join(argv.cwd, argv['manifest-path'])
+
+      // Check if manifest exists
+      try {
+        await fs.access(manifestPath)
+      } catch {
+        if (argv.json) {
+          console.log(JSON.stringify({ error: 'Manifest not found', path: manifestPath }, null, 2))
+        } else {
+          console.error(`Manifest not found at ${manifestPath}`)
+        }
+        process.exit(1)
+      }
+
+      await listPatches(manifestPath, argv.json)
+      process.exit(0)
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : String(err)
+      if (argv.json) {
+        console.log(JSON.stringify({ error: errorMessage }, null, 2))
+      } else {
+        console.error(`Error: ${errorMessage}`)
+      }
+      process.exit(1)
+    }
+  },
+}

src/commands/remove.ts

@@ -0,0 +1,119 @@
+import * as fs from 'fs/promises'
+import * as path from 'path'
+import type { CommandModule } from 'yargs'
+import {
+  PatchManifestSchema,
+  DEFAULT_PATCH_MANIFEST_PATH,
+} from '../schema/manifest-schema.js'
+
+interface RemoveArgs {
+  identifier: string
+  cwd: string
+  'manifest-path': string
+}
+
+async function removePatch(
+  identifier: string,
+  manifestPath: string,
+): Promise<{ removed: string[]; notFound: boolean }> {
+  // Read and parse manifest
+  const manifestContent = await fs.readFile(manifestPath, 'utf-8')
+  const manifestData = JSON.parse(manifestContent)
+  const manifest = PatchManifestSchema.parse(manifestData)
+
+  const removed: string[] = []
+  let foundMatch = false
+
+  // Check if identifier is a PURL (contains "pkg:")
+  if (identifier.startsWith('pkg:')) {
+    // Remove by PURL
+    if (manifest.patches[identifier]) {
+      removed.push(identifier)
+      delete manifest.patches[identifier]
+      foundMatch = true
+    }
+  } else {
+    // Remove by UUID - search through all patches
+    for (const [purl, patch] of Object.entries(manifest.patches)) {
+      if (patch.uuid === identifier) {
+        removed.push(purl)
+        delete manifest.patches[purl]
+        foundMatch = true
+      }
+    }
+  }
+
+  if (foundMatch) {
+    // Write updated manifest
+    await fs.writeFile(
+      manifestPath,
+      JSON.stringify(manifest, null, 2) + '\n',
+      'utf-8',
+    )
+  }
+
+  return { removed, notFound: !foundMatch }
+}
+
+export const removeCommand: CommandModule<{}, RemoveArgs> = {
+  command: 'remove <identifier>',
+  describe: 'Remove a patch from the manifest by PURL or UUID',
+  builder: yargs => {
+    return yargs
+      .positional('identifier', {
+        describe: 'Package PURL (e.g., pkg:npm/package@version) or patch UUID',
+        type: 'string',
+        demandOption: true,
+      })
+      .option('cwd', {
+        describe: 'Working directory',
+        type: 'string',
+        default: process.cwd(),
+      })
+      .option('manifest-path', {
+        alias: 'm',
+        describe: 'Path to patch manifest file',
+        type: 'string',
+        default: DEFAULT_PATCH_MANIFEST_PATH,
+      })
+  },
+  handler: async argv => {
+    try {
+      const manifestPath = path.isAbsolute(argv['manifest-path'])
+        ? argv['manifest-path']
+        : path.join(argv.cwd, argv['manifest-path'])
+
+      // Check if manifest exists
+      try {
+        await fs.access(manifestPath)
+      } catch {
+        console.error(`Manifest not found at ${manifestPath}`)
+        process.exit(1)
+      }
+
+      const { removed, notFound } = await removePatch(
+        argv.identifier,
+        manifestPath,
+      )
+
+      if (notFound) {
+        console.error(`No patch found matching identifier: ${argv.identifier}`)
+        process.exit(1)
+      }
+
+      console.log(`Removed ${removed.length} patch(es):`)
+      for (const purl of removed) {
+        console.log(`  - ${purl}`)
+      }
+
+      console.log(`\nManifest updated at ${manifestPath}`)
+      console.log('Tip: Run "socket-patch gc" to clean up unused blob files.')
+
+      process.exit(0)
+    } catch (err) {
+      const errorMessage = err instanceof Error ? err.message : String(err)
+      console.error(`Error: ${errorMessage}`)
+      process.exit(1)
+    }
+  },
+}