SocketDev · John-David Dalton (jdalton) · Mar 20, 2025 · Mar 20, 2025 · Mar 20, 2025
diff --git a/src/commands/package/cmd-package-shallow.ts b/src/commands/package/cmd-package-shallow.ts
@@ -2,8 +2,8 @@ import colors from 'yoctocolors-cjs'

 import { logger } from '@socketsecurity/registry/lib/logger'

+import { handlePurlsShallowScore } from './handle-purls-shallow-score'
 import { parsePackageSpecifiers } from './parse-package-specifiers'
-import { showPurlInfo } from './show-purl-info'
 import constants from '../../constants'
 import { commonFlags, outputFlags } from '../../flags'
 import { meowOrExit } from '../../utils/meow-with-subcommands'
@@ -103,7 +103,7 @@ async function run(
    return
  }

-  await showPurlInfo({
+  await handlePurlsShallowScore({
    outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
    purls
  })

diff --git a/src/commands/package/fetch-package-info.ts → ...ands/package/fetch-purls-shallow-score.ts b/src/commands/package/fetch-package-info.ts → ...ands/package/fetch-purls-shallow-score.ts
@@ -9,7 +9,7 @@ import type {
  SocketSdkReturnType
 } from '@socketsecurity/sdk'

-export async function fetchPackageInfo(
+export async function fetchPurlsShallowScore(
  purls: string[]
 ): Promise<SocketSdkReturnType<'batchPackageFetch'>> {
  const socketSdk = await setupSdk(getPublicToken())

diff --git a/src/commands/package/show-purl-info.ts → ...nds/package/handle-purls-shallow-score.ts b/src/commands/package/show-purl-info.ts → ...nds/package/handle-purls-shallow-score.ts
@@ -1,18 +1,18 @@
-import { fetchPackageInfo } from './fetch-package-info'
-import { logPackageInfo } from './log-package-info'
+import { fetchPurlsShallowScore } from './fetch-purls-shallow-score'
+import { outputPurlsShallowScore } from './output-purls-shallow-score'

 import type { components } from '@socketsecurity/sdk/types/api'

-export async function showPurlInfo({
+export async function handlePurlsShallowScore({
  outputKind,
  purls
 }: {
  outputKind: 'json' | 'markdown' | 'text'
  purls: string[]
 }) {
-  const packageData = await fetchPackageInfo(purls)
+  const packageData = await fetchPurlsShallowScore(purls)
  if (packageData) {
-    logPackageInfo(
+    outputPurlsShallowScore(
      purls,
      packageData.data as Array<components['schemas']['SocketArtifact']>,
      outputKind

diff --git a/src/commands/package/log-package-info.ts → ...nds/package/output-purls-shallow-score.ts b/src/commands/package/log-package-info.ts → ...nds/package/output-purls-shallow-score.ts
@@ -5,7 +5,7 @@ import { logger } from '@socketsecurity/registry/lib/logger'

 import type { components } from '@socketsecurity/sdk/types/api'

-export function logPackageInfo(
+export function outputPurlsShallowScore(
  purls: string[],
  packageData: Array<components['schemas']['SocketArtifact']>,
  outputKind: 'json' | 'markdown' | 'text'

diff --git a/src/utils/api.ts b/src/utils/api.ts
@@ -3,17 +3,17 @@ import process from 'node:process'
 import colors from 'yoctocolors-cjs'

 import { logger } from '@socketsecurity/registry/lib/logger'
+import { isNonEmptyString } from '@socketsecurity/registry/lib/strings'

 import { AuthError } from './errors'
 import constants from '../constants'
+import { getSetting } from './settings'

 import type {
  SocketSdkErrorType,
  SocketSdkOperations
 } from '@socketsecurity/sdk'

-const { API_V0_URL } = constants
-
 export function handleUnsuccessfulApiResponse<T extends SocketSdkOperations>(
  _name: T,
  result: SocketSdkErrorType<T>
@@ -55,6 +55,8 @@ export async function handleAPIError(code: number) {
    return 'One of the options passed might be incorrect.'
  } else if (code === 403) {
    return 'You might be trying to access an organization that is not linked to the API key you are logged in with.'
+  } else {
+    ;`Server responded with status code ${code}`
  }
 }

@@ -63,7 +65,15 @@ export function getLastFiveOfApiToken(token: string): string {
  return token.slice(-9, -4)
 }

+// The API server that should be used for operations.
+function getDefaultApiBaseUrl(): string | undefined {
+  const baseUrl =
+    process.env['SOCKET_SECURITY_API_BASE_URL'] || getSetting('apiBaseUrl')
+  return isNonEmptyString(baseUrl) ? baseUrl : undefined
+}
+
 export async function queryAPI(path: string, apiToken: string) {
+  const API_V0_URL = getDefaultApiBaseUrl()
  return await fetch(`${API_V0_URL}/${path}`, {
    method: 'GET',
    headers: {

diff --git a/src/utils/sdk.ts b/src/utils/sdk.ts
@@ -48,7 +48,10 @@ export function getDefaultToken(): string | undefined {
 }

 export function getPublicToken(): string {
-  return getDefaultToken() ?? SOCKET_PUBLIC_API_TOKEN
+  return (
+    (process.env['SOCKET_SECURITY_API_TOKEN'] || getDefaultToken()) ??
+    SOCKET_PUBLIC_API_TOKEN
+  )
 }

 export async function setupSdk(