From 7fa104fcd167e53bb72f5c24f311fe813f4b5bc5 Mon Sep 17 00:00:00 2001 From: Martin Torp Date: Tue, 31 Mar 2026 17:31:20 +0200 Subject: [PATCH 1/5] fix: respect projectIgnorePaths from socket.yml in scan create The scan create command had all the downstream infrastructure to honor projectIgnorePaths from socket.yml but never actually loaded the config. Read socket.yml via findSocketYmlSync and pass the parsed config to getPackageFilesForScan so globWithGitIgnore applies the ignore patterns. --- src/commands/scan/cmd-scan-create.mts | 1 - src/commands/scan/handle-create-new-scan.mts | 9 +++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/src/commands/scan/cmd-scan-create.mts b/src/commands/scan/cmd-scan-create.mts index ef02af35c..d6d533ef7 100644 --- a/src/commands/scan/cmd-scan-create.mts +++ b/src/commands/scan/cmd-scan-create.mts @@ -173,7 +173,6 @@ async function run( ...generalFlags, ...reachabilityFlags, }, - // TODO: Your project's "socket.yml" file's "projectIgnorePaths". help: command => ` Usage $ ${command} [options] [TARGET...] diff --git a/src/commands/scan/handle-create-new-scan.mts b/src/commands/scan/handle-create-new-scan.mts index 1203906f0..7a0e63e0c 100644 --- a/src/commands/scan/handle-create-new-scan.mts +++ b/src/commands/scan/handle-create-new-scan.mts @@ -14,6 +14,7 @@ import { outputCreateNewScan } from './output-create-new-scan.mts' import { performReachabilityAnalysis } from './perform-reachability-analysis.mts' import constants from '../../constants.mts' import { checkCommandInput } from '../../utils/check-input.mts' +import { findSocketYmlSync } from '../../utils/config.mts' import { getPackageFilesForScan } from '../../utils/path-resolve.mts' import { readOrDefaultSocketJson } from '../../utils/socket-json.mts' import { socketDocsLink } from '../../utils/terminal-link.mts' @@ -164,7 +165,15 @@ export async function handleCreateNewScan({ spinner.start('Searching for local files to include in scan...') const supportedFiles = supportedFilesCResult.data + + // Load socket.yml to respect projectIgnorePaths when collecting files. + const socketYmlResult = findSocketYmlSync(cwd) + const socketConfig = socketYmlResult.ok + ? socketYmlResult.data?.parsed + : undefined + const packagePaths = await getPackageFilesForScan(targets, supportedFiles, { + config: socketConfig, cwd, }) From 5f082054238cb24c9aae1d7afc19871c2444502c Mon Sep 17 00:00:00 2001 From: Martin Torp Date: Tue, 31 Mar 2026 17:57:34 +0200 Subject: [PATCH 2/5] fix: respect projectIgnorePaths from socket.yml in scan reach --- src/commands/scan/handle-scan-reach.mts | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/commands/scan/handle-scan-reach.mts b/src/commands/scan/handle-scan-reach.mts index a421b34d0..7363d0e45 100644 --- a/src/commands/scan/handle-scan-reach.mts +++ b/src/commands/scan/handle-scan-reach.mts @@ -6,6 +6,7 @@ import { outputScanReach } from './output-scan-reach.mts' import { performReachabilityAnalysis } from './perform-reachability-analysis.mts' import constants from '../../constants.mts' import { checkCommandInput } from '../../utils/check-input.mts' +import { findSocketYmlSync } from '../../utils/config.mts' import { getPackageFilesForScan } from '../../utils/path-resolve.mts' import type { ReachabilityOptions } from './perform-reachability-analysis.mts' @@ -47,7 +48,15 @@ export async function handleScanReach({ ) const supportedFiles = supportedFilesCResult.data + + // Load socket.yml to respect projectIgnorePaths when collecting files. + const socketYmlResult = findSocketYmlSync(cwd) + const socketConfig = socketYmlResult.ok + ? socketYmlResult.data?.parsed + : undefined + const packagePaths = await getPackageFilesForScan(targets, supportedFiles, { + config: socketConfig, cwd, }) From 55e3874c769638b200b86f82c52b4177cb6cabef Mon Sep 17 00:00:00 2001 From: Martin Torp Date: Wed, 1 Apr 2026 14:36:39 +0200 Subject: [PATCH 3/5] v1.1.78 --- CHANGELOG.md | 5 +++++ package.json | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b143caf89..7f21d12cc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). +## [1.1.78](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.78) - 2026-04-01 + +### Fixed +- `socket scan create` and `socket scan reach` now respect `projectIgnorePaths` from `socket.yml` when collecting files for a scan + ## [1.1.77](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.77) - 2026-04-01 ### Fixed diff --git a/package.json b/package.json index 4f146ebb7..37e709c4d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "socket", - "version": "1.1.77", + "version": "1.1.78", "description": "CLI for Socket.dev", "homepage": "https://github.com/SocketDev/socket-cli", "license": "MIT AND OFL-1.1", From f9b7f59d42235db2d42cb16f0004fd78b49e8685 Mon Sep 17 00:00:00 2001 From: Martin Torp Date: Wed, 1 Apr 2026 15:35:21 +0200 Subject: [PATCH 4/5] fix: respect projectIgnorePaths from socket.yml in socket fix --- src/commands/fix/coana-fix.mts | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/src/commands/fix/coana-fix.mts b/src/commands/fix/coana-fix.mts index c6dcf693f..144799305 100644 --- a/src/commands/fix/coana-fix.mts +++ b/src/commands/fix/coana-fix.mts @@ -44,6 +44,7 @@ import { fetchGhsaDetails, setGitRemoteGithubRepoUrl, } from '../../utils/github.mts' +import { findSocketYmlSync } from '../../utils/config.mts' import { getPackageFilesForScan } from '../../utils/path-resolve.mts' import { setupSdk } from '../../utils/sdk.mts' import { fetchSupportedScanFileNames } from '../scan/fetch-supported-scan-file-names.mts' @@ -157,7 +158,15 @@ export async function coanaFix( } const supportedFiles = supportedFilesCResult.data + + // Load socket.yml to respect projectIgnorePaths when collecting files. + const socketYmlResult = findSocketYmlSync(cwd) + const socketConfig = socketYmlResult.ok + ? socketYmlResult.data?.parsed + : undefined + const scanFilepaths = await getPackageFilesForScan(['.'], supportedFiles, { + config: socketConfig, cwd, }) // Exclude any .socket.facts.json files that happen to be in the scan From 8c453bbcdc0f6ca054b59e8d4c99806eedb5eee8 Mon Sep 17 00:00:00 2001 From: Martin Torp Date: Wed, 1 Apr 2026 15:37:49 +0200 Subject: [PATCH 5/5] docs: update changelog to include socket fix --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7f21d12cc..c22c0cda3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,7 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). ## [1.1.78](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.78) - 2026-04-01 ### Fixed -- `socket scan create` and `socket scan reach` now respect `projectIgnorePaths` from `socket.yml` when collecting files for a scan +- `socket scan create`, `socket scan reach`, and `socket fix` now respect `projectIgnorePaths` from `socket.yml` when collecting files ## [1.1.77](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.77) - 2026-04-01