@socketsecurity/sdk 1.9.1 → 1.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/CHANGELOG.md +29 -0
  2. package/README.md +29 -5
  3. package/dist/constants.js +0 -3
  4. package/dist/file-upload.js +2 -2
  5. package/dist/http-client.d.ts +37 -2
  6. package/dist/http-client.js +86 -2
  7. package/dist/index.d.ts +4 -4
  8. package/dist/index.js +13 -13
  9. package/dist/promise-queue.d.ts +35 -0
  10. package/dist/promise-queue.js +91 -0
  11. package/dist/quota-utils.d.ts +20 -20
  12. package/dist/quota-utils.js +63 -60
  13. package/dist/socket-sdk-class.d.ts +148 -148
  14. package/dist/socket-sdk-class.js +574 -510
  15. package/dist/types.d.ts +32 -10
  16. package/dist/utils.d.ts +1 -1
  17. package/dist/utils.js +2 -2
  18. package/package.json +13 -12
  19. package/requirements.json +232 -0
  20. package/types/api.d.ts +871 -767
package/dist/socket-sdk-class.js CHANGED
@@ -31,12 +31,14 @@ class SocketSdk {
31
31
  #apiToken;
32
32
  #baseUrl;
33
33
  #reqOptions;
34
+ #retries;
35
+ #retryDelay;
34
36
  /**
35
37
  * Initialize Socket SDK with API token and configuration options.
36
- * Sets up authentication, base URL, and HTTP client options.
38
+ * Sets up authentication, base URL, HTTP client options, and retry behavior.
37
39
  */
38
40
  constructor(apiToken, options) {
39
- const { agent: agentOrObj, baseUrl = 'https://api.socket.dev/v0/', timeout, userAgent, } = { __proto__: null, ...options };
41
+ const { agent: agentOrObj, baseUrl = 'https://api.socket.dev/v0/', retries = 3, retryDelay = 1000, timeout, userAgent, } = { __proto__: null, ...options };
40
42
  const agentKeys = agentOrObj ? Object.keys(agentOrObj) : [];
41
43
  const agentAsGotOptions = agentOrObj;
42
44
  const agent = (agentKeys.length && agentKeys.every(k => constants_1.httpAgentNames.has(k))
@@ -47,6 +49,8 @@ class SocketSdk {
47
49
  : agentOrObj);
48
50
  this.#apiToken = apiToken;
49
51
  this.#baseUrl = (0, utils_1.normalizeBaseUrl)(baseUrl);
52
+ this.#retries = retries;
53
+ this.#retryDelay = retryDelay;
50
54
  this.#reqOptions = {
51
55
  ...(agent ? { agent } : {}),
52
56
  headers: {
@@ -58,23 +62,31 @@ class SocketSdk {
58
62
  };
59
63
  }
60
64
  /**
61
- * Create HTTP request for batch package URL processing.
62
- * Internal method for handling PURL batch API calls with retry logic.
65
+ * Execute an HTTP request with retry logic.
66
+ * Internal method for wrapping HTTP operations with exponential backoff.
63
67
  */
64
- async #createBatchPurlRequest(componentsObj, queryParams) {
65
- // Adds the first 'abort' listener to abortSignal.
66
- const req = (0, http_client_1.getHttpModule)(this.#baseUrl)
67
- .request(`${this.#baseUrl}purl?${(0, utils_1.queryToSearchParams)(queryParams)}`, {
68
- method: 'POST',
69
- ...this.#reqOptions,
70
- })
71
- .end(JSON.stringify(componentsObj));
72
- const response = await (0, http_client_1.getResponse)(req);
73
- // Throw ResponseError for non-2xx status codes so retry logic works properly.
74
- if (!(0, http_client_1.isResponseOk)(response)) {
75
- throw new http_client_1.ResponseError(response);
68
+ async #executeWithRetry(operation) {
69
+ const result = await (0, promises_1.pRetry)(operation, {
70
+ baseDelayMs: this.#retryDelay,
71
+ onRetry(_attempt, error) {
72
+ /* c8 ignore next 3 - Early return for non-ResponseError types in retry logic */
73
+ if (!(error instanceof http_client_1.ResponseError)) {
74
+ return;
75
+ }
76
+ const { statusCode } = error.response;
77
+ // Don't retry authentication/authorization errors - they won't succeed.
78
+ if (statusCode === 401 || statusCode === 403) {
79
+ throw error;
80
+ }
81
+ },
82
+ onRetryRethrow: true,
83
+ retries: this.#retries,
84
+ });
85
+ /* c8 ignore next 3 - Defensive check for undefined result from pRetry abort */
86
+ if (result === undefined) {
87
+ throw new Error('Request aborted');
76
88
  }
77
- return response;
89
+ return result;
78
90
  }
79
91
  /**
80
92
  * Create async generator for streaming batch package URL processing.
@@ -83,30 +95,21 @@ class SocketSdk {
83
95
  async *#createBatchPurlGenerator(componentsObj, queryParams) {
84
96
  let res;
85
97
  try {
86
- res = await (0, promises_1.pRetry)(() => this.#createBatchPurlRequest(componentsObj, queryParams), {
87
- retries: 4,
88
- onRetryRethrow: true,
89
- onRetry(_attempt, error) {
90
- /* c8 ignore next 3 - Early return for non-ResponseError types in retry logic, difficult to test without complex network error simulation. */
91
- if (!(error instanceof http_client_1.ResponseError)) {
92
- return;
93
- }
94
- const { statusCode } = error.response;
95
- // Don't retry authentication/authorization errors - they won't succeed.
96
- if (statusCode === 401 || statusCode === 403) {
97
- throw error;
98
- }
99
- },
100
- });
98
+ res = await this.#executeWithRetry(() => this.#createBatchPurlRequest(componentsObj, queryParams));
101
99
  }
102
100
  catch (e) {
103
101
  yield await this.#handleApiError(e);
104
102
  return;
105
103
  }
104
+ // Validate response before processing.
105
+ /* c8 ignore next 3 - Defensive check, response should always be defined after successful request */
106
+ if (!res) {
107
+ throw new Error('Failed to get response from batch PURL request');
108
+ }
106
109
  // Parse the newline delimited JSON response.
107
110
  const rli = node_readline_1.default.createInterface({
108
111
  input: res,
109
- crlfDelay: Infinity,
112
+ crlfDelay: Number.POSITIVE_INFINITY,
110
113
  signal: abort_signal_1.default,
111
114
  });
112
115
  const isPublicToken = this.#apiToken === SOCKET_PUBLIC_API_TOKEN_1.default;
@@ -123,6 +126,80 @@ class SocketSdk {
123
126
  }
124
127
  }
125
128
  }
129
+ /**
130
+ * Create HTTP request for batch package URL processing.
131
+ * Internal method for handling PURL batch API calls with retry logic.
132
+ */
133
+ async #createBatchPurlRequest(componentsObj, queryParams) {
134
+ // Adds the first 'abort' listener to abortSignal.
135
+ const req = (0, http_client_1.getHttpModule)(this.#baseUrl)
136
+ .request(`${this.#baseUrl}purl?${(0, utils_1.queryToSearchParams)(queryParams)}`, {
137
+ method: 'POST',
138
+ ...this.#reqOptions,
139
+ })
140
+ .end(JSON.stringify(componentsObj));
141
+ const response = await (0, http_client_1.getResponse)(req);
142
+ // Throw ResponseError for non-2xx status codes so retry logic works properly.
143
+ if (!(0, http_client_1.isResponseOk)(response)) {
144
+ throw new http_client_1.ResponseError(response);
145
+ }
146
+ return response;
147
+ }
148
+ /**
149
+ * Create standardized error result from query operation exceptions.
150
+ * Internal error handling for non-throwing query API methods.
151
+ */
152
+ #createQueryErrorResult(e) {
153
+ if (e instanceof SyntaxError) {
154
+ // Try to get response text from enhanced error, fall back to regex pattern for compatibility.
155
+ const enhancedError = e;
156
+ /* c8 ignore next - Defensive empty string fallback for originalResponse. */
157
+ let responseText = enhancedError.originalResponse || '';
158
+ /* c8 ignore next 5 - Empty response text fallback check for JSON parsing errors without originalResponse. */
159
+ if (!responseText) {
160
+ const match = e.message.match(/Invalid JSON response:\n([\s\S]*?)\n→/);
161
+ responseText = match?.[1] || '';
162
+ }
163
+ /* c8 ignore next - Defensive empty string fallback when slice returns empty. */
164
+ const preview = responseText.slice(0, 100) || '';
165
+ return {
166
+ cause: `Please report this. JSON.parse threw an error over the following response: \`${preview.trim()}${responseText.length > 100 ? '...' : ''}\``,
167
+ data: undefined,
168
+ error: 'Server returned invalid JSON',
169
+ status: 0,
170
+ success: false,
171
+ };
172
+ }
173
+ /* c8 ignore start - Defensive error stringification fallback branches for edge cases. */
174
+ const errStr = e ? String(e).trim() : '';
175
+ return {
176
+ cause: errStr || UNKNOWN_ERROR_1.default,
177
+ data: undefined,
178
+ error: 'API request failed',
179
+ status: 0,
180
+ success: false,
181
+ };
182
+ /* c8 ignore stop */
183
+ }
184
+ /**
185
+ * Extract text content from HTTP response stream.
186
+ * Internal method with size limits to prevent memory exhaustion.
187
+ */
188
+ async #getResponseText(response) {
189
+ const chunks = [];
190
+ let size = 0;
191
+ // 50MB limit to prevent out-of-memory errors from large responses.
192
+ const MAX = 50 * 1024 * 1024;
193
+ for await (const chunk of response) {
194
+ size += chunk.length;
195
+ /* c8 ignore next 3 - MAX size limit protection for edge cases */
196
+ if (size > MAX) {
197
+ throw new Error('Response body exceeds maximum size limit');
198
+ }
199
+ chunks.push(chunk);
200
+ }
201
+ return Buffer.concat(chunks).toString('utf8');
202
+ }
126
203
  /**
127
204
  * Handle API error responses and convert to standardized error result.
128
205
  * Internal error handling with status code analysis and message formatting.
@@ -200,6 +277,22 @@ class SocketSdk {
200
277
  success: true,
201
278
  };
202
279
  }
280
+ /**
281
+ * Handle query API response data based on requested response type.
282
+ * Internal method for processing different response formats (json, text, response).
283
+ */
284
+ async #handleQueryResponseData(response, responseType) {
285
+ if (responseType === 'response') {
286
+ return response;
287
+ }
288
+ if (responseType === 'text') {
289
+ return (await this.#getResponseText(response));
290
+ }
291
+ if (responseType === 'json') {
292
+ return (await (0, http_client_1.getResponseJson)(response));
293
+ }
294
+ return response;
295
+ }
203
296
  /**
204
297
  * Fetch package analysis data for multiple packages in a single batch request.
205
298
  * Returns all results at once after processing is complete.
@@ -214,10 +307,15 @@ class SocketSdk {
214
307
  catch (e) {
215
308
  return await this.#handleApiError(e);
216
309
  }
310
+ // Validate response before processing.
311
+ /* c8 ignore next 3 - Defensive check, response should always be defined after successful request */
312
+ if (!res) {
313
+ throw new Error('Failed to get response from batch PURL request');
314
+ }
217
315
  // Parse the newline delimited JSON response.
218
316
  const rli = node_readline_1.default.createInterface({
219
317
  input: res,
220
- crlfDelay: Infinity,
318
+ crlfDelay: Number.POSITIVE_INFINITY,
221
319
  signal: abort_signal_1.default,
222
320
  });
223
321
  const isPublicToken = this.#apiToken === SOCKET_PUBLIC_API_TOKEN_1.default;
@@ -294,9 +392,13 @@ class SocketSdk {
294
392
  while (running.length > 0) {
295
393
  // eslint-disable-next-line no-await-in-loop
296
394
  const { generator, iteratorResult } = await Promise.race(running.map(entry => entry.promise));
297
- // Remove generator.
298
- /* c8 ignore next 3 - Concurrent generator cleanup edge case. */
299
- running.splice(running.findIndex(entry => entry.generator === generator), 1);
395
+ // Remove generator with safe index lookup.
396
+ const index = running.findIndex(entry => entry.generator === generator);
397
+ /* c8 ignore next 3 - Defensive check for concurrent generator cleanup edge case. */
398
+ if (index === -1) {
399
+ continue;
400
+ }
401
+ running.splice(index, 1);
300
402
  // Yield the value if one is given, even when done:true.
301
403
  if (iteratorResult.value) {
302
404
  yield iteratorResult.value;
@@ -323,11 +425,30 @@ class SocketSdk {
323
425
  *
324
426
  * @throws {Error} When server returns 5xx status codes
325
427
  */
326
- async createDependenciesSnapshot(filepaths, pathsRelativeTo = '.', queryParams) {
428
+ async createDependenciesSnapshot(filepaths, options) {
429
+ const { pathsRelativeTo = '.', queryParams } = {
430
+ __proto__: null,
431
+ ...options,
432
+ };
327
433
  const basePath = (0, utils_1.resolveBasePath)(pathsRelativeTo);
328
434
  const absFilepaths = (0, utils_1.resolveAbsPaths)(filepaths, basePath);
329
435
  try {
330
- const data = await (0, http_client_1.getResponseJson)(await (0, file_upload_1.createUploadRequest)(this.#baseUrl, `dependencies/upload?${(0, utils_1.queryToSearchParams)(queryParams)}`, (0, file_upload_1.createRequestBodyForFilepaths)(absFilepaths, basePath), this.#reqOptions));
436
+ const data = await this.#executeWithRetry(async () => await (0, http_client_1.getResponseJson)(await (0, file_upload_1.createUploadRequest)(this.#baseUrl, `dependencies/upload?${(0, utils_1.queryToSearchParams)(queryParams)}`, (0, file_upload_1.createRequestBodyForFilepaths)(absFilepaths, basePath), this.#reqOptions)));
437
+ return this.#handleApiSuccess(data);
438
+ }
439
+ catch (e) {
440
+ return await this.#handleApiError(e);
441
+ }
442
+ }
443
+ /**
444
+ * Create a diff scan from two full scan IDs.
445
+ * Compares two existing full scans to identify changes.
446
+ *
447
+ * @throws {Error} When server returns 5xx status codes
448
+ */
449
+ async createOrgDiffScanFromIds(orgSlug, queryParams) {
450
+ try {
451
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans?${(0, utils_1.queryToSearchParams)(queryParams)}`, {}, this.#reqOptions));
331
452
  return this.#handleApiSuccess(data);
332
453
  }
333
454
  catch (e) {
@@ -340,7 +461,11 @@ class SocketSdk {
340
461
  *
341
462
  * @throws {Error} When server returns 5xx status codes
342
463
  */
343
- async createOrgFullScan(orgSlug, filepaths, pathsRelativeTo = '.', queryParams) {
464
+ async createOrgFullScan(orgSlug, filepaths, options) {
465
+ const { pathsRelativeTo = '.', queryParams } = {
466
+ __proto__: null,
467
+ ...options,
468
+ };
344
469
  const basePath = (0, utils_1.resolveBasePath)(pathsRelativeTo);
345
470
  const absFilepaths = (0, utils_1.resolveAbsPaths)(filepaths, basePath);
346
471
  try {
@@ -366,13 +491,32 @@ class SocketSdk {
366
491
  return await this.#handleApiError(e);
367
492
  }
368
493
  }
494
+ /**
495
+ * Create a new repository label for an organization.
496
+ * Adds label for repository categorization and management.
497
+ *
498
+ * @throws {Error} When server returns 5xx status codes
499
+ */
500
+ async createOrgRepoLabel(orgSlug, repoSlug, labelData) {
501
+ try {
502
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels`, labelData, this.#reqOptions));
503
+ return this.#handleApiSuccess(data);
504
+ }
505
+ catch (e) {
506
+ return await this.#handleApiError(e);
507
+ }
508
+ }
369
509
  /**
370
510
  * Create a security scan by uploading project files.
371
511
  * Analyzes uploaded files for security vulnerabilities and policy violations.
372
512
  *
373
513
  * @throws {Error} When server returns 5xx status codes
374
514
  */
375
- async createScanFromFilepaths(filepaths, pathsRelativeTo = '.', issueRules) {
515
+ async createScanFromFilepaths(filepaths, options) {
516
+ const { issueRules, pathsRelativeTo = '.' } = {
517
+ __proto__: null,
518
+ ...options,
519
+ };
376
520
  const basePath = (0, utils_1.resolveBasePath)(pathsRelativeTo);
377
521
  const absFilepaths = (0, utils_1.resolveAbsPaths)(filepaths, basePath);
378
522
  try {
@@ -395,14 +539,14 @@ class SocketSdk {
395
539
  }
396
540
  }
397
541
  /**
398
- * Delete a full scan from an organization.
399
- * Permanently removes scan data and results.
542
+ * Delete a diff scan from an organization.
543
+ * Permanently removes diff scan data and results.
400
544
  *
401
545
  * @throws {Error} When server returns 5xx status codes
402
546
  */
403
- async deleteOrgFullScan(orgSlug, fullScanId) {
547
+ async deleteOrgDiffScan(orgSlug, diffScanId) {
404
548
  try {
405
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}`, this.#reqOptions));
549
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans/${encodeURIComponent(diffScanId)}`, this.#reqOptions));
406
550
  return this.#handleApiSuccess(data);
407
551
  }
408
552
  catch (e) {
@@ -410,14 +554,14 @@ class SocketSdk {
410
554
  }
411
555
  }
412
556
  /**
413
- * Delete a repository from an organization.
414
- * Removes repository monitoring and associated scan data.
557
+ * Delete a full scan from an organization.
558
+ * Permanently removes scan data and results.
415
559
  *
416
560
  * @throws {Error} When server returns 5xx status codes
417
561
  */
418
- async deleteOrgRepo(orgSlug, repoSlug) {
562
+ async deleteOrgFullScan(orgSlug, fullScanId) {
419
563
  try {
420
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}`, this.#reqOptions));
564
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}`, this.#reqOptions));
421
565
  return this.#handleApiSuccess(data);
422
566
  }
423
567
  catch (e) {
@@ -425,14 +569,14 @@ class SocketSdk {
425
569
  }
426
570
  }
427
571
  /**
428
- * Retrieve audit log events for an organization.
429
- * Returns chronological log of security and administrative actions.
572
+ * Delete a repository from an organization.
573
+ * Removes repository monitoring and associated scan data.
430
574
  *
431
575
  * @throws {Error} When server returns 5xx status codes
432
576
  */
433
- async getAuditLogEvents(orgSlug, queryParams) {
577
+ async deleteOrgRepo(orgSlug, repoSlug) {
434
578
  try {
435
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/audit-log?${(0, utils_1.queryToSearchParams)(queryParams)}`, this.#reqOptions));
579
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}`, this.#reqOptions));
436
580
  return this.#handleApiSuccess(data);
437
581
  }
438
582
  catch (e) {
@@ -440,38 +584,14 @@ class SocketSdk {
440
584
  }
441
585
  }
442
586
  /**
443
- * Retrieve the enabled entitlements for an organization.
444
- *
445
- * This method fetches the organization's entitlements and filters for only* the enabled ones, returning their keys. Entitlements represent Socket
446
- * Products that the organization has access to use.
447
- */
448
- async getEnabledEntitlements(orgSlug) {
449
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/entitlements`, this.#reqOptions));
450
- // Extract enabled products from the response.
451
- const items = data?.items || [];
452
- return items
453
- .filter((item) => item && item.enabled === true && item.key)
454
- .map((item) => item.key);
455
- }
456
- /**
457
- * Retrieve all entitlements for an organization.
458
- *
459
- * This method fetches all entitlements (both enabled and disabled) for
460
- * an organization, returning the complete list with their status.
461
- */
462
- async getEntitlements(orgSlug) {
463
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/entitlements`, this.#reqOptions));
464
- return data?.items || [];
465
- }
466
- /**
467
- * Get security issues for a specific npm package and version.
468
- * Returns detailed vulnerability and security alert information.
587
+ * Delete a repository label from an organization.
588
+ * Removes label and associated configuration.
469
589
  *
470
590
  * @throws {Error} When server returns 5xx status codes
471
591
  */
472
- async getIssuesByNpmPackage(pkgName, version) {
592
+ async deleteOrgRepoLabel(orgSlug, repoSlug, labelSlug) {
473
593
  try {
474
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `npm/${encodeURIComponent(pkgName)}/${encodeURIComponent(version)}/issues`, this.#reqOptions));
594
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels/${encodeURIComponent(labelSlug)}`, this.#reqOptions));
475
595
  return this.#handleApiSuccess(data);
476
596
  }
477
597
  catch (e) {
@@ -479,14 +599,14 @@ class SocketSdk {
479
599
  }
480
600
  }
481
601
  /**
482
- * Get analytics data for organization usage patterns and security metrics.
483
- * Returns statistical analysis for specified time period.
602
+ * Delete a scan report permanently.
603
+ * Removes scan data and analysis results from the system.
484
604
  *
485
605
  * @throws {Error} When server returns 5xx status codes
486
606
  */
487
- async getOrgAnalytics(time) {
607
+ async deleteReport(reportId) {
488
608
  try {
489
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `analytics/org/${encodeURIComponent(time)}`, this.#reqOptions));
609
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `report/delete/${encodeURIComponent(reportId)}`, this.#reqOptions));
490
610
  return this.#handleApiSuccess(data);
491
611
  }
492
612
  catch (e) {
@@ -494,14 +614,14 @@ class SocketSdk {
494
614
  }
495
615
  }
496
616
  /**
497
- * List all organizations accessible to the current user.
498
- * Returns organization details and access permissions.
617
+ * Export scan results in CycloneDX SBOM format.
618
+ * Returns Software Bill of Materials compliant with CycloneDX standard.
499
619
  *
500
620
  * @throws {Error} When server returns 5xx status codes
501
621
  */
502
- async getOrganizations() {
622
+ async exportCDX(orgSlug, fullScanId) {
503
623
  try {
504
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'organizations', this.#reqOptions));
624
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/sbom/export/cdx`, this.#reqOptions));
505
625
  return this.#handleApiSuccess(data);
506
626
  }
507
627
  catch (e) {
@@ -509,92 +629,91 @@ class SocketSdk {
509
629
  }
510
630
  }
511
631
  /**
512
- * Stream a full scan's results to file or stdout.* Provides efficient streaming for large scan datasets.
632
+ * Export scan results in SPDX SBOM format.
633
+ * Returns Software Bill of Materials compliant with SPDX standard.
513
634
  *
514
635
  * @throws {Error} When server returns 5xx status codes
515
636
  */
516
- async streamOrgFullScan(orgSlug, fullScanId, output) {
637
+ async exportSPDX(orgSlug, fullScanId) {
517
638
  try {
518
- const req = (0, http_client_1.getHttpModule)(this.#baseUrl)
519
- .request(`${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}`, {
520
- method: 'GET',
521
- ...this.#reqOptions,
522
- })
523
- .end();
524
- const res = await (0, http_client_1.getResponse)(req);
525
- // Check for HTTP error status codes.
526
- if (!(0, http_client_1.isResponseOk)(res)) {
527
- throw new http_client_1.ResponseError(res);
528
- }
529
- if (typeof output === 'string') {
530
- // Stream to file
531
- res.pipe((0, node_fs_1.createWriteStream)(output));
532
- }
533
- else if (output === true) {
534
- // Stream to stdout
535
- res.pipe(process.stdout);
536
- }
537
- // If output is false or undefined, just return the response without streaming
538
- return this.#handleApiSuccess(res);
639
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/sbom/export/spdx`, this.#reqOptions));
640
+ return this.#handleApiSuccess(data);
539
641
  }
540
642
  catch (e) {
541
643
  return await this.#handleApiError(e);
542
644
  }
543
645
  }
544
646
  /**
545
- * Stream patches for artifacts in a scan report.
546
- *
547
- * This method streams all available patches for artifacts in a scan.
548
- * Free tier users will only receive free patches.
549
- *
550
- * Note: This method returns a ReadableStream for processing large datasets.
551
- */
552
- async streamPatchesFromScan(orgSlug, scanId) {
553
- const response = await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/patches/scan/${encodeURIComponent(scanId)}`, this.#reqOptions);
554
- // Check for HTTP error status codes.
555
- if (!(0, http_client_1.isResponseOk)(response)) {
556
- throw new http_client_1.ResponseError(response, 'GET Request failed');
647
+ * Execute a raw GET request to any API endpoint with configurable response type.
648
+ * Supports both throwing (default) and non-throwing modes.
649
+ * @param urlPath - API endpoint path (e.g., 'organizations')
650
+ * @param options - Request options including responseType and throws behavior
651
+ * @returns Raw response, parsed data, or SocketSdkGenericResult based on options
652
+ */
653
+ async getApi(urlPath, options) {
654
+ const { responseType = 'response', throws = true } = {
655
+ __proto__: null,
656
+ ...options,
657
+ };
658
+ try {
659
+ const response = await (0, http_client_1.createGetRequest)(this.#baseUrl, urlPath, this.#reqOptions);
660
+ // Check for HTTP error status codes first.
661
+ if (!(0, http_client_1.isResponseOk)(response)) {
662
+ if (throws) {
663
+ throw new http_client_1.ResponseError(response);
664
+ }
665
+ const errorResult = await this.#handleApiError(new http_client_1.ResponseError(response));
666
+ return {
667
+ cause: errorResult.cause,
668
+ data: undefined,
669
+ error: errorResult.error,
670
+ status: errorResult.status,
671
+ success: false,
672
+ };
673
+ }
674
+ const data = await this.#handleQueryResponseData(response, responseType);
675
+ if (throws) {
676
+ return data;
677
+ }
678
+ return {
679
+ cause: undefined,
680
+ data,
681
+ error: undefined,
682
+ /* c8 ignore next - Defensive fallback: response.statusCode is always defined in Node.js http/https */
683
+ status: response.statusCode ?? 200,
684
+ success: true,
685
+ };
686
+ }
687
+ catch (e) {
688
+ if (throws) {
689
+ throw e;
690
+ }
691
+ /* c8 ignore start - Defensive fallback: ResponseError in catch block handled in try block (lines 897-910) */
692
+ if (e instanceof http_client_1.ResponseError) {
693
+ // Re-use existing error handling logic from the SDK
694
+ const errorResult = await this.#handleApiError(e);
695
+ return {
696
+ cause: errorResult.cause,
697
+ data: undefined,
698
+ error: errorResult.error,
699
+ status: errorResult.status,
700
+ success: false,
701
+ };
702
+ }
703
+ /* c8 ignore stop */
704
+ /* c8 ignore next - Fallback error handling for non-ResponseError cases in getApi. */
705
+ return this.#createQueryErrorResult(e);
557
706
  }
558
- // The response itself is the readable stream for NDJSON data
559
- // Convert the Node.js readable stream to a Web ReadableStream
560
- return new ReadableStream({
561
- start(controller) {
562
- response.on('data', (chunk) => {
563
- // Parse NDJSON chunks line by line
564
- const lines = chunk
565
- .toString()
566
- .split('\n')
567
- .filter(line => line.trim());
568
- for (const line of lines) {
569
- try {
570
- const data = JSON.parse(line);
571
- controller.enqueue(data);
572
- }
573
- catch (e) {
574
- // Skip invalid JSON lines
575
- continue;
576
- }
577
- }
578
- });
579
- response.on('end', () => {
580
- controller.close();
581
- });
582
- response.on('error', error => {
583
- /* c8 ignore next - Streaming error handler, difficult to test reliably. */
584
- controller.error(error);
585
- });
586
- },
587
- });
588
707
  }
589
708
  /**
590
- * Get complete full scan results in memory.
591
- * Returns entire scan data as JSON for programmatic processing.
709
+ * Get list of API tokens for an organization.
710
+ * Returns organization API tokens with metadata and permissions.
592
711
  *
593
712
  * @throws {Error} When server returns 5xx status codes
594
713
  */
595
- async getOrgFullScanBuffered(orgSlug, fullScanId) {
714
+ async getAPITokens(orgSlug) {
596
715
  try {
597
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}`, this.#reqOptions));
716
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens`, this.#reqOptions));
598
717
  return this.#handleApiSuccess(data);
599
718
  }
600
719
  catch (e) {
@@ -602,14 +721,14 @@ class SocketSdk {
602
721
  }
603
722
  }
604
723
  /**
605
- * List all full scans for an organization.
606
- * Returns paginated list of scan metadata and status.
724
+ * Retrieve audit log events for an organization.
725
+ * Returns chronological log of security and administrative actions.
607
726
  *
608
727
  * @throws {Error} When server returns 5xx status codes
609
728
  */
610
- async getOrgFullScanList(orgSlug, queryParams) {
729
+ async getAuditLogEvents(orgSlug, queryParams) {
611
730
  try {
612
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans?${(0, utils_1.queryToSearchParams)(queryParams)}`, this.#reqOptions));
731
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/audit-log?${(0, utils_1.queryToSearchParams)(queryParams)}`, this.#reqOptions));
613
732
  return this.#handleApiSuccess(data);
614
733
  }
615
734
  catch (e) {
@@ -617,14 +736,14 @@ class SocketSdk {
617
736
  }
618
737
  }
619
738
  /**
620
- * Get metadata for a specific full scan.
621
- * Returns scan configuration, status, and summary information.
739
+ * Get details for a specific diff scan.
740
+ * Returns comparison between two full scans with artifact changes.
622
741
  *
623
742
  * @throws {Error} When server returns 5xx status codes
624
743
  */
625
- async getOrgFullScanMetadata(orgSlug, fullScanId) {
744
+ async getDiffScanById(orgSlug, diffScanId) {
626
745
  try {
627
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/metadata`, this.#reqOptions));
746
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans/${encodeURIComponent(diffScanId)}`, this.#reqOptions));
628
747
  return this.#handleApiSuccess(data);
629
748
  }
630
749
  catch (e) {
@@ -632,13 +751,38 @@ class SocketSdk {
632
751
  }
633
752
  }
634
753
  /**
635
- * Get organization's license policy configuration.* Returns allowed, restricted, and monitored license types.
754
+ * Retrieve the enabled entitlements for an organization.
755
+ *
756
+ * This method fetches the organization's entitlements and filters for only* the enabled ones, returning their keys. Entitlements represent Socket
757
+ * Products that the organization has access to use.
758
+ */
759
+ async getEnabledEntitlements(orgSlug) {
760
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/entitlements`, this.#reqOptions));
761
+ // Extract enabled products from the response.
762
+ const items = data?.items || [];
763
+ return items
764
+ .filter((item) => item && item.enabled === true && item.key)
765
+ .map((item) => item.key);
766
+ }
767
+ /**
768
+ * Retrieve all entitlements for an organization.
769
+ *
770
+ * This method fetches all entitlements (both enabled and disabled) for
771
+ * an organization, returning the complete list with their status.
772
+ */
773
+ async getEntitlements(orgSlug) {
774
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/entitlements`, this.#reqOptions));
775
+ return data?.items || [];
776
+ }
777
+ /**
778
+ * Get security issues for a specific npm package and version.
779
+ * Returns detailed vulnerability and security alert information.
636
780
  *
637
781
  * @throws {Error} When server returns 5xx status codes
638
782
  */
639
- async getOrgLicensePolicy(orgSlug) {
783
+ async getIssuesByNpmPackage(pkgName, version) {
640
784
  try {
641
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/license-policy`, this.#reqOptions));
785
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `npm/${encodeURIComponent(pkgName)}/${encodeURIComponent(version)}/issues`, this.#reqOptions));
642
786
  return this.#handleApiSuccess(data);
643
787
  }
644
788
  catch (e) {
@@ -646,16 +790,14 @@ class SocketSdk {
646
790
  }
647
791
  }
648
792
  /**
649
- * Get details for a specific organization repository.
650
- * Returns repository configuration, monitoring status, and metadata.
793
+ * Get analytics data for organization usage patterns and security metrics.
794
+ * Returns statistical analysis for specified time period.
651
795
  *
652
796
  * @throws {Error} When server returns 5xx status codes
653
797
  */
654
- async getOrgRepo(orgSlug, repoSlug) {
655
- const orgSlugParam = encodeURIComponent(orgSlug);
656
- const repoSlugParam = encodeURIComponent(repoSlug);
798
+ async getOrgAnalytics(time) {
657
799
  try {
658
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${orgSlugParam}/repos/${repoSlugParam}`, this.#reqOptions));
800
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `analytics/org/${encodeURIComponent(time)}`, this.#reqOptions));
659
801
  return this.#handleApiSuccess(data);
660
802
  }
661
803
  catch (e) {
@@ -663,14 +805,14 @@ class SocketSdk {
663
805
  }
664
806
  }
665
807
  /**
666
- * List all repositories in an organization.
667
- * Returns paginated list of repository metadata and status.
808
+ * List all organizations accessible to the current user.
809
+ * Returns organization details and access permissions.
668
810
  *
669
811
  * @throws {Error} When server returns 5xx status codes
670
812
  */
671
- async getOrgRepoList(orgSlug, queryParams) {
813
+ async getOrganizations() {
672
814
  try {
673
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos?${(0, utils_1.queryToSearchParams)(queryParams)}`, this.#reqOptions));
815
+ const data = await this.#executeWithRetry(async () => await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'organizations', this.#reqOptions)));
674
816
  return this.#handleApiSuccess(data);
675
817
  }
676
818
  catch (e) {
@@ -678,13 +820,14 @@ class SocketSdk {
678
820
  }
679
821
  }
680
822
  /**
681
- * Get organization's security policy configuration.* Returns alert rules, severity thresholds, and enforcement settings.
823
+ * Get complete full scan results in memory.
824
+ * Returns entire scan data as JSON for programmatic processing.
682
825
  *
683
826
  * @throws {Error} When server returns 5xx status codes
684
827
  */
685
- async getOrgSecurityPolicy(orgSlug) {
828
+ async getOrgFullScanBuffered(orgSlug, fullScanId) {
686
829
  try {
687
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/security-policy`, this.#reqOptions));
830
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}`, this.#reqOptions));
688
831
  return this.#handleApiSuccess(data);
689
832
  }
690
833
  catch (e) {
@@ -692,14 +835,14 @@ class SocketSdk {
692
835
  }
693
836
  }
694
837
  /**
695
- * Get current API quota usage and limits.
696
- * Returns remaining requests, rate limits, and quota reset times.
838
+ * List all full scans for an organization.
839
+ * Returns paginated list of scan metadata and status.
697
840
  *
698
841
  * @throws {Error} When server returns 5xx status codes
699
842
  */
700
- async getQuota() {
843
+ async getOrgFullScanList(orgSlug, queryParams) {
701
844
  try {
702
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'quota', this.#reqOptions));
845
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans?${(0, utils_1.queryToSearchParams)(queryParams)}`, this.#reqOptions));
703
846
  return this.#handleApiSuccess(data);
704
847
  }
705
848
  catch (e) {
@@ -707,14 +850,14 @@ class SocketSdk {
707
850
  }
708
851
  }
709
852
  /**
710
- * Get analytics data for a specific repository.
711
- * Returns security metrics, dependency trends, and vulnerability statistics.
853
+ * Get metadata for a specific full scan.
854
+ * Returns scan configuration, status, and summary information.
712
855
  *
713
856
  * @throws {Error} When server returns 5xx status codes
714
857
  */
715
- async getRepoAnalytics(repo, time) {
858
+ async getOrgFullScanMetadata(orgSlug, fullScanId) {
716
859
  try {
717
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `analytics/repo/${encodeURIComponent(repo)}/${encodeURIComponent(time)}`, this.#reqOptions));
860
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/metadata`, this.#reqOptions));
718
861
  return this.#handleApiSuccess(data);
719
862
  }
720
863
  catch (e) {
@@ -722,14 +865,13 @@ class SocketSdk {
722
865
  }
723
866
  }
724
867
  /**
725
- * Get detailed results for a specific scan.
726
- * Returns complete scan analysis including vulnerabilities and alerts.
868
+ * Get organization's license policy configuration.* Returns allowed, restricted, and monitored license types.
727
869
  *
728
870
  * @throws {Error} When server returns 5xx status codes
729
871
  */
730
- async getScan(id) {
872
+ async getOrgLicensePolicy(orgSlug) {
731
873
  try {
732
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `report/view/${encodeURIComponent(id)}`, this.#reqOptions));
874
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/license-policy`, this.#reqOptions));
733
875
  return this.#handleApiSuccess(data);
734
876
  }
735
877
  catch (e) {
@@ -737,14 +879,16 @@ class SocketSdk {
737
879
  }
738
880
  }
739
881
  /**
740
- * List all scans accessible to the current user.
741
- * Returns paginated list of scan metadata and status.
882
+ * Get details for a specific organization repository.
883
+ * Returns repository configuration, monitoring status, and metadata.
742
884
  *
743
885
  * @throws {Error} When server returns 5xx status codes
744
886
  */
745
- async getScanList() {
887
+ async getOrgRepo(orgSlug, repoSlug) {
888
+ const orgSlugParam = encodeURIComponent(orgSlug);
889
+ const repoSlugParam = encodeURIComponent(repoSlug);
746
890
  try {
747
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'report/list', this.#reqOptions), 'GET');
891
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${orgSlugParam}/repos/${repoSlugParam}`, this.#reqOptions));
748
892
  return this.#handleApiSuccess(data);
749
893
  }
750
894
  catch (e) {
@@ -752,14 +896,14 @@ class SocketSdk {
752
896
  }
753
897
  }
754
898
  /**
755
- * Get list of file types and formats supported for scanning.
756
- * Returns supported manifest files, lockfiles, and configuration formats.
899
+ * Get details for a specific repository label.
900
+ * Returns label configuration and metadata.
757
901
  *
758
902
  * @throws {Error} When server returns 5xx status codes
759
903
  */
760
- async getSupportedScanFiles() {
904
+ async getOrgRepoLabel(orgSlug, repoSlug, labelSlug) {
761
905
  try {
762
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'report/supported', this.#reqOptions));
906
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels/${encodeURIComponent(labelSlug)}`, this.#reqOptions));
763
907
  return this.#handleApiSuccess(data);
764
908
  }
765
909
  catch (e) {
@@ -767,14 +911,14 @@ class SocketSdk {
767
911
  }
768
912
  }
769
913
  /**
770
- * Get security score for a specific npm package and version.
771
- * Returns numerical security rating and scoring breakdown.
914
+ * Get list of repository labels for an organization.
915
+ * Returns all labels configured for repository management.
772
916
  *
773
917
  * @throws {Error} When server returns 5xx status codes
774
918
  */
775
- async getScoreByNpmPackage(pkgName, version) {
919
+ async getOrgRepoLabelList(orgSlug, repoSlug) {
776
920
  try {
777
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `npm/${encodeURIComponent(pkgName)}/${encodeURIComponent(version)}/score`, this.#reqOptions));
921
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels`, this.#reqOptions));
778
922
  return this.#handleApiSuccess(data);
779
923
  }
780
924
  catch (e) {
@@ -782,14 +926,14 @@ class SocketSdk {
782
926
  }
783
927
  }
784
928
  /**
785
- * Update user or organization settings.
786
- * Configures preferences, notifications, and security policies.
929
+ * List all repositories in an organization.
930
+ * Returns paginated list of repository metadata and status.
787
931
  *
788
932
  * @throws {Error} When server returns 5xx status codes
789
933
  */
790
- async postSettings(selectors) {
934
+ async getOrgRepoList(orgSlug, queryParams) {
791
935
  try {
792
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, 'settings', { json: selectors }, this.#reqOptions));
936
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos?${(0, utils_1.queryToSearchParams)(queryParams)}`, this.#reqOptions));
793
937
  return this.#handleApiSuccess(data);
794
938
  }
795
939
  catch (e) {
@@ -797,14 +941,13 @@ class SocketSdk {
797
941
  }
798
942
  }
799
943
  /**
800
- * Search for dependencies across monitored projects.
801
- * Returns matching packages with security information and usage patterns.
944
+ * Get organization's security policy configuration.* Returns alert rules, severity thresholds, and enforcement settings.
802
945
  *
803
946
  * @throws {Error} When server returns 5xx status codes
804
947
  */
805
- async searchDependencies(queryParams) {
948
+ async getOrgSecurityPolicy(orgSlug) {
806
949
  try {
807
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, 'dependencies/search', queryParams, this.#reqOptions));
950
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/security-policy`, this.#reqOptions));
808
951
  return this.#handleApiSuccess(data);
809
952
  }
810
953
  catch (e) {
@@ -812,14 +955,14 @@ class SocketSdk {
812
955
  }
813
956
  }
814
957
  /**
815
- * Update configuration for an organization repository.
816
- * Modifies monitoring settings, branch configuration, and scan preferences.
958
+ * Get organization triage settings and status.
959
+ * Returns alert triage configuration and current state.
817
960
  *
818
961
  * @throws {Error} When server returns 5xx status codes
819
962
  */
820
- async updateOrgRepo(orgSlug, repoSlug, queryParams) {
963
+ async getOrgTriage(orgSlug) {
821
964
  try {
822
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}`, queryParams, this.#reqOptions));
965
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/triage`, this.#reqOptions));
823
966
  return this.#handleApiSuccess(data);
824
967
  }
825
968
  catch (e) {
@@ -827,43 +970,29 @@ class SocketSdk {
827
970
  }
828
971
  }
829
972
  /**
830
- * Upload manifest files for dependency analysis.
831
- * Processes package files to create dependency snapshots and security analysis.
973
+ * Get current API quota usage and limits.
974
+ * Returns remaining requests, rate limits, and quota reset times.
832
975
  *
833
976
  * @throws {Error} When server returns 5xx status codes
834
977
  */
835
- async uploadManifestFiles(orgSlug, filepaths, pathsRelativeTo = '.') {
836
- const basePath = (0, utils_1.resolveBasePath)(pathsRelativeTo);
837
- const absFilepaths = (0, utils_1.resolveAbsPaths)(filepaths, basePath);
978
+ async getQuota() {
838
979
  try {
839
- const data = await (0, http_client_1.getResponseJson)(await (0, file_upload_1.createUploadRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/upload-manifest-files`, (0, file_upload_1.createRequestBodyForFilepaths)(absFilepaths, basePath), this.#reqOptions));
980
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'quota', this.#reqOptions));
840
981
  return this.#handleApiSuccess(data);
841
982
  }
842
983
  catch (e) {
843
- /* c8 ignore start - Error handling in uploadManifestFiles method for edge cases. */
844
- return (await this.#handleApiError(e));
845
- /* c8 ignore stop */
846
- } /* c8 ignore next - Closing brace of error handling block. */
984
+ return await this.#handleApiError(e);
985
+ }
847
986
  }
848
987
  /**
849
- * View detailed information about a specific patch by its UUID.
850
- *
851
- * This method retrieves comprehensive patch details including files,
852
- * vulnerabilities, description, license, and tier information.
853
- */
854
- async viewPatch(orgSlug, uuid) {
855
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/patches/view/${encodeURIComponent(uuid)}`, this.#reqOptions));
856
- return data;
857
- }
858
- /**
859
- * Delete a scan report permanently.
860
- * Removes scan data and analysis results from the system.
988
+ * Get analytics data for a specific repository.
989
+ * Returns security metrics, dependency trends, and vulnerability statistics.
861
990
  *
862
991
  * @throws {Error} When server returns 5xx status codes
863
992
  */
864
- async deleteReport(reportId) {
993
+ async getRepoAnalytics(repo, time) {
865
994
  try {
866
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `report/delete/${encodeURIComponent(reportId)}`, this.#reqOptions));
995
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `analytics/repo/${encodeURIComponent(repo)}/${encodeURIComponent(time)}`, this.#reqOptions));
867
996
  return this.#handleApiSuccess(data);
868
997
  }
869
998
  catch (e) {
@@ -871,14 +1000,14 @@ class SocketSdk {
871
1000
  }
872
1001
  }
873
1002
  /**
874
- * Export scan results in CycloneDX SBOM format.
875
- * Returns Software Bill of Materials compliant with CycloneDX standard.
1003
+ * Get detailed results for a specific scan.
1004
+ * Returns complete scan analysis including vulnerabilities and alerts.
876
1005
  *
877
1006
  * @throws {Error} When server returns 5xx status codes
878
1007
  */
879
- async exportCDX(orgSlug, fullScanId) {
1008
+ async getScan(id) {
880
1009
  try {
881
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/sbom/export/cdx`, this.#reqOptions));
1010
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `report/view/${encodeURIComponent(id)}`, this.#reqOptions));
882
1011
  return this.#handleApiSuccess(data);
883
1012
  }
884
1013
  catch (e) {
@@ -886,14 +1015,14 @@ class SocketSdk {
886
1015
  }
887
1016
  }
888
1017
  /**
889
- * Export scan results in SPDX SBOM format.
890
- * Returns Software Bill of Materials compliant with SPDX standard.
1018
+ * List all scans accessible to the current user.
1019
+ * Returns paginated list of scan metadata and status.
891
1020
  *
892
1021
  * @throws {Error} When server returns 5xx status codes
893
1022
  */
894
- async exportSPDX(orgSlug, fullScanId) {
1023
+ async getScanList() {
895
1024
  try {
896
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/sbom/export/spdx`, this.#reqOptions));
1025
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'report/list', this.#reqOptions), 'GET');
897
1026
  return this.#handleApiSuccess(data);
898
1027
  }
899
1028
  catch (e) {
@@ -901,14 +1030,14 @@ class SocketSdk {
901
1030
  }
902
1031
  }
903
1032
  /**
904
- * Get list of API tokens for an organization.
905
- * Returns organization API tokens with metadata and permissions.
1033
+ * Get security score for a specific npm package and version.
1034
+ * Returns numerical security rating and scoring breakdown.
906
1035
  *
907
1036
  * @throws {Error} When server returns 5xx status codes
908
1037
  */
909
- async getAPITokens(orgSlug) {
1038
+ async getScoreByNpmPackage(pkgName, version) {
910
1039
  try {
911
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens`, this.#reqOptions));
1040
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `npm/${encodeURIComponent(pkgName)}/${encodeURIComponent(version)}/score`, this.#reqOptions));
912
1041
  return this.#handleApiSuccess(data);
913
1042
  }
914
1043
  catch (e) {
@@ -916,14 +1045,14 @@ class SocketSdk {
916
1045
  }
917
1046
  }
918
1047
  /**
919
- * Create a new API token for an organization.
920
- * Generates API token with specified scopes and metadata.
1048
+ * Get list of file types and formats supported for scanning.
1049
+ * Returns supported manifest files, lockfiles, and configuration formats.
921
1050
  *
922
1051
  * @throws {Error} When server returns 5xx status codes
923
1052
  */
924
- async postAPIToken(orgSlug, tokenData) {
1053
+ async getSupportedScanFiles() {
925
1054
  try {
926
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens`, tokenData, this.#reqOptions));
1055
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, 'report/supported', this.#reqOptions));
927
1056
  return this.#handleApiSuccess(data);
928
1057
  }
929
1058
  catch (e) {
@@ -931,14 +1060,14 @@ class SocketSdk {
931
1060
  }
932
1061
  }
933
1062
  /**
934
- * Update an existing API token for an organization.
935
- * Modifies token metadata, scopes, or other properties.
1063
+ * List all diff scans for an organization.
1064
+ * Returns paginated list of diff scan metadata and status.
936
1065
  *
937
1066
  * @throws {Error} When server returns 5xx status codes
938
1067
  */
939
- async postAPITokenUpdate(orgSlug, tokenId, updateData) {
1068
+ async listOrgDiffScans(orgSlug) {
940
1069
  try {
941
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens/${encodeURIComponent(tokenId)}/update`, updateData, this.#reqOptions));
1070
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans`, this.#reqOptions));
942
1071
  return this.#handleApiSuccess(data);
943
1072
  }
944
1073
  catch (e) {
@@ -946,14 +1075,14 @@ class SocketSdk {
946
1075
  }
947
1076
  }
948
1077
  /**
949
- * Rotate an API token for an organization.
950
- * Generates new token value while preserving token metadata.
1078
+ * Create a new API token for an organization.
1079
+ * Generates API token with specified scopes and metadata.
951
1080
  *
952
1081
  * @throws {Error} When server returns 5xx status codes
953
1082
  */
954
- async postAPITokensRotate(orgSlug, tokenId) {
1083
+ async postAPIToken(orgSlug, tokenData) {
955
1084
  try {
956
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens/${encodeURIComponent(tokenId)}/rotate`, {}, this.#reqOptions));
1085
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens`, tokenData, this.#reqOptions));
957
1086
  return this.#handleApiSuccess(data);
958
1087
  }
959
1088
  catch (e) {
@@ -976,13 +1105,14 @@ class SocketSdk {
976
1105
  }
977
1106
  }
978
1107
  /**
979
- * Update organization's security policy configuration.* Modifies alert rules, severity thresholds, and enforcement settings.
1108
+ * Rotate an API token for an organization.
1109
+ * Generates new token value while preserving token metadata.
980
1110
  *
981
1111
  * @throws {Error} When server returns 5xx status codes
982
1112
  */
983
- async updateOrgSecurityPolicy(orgSlug, policyData) {
1113
+ async postAPITokensRotate(orgSlug, tokenId) {
984
1114
  try {
985
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/security-policy`, policyData, this.#reqOptions));
1115
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens/${encodeURIComponent(tokenId)}/rotate`, {}, this.#reqOptions));
986
1116
  return this.#handleApiSuccess(data);
987
1117
  }
988
1118
  catch (e) {
@@ -990,13 +1120,14 @@ class SocketSdk {
990
1120
  }
991
1121
  }
992
1122
  /**
993
- * Update organization's license policy configuration.* Modifies allowed, restricted, and monitored license types.
1123
+ * Update an existing API token for an organization.
1124
+ * Modifies token metadata, scopes, or other properties.
994
1125
  *
995
1126
  * @throws {Error} When server returns 5xx status codes
996
1127
  */
997
- async updateOrgLicensePolicy(orgSlug, policyData, queryParams) {
1128
+ async postAPITokenUpdate(orgSlug, tokenId, updateData) {
998
1129
  try {
999
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/license-policy?${(0, utils_1.queryToSearchParams)(queryParams)}`, policyData, this.#reqOptions));
1130
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/tokens/${encodeURIComponent(tokenId)}/update`, updateData, this.#reqOptions));
1000
1131
  return this.#handleApiSuccess(data);
1001
1132
  }
1002
1133
  catch (e) {
@@ -1004,14 +1135,14 @@ class SocketSdk {
1004
1135
  }
1005
1136
  }
1006
1137
  /**
1007
- * Get organization triage settings and status.
1008
- * Returns alert triage configuration and current state.
1138
+ * Update user or organization settings.
1139
+ * Configures preferences, notifications, and security policies.
1009
1140
  *
1010
1141
  * @throws {Error} When server returns 5xx status codes
1011
1142
  */
1012
- async getOrgTriage(orgSlug) {
1143
+ async postSettings(selectors) {
1013
1144
  try {
1014
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/triage`, this.#reqOptions));
1145
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, 'settings', { json: selectors }, this.#reqOptions));
1015
1146
  return this.#handleApiSuccess(data);
1016
1147
  }
1017
1148
  catch (e) {
@@ -1019,14 +1150,14 @@ class SocketSdk {
1019
1150
  }
1020
1151
  }
1021
1152
  /**
1022
- * Update alert triage status for an organization.
1023
- * Modifies alert resolution status and triage decisions.
1153
+ * Search for dependencies across monitored projects.
1154
+ * Returns matching packages with security information and usage patterns.
1024
1155
  *
1025
1156
  * @throws {Error} When server returns 5xx status codes
1026
1157
  */
1027
- async updateOrgAlertTriage(orgSlug, alertId, triageData) {
1158
+ async searchDependencies(queryParams) {
1028
1159
  try {
1029
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('PUT', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/triage/${encodeURIComponent(alertId)}`, triageData, this.#reqOptions));
1160
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, 'dependencies/search', queryParams, this.#reqOptions));
1030
1161
  return this.#handleApiSuccess(data);
1031
1162
  }
1032
1163
  catch (e) {
@@ -1034,59 +1165,163 @@ class SocketSdk {
1034
1165
  }
1035
1166
  }
1036
1167
  /**
1037
- * Get list of repository labels for an organization.
1038
- * Returns all labels configured for repository management.
1039
- *
1040
- * @throws {Error} When server returns 5xx status codes
1168
+ * Send POST or PUT request with JSON body and return parsed JSON response.
1169
+ * Supports both throwing (default) and non-throwing modes.
1170
+ * @param urlPath - API endpoint path (e.g., 'organizations')
1171
+ * @param options - Request options including method, body, and throws behavior
1172
+ * @returns Parsed JSON response or SocketSdkGenericResult based on options
1041
1173
  */
1042
- async getOrgRepoLabelList(orgSlug, repoSlug) {
1174
+ async sendApi(urlPath, options) {
1175
+ const { body,
1176
+ // Default to POST method for JSON API requests.
1177
+ method = 'POST', throws = true, } = { __proto__: null, ...options };
1043
1178
  try {
1044
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels`, this.#reqOptions));
1045
- return this.#handleApiSuccess(data);
1179
+ // Route to appropriate HTTP method handler (POST or PUT).
1180
+ const response = await (0, http_client_1.createRequestWithJson)(method, this.#baseUrl, urlPath, body, this.#reqOptions);
1181
+ const data = (await (0, http_client_1.getResponseJson)(response));
1182
+ if (throws) {
1183
+ return data;
1184
+ }
1185
+ return {
1186
+ cause: undefined,
1187
+ data,
1188
+ error: undefined,
1189
+ /* c8 ignore next - Defensive fallback: response.statusCode is always defined in Node.js http/https */
1190
+ status: response.statusCode ?? 200,
1191
+ success: true,
1192
+ };
1046
1193
  }
1047
1194
  catch (e) {
1048
- return await this.#handleApiError(e);
1195
+ if (throws) {
1196
+ throw e;
1197
+ }
1198
+ /* c8 ignore start - Defensive fallback: ResponseError in catch block handled in try block (lines 1686-1695) */
1199
+ if (e instanceof http_client_1.ResponseError) {
1200
+ // Re-use existing error handling logic from the SDK
1201
+ const errorResult = await this.#handleApiError(e);
1202
+ return {
1203
+ cause: errorResult.cause,
1204
+ data: undefined,
1205
+ error: errorResult.error,
1206
+ status: errorResult.status,
1207
+ success: false,
1208
+ };
1209
+ }
1210
+ /* c8 ignore stop */
1211
+ /* c8 ignore start - Defensive error stringification fallback branches for sendApi edge cases. */
1212
+ const errStr = e ? String(e).trim() : '';
1213
+ return {
1214
+ cause: errStr || UNKNOWN_ERROR_1.default,
1215
+ data: undefined,
1216
+ error: 'API request failed',
1217
+ status: 0,
1218
+ success: false,
1219
+ };
1220
+ /* c8 ignore stop */
1049
1221
  }
1050
1222
  }
1051
1223
  /**
1052
- * Create a new repository label for an organization.
1053
- * Adds label for repository categorization and management.
1224
+ * Stream a full scan's results to file or stdout.* Provides efficient streaming for large scan datasets.
1054
1225
  *
1055
1226
  * @throws {Error} When server returns 5xx status codes
1056
1227
  */
1057
- async createOrgRepoLabel(orgSlug, repoSlug, labelData) {
1228
+ async streamOrgFullScan(orgSlug, fullScanId, options) {
1229
+ const { output } = {
1230
+ __proto__: null,
1231
+ ...options,
1232
+ };
1058
1233
  try {
1059
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels`, labelData, this.#reqOptions));
1060
- return this.#handleApiSuccess(data);
1234
+ const req = (0, http_client_1.getHttpModule)(this.#baseUrl)
1235
+ .request(`${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}`, {
1236
+ method: 'GET',
1237
+ ...this.#reqOptions,
1238
+ })
1239
+ .end();
1240
+ const res = await (0, http_client_1.getResponse)(req);
1241
+ // Check for HTTP error status codes.
1242
+ if (!(0, http_client_1.isResponseOk)(res)) {
1243
+ throw new http_client_1.ResponseError(res);
1244
+ }
1245
+ if (typeof output === 'string') {
1246
+ // Stream to file with error handling.
1247
+ const writeStream = (0, node_fs_1.createWriteStream)(output);
1248
+ res.pipe(writeStream);
1249
+ /* c8 ignore next 4 - Write stream error handler, difficult to test reliably */
1250
+ writeStream.on('error', error => {
1251
+ throw new Error(`Failed to write to file: ${output}`, {
1252
+ cause: error,
1253
+ });
1254
+ });
1255
+ }
1256
+ else if (output === true) {
1257
+ // Stream to stdout with error handling.
1258
+ res.pipe(process.stdout);
1259
+ /* c8 ignore next 3 - Stdout error handler, difficult to test reliably */
1260
+ process.stdout.on('error', error => {
1261
+ throw new Error('Failed to write to stdout', { cause: error });
1262
+ });
1263
+ }
1264
+ // If output is false or undefined, just return the response without streaming
1265
+ return this.#handleApiSuccess(res);
1061
1266
  }
1062
1267
  catch (e) {
1063
1268
  return await this.#handleApiError(e);
1064
1269
  }
1065
1270
  }
1066
1271
  /**
1067
- * Get details for a specific repository label.
1068
- * Returns label configuration and metadata.
1272
+ * Stream patches for artifacts in a scan report.
1069
1273
  *
1070
- * @throws {Error} When server returns 5xx status codes
1274
+ * This method streams all available patches for artifacts in a scan.
1275
+ * Free tier users will only receive free patches.
1276
+ *
1277
+ * Note: This method returns a ReadableStream for processing large datasets.
1071
1278
  */
1072
- async getOrgRepoLabel(orgSlug, repoSlug, labelSlug) {
1073
- try {
1074
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels/${encodeURIComponent(labelSlug)}`, this.#reqOptions));
1075
- return this.#handleApiSuccess(data);
1076
- }
1077
- catch (e) {
1078
- return await this.#handleApiError(e);
1279
+ async streamPatchesFromScan(orgSlug, scanId) {
1280
+ const response = await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/patches/scan/${encodeURIComponent(scanId)}`, this.#reqOptions);
1281
+ // Check for HTTP error status codes.
1282
+ if (!(0, http_client_1.isResponseOk)(response)) {
1283
+ throw new http_client_1.ResponseError(response, 'GET Request failed');
1079
1284
  }
1285
+ // The response itself is the readable stream for NDJSON data
1286
+ // Convert the Node.js readable stream to a Web ReadableStream
1287
+ return new ReadableStream({
1288
+ start(controller) {
1289
+ response.on('data', (chunk) => {
1290
+ // Parse NDJSON chunks line by line
1291
+ const lines = chunk
1292
+ .toString()
1293
+ .split('\n')
1294
+ .filter(line => line.trim());
1295
+ for (const line of lines) {
1296
+ try {
1297
+ const data = JSON.parse(line);
1298
+ controller.enqueue(data);
1299
+ }
1300
+ catch (e) {
1301
+ // Log parse errors for debugging invalid NDJSON lines.
1302
+ (0, debug_1.debugLog)('streamPatchesFromScan', `Failed to parse line: ${e}`);
1303
+ }
1304
+ }
1305
+ });
1306
+ response.on('end', () => {
1307
+ controller.close();
1308
+ });
1309
+ response.on('error', error => {
1310
+ /* c8 ignore next - Streaming error handler, difficult to test reliably. */
1311
+ controller.error(error);
1312
+ });
1313
+ },
1314
+ });
1080
1315
  }
1081
1316
  /**
1082
- * Update a repository label for an organization.
1083
- * Modifies label properties and configuration.
1317
+ * Update alert triage status for an organization.
1318
+ * Modifies alert resolution status and triage decisions.
1084
1319
  *
1085
1320
  * @throws {Error} When server returns 5xx status codes
1086
1321
  */
1087
- async updateOrgRepoLabel(orgSlug, repoSlug, labelSlug, labelData) {
1322
+ async updateOrgAlertTriage(orgSlug, alertId, triageData) {
1088
1323
  try {
1089
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('PUT', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels/${encodeURIComponent(labelSlug)}`, labelData, this.#reqOptions));
1324
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('PUT', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/triage/${encodeURIComponent(alertId)}`, triageData, this.#reqOptions));
1090
1325
  return this.#handleApiSuccess(data);
1091
1326
  }
1092
1327
  catch (e) {
@@ -1094,14 +1329,13 @@ class SocketSdk {
1094
1329
  }
1095
1330
  }
1096
1331
  /**
1097
- * Delete a repository label from an organization.
1098
- * Removes label and associated configuration.
1332
+ * Update organization's license policy configuration.* Modifies allowed, restricted, and monitored license types.
1099
1333
  *
1100
1334
  * @throws {Error} When server returns 5xx status codes
1101
1335
  */
1102
- async deleteOrgRepoLabel(orgSlug, repoSlug, labelSlug) {
1336
+ async updateOrgLicensePolicy(orgSlug, policyData, queryParams) {
1103
1337
  try {
1104
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels/${encodeURIComponent(labelSlug)}`, this.#reqOptions));
1338
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/license-policy?${(0, utils_1.queryToSearchParams)(queryParams)}`, policyData, this.#reqOptions));
1105
1339
  return this.#handleApiSuccess(data);
1106
1340
  }
1107
1341
  catch (e) {
@@ -1109,14 +1343,14 @@ class SocketSdk {
1109
1343
  }
1110
1344
  }
1111
1345
  /**
1112
- * Get details for a specific diff scan.
1113
- * Returns comparison between two full scans with artifact changes.
1346
+ * Update configuration for an organization repository.
1347
+ * Modifies monitoring settings, branch configuration, and scan preferences.
1114
1348
  *
1115
1349
  * @throws {Error} When server returns 5xx status codes
1116
1350
  */
1117
- async getDiffScanById(orgSlug, diffScanId) {
1351
+ async updateOrgRepo(orgSlug, repoSlug, queryParams) {
1118
1352
  try {
1119
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans/${encodeURIComponent(diffScanId)}`, this.#reqOptions));
1353
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}`, queryParams, this.#reqOptions));
1120
1354
  return this.#handleApiSuccess(data);
1121
1355
  }
1122
1356
  catch (e) {
@@ -1124,14 +1358,14 @@ class SocketSdk {
1124
1358
  }
1125
1359
  }
1126
1360
  /**
1127
- * Create a diff scan from two full scan IDs.
1128
- * Compares two existing full scans to identify changes.
1361
+ * Update a repository label for an organization.
1362
+ * Modifies label properties and configuration.
1129
1363
  *
1130
1364
  * @throws {Error} When server returns 5xx status codes
1131
1365
  */
1132
- async createOrgDiffScanFromIds(orgSlug, queryParams) {
1366
+ async updateOrgRepoLabel(orgSlug, repoSlug, labelSlug, labelData) {
1133
1367
  try {
1134
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans?${(0, utils_1.queryToSearchParams)(queryParams)}`, {}, this.#reqOptions));
1368
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('PUT', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}/labels/${encodeURIComponent(labelSlug)}`, labelData, this.#reqOptions));
1135
1369
  return this.#handleApiSuccess(data);
1136
1370
  }
1137
1371
  catch (e) {
@@ -1139,14 +1373,13 @@ class SocketSdk {
1139
1373
  }
1140
1374
  }
1141
1375
  /**
1142
- * List all diff scans for an organization.
1143
- * Returns paginated list of diff scan metadata and status.
1376
+ * Update organization's security policy configuration.* Modifies alert rules, severity thresholds, and enforcement settings.
1144
1377
  *
1145
1378
  * @throws {Error} When server returns 5xx status codes
1146
1379
  */
1147
- async listOrgDiffScans(orgSlug) {
1380
+ async updateOrgSecurityPolicy(orgSlug, policyData) {
1148
1381
  try {
1149
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans`, this.#reqOptions));
1382
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createRequestWithJson)('POST', this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/settings/security-policy`, policyData, this.#reqOptions));
1150
1383
  return this.#handleApiSuccess(data);
1151
1384
  }
1152
1385
  catch (e) {
@@ -1154,206 +1387,37 @@ class SocketSdk {
1154
1387
  }
1155
1388
  }
1156
1389
  /**
1157
- * Delete a diff scan from an organization.
1158
- * Permanently removes diff scan data and results.
1390
+ * Upload manifest files for dependency analysis.
1391
+ * Processes package files to create dependency snapshots and security analysis.
1159
1392
  *
1160
1393
  * @throws {Error} When server returns 5xx status codes
1161
1394
  */
1162
- async deleteOrgDiffScan(orgSlug, diffScanId) {
1163
- try {
1164
- const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createDeleteRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/diff-scans/${encodeURIComponent(diffScanId)}`, this.#reqOptions));
1165
- return this.#handleApiSuccess(data);
1166
- }
1167
- catch (e) {
1168
- return await this.#handleApiError(e);
1169
- }
1170
- }
1171
- /**
1172
- * Handle query API response data based on requested response type.
1173
- * Internal method for processing different response formats (json, text, response).
1174
- */
1175
- async #handleQueryResponseData(response, responseType) {
1176
- if (responseType === 'response') {
1177
- return response;
1178
- }
1179
- if (responseType === 'text') {
1180
- return (await this.#getResponseText(response));
1181
- }
1182
- if (responseType === 'json') {
1183
- return (await (0, http_client_1.getResponseJson)(response));
1184
- }
1185
- return response;
1186
- }
1187
- /**
1188
- * Extract text content from HTTP response stream.
1189
- * Internal method with size limits to prevent memory exhaustion.
1190
- */
1191
- async #getResponseText(response) {
1192
- const chunks = [];
1193
- let size = 0;
1194
- // 50MB limit to prevent out-of-memory errors from large responses.
1195
- const MAX = 50 * 1024 * 1024;
1196
- for await (const chunk of response) {
1197
- size += chunk.length;
1198
- /* c8 ignore next 3 - MAX size limit protection for edge cases */
1199
- if (size > MAX) {
1200
- throw new Error('Response body exceeds maximum size limit');
1201
- }
1202
- chunks.push(chunk);
1203
- }
1204
- return Buffer.concat(chunks).toString('utf8');
1205
- }
1206
- /**
1207
- * Create standardized error result from query operation exceptions.
1208
- * Internal error handling for non-throwing query API methods.
1209
- */
1210
- #createQueryErrorResult(e) {
1211
- if (e instanceof SyntaxError) {
1212
- // Try to get response text from enhanced error, fall back to regex pattern for compatibility.
1213
- const enhancedError = e;
1214
- /* c8 ignore next - Defensive empty string fallback for originalResponse. */
1215
- let responseText = enhancedError.originalResponse || '';
1216
- /* c8 ignore next 5 - Empty response text fallback check for JSON parsing errors without originalResponse. */
1217
- if (!responseText) {
1218
- const match = e.message.match(/Invalid JSON response:\n([\s\S]*?)\n→/);
1219
- responseText = match?.[1] || '';
1220
- }
1221
- /* c8 ignore next - Defensive empty string fallback when slice returns empty. */
1222
- const preview = responseText.slice(0, 100) || '';
1223
- return {
1224
- cause: `Please report this. JSON.parse threw an error over the following response: \`${preview.trim()}${responseText.length > 100 ? '...' : ''}\``,
1225
- data: undefined,
1226
- error: 'Server returned invalid JSON',
1227
- status: 0,
1228
- success: false,
1229
- };
1230
- }
1231
- /* c8 ignore start - Defensive error stringification fallback branches for edge cases. */
1232
- const errStr = e ? String(e).trim() : '';
1233
- return {
1234
- cause: errStr || UNKNOWN_ERROR_1.default,
1235
- data: undefined,
1236
- error: 'API request failed',
1237
- status: 0,
1238
- success: false,
1239
- };
1240
- /* c8 ignore stop */
1241
- }
1242
- /**
1243
- * Execute a raw GET request to any API endpoint with configurable response type.
1244
- * Supports both throwing (default) and non-throwing modes.
1245
- * @param urlPath - API endpoint path (e.g., 'organizations')
1246
- * @param options - Request options including responseType and throws behavior
1247
- * @returns Raw response, parsed data, or SocketSdkGenericResult based on options
1248
- */
1249
- async getApi(urlPath, options) {
1250
- const { responseType = 'response', throws = true } = {
1395
+ async uploadManifestFiles(orgSlug, filepaths, options) {
1396
+ const { pathsRelativeTo = '.' } = {
1251
1397
  __proto__: null,
1252
1398
  ...options,
1253
1399
  };
1400
+ const basePath = (0, utils_1.resolveBasePath)(pathsRelativeTo);
1401
+ const absFilepaths = (0, utils_1.resolveAbsPaths)(filepaths, basePath);
1254
1402
  try {
1255
- const response = await (0, http_client_1.createGetRequest)(this.#baseUrl, urlPath, this.#reqOptions);
1256
- // Check for HTTP error status codes first.
1257
- if (!(0, http_client_1.isResponseOk)(response)) {
1258
- if (throws) {
1259
- throw new http_client_1.ResponseError(response);
1260
- }
1261
- const errorResult = await this.#handleApiError(new http_client_1.ResponseError(response));
1262
- return {
1263
- cause: errorResult.cause,
1264
- data: undefined,
1265
- error: errorResult.error,
1266
- status: errorResult.status,
1267
- success: false,
1268
- };
1269
- }
1270
- const data = await this.#handleQueryResponseData(response, responseType);
1271
- if (throws) {
1272
- return data;
1273
- }
1274
- return {
1275
- cause: undefined,
1276
- data,
1277
- error: undefined,
1278
- /* c8 ignore next - Defensive fallback: response.statusCode is always defined in Node.js http/https */
1279
- status: response.statusCode ?? 200,
1280
- success: true,
1281
- };
1403
+ const data = await (0, http_client_1.getResponseJson)(await (0, file_upload_1.createUploadRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/upload-manifest-files`, (0, file_upload_1.createRequestBodyForFilepaths)(absFilepaths, basePath), this.#reqOptions));
1404
+ return this.#handleApiSuccess(data);
1282
1405
  }
1283
1406
  catch (e) {
1284
- if (throws) {
1285
- throw e;
1286
- }
1287
- if (e instanceof http_client_1.ResponseError) {
1288
- /* c8 ignore start - ResponseError handling in getApi non-throwing mode covered by other tests */
1289
- // Re-use existing error handling logic from the SDK
1290
- const errorResult = await this.#handleApiError(e);
1291
- return {
1292
- cause: errorResult.cause,
1293
- data: undefined,
1294
- error: errorResult.error,
1295
- status: errorResult.status,
1296
- success: false,
1297
- };
1298
- /* c8 ignore stop */
1299
- } /* c8 ignore next - Closing brace of error result handling. */
1300
- /* c8 ignore next - Fallback error handling for non-ResponseError cases in getApi. */
1301
- return this.#createQueryErrorResult(e);
1407
+ /* c8 ignore start - Error handling in uploadManifestFiles method for edge cases. */
1408
+ return (await this.#handleApiError(e));
1409
+ /* c8 ignore stop */
1302
1410
  }
1303
1411
  }
1304
1412
  /**
1305
- * Send POST or PUT request with JSON body and return parsed JSON response.
1306
- * Supports both throwing (default) and non-throwing modes.
1307
- * @param urlPath - API endpoint path (e.g., 'organizations')
1308
- * @param options - Request options including method, body, and throws behavior
1309
- * @returns Parsed JSON response or SocketSdkGenericResult based on options
1413
+ * View detailed information about a specific patch by its UUID.
1414
+ *
1415
+ * This method retrieves comprehensive patch details including files,
1416
+ * vulnerabilities, description, license, and tier information.
1310
1417
  */
1311
- async sendApi(urlPath, options) {
1312
- const { body,
1313
- // Default to POST method for JSON API requests.
1314
- method = 'POST', throws = true, } = { __proto__: null, ...options };
1315
- try {
1316
- // Route to appropriate HTTP method handler (POST or PUT).
1317
- const response = await (0, http_client_1.createRequestWithJson)(method, this.#baseUrl, urlPath, body, this.#reqOptions);
1318
- const data = (await (0, http_client_1.getResponseJson)(response));
1319
- if (throws) {
1320
- return data;
1321
- }
1322
- return {
1323
- cause: undefined,
1324
- data,
1325
- error: undefined,
1326
- /* c8 ignore next - Defensive fallback: response.statusCode is always defined in Node.js http/https */
1327
- status: response.statusCode ?? 200,
1328
- success: true,
1329
- };
1330
- }
1331
- catch (e) {
1332
- if (throws) {
1333
- throw e;
1334
- }
1335
- if (e instanceof http_client_1.ResponseError) {
1336
- // Re-use existing error handling logic from the SDK
1337
- const errorResult = await this.#handleApiError(e);
1338
- return {
1339
- cause: errorResult.cause,
1340
- data: undefined,
1341
- error: errorResult.error,
1342
- status: errorResult.status,
1343
- success: false,
1344
- };
1345
- }
1346
- /* c8 ignore start - Defensive error stringification fallback branches for sendApi edge cases. */
1347
- const errStr = e ? String(e).trim() : '';
1348
- return {
1349
- cause: errStr || UNKNOWN_ERROR_1.default,
1350
- data: undefined,
1351
- error: 'API request failed',
1352
- status: 0,
1353
- success: false,
1354
- };
1355
- /* c8 ignore stop */
1356
- }
1418
+ async viewPatch(orgSlug, uuid) {
1419
+ const data = await (0, http_client_1.getResponseJson)(await (0, http_client_1.createGetRequest)(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/patches/view/${encodeURIComponent(uuid)}`, this.#reqOptions));
1420
+ return data;
1357
1421
  }
1358
1422
  }
1359
1423
  exports.SocketSdk = SocketSdk;