@socketsecurity/sdk 2.0.1 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/data/api-method-quota-and-permissions.json +232 -0
  3. package/dist/constants.d.ts +1 -1
  4. package/dist/file-upload.d.ts +2 -2
  5. package/dist/http-client.d.ts +1 -1
  6. package/dist/index.d.ts +1 -1
  7. package/dist/socket-sdk-class.d.ts +1 -1
  8. package/dist/types.d.ts +4 -4
  9. package/package.json +16 -11
  10. package/types/api.d.ts +764 -17
  11. package/dist/cacache-BCCSM36H.mjs +0 -2
  12. package/dist/chunk-3V7KNFWE.mjs +0 -33
  13. package/dist/chunk-LHGMBIJS.mjs +0 -4
  14. package/dist/chunk-UKECVIRQ.mjs +0 -2
  15. package/dist/index.mjs +0 -35
  16. package/dist/paths-NFJJ5RRD.mjs +0 -2
  17. package/dist/testing.mjs +0 -2
package/CHANGELOG.md CHANGED
@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
4
4
 
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
6
6
 
7
+ ## [2.0.3](https://github.com/SocketDev/socket-sdk-js/releases/tag/v2.0.3) - 2025-10-22
8
+
9
+ ### Fixed
10
+ - Improved TypeScript module resolution with explicit type exports instead of wildcard re-exports
11
+
12
+ ## [2.0.2](https://github.com/SocketDev/socket-sdk-js/releases/tag/v2.0.2) - 2025-10-22
13
+
14
+ ### Fixed
15
+ - Ensured expected dist/ files are produced and refined package.json exports
16
+
7
17
  ## [2.0.1](https://github.com/SocketDev/socket-sdk-js/releases/tag/v2.0.1) - 2025-10-21
8
18
 
9
19
  ### Changed
package/data/api-method-quota-and-permissions.json ADDED
@@ -0,0 +1,232 @@
1
+ {
2
+ "api": {
3
+ "batchPackageFetch": {
4
+ "quota": 100,
5
+ "permissions": ["packages:list"]
6
+ },
7
+ "batchPackageStream": {
8
+ "quota": 100,
9
+ "permissions": ["packages:list"]
10
+ },
11
+ "createDependenciesSnapshot": {
12
+ "quota": 100,
13
+ "permissions": ["report:write"]
14
+ },
15
+ "createOrgFullScan": {
16
+ "quota": 0,
17
+ "permissions": ["full-scans:create"]
18
+ },
19
+ "createOrgRepo": {
20
+ "quota": 0,
21
+ "permissions": ["repo:create"]
22
+ },
23
+ "createScanFromFilepaths": {
24
+ "quota": 100,
25
+ "permissions": ["report:write"]
26
+ },
27
+ "deleteOrgFullScan": {
28
+ "quota": 0,
29
+ "permissions": ["full-scans:delete"]
30
+ },
31
+ "deleteOrgRepo": {
32
+ "quota": 0,
33
+ "permissions": ["repo:delete"]
34
+ },
35
+ "getAuditLogEvents": {
36
+ "quota": 10,
37
+ "permissions": ["audit-log:list"]
38
+ },
39
+ "getEnabledEntitlements": {
40
+ "quota": 0,
41
+ "permissions": []
42
+ },
43
+ "getEntitlements": {
44
+ "quota": 0,
45
+ "permissions": []
46
+ },
47
+ "getIssuesByNpmPackage": {
48
+ "quota": 10,
49
+ "permissions": []
50
+ },
51
+ "getOrgAnalytics": {
52
+ "quota": 10,
53
+ "permissions": ["report:write"]
54
+ },
55
+ "getOrganizations": {
56
+ "quota": 0,
57
+ "permissions": []
58
+ },
59
+ "streamOrgFullScan": {
60
+ "quota": 0,
61
+ "permissions": ["full-scans:list"]
62
+ },
63
+ "streamPatchesFromScan": {
64
+ "quota": 0,
65
+ "permissions": ["patches:list"]
66
+ },
67
+ "getOrgFullScanBuffered": {
68
+ "quota": 0,
69
+ "permissions": ["full-scans:list"]
70
+ },
71
+ "getOrgFullScanList": {
72
+ "quota": 0,
73
+ "permissions": ["full-scans:list"]
74
+ },
75
+ "getOrgFullScanMetadata": {
76
+ "quota": 0,
77
+ "permissions": ["full-scans:list"]
78
+ },
79
+ "getOrgLicensePolicy": {
80
+ "quota": 0,
81
+ "permissions": ["settings:read"]
82
+ },
83
+ "getOrgRepo": {
84
+ "quota": 0,
85
+ "permissions": ["repo:list"]
86
+ },
87
+ "getOrgRepoList": {
88
+ "quota": 0,
89
+ "permissions": ["repo:list"]
90
+ },
91
+ "getOrgSecurityPolicy": {
92
+ "quota": 0,
93
+ "permissions": ["settings:read"]
94
+ },
95
+ "getQuota": {
96
+ "quota": 0,
97
+ "permissions": []
98
+ },
99
+ "getRepoAnalytics": {
100
+ "quota": 10,
101
+ "permissions": ["report:write"]
102
+ },
103
+ "getScan": {
104
+ "quota": 0,
105
+ "permissions": ["report:read"]
106
+ },
107
+ "getScanList": {
108
+ "quota": 0,
109
+ "permissions": ["report:read"]
110
+ },
111
+ "getSupportedScanFiles": {
112
+ "quota": 0,
113
+ "permissions": ["report:read"]
114
+ },
115
+ "getScoreByNpmPackage": {
116
+ "quota": 10,
117
+ "permissions": []
118
+ },
119
+ "postSettings": {
120
+ "quota": 0,
121
+ "permissions": []
122
+ },
123
+ "searchDependencies": {
124
+ "quota": 100,
125
+ "permissions": []
126
+ },
127
+ "updateOrgRepo": {
128
+ "quota": 0,
129
+ "permissions": ["repo:update"]
130
+ },
131
+ "uploadManifestFiles": {
132
+ "quota": 100,
133
+ "permissions": ["packages:upload"]
134
+ },
135
+ "viewPatch": {
136
+ "quota": 0,
137
+ "permissions": ["patches:view"]
138
+ },
139
+ "deleteReport": {
140
+ "quota": 0,
141
+ "permissions": ["report:delete"]
142
+ },
143
+ "exportCDX": {
144
+ "quota": 0,
145
+ "permissions": ["report:read"]
146
+ },
147
+ "exportSPDX": {
148
+ "quota": 0,
149
+ "permissions": ["report:read"]
150
+ },
151
+ "getAPITokens": {
152
+ "quota": 10,
153
+ "permissions": ["api-token:list"]
154
+ },
155
+ "postAPIToken": {
156
+ "quota": 10,
157
+ "permissions": ["api-token:create"]
158
+ },
159
+ "postAPITokenUpdate": {
160
+ "quota": 10,
161
+ "permissions": ["api-token:update"]
162
+ },
163
+ "postAPITokensRotate": {
164
+ "quota": 10,
165
+ "permissions": ["api-token:rotate"]
166
+ },
167
+ "postAPITokensRevoke": {
168
+ "quota": 10,
169
+ "permissions": ["api-token:revoke"]
170
+ },
171
+ "updateOrgSecurityPolicy": {
172
+ "quota": 0,
173
+ "permissions": ["settings:write"]
174
+ },
175
+ "updateOrgLicensePolicy": {
176
+ "quota": 0,
177
+ "permissions": ["settings:write"]
178
+ },
179
+ "getOrgTriage": {
180
+ "quota": 0,
181
+ "permissions": ["triage:alerts-list"]
182
+ },
183
+ "updateOrgAlertTriage": {
184
+ "quota": 0,
185
+ "permissions": ["triage:alerts-update"]
186
+ },
187
+ "getOrgRepoLabelList": {
188
+ "quota": 0,
189
+ "permissions": ["repo-label:list"]
190
+ },
191
+ "createOrgRepoLabel": {
192
+ "quota": 0,
193
+ "permissions": ["repo-label:create"]
194
+ },
195
+ "getOrgRepoLabel": {
196
+ "quota": 0,
197
+ "permissions": ["repo-label:list"]
198
+ },
199
+ "updateOrgRepoLabel": {
200
+ "quota": 0,
201
+ "permissions": ["repo-label:update"]
202
+ },
203
+ "deleteOrgRepoLabel": {
204
+ "quota": 0,
205
+ "permissions": ["repo-label:delete"]
206
+ },
207
+ "getDiffScanById": {
208
+ "quota": 0,
209
+ "permissions": ["diff-scans:list"]
210
+ },
211
+ "createOrgDiffScanFromIds": {
212
+ "quota": 0,
213
+ "permissions": ["diff-scans:create"]
214
+ },
215
+ "listOrgDiffScans": {
216
+ "quota": 0,
217
+ "permissions": ["diff-scans:list"]
218
+ },
219
+ "deleteOrgDiffScan": {
220
+ "quota": 0,
221
+ "permissions": ["diff-scans:delete"]
222
+ },
223
+ "getApi": {
224
+ "quota": 0,
225
+ "permissions": []
226
+ },
227
+ "sendApi": {
228
+ "quota": 0,
229
+ "permissions": []
230
+ }
231
+ }
232
+ }
package/dist/constants.d.ts CHANGED
@@ -9,4 +9,4 @@ export declare const MAX_RESPONSE_SIZE: number;
9
9
  export declare const MAX_STREAM_SIZE: number;
10
10
  export declare const SOCKET_PUBLIC_BLOB_STORE_URL = "https://socketusercontent.com";
11
11
  export declare const httpAgentNames: Set<string>;
12
- export declare const publicPolicy: Map<"ambiguousClassifier" | "badEncoding" | "badSemver" | "badSemverDependency" | "bidi" | "binScriptConfusion" | "chromeContentScript" | "chromeHostPermission" | "chromePermission" | "chromeWildcardHostPermission" | "chronoAnomaly" | "compromisedSSHKey" | "copyleftLicense" | "criticalCVE" | "cve" | "debugAccess" | "deprecated" | "deprecatedException" | "deprecatedLicense" | "didYouMean" | "dynamicRequire" | "emptyPackage" | "envVars" | "explicitlyUnlicensedItem" | "extraneousDependency" | "fileDependency" | "filesystemAccess" | "floatingDependency" | "generic" | "gitDependency" | "gitHubDependency" | "gptAnomaly" | "gptDidYouMean" | "gptMalware" | "gptSecurity" | "hasNativeCode" | "highEntropyStrings" | "homoglyphs" | "httpDependency" | "installScripts" | "invalidPackageJSON" | "invisibleChars" | "licenseChange" | "licenseException" | "licenseSpdxDisj" | "longStrings" | "majorRefactor" | "malware" | "manifestConfusion" | "mediumCVE" | "mildCVE" | "minifiedFile" | "miscLicenseIssues" | "missingAuthor" | "missingDependency" | "missingLicense" | "missingTarball" | "mixedLicense" | "modifiedException" | "modifiedLicense" | "networkAccess" | "newAuthor" | "noAuthorData" | "noBugTracker" | "noLicenseFound" | "noREADME" | "noRepository" | "noTests" | "noV1" | "noWebsite" | "nonOSILicense" | "nonSPDXLicense" | "nonpermissiveLicense" | "notice" | "obfuscatedFile" | "obfuscatedRequire" | "peerDependency" | "potentialVulnerability" | "semverAnomaly" | "shellAccess" | "shellScriptOverride" | "shrinkwrap" | "socketUpgradeAvailable" | "suspiciousStarActivity" | "suspiciousString" | "telemetry" | "trivialPackage" | "troll" | "typeModuleCompatibility" | "uncaughtOptionalDependency" | "unclearLicense" | "unidentifiedLicense" | "unmaintained" | "unpopularPackage" | "unpublished" | "unresolvedRequire" | "unsafeCopyright" | "unstableOwnership" | "unusedDependency" | "urlStrings" | "usesEval" | "vsxActivationWildcard" | "vsxDebuggerContribution" | "vsxExtensionDependency" | "vsxExtensionPack" | "vsxProposedApiUsage" | "vsxUntrustedWorkspaceSupported" | "vsxVirtualWorkspaceSupported" | "vsxWebviewContribution" | "vsxWorkspaceContainsActivation" | "zeroWidth", ALERT_ACTION>;
12
+ export declare const publicPolicy: Map<"ambiguousClassifier" | "badEncoding" | "badSemver" | "badSemverDependency" | "bidi" | "binScriptConfusion" | "chromeContentScript" | "chromeHostPermission" | "chromePermission" | "chromeWildcardHostPermission" | "chronoAnomaly" | "compromisedSSHKey" | "copyleftLicense" | "criticalCVE" | "cve" | "debugAccess" | "deprecated" | "deprecatedException" | "deprecatedLicense" | "didYouMean" | "dynamicRequire" | "emptyPackage" | "envVars" | "explicitlyUnlicensedItem" | "extraneousDependency" | "fileDependency" | "filesystemAccess" | "floatingDependency" | "generic" | "ghaArgToEnv" | "ghaArgToOutput" | "ghaArgToSink" | "ghaContextToEnv" | "ghaContextToOutput" | "ghaContextToSink" | "ghaEnvToSink" | "gitDependency" | "gitHubDependency" | "gptAnomaly" | "gptDidYouMean" | "gptMalware" | "gptSecurity" | "hasNativeCode" | "highEntropyStrings" | "homoglyphs" | "httpDependency" | "installScripts" | "invalidPackageJSON" | "invisibleChars" | "licenseChange" | "licenseException" | "licenseSpdxDisj" | "longStrings" | "majorRefactor" | "malware" | "manifestConfusion" | "mediumCVE" | "mildCVE" | "minifiedFile" | "miscLicenseIssues" | "missingAuthor" | "missingDependency" | "missingLicense" | "missingTarball" | "mixedLicense" | "modifiedException" | "modifiedLicense" | "networkAccess" | "newAuthor" | "noAuthorData" | "noBugTracker" | "noLicenseFound" | "noREADME" | "noRepository" | "noTests" | "noV1" | "noWebsite" | "nonOSILicense" | "nonSPDXLicense" | "nonpermissiveLicense" | "notice" | "obfuscatedFile" | "obfuscatedRequire" | "peerDependency" | "potentialVulnerability" | "semverAnomaly" | "shellAccess" | "shellScriptOverride" | "shrinkwrap" | "socketUpgradeAvailable" | "suspiciousStarActivity" | "suspiciousString" | "telemetry" | "trivialPackage" | "troll" | "typeModuleCompatibility" | "uncaughtOptionalDependency" | "unclearLicense" | "unidentifiedLicense" | "unmaintained" | "unpopularPackage" | "unpublished" | "unresolvedRequire" | "unsafeCopyright" | "unstableOwnership" | "unusedDependency" | "urlStrings" | "usesEval" | "vsxActivationWildcard" | "vsxDebuggerContribution" | "vsxExtensionDependency" | "vsxExtensionPack" | "vsxProposedApiUsage" | "vsxUntrustedWorkspaceSupported" | "vsxVirtualWorkspaceSupported" | "vsxWebviewContribution" | "vsxWorkspaceContainsActivation" | "zeroWidth", ALERT_ACTION>;
package/dist/file-upload.d.ts CHANGED
@@ -1,7 +1,7 @@
1
- import type { ReadStream } from 'node:fs';
2
- import type { IncomingMessage } from 'node:http';
3
1
  import { Readable } from 'node:stream';
4
2
  import type { RequestOptions } from './types';
3
+ import type { ReadStream } from 'node:fs';
4
+ import type { IncomingMessage } from 'node:http';
5
5
  /**
6
6
  * Create multipart form-data body parts for file uploads.
7
7
  * Converts file paths to readable streams with proper multipart headers.
package/dist/http-client.d.ts CHANGED
@@ -2,10 +2,10 @@
2
2
  * @fileoverview HTTP client utilities for Socket API communication.
3
3
  * Provides low-level HTTP request handling with proper error management and response parsing.
4
4
  */
5
- import type { ClientRequest, IncomingMessage } from 'node:http';
6
5
  import http from 'node:http';
7
6
  import https from 'node:https';
8
7
  import type { RequestOptions, SendMethod } from './types';
8
+ import type { ClientRequest, IncomingMessage } from 'node:http';
9
9
  /**
10
10
  * HTTP response error for Socket API requests.
11
11
  * Extends Error with response details for debugging failed API calls.
package/dist/index.d.ts CHANGED
@@ -8,7 +8,7 @@ export { createRequestBodyForFilepaths, createRequestBodyForJson, createUploadRe
8
8
  export { createDeleteRequest, createGetRequest, createRequestWithJson, getErrorResponseBody, getHttpModule, getResponse, getResponseJson, isResponseOk, ResponseError, reshapeArtifactForPublicPolicy, } from './http-client';
9
9
  export { calculateTotalQuotaCost, getAllMethodRequirements, getMethodRequirements, getMethodsByPermissions, getMethodsByQuotaCost, getQuotaCost, getQuotaUsageSummary, getRequiredPermissions, hasQuotaForMethods, } from './quota-utils';
10
10
  export { SocketSdk } from './socket-sdk-class';
11
- export type * from './types';
11
+ export type { ALERT_ACTION, ALERT_TYPE, Agent, ArtifactPatches, BatchPackageFetchResultType, BatchPackageStreamOptions, CompactSocketArtifact, CompactSocketArtifactAlert, CreateDependenciesSnapshotOptions, CreateOrgFullScanOptions, CreateScanFromFilepathsOptions, CustomResponseType, Entitlement, EntitlementsResponse, GetOptions, GotOptions, HeadersRecord, PatchFile, PatchRecord, PatchViewResponse, QueryParams, RequestOptions, SecurityAlert, SendMethod, SendOptions, SocketArtifact, SocketArtifactAlert, SocketArtifactWithExtras, SocketId, SocketMetricSchema, SocketSdkErrorResult, SocketSdkGenericResult, SocketSdkOperations, SocketSdkOptions, SocketSdkResult, SocketSdkSuccessResult, StreamOrgFullScanOptions, UploadManifestFilesError, UploadManifestFilesOptions, UploadManifestFilesResponse, UploadManifestFilesReturnType, Vulnerability, } from './types';
12
12
  export { createUserAgentFromPkgJson } from './user-agent';
13
13
  export { normalizeBaseUrl, promiseWithResolvers, queryToSearchParams, resolveAbsPaths, resolveBasePath, };
14
14
  export { DEFAULT_USER_AGENT, httpAgentNames, publicPolicy };
package/dist/socket-sdk-class.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import type { IncomingMessage } from 'node:http';
2
1
  import type { ArtifactPatches, BatchPackageFetchResultType, BatchPackageStreamOptions, CreateDependenciesSnapshotOptions, CreateOrgFullScanOptions, CreateScanFromFilepathsOptions, Entitlement, GetOptions, PatchViewResponse, QueryParams, SendOptions, SocketSdkGenericResult, SocketSdkOptions, SocketSdkResult, StreamOrgFullScanOptions, UploadManifestFilesError, UploadManifestFilesOptions, UploadManifestFilesReturnType } from './types';
2
+ import type { IncomingMessage } from 'node:http';
3
3
  /**
4
4
  * Socket SDK for programmatic access to Socket.dev security analysis APIs.
5
5
  * Provides methods for package scanning, organization management, and security analysis.
package/dist/types.d.ts CHANGED
@@ -2,13 +2,13 @@
2
2
  * @fileoverview Type definitions and interfaces for Socket SDK.
3
3
  * Provides TypeScript types for API requests, responses, and internal SDK functionality.
4
4
  */
5
+ import type { components, operations } from '../types/api';
6
+ import type { OpReturnType } from '../types/api-helpers';
7
+ import type { Remap } from '@socketsecurity/lib/objects';
8
+ import type { ClientHttp2Session } from 'http2-wrapper';
5
9
  import type { Agent as HttpAgent, RequestOptions as HttpRequestOptions } from 'node:http';
6
10
  import type { ClientSessionRequestOptions } from 'node:http2';
7
11
  import type { Agent as HttpsAgent, RequestOptions as HttpsRequestOptions } from 'node:https';
8
- import type { Remap } from '@socketsecurity/lib/objects';
9
- import type { ClientHttp2Session } from 'http2-wrapper';
10
- import type { components, operations } from '../types/api';
11
- import type { OpReturnType } from '../types/api-helpers';
12
12
  export type ALERT_ACTION = 'error' | 'monitor' | 'warn' | 'ignore';
13
13
  export type ALERT_TYPE = keyof NonNullable<operations['getOrgSecurityPolicy']['responses']['200']['content']['application/json']['securityPolicyRules']>;
14
14
  export type Entitlement = {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@socketsecurity/sdk",
3
- "version": "2.0.1",
3
+ "version": "2.0.3",
4
4
  "license": "MIT",
5
5
  "description": "SDK for the Socket API client",
6
6
  "author": {
@@ -15,21 +15,25 @@
15
15
  },
16
16
  "type": "module",
17
17
  "main": "./dist/index.mjs",
18
- "types": "./dist/index.d.mts",
18
+ "types": "./dist/index.d.ts",
19
19
  "exports": {
20
20
  ".": {
21
- "types": "./dist/index.d.mts",
21
+ "types": "./dist/index.d.ts",
22
22
  "default": "./dist/index.mjs"
23
23
  },
24
+ "./package.json": "./package.json",
24
25
  "./testing": {
25
- "types": "./dist/testing.d.mts",
26
+ "types": "./dist/testing.d.ts",
26
27
  "default": "./dist/testing.mjs"
27
28
  },
28
- "./types/api-helpers": "./types/api-helpers.d.ts",
29
- "./types/api-helpers.d.ts": "./types/api-helpers.d.ts",
30
- "./types/api": "./types/api.d.ts",
31
- "./types/api.d.ts": "./types/api.d.ts",
32
- "./package.json": "./package.json"
29
+ "./types/api": {
30
+ "types": "./types/api.d.ts",
31
+ "default": "./types/api.d.ts"
32
+ },
33
+ "./types/api-helpers": {
34
+ "types": "./types/api-helpers.d.ts",
35
+ "default": "./types/api-helpers.d.ts"
36
+ }
33
37
  },
34
38
  "scripts": {
35
39
  "build": "node scripts/build.mjs",
@@ -105,8 +109,9 @@
105
109
  "pnpm": ">=10.16.0"
106
110
  },
107
111
  "files": [
108
- "dist/**",
109
- "types/**",
112
+ "data/*.json",
113
+ "dist/*{.js,.d.ts}",
114
+ "types/*.d.ts",
110
115
  "CHANGELOG.md"
111
116
  ],
112
117
  "typeCoverage": {