@socketsecurity/sdk 2.0.6 → 3.0.1

package/CHANGELOG.md

@@ -4,6 +4,64 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 
+## [3.0.1](https://github.com/SocketDev/socket-sdk-js/releases/tag/v3.0.1) - 2025-10-23
+
+### Fixed
+
+- Export `FileValidationCallback` and `FileValidationResult` types for consumers implementing file validation callbacks
+
+## [3.0.0](https://github.com/SocketDev/socket-sdk-js/releases/tag/v3.0.0) - 2025-10-23
+
+### ⚠️ BREAKING CHANGES
+
+#### Removed Deprecated Methods
+
+The following methods mapped to deprecated `/report/*` backend endpoints and have been removed:
+
+- **`createScan()`** - Use `createFullScan()` instead
+- **`deleteScan()`** - Use `deleteFullScan()` instead
+- **`getScan()`** - Use `getFullScan()` instead
+- **`listScans()`** - Use `listFullScans()` instead
+
+#### Method Renames (Following REST Conventions)
+
+**Full Scans (Modern API):**
+- `getOrgFullScanList()` → `listFullScans()` with `ListFullScansOptions`
+- `createOrgFullScan()` → `createFullScan()` with `CreateFullScanOptions`
+- `getOrgFullScanBuffered()` → `getFullScan()`
+- `deleteOrgFullScan()` → `deleteFullScan()`
+- `streamOrgFullScan()` → `streamFullScan()` with `StreamFullScanOptions`
+- `getOrgFullScanMetadata()` → `getFullScanMetadata()`
+
+**Organizations:**
+- `getOrganizations()` → `listOrganizations()`
+
+**Repositories:**
+- `getOrgRepoList()` → `listRepositories()` with `ListRepositoriesOptions`
+- `getOrgRepo()` → `getRepository()`
+- `createOrgRepo()` → `createRepository()`
+- `updateOrgRepo()` → `updateRepository()`
+- `deleteOrgRepo()` → `deleteRepository()`
+
+#### Type System Improvements
+
+Strict types now mark guaranteed API fields as required instead of optional, improving IntelliSense autocomplete.
+
+### Added
+
+- **File Validation Callback:** New `onFileValidation` option in `SocketSdkOptions` allows customizing error handling when unreadable files are detected. File-upload methods (`uploadManifestFiles()`, `createFullScan()`, `createDependenciesSnapshot()`) now automatically validate file readability, preventing ENOENT errors from Yarn Berry PnP virtual filesystems and pnpm symlink issues.
+
+### Changed
+
+- File-upload methods automatically skip unreadable files with warnings instead of failing
+
+See [docs/migration-v3.md](./docs/migration-v3.md) and [docs/when-to-use-what.md](./docs/when-to-use-what.md) for migration guidance.
+
+## [2.0.7](https://github.com/SocketDev/socket-sdk-js/releases/tag/v2.0.7) - 2025-10-22
+
+### Changed
+- Sync with openapi definition
+
 ## [2.0.6](https://github.com/SocketDev/socket-sdk-js/releases/tag/v2.0.6) - 2025-10-22
 
 ### Fixed

package/dist/index.d.ts

@@ -8,7 +8,8 @@ export { createRequestBodyForFilepaths, createRequestBodyForJson, createUploadRe
 export { createDeleteRequest, createGetRequest, createRequestWithJson, getErrorResponseBody, getHttpModule, getResponse, getResponseJson, isResponseOk, ResponseError, reshapeArtifactForPublicPolicy, } from './http-client';
 export { calculateTotalQuotaCost, getAllMethodRequirements, getMethodRequirements, getMethodsByPermissions, getMethodsByQuotaCost, getQuotaCost, getQuotaUsageSummary, getRequiredPermissions, hasQuotaForMethods, } from './quota-utils';
 export { SocketSdk } from './socket-sdk-class';
-export type { ALERT_ACTION, ALERT_TYPE, Agent, ArtifactPatches, BatchPackageFetchResultType, BatchPackageStreamOptions, CompactSocketArtifact, CompactSocketArtifactAlert, CreateDependenciesSnapshotOptions, CreateOrgFullScanOptions, CreateScanFromFilepathsOptions, CustomResponseType, Entitlement, EntitlementsResponse, GetOptions, GotOptions, HeadersRecord, PatchFile, PatchRecord, PatchViewResponse, QueryParams, RequestOptions, SecurityAlert, SendMethod, SendOptions, SocketArtifact, SocketArtifactAlert, SocketArtifactWithExtras, SocketId, SocketMetricSchema, SocketSdkArrayElement, SocketSdkData, SocketSdkErrorResult, SocketSdkGenericResult, SocketSdkOperations, SocketSdkOptions, SocketSdkResult, SocketSdkSuccessResult, StreamOrgFullScanOptions, UploadManifestFilesError, UploadManifestFilesOptions, UploadManifestFilesResponse, UploadManifestFilesReturnType, Vulnerability, } from './types';
+export type { ALERT_ACTION, ALERT_TYPE, Agent, ArtifactPatches, BatchPackageFetchResultType, BatchPackageStreamOptions, CompactSocketArtifact, CompactSocketArtifactAlert, CreateDependenciesSnapshotOptions, CreateOrgFullScanOptions, CreateScanFromFilepathsOptions, CustomResponseType, Entitlement, EntitlementsResponse, FileValidationCallback, FileValidationResult, GetOptions, GotOptions, HeadersRecord, PatchFile, PatchRecord, PatchViewResponse, QueryParams, RequestOptions, SecurityAlert, SendMethod, SendOptions, SocketArtifact, SocketArtifactAlert, SocketArtifactWithExtras, SocketId, SocketMetricSchema, SocketSdkArrayElement, SocketSdkData, SocketSdkErrorResult, SocketSdkGenericResult, SocketSdkOperations, SocketSdkOptions, SocketSdkResult, SocketSdkSuccessResult, StreamOrgFullScanOptions, UploadManifestFilesError, UploadManifestFilesOptions, UploadManifestFilesResponse, UploadManifestFilesReturnType, Vulnerability, } from './types';
+export type { CreateFullScanOptions, DeleteRepositoryLabelResult, DeleteResult, FullScanItem, FullScanListData, FullScanListResult, FullScanResult, ListFullScansOptions, ListRepositoriesOptions, OrganizationItem, OrganizationsResult, RepositoriesListData, RepositoriesListResult, RepositoryItem, RepositoryLabelItem, RepositoryLabelResult, RepositoryLabelsListData, RepositoryLabelsListResult, RepositoryResult, StreamFullScanOptions, StrictErrorResult, StrictResult, } from './types-strict';
 export { createUserAgentFromPkgJson } from './user-agent';
 export { normalizeBaseUrl, promiseWithResolvers, queryToSearchParams, resolveAbsPaths, resolveBasePath, };
 export { DEFAULT_USER_AGENT, httpAgentNames, publicPolicy };

package/dist/socket-sdk-class.d.ts

@@ -1,4 +1,5 @@
-import type { ArtifactPatches, BatchPackageFetchResultType, BatchPackageStreamOptions, CreateDependenciesSnapshotOptions, CreateOrgFullScanOptions, CreateScanFromFilepathsOptions, Entitlement, GetOptions, PatchViewResponse, QueryParams, SendOptions, SocketSdkGenericResult, SocketSdkOptions, SocketSdkResult, StreamOrgFullScanOptions, UploadManifestFilesError, UploadManifestFilesOptions, UploadManifestFilesReturnType } from './types';
+import type { ArtifactPatches, BatchPackageFetchResultType, BatchPackageStreamOptions, CreateDependenciesSnapshotOptions, Entitlement, GetOptions, PatchViewResponse, QueryParams, SendOptions, SocketSdkGenericResult, SocketSdkOptions, SocketSdkResult, StreamOrgFullScanOptions, UploadManifestFilesError, UploadManifestFilesOptions, UploadManifestFilesReturnType } from './types';
+import type { CreateFullScanOptions, DeleteRepositoryLabelResult, DeleteResult, FullScanListResult, FullScanResult, ListFullScansOptions, ListRepositoriesOptions, OrganizationsResult, RepositoriesListResult, RepositoryLabelResult, RepositoryLabelsListResult, RepositoryResult, StrictErrorResult } from './types-strict';
 import type { IncomingMessage } from 'node:http';
 /**
  * Socket SDK for programmatic access to Socket.dev security analysis APIs.
@@ -48,33 +49,97 @@ export declare class SocketSdk {
      */
     createOrgDiffScanFromIds(orgSlug: string, queryParams?: QueryParams | undefined): Promise<SocketSdkResult<'createOrgDiffScanFromIds'>>;
     /**
-     * Create a comprehensive security scan for an organization.
-     * Uploads project files and initiates full security analysis.
+     * Create a full security scan for an organization.
      *
+     * Uploads project manifest files and initiates full security analysis.
+     * Returns scan metadata with guaranteed required fields.
+     *
+     * @param orgSlug - Organization identifier
+     * @param filepaths - Array of file paths to upload (package.json, package-lock.json, etc.)
+     * @param options - Scan configuration including repository, branch, and commit details
+     * @returns Full scan metadata including ID and URLs
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.createFullScan('my-org',
+     *   ['package.json', 'package-lock.json'],
+     *   {
+     *     repo: 'my-repo',
+     *     branch: 'main',
+     *     commit_message: 'Update dependencies',
+     *     commit_hash: 'abc123',
+     *     pathsRelativeTo: './my-project'
+     *   }
+     * )
+     *
+     * if (result.success) {
+     *   console.log('Scan ID:', result.data.id)
+     *   console.log('Report URL:', result.data.html_report_url)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/createorgfullscan
+     * @apiEndpoint POST /orgs/{org_slug}/full-scans
+     * @quota 1 unit
+     * @scopes full-scans:create
      * @throws {Error} When server returns 5xx status codes
      */
-    createOrgFullScan(orgSlug: string, filepaths: string[], options?: CreateOrgFullScanOptions | undefined): Promise<SocketSdkResult<'CreateOrgFullScan'>>;
+    createFullScan(orgSlug: string, filepaths: string[], options: CreateFullScanOptions): Promise<FullScanResult | StrictErrorResult>;
     /**
      * Create a new repository in an organization.
+     *
      * Registers a repository for monitoring and security scanning.
      *
+     * @param orgSlug - Organization identifier
+     * @param params - Repository configuration (name, description, homepage, etc.)
+     * @returns Created repository details
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.createRepository('my-org', {
+     *   name: 'my-repo',
+     *   description: 'My project repository',
+     *   homepage: 'https://example.com'
+     * })
+     *
+     * if (result.success) {
+     *   console.log('Repository created:', result.data.id)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/createorgrepo
+     * @apiEndpoint POST /orgs/{org_slug}/repos
+     * @quota 1 unit
+     * @scopes repo:write
      * @throws {Error} When server returns 5xx status codes
      */
-    createOrgRepo(orgSlug: string, queryParams?: QueryParams | undefined): Promise<SocketSdkResult<'createOrgRepo'>>;
+    createRepository(orgSlug: string, params?: QueryParams | undefined): Promise<RepositoryResult | StrictErrorResult>;
     /**
      * Create a new repository label for an organization.
-     * Adds label for repository categorization and management.
      *
-     * @throws {Error} When server returns 5xx status codes
-     */
-    createOrgRepoLabel(orgSlug: string, repoSlug: string, labelData: QueryParams): Promise<SocketSdkResult<'createOrgRepoLabel'>>;
-    /**
-     * Create a security scan by uploading project files.
-     * Analyzes uploaded files for security vulnerabilities and policy violations.
+     * Labels can be used to group and organize repositories and apply security/license policies.
+     *
+     * @param orgSlug - Organization identifier
+     * @param labelData - Label configuration (must include name property)
+     * @returns Created label with guaranteed id and name fields
      *
+     * @example
+     * ```typescript
+     * const result = await sdk.createRepositoryLabel('my-org', { name: 'production' })
+     *
+     * if (result.success) {
+     *   console.log('Label created:', result.data.id)
+     *   console.log('Label name:', result.data.name)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/createorgrepolabel
+     * @apiEndpoint POST /orgs/{org_slug}/repos/labels
+     * @quota 1 unit
+     * @scopes repo-label:create
      * @throws {Error} When server returns 5xx status codes
      */
-    createScanFromFilepaths(filepaths: string[], options?: CreateScanFromFilepathsOptions | undefined): Promise<SocketSdkResult<'createReport'>>;
+    createRepositoryLabel(orgSlug: string, labelData: QueryParams): Promise<RepositoryLabelResult | StrictErrorResult>;
     /**
      * Delete a diff scan from an organization.
      * Permanently removes diff scan data and results.
@@ -84,32 +149,81 @@ export declare class SocketSdk {
     deleteOrgDiffScan(orgSlug: string, diffScanId: string): Promise<SocketSdkResult<'deleteOrgDiffScan'>>;
     /**
      * Delete a full scan from an organization.
+     *
      * Permanently removes scan data and results.
      *
+     * @param orgSlug - Organization identifier
+     * @param scanId - Full scan identifier to delete
+     * @returns Success confirmation
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.deleteFullScan('my-org', 'scan_123')
+     *
+     * if (result.success) {
+     *   console.log('Scan deleted successfully')
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/deleteorgfullscan
+     * @apiEndpoint DELETE /orgs/{org_slug}/full-scans/{full_scan_id}
+     * @quota 1 unit
+     * @scopes full-scans:delete
      * @throws {Error} When server returns 5xx status codes
      */
-    deleteOrgFullScan(orgSlug: string, fullScanId: string): Promise<SocketSdkResult<'deleteOrgFullScan'>>;
+    deleteFullScan(orgSlug: string, scanId: string): Promise<DeleteResult | StrictErrorResult>;
     /**
      * Delete a repository from an organization.
+     *
      * Removes repository monitoring and associated scan data.
      *
+     * @param orgSlug - Organization identifier
+     * @param repoSlug - Repository slug/name to delete
+     * @returns Success confirmation
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.deleteRepository('my-org', 'old-repo')
+     *
+     * if (result.success) {
+     *   console.log('Repository deleted')
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/deleteorgrepo
+     * @apiEndpoint DELETE /orgs/{org_slug}/repos/{repo_slug}
+     * @quota 1 unit
+     * @scopes repo:write
      * @throws {Error} When server returns 5xx status codes
      */
-    deleteOrgRepo(orgSlug: string, repoSlug: string): Promise<SocketSdkResult<'deleteOrgRepo'>>;
+    deleteRepository(orgSlug: string, repoSlug: string): Promise<DeleteResult | StrictErrorResult>;
     /**
      * Delete a repository label from an organization.
-     * Removes label and associated configuration.
      *
-     * @throws {Error} When server returns 5xx status codes
-     */
-    deleteOrgRepoLabel(orgSlug: string, repoSlug: string, labelSlug: string): Promise<SocketSdkResult<'deleteOrgRepoLabel'>>;
-    /**
-     * Delete a scan report permanently.
-     * Removes scan data and analysis results from the system.
+     * Removes label and all its associations (repositories, security policy, license policy, etc.).
+     *
+     * @param orgSlug - Organization identifier
+     * @param labelId - Label identifier
+     * @returns Deletion confirmation
      *
+     * @example
+     * ```typescript
+     * const result = await sdk.deleteRepositoryLabel('my-org', 'label-id-123')
+     *
+     * if (result.success) {
+     *   console.log('Label deleted:', result.data.status)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/deleteorgrepolabel
+     * @apiEndpoint DELETE /orgs/{org_slug}/repos/labels/{label_id}
+     * @quota 1 unit
+     * @scopes repo-label:delete
      * @throws {Error} When server returns 5xx status codes
      */
-    deleteReport(reportId: string): Promise<SocketSdkResult<'deleteReport'>>;
+    deleteRepositoryLabel(orgSlug: string, labelId: string): Promise<DeleteRepositoryLabelResult | StrictErrorResult>;
+    /**
+     * Delete a legacy scan report permanently.
     /**
      * Export scan results in CycloneDX SBOM format.
      * Returns Software Bill of Materials compliant with CycloneDX standard.
@@ -183,32 +297,114 @@ export declare class SocketSdk {
     getOrgAnalytics(time: string): Promise<SocketSdkResult<'getOrgAnalytics'>>;
     /**
      * List all organizations accessible to the current user.
-     * Returns organization details and access permissions.
      *
+     * Returns organization details and access permissions with guaranteed required fields.
+     *
+     * @returns List of organizations with metadata
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.listOrganizations()
+     *
+     * if (result.success) {
+     *   result.data.organizations.forEach(org => {
+     *     console.log(org.name, org.slug)  // Guaranteed fields
+     *   })
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorganizations
+     * @apiEndpoint GET /organizations
+     * @quota 1 unit
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrganizations(): Promise<SocketSdkResult<'getOrganizations'>>;
+    listOrganizations(): Promise<OrganizationsResult | StrictErrorResult>;
     /**
-     * Get complete full scan results in memory.
+     * Get complete full scan results buffered in memory.
+     *
      * Returns entire scan data as JSON for programmatic processing.
+     * For large scans, consider using streamFullScan() instead.
      *
+     * @param orgSlug - Organization identifier
+     * @param scanId - Full scan identifier
+     * @returns Complete full scan data including all artifacts
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.getFullScan('my-org', 'scan_123')
+     *
+     * if (result.success) {
+     *   console.log('Scan status:', result.data.scan_state)
+     *   console.log('Repository:', result.data.repository_slug)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorgfullscan
+     * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}
+     * @quota 1 unit
+     * @scopes full-scans:list
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrgFullScanBuffered(orgSlug: string, fullScanId: string): Promise<SocketSdkResult<'getOrgFullScan'>>;
+    getFullScan(orgSlug: string, scanId: string): Promise<FullScanResult | StrictErrorResult>;
     /**
      * List all full scans for an organization.
-     * Returns paginated list of scan metadata and status.
      *
+     * Returns paginated list of full scan metadata with guaranteed required fields
+     * for improved TypeScript autocomplete.
+     *
+     * @param orgSlug - Organization identifier
+     * @param options - Filtering and pagination options
+     * @returns List of full scans with metadata
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.listFullScans('my-org', {
+     *   branch: 'main',
+     *   per_page: 50,
+     *   use_cursor: true
+     * })
+     *
+     * if (result.success) {
+     *   result.data.results.forEach(scan => {
+     *     console.log(scan.id, scan.created_at)  // Guaranteed fields
+     *   })
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorgfullscanlist
+     * @apiEndpoint GET /orgs/{org_slug}/full-scans
+     * @quota 1 unit
+     * @scopes full-scans:list
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrgFullScanList(orgSlug: string, queryParams?: QueryParams | undefined): Promise<SocketSdkResult<'getOrgFullScanList'>>;
+    listFullScans(orgSlug: string, options?: ListFullScansOptions | undefined): Promise<FullScanListResult | StrictErrorResult>;
     /**
      * Get metadata for a specific full scan.
-     * Returns scan configuration, status, and summary information.
      *
+     * Returns scan configuration, status, and summary information without full artifact data.
+     * Useful for checking scan status without downloading complete results.
+     *
+     * @param orgSlug - Organization identifier
+     * @param scanId - Full scan identifier
+     * @returns Scan metadata including status and configuration
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.getFullScanMetadata('my-org', 'scan_123')
+     *
+     * if (result.success) {
+     *   console.log('Scan state:', result.data.scan_state)
+     *   console.log('Branch:', result.data.branch)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorgfullscanmetadata
+     * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}/metadata
+     * @quota 1 unit
+     * @scopes full-scans:list
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrgFullScanMetadata(orgSlug: string, fullScanId: string): Promise<SocketSdkResult<'getOrgFullScanMetadata'>>;
+    getFullScanMetadata(orgSlug: string, scanId: string): Promise<FullScanResult | StrictErrorResult>;
     /**
      * Get organization's license policy configuration.* Returns allowed, restricted, and monitored license types.
      *
@@ -216,33 +412,118 @@ export declare class SocketSdk {
      */
     getOrgLicensePolicy(orgSlug: string): Promise<SocketSdkResult<'getOrgLicensePolicy'>>;
     /**
-     * Get details for a specific organization repository.
+     * Get details for a specific repository.
+     *
      * Returns repository configuration, monitoring status, and metadata.
      *
+     * @param orgSlug - Organization identifier
+     * @param repoSlug - Repository slug/name
+     * @returns Repository details with configuration
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.getRepository('my-org', 'my-repo')
+     *
+     * if (result.success) {
+     *   console.log('Repository:', result.data.name)
+     *   console.log('Visibility:', result.data.visibility)
+     *   console.log('Default branch:', result.data.default_branch)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorgrepo
+     * @apiEndpoint GET /orgs/{org_slug}/repos/{repo_slug}
+     * @quota 1 unit
+     * @scopes repo:read
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrgRepo(orgSlug: string, repoSlug: string): Promise<SocketSdkResult<'getOrgRepo'>>;
+    getRepository(orgSlug: string, repoSlug: string): Promise<RepositoryResult | StrictErrorResult>;
     /**
      * Get details for a specific repository label.
-     * Returns label configuration and metadata.
      *
+     * Returns label configuration, associated repositories, and policy settings.
+     *
+     * @param orgSlug - Organization identifier
+     * @param labelId - Label identifier
+     * @returns Label details with guaranteed id and name fields
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.getRepositoryLabel('my-org', 'label-id-123')
+     *
+     * if (result.success) {
+     *   console.log('Label name:', result.data.name)
+     *   console.log('Associated repos:', result.data.repository_ids)
+     *   console.log('Has security policy:', result.data.has_security_policy)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorgrepolabel
+     * @apiEndpoint GET /orgs/{org_slug}/repos/labels/{label_id}
+     * @quota 1 unit
+     * @scopes repo-label:list
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrgRepoLabel(orgSlug: string, repoSlug: string, labelSlug: string): Promise<SocketSdkResult<'getOrgRepoLabel'>>;
+    getRepositoryLabel(orgSlug: string, labelId: string): Promise<RepositoryLabelResult | StrictErrorResult>;
     /**
-     * Get list of repository labels for an organization.
-     * Returns all labels configured for repository management.
+     * List all repository labels for an organization.
      *
+     * Returns paginated list of labels configured for repository organization and policy management.
+     *
+     * @param orgSlug - Organization identifier
+     * @param options - Pagination options
+     * @returns List of labels with guaranteed id and name fields
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.listRepositoryLabels('my-org', { per_page: 50, page: 1 })
+     *
+     * if (result.success) {
+     *   result.data.results.forEach(label => {
+     *     console.log('Label:', label.name)
+     *     console.log('Associated repos:', label.repository_ids?.length || 0)
+     *   })
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorgrepolabellist
+     * @apiEndpoint GET /orgs/{org_slug}/repos/labels
+     * @quota 1 unit
+     * @scopes repo-label:list
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrgRepoLabelList(orgSlug: string, repoSlug: string): Promise<SocketSdkResult<'getOrgRepoLabelList'>>;
+    listRepositoryLabels(orgSlug: string, options?: QueryParams | undefined): Promise<RepositoryLabelsListResult | StrictErrorResult>;
     /**
      * List all repositories in an organization.
-     * Returns paginated list of repository metadata and status.
      *
+     * Returns paginated list of repository metadata with guaranteed required fields.
+     *
+     * @param orgSlug - Organization identifier
+     * @param options - Pagination and filtering options
+     * @returns List of repositories with metadata
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.listRepositories('my-org', {
+     *   per_page: 50,
+     *   sort: 'name',
+     *   direction: 'asc'
+     * })
+     *
+     * if (result.success) {
+     *   result.data.results.forEach(repo => {
+     *     console.log(repo.name, repo.visibility)
+     *   })
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/getorgrepolist
+     * @apiEndpoint GET /orgs/{org_slug}/repos
+     * @quota 1 unit
+     * @scopes repo:list
      * @throws {Error} When server returns 5xx status codes
      */
-    getOrgRepoList(orgSlug: string, queryParams?: QueryParams | undefined): Promise<SocketSdkResult<'getOrgRepoList'>>;
+    listRepositories(orgSlug: string, options?: ListRepositoriesOptions | undefined): Promise<RepositoriesListResult | StrictErrorResult>;
     /**
      * Get organization's security policy configuration.* Returns alert rules, severity thresholds, and enforcement settings.
      *
@@ -271,19 +552,8 @@ export declare class SocketSdk {
      */
     getRepoAnalytics(repo: string, time: string): Promise<SocketSdkResult<'getRepoAnalytics'>>;
     /**
-     * Get detailed results for a specific scan.
-     * Returns complete scan analysis including vulnerabilities and alerts.
-     *
-     * @throws {Error} When server returns 5xx status codes
-     */
-    getScan(id: string): Promise<SocketSdkResult<'getReport'>>;
+     * Get detailed results for a legacy scan report.
     /**
-     * List all scans accessible to the current user.
-     * Returns paginated list of scan metadata and status.
-     *
-     * @throws {Error} When server returns 5xx status codes
-     */
-    getScanList(): Promise<SocketSdkResult<'getReportList'>>;
     /**
      * Get security score for a specific npm package and version.
      * Returns numerical security rating and scoring breakdown.
@@ -358,11 +628,39 @@ export declare class SocketSdk {
      */
     sendApi<T>(urlPath: string, options?: SendOptions | undefined): Promise<T | SocketSdkGenericResult<T>>;
     /**
-     * Stream a full scan's results to file or stdout.* Provides efficient streaming for large scan datasets.
+     * Stream a full scan's results to file or stdout.
+     *
+     * Provides efficient streaming for large scan datasets without loading
+     * entire response into memory. Useful for processing large SBOMs.
+     *
+     * @param orgSlug - Organization identifier
+     * @param scanId - Full scan identifier
+     * @param options - Streaming options (output file path, stdout, or buffered)
+     * @returns Scan result with streaming response
+     *
+     * @example
+     * ```typescript
+     * // Stream to file
+     * await sdk.streamFullScan('my-org', 'scan_123', {
+     *   output: './scan-results.json'
+     * })
+     *
+     * // Stream to stdout
+     * await sdk.streamFullScan('my-org', 'scan_123', {
+     *   output: true
+     * })
+     *
+     * // Get buffered response
+     * const result = await sdk.streamFullScan('my-org', 'scan_123')
+     * ```
      *
+     * @see https://docs.socket.dev/reference/getorgfullscan
+     * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}
+     * @quota 1 unit
+     * @scopes full-scans:list
      * @throws {Error} When server returns 5xx status codes
      */
-    streamOrgFullScan(orgSlug: string, fullScanId: string, options?: StreamOrgFullScanOptions | undefined): Promise<SocketSdkResult<'getOrgFullScan'>>;
+    streamFullScan(orgSlug: string, scanId: string, options?: StreamOrgFullScanOptions | undefined): Promise<SocketSdkResult<'getOrgFullScan'>>;
     /**
      * Stream patches for artifacts in a scan report.
      *
@@ -386,19 +684,61 @@ export declare class SocketSdk {
      */
     updateOrgLicensePolicy(orgSlug: string, policyData: QueryParams, queryParams?: QueryParams | undefined): Promise<SocketSdkResult<'updateOrgLicensePolicy'>>;
     /**
-     * Update configuration for an organization repository.
+     * Update configuration for a repository.
+     *
      * Modifies monitoring settings, branch configuration, and scan preferences.
      *
+     * @param orgSlug - Organization identifier
+     * @param repoSlug - Repository slug/name
+     * @param params - Configuration updates (description, homepage, default_branch, etc.)
+     * @returns Updated repository details
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.updateRepository('my-org', 'my-repo', {
+     *   description: 'Updated description',
+     *   default_branch: 'develop'
+     * })
+     *
+     * if (result.success) {
+     *   console.log('Repository updated:', result.data.name)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/updateorgrepo
+     * @apiEndpoint POST /orgs/{org_slug}/repos/{repo_slug}
+     * @quota 1 unit
+     * @scopes repo:write
      * @throws {Error} When server returns 5xx status codes
      */
-    updateOrgRepo(orgSlug: string, repoSlug: string, queryParams?: QueryParams | undefined): Promise<SocketSdkResult<'updateOrgRepo'>>;
+    updateRepository(orgSlug: string, repoSlug: string, params?: QueryParams | undefined): Promise<RepositoryResult | StrictErrorResult>;
     /**
      * Update a repository label for an organization.
-     * Modifies label properties and configuration.
      *
+     * Modifies label properties like name. Label names must be non-empty and less than 1000 characters.
+     *
+     * @param orgSlug - Organization identifier
+     * @param labelId - Label identifier
+     * @param labelData - Label updates (typically name property)
+     * @returns Updated label with guaranteed id and name fields
+     *
+     * @example
+     * ```typescript
+     * const result = await sdk.updateRepositoryLabel('my-org', 'label-id-123', { name: 'staging' })
+     *
+     * if (result.success) {
+     *   console.log('Label updated:', result.data.name)
+     *   console.log('Label ID:', result.data.id)
+     * }
+     * ```
+     *
+     * @see https://docs.socket.dev/reference/updateorgrepolabel
+     * @apiEndpoint PUT /orgs/{org_slug}/repos/labels/{label_id}
+     * @quota 1 unit
+     * @scopes repo-label:update
      * @throws {Error} When server returns 5xx status codes
      */
-    updateOrgRepoLabel(orgSlug: string, repoSlug: string, labelSlug: string, labelData: QueryParams): Promise<SocketSdkResult<'updateOrgRepoLabel'>>;
+    updateRepositoryLabel(orgSlug: string, labelId: string, labelData: QueryParams): Promise<RepositoryLabelResult | StrictErrorResult>;
     /**
      * Update organization's security policy configuration.* Modifies alert rules, severity thresholds, and enforcement settings.
      *

package/dist/types-strict.d.ts

@@ -0,0 +1,260 @@
+/**
+ * @fileoverview Strict type definitions for Socket SDK v3.
+ * These types provide better TypeScript DX by marking guaranteed fields as required
+ * and only keeping truly optional fields as optional. This improves IntelliSense autocomplete.
+ */
+/**
+ * Strict type for full scan metadata item.
+ * Represents a single full scan with guaranteed fields marked as required.
+ */
+export type FullScanItem = {
+    id: string;
+    created_at: string;
+    updated_at: string;
+    organization_id: string;
+    organization_slug: string;
+    repository_id: string;
+    repository_slug: string;
+    repo: string;
+    html_report_url: string;
+    api_url: string;
+    integration_type: string;
+    integration_repo_url: string;
+    branch: string | null;
+    commit_message: string | null;
+    commit_hash: string | null;
+    pull_request: number | null;
+    committers: string[];
+    html_url: string | null;
+    integration_branch_url: string | null;
+    integration_commit_url: string | null;
+    integration_pull_request_url: string | null;
+    scan_state: 'pending' | 'precrawl' | 'resolve' | 'scan' | null;
+    unmatchedFiles?: string[];
+};
+/**
+ * Strict type for full scan list response.
+ */
+export type FullScanListData = {
+    results: FullScanItem[];
+    nextPageCursor: string | null;
+    nextPage: number | null;
+};
+/**
+ * Strict type for full scan list result.
+ */
+export type FullScanListResult = {
+    cause?: undefined;
+    data: FullScanListData;
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Strict type for single full scan result.
+ */
+export type FullScanResult = {
+    cause?: undefined;
+    data: FullScanItem;
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Options for listing full scans.
+ */
+export type ListFullScansOptions = {
+    sort?: 'name' | 'created_at';
+    direction?: 'asc' | 'desc';
+    per_page?: number;
+    page?: number;
+    startAfterCursor?: string;
+    use_cursor?: boolean;
+    from?: string;
+    repo?: string;
+    branch?: string;
+    pull_request?: string;
+    commit_hash?: string;
+};
+/**
+ * Options for creating a full scan.
+ */
+export type CreateFullScanOptions = {
+    pathsRelativeTo?: string;
+    repo: string;
+    branch?: string;
+    commit_message?: string;
+    commit_hash?: string;
+    pull_request?: number;
+    committers?: string;
+    integration_type?: 'api' | 'github' | 'gitlab' | 'bitbucket' | 'azure';
+    integration_org_slug?: string;
+    make_default_branch?: boolean;
+    set_as_pending_head?: boolean;
+    tmp?: boolean;
+    scan_type?: string;
+};
+/**
+ * Options for streaming a full scan.
+ */
+export type StreamFullScanOptions = {
+    output?: boolean | string;
+};
+/**
+ * Error result type for all SDK operations.
+ */
+export type StrictErrorResult = {
+    cause?: string | undefined;
+    data?: undefined;
+    error: string;
+    status: number;
+    success: false;
+};
+/**
+ * Generic strict result type combining success and error.
+ */
+export type StrictResult<T> = {
+    cause?: undefined;
+    data: T;
+    error?: undefined;
+    status: number;
+    success: true;
+} | StrictErrorResult;
+/**
+ * Strict type for organization item.
+ */
+export type OrganizationItem = {
+    id: string;
+    name: string;
+    slug: string;
+    created_at: string;
+    updated_at: string;
+    plan: string;
+};
+/**
+ * Strict type for organizations list result.
+ */
+export type OrganizationsResult = {
+    cause?: undefined;
+    data: {
+        organizations: OrganizationItem[];
+    };
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Strict type for repository item.
+ */
+export type RepositoryItem = {
+    id: string;
+    created_at: string;
+    updated_at: string;
+    name: string;
+    organization_id: string;
+    organization_slug: string;
+    default_branch: string | null;
+    homepage: string | null;
+    archived: boolean;
+    visibility: 'public' | 'private' | 'internal';
+};
+/**
+ * Strict type for repositories list data.
+ */
+export type RepositoriesListData = {
+    results: RepositoryItem[];
+    nextPageCursor: string | null;
+    nextPage: number | null;
+};
+/**
+ * Strict type for repositories list result.
+ */
+export type RepositoriesListResult = {
+    cause?: undefined;
+    data: RepositoriesListData;
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Options for listing repositories.
+ */
+export type ListRepositoriesOptions = {
+    sort?: 'name' | 'created_at';
+    direction?: 'asc' | 'desc';
+    per_page?: number;
+    page?: number;
+    startAfterCursor?: string;
+    use_cursor?: boolean;
+};
+/**
+ * Strict type for delete operation result.
+ */
+export type DeleteResult = {
+    cause?: undefined;
+    data: {
+        success: boolean;
+    };
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Strict type for single repository result.
+ */
+export type RepositoryResult = {
+    cause?: undefined;
+    data: RepositoryItem;
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Strict type for repository label item.
+ */
+export type RepositoryLabelItem = {
+    id: string;
+    name: string;
+    repository_ids?: string[];
+    has_security_policy?: boolean;
+    has_license_policy?: boolean;
+};
+/**
+ * Strict type for repository labels list data.
+ */
+export type RepositoryLabelsListData = {
+    results: RepositoryLabelItem[];
+    nextPage: number | null;
+};
+/**
+ * Strict type for repository labels list result.
+ */
+export type RepositoryLabelsListResult = {
+    cause?: undefined;
+    data: RepositoryLabelsListData;
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Strict type for single repository label result.
+ */
+export type RepositoryLabelResult = {
+    cause?: undefined;
+    data: RepositoryLabelItem;
+    error?: undefined;
+    status: number;
+    success: true;
+};
+/**
+ * Strict type for delete repository label result.
+ */
+export type DeleteRepositoryLabelResult = {
+    cause?: undefined;
+    data: {
+        status: string;
+    };
+    error?: undefined;
+    status: number;
+    success: true;
+};

package/dist/types.d.ts

@@ -148,6 +148,44 @@ export type SocketSdkGenericResult<T> = {
     status: number;
     success: false;
 };
+/**
+ * Result from file validation callback.
+ * Allows consumers to customize error handling and logging.
+ *
+ * @since v3.0.0
+ */
+export interface FileValidationResult {
+    /**
+     * Whether to continue with the operation using valid files.
+     * If false, the SDK operation will fail with the provided error message.
+     */
+    shouldContinue: boolean;
+    /**
+     * Optional custom error message if shouldContinue is false.
+     * If not provided, SDK will use default error message.
+     */
+    errorMessage?: string | undefined;
+    /**
+     * Optional cause/reason for the error.
+     */
+    errorCause?: string | undefined;
+}
+/**
+ * Callback invoked when file validation detects unreadable files.
+ * Gives consumers control over error messages and logging.
+ *
+ * @param validPaths - Files that passed validation (readable)
+ * @param invalidPaths - Files that failed validation (unreadable)
+ * @param context - Context about the operation (method name, orgSlug, etc.)
+ * @returns Decision on whether to continue and optional custom error messages
+ *
+ * @since v3.0.0
+ */
+export type FileValidationCallback = (validPaths: string[], invalidPaths: string[], context: {
+    operation: 'createDependenciesSnapshot' | 'createOrgFullScan' | 'uploadManifestFiles';
+    orgSlug?: string | undefined;
+    [key: string]: unknown;
+}) => FileValidationResult | Promise<FileValidationResult>;
 /**
  * Configuration options for SocketSdk.
  */
@@ -166,6 +204,21 @@ export interface SocketSdkOptions {
      * Only used when cache is enabled.
      */
     cacheTtl?: number | undefined;
+    /**
+     * Callback for file validation events.
+     * Called when any file-upload method detects unreadable files:
+     * - createDependenciesSnapshot
+     * - createFullScan (formerly createOrgFullScan)
+     * - uploadManifestFiles
+     *
+     * Default behavior (if not provided):
+     * - Warns about invalid files (console.warn)
+     * - Continues with valid files if any exist
+     * - Throws error if all files are invalid
+     *
+     * @since v3.0.0
+     */
+    onFileValidation?: FileValidationCallback | undefined;
     /**
      * Number of retry attempts on failure (default: 0, retries disabled).
      * Retries are opt-in following Node.js fs.rm() pattern.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/sdk",
-  "version": "2.0.6",
+  "version": "3.0.1",
   "license": "MIT",
   "description": "SDK for the Socket API client",
   "author": {
@@ -65,12 +65,12 @@
     "@dotenvx/dotenvx": "1.49.0",
     "@eslint/compat": "1.3.2",
     "@eslint/js": "9.35.0",
-    "@socketsecurity/lib": "1.0.5",
+    "@socketsecurity/lib": "1.3.0",
     "@socketsecurity/registry": "1.5.3",
     "@types/node": "24.6.2",
     "@typescript/native-preview": "7.0.0-dev.20250926.1",
     "@vitest/coverage-v8": "3.2.4",
-    "del": "^8.0.1",
+    "del": "8.0.1",
     "dev-null-cli": "2.0.0",
     "esbuild": "0.25.10",
     "eslint": "9.35.0",

package/types/api.d.ts

@@ -5399,6 +5399,8 @@ export interface operations {
         after: string
         /** @description The base full scan ID (older) */
         before: string
+        /** @description The ID of the GitHub installation. This will be used to get the GitHub installation settings. If not provided, the default GitHub installation settings will be used. */
+        github_installation_id?: string
       }
       path: {
         /** @description The slug of the organization */
@@ -5863,6 +5865,10 @@ export interface operations {
    */
   GetDiffScanGfm: {
     parameters: {
+      query?: {
+        /** @description The ID of the GitHub installation. This will be used to get the GitHub installation settings. If not provided, the default GitHub installation settings will be used. */
+        github_installation_id?: string
+      }
       path: {
         /** @description The slug of the organization */
         org_slug: string
@@ -12526,6 +12532,14 @@ export interface operations {
         'filters.alertPriority'?: string
         /** @description Alert priority ("low", "medium", "high", or "critical") */
         'filters.alertPriority.notIn'?: string
+        /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
+        'filters.alertKEV'?: boolean
+        /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
+        'filters.alertKEV.notIn'?: boolean
+        /** @description Alert EPSS ("low", "medium", "high", "critical") */
+        'filters.alertEPSS'?: string
+        /** @description Alert EPSS ("low", "medium", "high", "critical") */
+        'filters.alertEPSS.notIn'?: string
         /** @description Direct/transitive dependency filter flag */
         'filters.dependencyDirect'?: boolean
         /** @description Direct/transitive dependency filter flag */
@@ -12677,6 +12691,10 @@ export interface operations {
                 alertReachabilityType?: string[]
                 /** @description Alert priority ("low", "medium", "high", or "critical") */
                 alertPriority?: string[]
+                /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
+                alertKEV?: boolean[]
+                /** @description Alert EPSS ("low", "medium", "high", "critical") */
+                alertEPSS?: string[]
                 /** @description Direct/transitive dependency filter flag */
                 dependencyDirect?: boolean[]
                 /** @description Development/production dependency filter flag */
@@ -12710,7 +12728,7 @@ export interface operations {
         date?: string
         /** @description The number of days of data to fetch as an offset from input date */
         range?: string
-        /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,alertPriority,dependencyDirect,dependencyDev,dependencyDead) */
+        /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
         'aggregation.fields'?: string
         /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
         'filters.alertSeverity'?: string
@@ -12776,6 +12794,14 @@ export interface operations {
         'filters.alertPriority'?: string
         /** @description Alert priority ("low", "medium", "high", or "critical") */
         'filters.alertPriority.notIn'?: string
+        /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
+        'filters.alertKEV'?: boolean
+        /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
+        'filters.alertKEV.notIn'?: boolean
+        /** @description Alert EPSS ("low", "medium", "high", "critical") */
+        'filters.alertEPSS'?: string
+        /** @description Alert EPSS ("low", "medium", "high", "critical") */
+        'filters.alertEPSS.notIn'?: string
         /** @description Direct/transitive dependency filter flag */
         'filters.dependencyDirect'?: boolean
         /** @description Direct/transitive dependency filter flag */
@@ -12845,6 +12871,10 @@ export interface operations {
                 alertReachabilityType?: string[]
                 /** @description Alert priority ("low", "medium", "high", or "critical") */
                 alertPriority?: string[]
+                /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
+                alertKEV?: boolean[]
+                /** @description Alert EPSS ("low", "medium", "high", "critical") */
+                alertEPSS?: string[]
                 /** @description Direct/transitive dependency filter flag */
                 dependencyDirect?: boolean[]
                 /** @description Development/production dependency filter flag */