npm - @socketsecurity/sdk - Versions diffs - 3.0.26 → 3.0.28 - Mend

@socketsecurity/sdk 3.0.26 → 3.0.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/index.mjs CHANGED Viewed

@@ -1,63 +1,3536 @@
 /* Socket SDK ESM - Built with esbuild */
-var X={name:"@socketsecurity/sdk",version:"3.0.26",license:"MIT",description:"SDK for the Socket API client",author:{name:"Socket Inc",email:"eng@socket.dev",url:"https://socket.dev"},homepage:"https://github.com/SocketDev/socket-sdk-js",repository:{type:"git",url:"git://github.com/SocketDev/socket-sdk-js.git"},type:"module",main:"./dist/index.mjs",types:"./dist/index.d.ts",exports:{".":{types:"./dist/index.d.ts",default:"./dist/index.mjs"},"./package.json":"./package.json","./testing":{types:"./dist/testing.d.ts",default:"./dist/testing.mjs"},"./types/api":{types:"./types/api.d.ts",default:"./types/api.d.ts"},"./types/api-helpers":{types:"./types/api-helpers.d.ts",default:"./types/api-helpers.d.ts"}},scripts:{build:"node scripts/build.mjs",bump:"node scripts/bump.mjs",check:"node scripts/check.mjs",clean:"node scripts/clean.mjs",cover:"node scripts/cover.mjs",fix:"node scripts/lint.mjs --fix","generate-sdk":"node scripts/generate-sdk.mjs",lint:"node scripts/lint.mjs",precommit:"pnpm run check --lint --staged",prepare:"husky",prepublishOnly:"echo 'ERROR: Use GitHub Actions workflow for publishing' && exit 1",publish:"node scripts/publish.mjs",claude:"node scripts/claude.mjs",test:"node scripts/test.mjs",type:"tsgo --noEmit -p .config/tsconfig.check.json",update:"node scripts/update.mjs"},dependencies:{"@socketsecurity/lib":"2.10.3"},devDependencies:{"@babel/parser":"7.26.3","@babel/traverse":"7.26.4","@babel/types":"7.26.3","@biomejs/biome":"2.2.4","@dotenvx/dotenvx":"1.49.0","@eslint/compat":"1.3.2","@eslint/js":"9.35.0","@types/node":"24.6.2","@typescript/native-preview":"7.0.0-dev.20250926.1","@vitest/coverage-v8":"4.0.3",del:"8.0.1","dev-null-cli":"2.0.0",esbuild:"0.25.10",eslint:"9.35.0","eslint-import-resolver-typescript":"4.4.4","eslint-plugin-import-x":"4.16.1","eslint-plugin-jsdoc":"57.0.8","eslint-plugin-n":"17.23.1","eslint-plugin-sort-destructure-keys":"2.0.0","eslint-plugin-unicorn":"56.0.1","fast-glob":"3.3.3",globals:"16.4.0","http2-wrapper":"2.2.1",husky:"9.1.7","magic-string":"0.30.14",nock:"14.0.10","npm-run-all2":"8.0.4","openapi-typescript":"6.7.6",semver:"7.7.2",taze:"19.6.0","type-coverage":"2.29.7","typescript-eslint":"8.44.1",vitest:"4.0.3","yoctocolors-cjs":"2.1.3"},pnpm:{ignoredBuiltDependencies:["esbuild","unrs-resolver"],overrides:{vite:"7.1.12"}},engines:{node:">=18",pnpm:">=10.16.0"},files:["CHANGELOG.md","data/*.json","dist/*.d.ts","dist/*.js","dist/*.mjs","types/*.d.ts"],typeCoverage:{cache:!0,atLeast:99,ignoreAsAssertion:!0,ignoreCatch:!0,ignoreEmptyType:!0,"ignore-non-null-assertion":!0,"ignore-type-assertion":!0,"ignore-files":"test/*",strict:!0}};function x(o){let{homepage:t}=o;return`${o.name.replace("@","").replace("/","-")}/${o.version}${t?` (${t})`:""}`}import{SOCKET_API_TOKENS_URL as re,SOCKET_CONTACT_URL as ne,SOCKET_DASHBOARD_URL as oe}from"@socketsecurity/lib/constants/socket";var q=x(X),Z=3e4,ee=3,te=1e3,B=300*1e3,N=5e3,j=10*1024*1024,$=100*1024*1024,se="https://socketusercontent.com",G=new Set(["http","https","http2"]),fe=new Map([["malware","error"],["criticalCVE","warn"],["didYouMean","warn"],["gitDependency","warn"],["httpDependency","warn"],["licenseSpdxDisj","warn"],["obfuscatedFile","warn"],["troll","warn"],["deprecated","monitor"],["mediumCVE","monitor"],["mildCVE","monitor"],["shrinkwrap","monitor"],["telemetry","monitor"],["unpopularPackage","monitor"],["unstableOwnership","monitor"],["ambiguousClassifier","ignore"],["badEncoding","ignore"],["badSemver","ignore"],["badSemverDependency","ignore"],["bidi","ignore"],["binScriptConfusion","ignore"],["chromeContentScript","ignore"],["chromeHostPermission","ignore"],["chromePermission","ignore"],["chromeWildcardHostPermission","ignore"],["chronoAnomaly","ignore"],["compromisedSSHKey","ignore"],["copyleftLicense","ignore"],["cve","ignore"],["debugAccess","ignore"],["deprecatedLicense","ignore"],["deprecatedException","ignore"],["dynamicRequire","ignore"],["emptyPackage","ignore"],["envVars","ignore"],["explicitlyUnlicensedItem","ignore"],["extraneousDependency","ignore"],["fileDependency","ignore"],["filesystemAccess","ignore"],["floatingDependency","ignore"],["gitHubDependency","ignore"],["gptAnomaly","ignore"],["gptDidYouMean","ignore"],["gptMalware","ignore"],["gptSecurity","ignore"],["hasNativeCode","ignore"],["highEntropyStrings","ignore"],["homoglyphs","ignore"],["installScripts","ignore"],["invalidPackageJSON","ignore"],["invisibleChars","ignore"],["licenseChange","ignore"],["licenseException","ignore"],["longStrings","ignore"],["majorRefactor","ignore"],["manifestConfusion","ignore"],["minifiedFile","ignore"],["miscLicenseIssues","ignore"],["missingAuthor","ignore"],["missingDependency","ignore"],["missingLicense","ignore"],["missingTarball","ignore"],["mixedLicense","ignore"],["modifiedException","ignore"],["modifiedLicense","ignore"],["networkAccess","ignore"],["newAuthor","ignore"],["noAuthorData","ignore"],["noBugTracker","ignore"],["noLicenseFound","ignore"],["noREADME","ignore"],["noRepository","ignore"],["noTests","ignore"],["noV1","ignore"],["noWebsite","ignore"],["nonOSILicense","ignore"],["nonSPDXLicense","ignore"],["nonpermissiveLicense","ignore"],["notice","ignore"],["obfuscatedRequire","ignore"],["peerDependency","ignore"],["potentialVulnerability","ignore"],["semverAnomaly","ignore"],["shellAccess","ignore"],["shellScriptOverride","ignore"],["socketUpgradeAvailable","ignore"],["suspiciousStarActivity","ignore"],["suspiciousString","ignore"],["trivialPackage","ignore"],["typeModuleCompatibility","ignore"],["uncaughtOptionalDependency","ignore"],["unclearLicense","ignore"],["unidentifiedLicense","ignore"],["unmaintained","ignore"],["unpublished","ignore"],["unresolvedRequire","ignore"],["unsafeCopyright","ignore"],["unusedDependency","ignore"],["urlStrings","ignore"],["usesEval","ignore"],["zeroWidth","ignore"]]);import ae from"node:path";import{memoize as ye}from"@socketsecurity/lib/memoization";import{normalizePath as ie}from"@socketsecurity/lib/path";var Q=ye(o=>o.endsWith("/")?o:`${o}/`,{name:"normalizeBaseUrl"});function z(){if(Promise.withResolvers)return Promise.withResolvers();let o={};return o.promise=new Promise((t,e)=>{o.resolve=t,o.reject=e}),o}function k(o){let t=new URLSearchParams(o),e={__proto__:null},s=t.entries();for(let r of s){let n=r[0],a=r[1];n==="defaultBranch"?n="default_branch":n==="perPage"&&(n="per_page"),a&&(e[n]=a)}return new URLSearchParams(e)}function U(o,t){let e=I(t);return o.map(s=>ie(ae.resolve(e,s)))}function I(o="."){return ie(ae.resolve(process.cwd(),o))}import W from"node:events";import{createReadStream as ke}from"node:fs";import _ from"node:path";import{Readable as Pe}from"node:stream";import{normalizePath as Te}from"@socketsecurity/lib/path";import Re from"node:http";import Se from"node:https";import{debugLog as ce}from"@socketsecurity/lib/debug";import{jsonParse as we}from"@socketsecurity/lib/json";import{perfTimer as J}from"@socketsecurity/lib/performance";var R=class o extends Error{response;constructor(t,e=""){let s=t.statusCode??"unknown",r=t.statusMessage??"No status message";super(`Socket API ${e||"Request failed"} (${s}): ${r}`),this.name="ResponseError",this.response=t,Error.captureStackTrace(this,o)}};async function A(o,t,e){let s=P(o).request(`${o}${t}`,{method:"DELETE",...e}).end();return await T(s)}async function m(o,t,e){let s=J("http:get",{urlPath:t});try{let r=P(o).request(`${o}${t}`,{method:"GET",...e}).end(),n=await T(r);return s({statusCode:n.statusCode}),n}catch(r){throw s({error:!0}),r}}async function y(o,t,e,s,r){let n=J(`http:${o.toLowerCase()}`,{urlPath:e});try{let a=JSON.stringify(s),i=P(t).request(`${t}${e}`,{method:o,...r,headers:{...r.headers,"Content-Length":Buffer.byteLength(a,"utf8"),"Content-Type":"application/json"}});i.write(a),i.end();let c=await T(i);return n({statusCode:c.statusCode}),c}catch(a){throw n({error:!0}),a}}async function L(o){return await new Promise((t,e)=>{let s="",r=0;o.setEncoding("utf8"),o.on("data",n=>{let a=Buffer.byteLength(n,"utf8");if(r+=a,r>j){o.destroy();let i=(r/(1024*1024)).toFixed(2),c=(j/(1024*1024)).toFixed(2),u=[`Response exceeds maximum size limit (${i}MB > ${c}MB)`,"\u2192 The API response is too large to process safely.","\u2192 Try: Use pagination parameters (limit, offset) to reduce response size.","\u2192 Try: Request specific fields instead of full objects.","\u2192 Contact support if you need to process larger responses."].join(`
-`);e(new Error(u));return}s+=n}),o.on("end",()=>t(s)),o.on("error",n=>e(n))})}function P(o){return o.startsWith("https:")?Se:Re}async function T(o){return await new Promise((t,e)=>{let s=!1;o.on("response",r=>{s||t(r)}),o.on("timeout",()=>{s=!0,o.destroy();let r=o.method||"REQUEST",n=o.path||"unknown",a=o.timeout||"configured timeout",i=[`${r} request timed out after ${a}ms: ${n}`,"\u2192 The Socket API did not respond in time.","\u2192 Try: Increase timeout option or check network connectivity.","\u2192 If problem persists, Socket API may be experiencing issues."].join(`
-`);e(new Error(i))}),o.on("error",r=>{if(!s){let n=r,a=o.method||"REQUEST",i=o.path||"unknown",c=`${a} request failed: ${i}`;n.code==="ECONNREFUSED"?c+=["","\u2192 Connection refused. Socket API server is unreachable.","\u2192 Check: Network connectivity and firewall settings.","\u2192 Verify: Base URL is correct (default: https://api.socket.dev)"].join(`
-`):n.code==="ENOTFOUND"?c+=["","\u2192 DNS lookup failed. Cannot resolve hostname.","\u2192 Check: Internet connection and DNS settings.","\u2192 Verify: Base URL hostname is correct."].join(`
-`):n.code==="ETIMEDOUT"?c+=["","\u2192 Connection timed out. Network or server issue.","\u2192 Try: Check network connectivity and retry.","\u2192 If using proxy, verify proxy configuration."].join(`
-`):n.code==="ECONNRESET"?c+=["","\u2192 Connection reset by server. Possible network interruption.","\u2192 Try: Retry the request. Enable retries option if not set."].join(`
-`):n.code==="EPIPE"?c+=["","\u2192 Broken pipe. Server closed connection unexpectedly.","\u2192 Possible: Authentication issue or server error.","\u2192 Check: API token is valid and has required permissions."].join(`
-`):n.code==="CERT_HAS_EXPIRED"||n.code==="UNABLE_TO_VERIFY_LEAF_SIGNATURE"?c+=["","\u2192 SSL/TLS certificate error.","\u2192 Check: System time and date are correct.","\u2192 Try: Update CA certificates on your system."].join(`
-`):n.code&&(c+=`
-\u2192 Error code: ${n.code}`);let u=new Error(c,{cause:r});e(u)}})})}async function d(o,t){let e=J("http:parse-json");try{if(!O(o))throw new R(o,t?`${t} Request failed`:void 0);let s=await L(o);if(s==="")return ce("API response: empty response treated as {}"),e({success:!0}),{};try{let r=we(s);return ce("API response:",r),e({success:!0}),r}catch(r){if(e({error:!0}),r instanceof SyntaxError){let a=o.headers["content-type"],c=["Socket API returned invalid JSON response",`\u2192 Response preview: ${s.length>200?`${s.slice(0,200)}...`:s}`,`\u2192 Parse error: ${r.message}`];a&&!a.includes("application/json")?c.push(`\u2192 Unexpected Content-Type: ${a} (expected application/json)`,"\u2192 The API may have returned an error page instead of JSON."):s.startsWith("<")?c.push("\u2192 Response appears to be HTML, not JSON.","\u2192 This may indicate an API endpoint error or network interception."):s.length===0?c.push("\u2192 Response body is empty when JSON was expected."):(s.includes("502 Bad Gateway")||s.includes("503 Service"))&&c.push("\u2192 Response indicates a server error.","\u2192 The Socket API may be temporarily unavailable.");let u=new Error(c.join(`
-`),{cause:r});throw u.name="SyntaxError",u.originalResponse=s,Object.setPrototypeOf(u,SyntaxError.prototype),u}if(r instanceof Error)throw r;let n=new Error("Unknown JSON parsing error",{cause:r});throw n.name="SyntaxError",n.originalResponse=s,Object.setPrototypeOf(n,SyntaxError.prototype),n}}catch(s){throw e({error:!0}),s}}function O(o){let{statusCode:t}=o;return t?t>=200&&t<300:!1}function M(o,t,e){if(!t){let s=e?e.split(","):void 0,r=n=>({name:n.name,version:n.version,size:n.size,author:n.author,type:n.type,supplyChainRisk:n.supplyChainRisk,scorecards:n.scorecards,topLevelAncestors:n.topLevelAncestors,alerts:n.alerts?.filter(a=>!(a.severity==="low"||s&&a.action&&!s.includes(a.action))).map(a=>({type:a.type,severity:a.severity,key:a.key}))});if(o.artifacts){let n=o.artifacts;return{...o,artifacts:Array.isArray(n)?n.map(r):n}}if(o.alerts)return r(o)}return o}function F(o,t){let e=[];for(let s of o){let r=Te(_.relative(t,s)),n=_.basename(s),a;try{a=ke(s,{highWaterMark:1024*1024})}catch(i){let c=i,u=`Failed to read file: ${s}`;throw c.code==="ENOENT"?u+=`
-\u2192 File does not exist. Check the file path and try again.`:c.code==="EACCES"?u+=`
-\u2192 Permission denied. Run: chmod +r "${s}"`:c.code==="EISDIR"?u+=`
-\u2192 Expected a file but found a directory.`:c.code&&(u+=`
-\u2192 Error code: ${c.code}`),new Error(u,{cause:i})}e.push([`Content-Disposition: form-data; name="${r}"; filename="${n}"\r
-`,`Content-Type: application/octet-stream\r
-\r
-`,a])}return e}function Ee(o,t="data.json"){let e=_.extname(t);return[`Content-Disposition: form-data; name="${_.basename(t,e)}"; filename="${t}"\r
+// package.json
+var package_default = {
+  name: "@socketsecurity/sdk",
+  version: "3.0.28",
+  license: "MIT",
+  description: "SDK for the Socket API client",
+  author: {
+    name: "Socket Inc",
+    email: "eng@socket.dev",
+    url: "https://socket.dev"
+  },
+  homepage: "https://github.com/SocketDev/socket-sdk-js",
+  repository: {
+    type: "git",
+    url: "git://github.com/SocketDev/socket-sdk-js.git"
+  },
+  type: "module",
+  main: "./dist/index.mjs",
+  types: "./dist/index.d.ts",
+  exports: {
+    ".": {
+      types: "./dist/index.d.ts",
+      default: "./dist/index.mjs"
+    },
+    "./package.json": "./package.json",
+    "./testing": {
+      types: "./dist/testing.d.ts",
+      default: "./dist/testing.mjs"
+    },
+    "./types/api": {
+      types: "./types/api.d.ts",
+      default: "./types/api.d.ts"
+    },
+    "./types/api-helpers": {
+      types: "./types/api-helpers.d.ts",
+      default: "./types/api-helpers.d.ts"
+    }
+  },
+  scripts: {
+    build: "node scripts/build.mjs",
+    bump: "node scripts/bump.mjs",
+    check: "node scripts/check.mjs",
+    clean: "node scripts/clean.mjs",
+    cover: "node scripts/cover.mjs",
+    fix: "node scripts/lint.mjs --fix",
+    "generate-sdk": "node scripts/generate-sdk.mjs",
+    lint: "node scripts/lint.mjs",
+    precommit: "pnpm run check --lint --staged",
+    prepare: "husky",
+    prepublishOnly: "echo 'ERROR: Use GitHub Actions workflow for publishing' && exit 1",
+    publish: "node scripts/publish.mjs",
+    claude: "node scripts/claude.mjs",
+    test: "node scripts/test.mjs",
+    type: "tsgo --noEmit -p .config/tsconfig.check.json",
+    update: "node scripts/update.mjs"
+  },
+  dependencies: {
+    "@socketsecurity/lib": "3.0.3"
+  },
+  devDependencies: {
+    "@babel/parser": "7.26.3",
+    "@babel/traverse": "7.26.4",
+    "@babel/types": "7.26.3",
+    "@biomejs/biome": "2.2.4",
+    "@dotenvx/dotenvx": "1.49.0",
+    "@eslint/compat": "1.3.2",
+    "@eslint/js": "9.35.0",
+    "@types/node": "24.9.2",
+    "@typescript/native-preview": "7.0.0-dev.20250926.1",
+    "@vitest/coverage-v8": "4.0.3",
+    del: "8.0.1",
+    "dev-null-cli": "2.0.0",
+    esbuild: "0.25.11",
+    eslint: "9.35.0",
+    "eslint-import-resolver-typescript": "4.4.4",
+    "eslint-plugin-import-x": "4.16.1",
+    "eslint-plugin-jsdoc": "57.0.8",
+    "eslint-plugin-n": "17.23.1",
+    "eslint-plugin-sort-destructure-keys": "2.0.0",
+    "eslint-plugin-unicorn": "56.0.1",
+    "fast-glob": "3.3.3",
+    globals: "16.4.0",
+    "http2-wrapper": "2.2.1",
+    husky: "9.1.7",
+    "magic-string": "0.30.14",
+    nock: "14.0.10",
+    "npm-run-all2": "8.0.4",
+    "openapi-typescript": "6.7.6",
+    semver: "7.7.2",
+    taze: "19.6.0",
+    "type-coverage": "2.29.7",
+    "typescript-eslint": "8.44.1",
+    vitest: "4.0.3",
+    "yoctocolors-cjs": "2.1.3"
+  },
+  pnpm: {
+    ignoredBuiltDependencies: [
+      "esbuild",
+      "unrs-resolver"
+    ],
+    overrides: {
+      vite: "7.1.12"
+    }
+  },
+  engines: {
+    node: ">=18",
+    pnpm: ">=10.16.0"
+  },
+  files: [
+    "CHANGELOG.md",
+    "data/*.json",
+    "dist/*.d.ts",
+    "dist/*.js",
+    "dist/*.mjs",
+    "types/*.d.ts"
+  ],
+  typeCoverage: {
+    cache: true,
+    atLeast: 99,
+    ignoreAsAssertion: true,
+    ignoreCatch: true,
+    ignoreEmptyType: true,
+    "ignore-non-null-assertion": true,
+    "ignore-type-assertion": true,
+    "ignore-files": "test/*",
+    strict: true
+  }
+};
+// src/user-agent.ts
+function createUserAgentFromPkgJson(pkgData) {
+  const { homepage } = pkgData;
+  const name = pkgData.name.replace("@", "").replace("/", "-");
+  return `${name}/${pkgData.version}${homepage ? ` (${homepage})` : ""}`;
+}
+// src/constants.ts
+import {
+  SOCKET_API_TOKENS_URL,
+  SOCKET_CONTACT_URL,
+  SOCKET_DASHBOARD_URL
+} from "@socketsecurity/lib/constants/socket";
+var DEFAULT_USER_AGENT = createUserAgentFromPkgJson(package_default);
+var DEFAULT_HTTP_TIMEOUT = 3e4;
+var DEFAULT_RETRIES = 3;
+var DEFAULT_RETRY_DELAY = 1e3;
+var MAX_HTTP_TIMEOUT = 5 * 60 * 1e3;
+var MIN_HTTP_TIMEOUT = 5e3;
+var MAX_RESPONSE_SIZE = 10 * 1024 * 1024;
+var MAX_STREAM_SIZE = 100 * 1024 * 1024;
+var SOCKET_PUBLIC_BLOB_STORE_URL = "https://socketusercontent.com";
+var httpAgentNames = /* @__PURE__ */ new Set(["http", "https", "http2"]);
+var publicPolicy = /* @__PURE__ */ new Map([
+  // error (1):
+  ["malware", "error"],
+  // warn (7):
+  ["criticalCVE", "warn"],
+  ["didYouMean", "warn"],
+  ["gitDependency", "warn"],
+  ["httpDependency", "warn"],
+  ["licenseSpdxDisj", "warn"],
+  ["obfuscatedFile", "warn"],
+  ["troll", "warn"],
+  // monitor (7):
+  ["deprecated", "monitor"],
+  ["mediumCVE", "monitor"],
+  ["mildCVE", "monitor"],
+  ["shrinkwrap", "monitor"],
+  ["telemetry", "monitor"],
+  ["unpopularPackage", "monitor"],
+  ["unstableOwnership", "monitor"],
+  // ignore (85):
+  ["ambiguousClassifier", "ignore"],
+  ["badEncoding", "ignore"],
+  ["badSemver", "ignore"],
+  ["badSemverDependency", "ignore"],
+  ["bidi", "ignore"],
+  ["binScriptConfusion", "ignore"],
+  ["chromeContentScript", "ignore"],
+  ["chromeHostPermission", "ignore"],
+  ["chromePermission", "ignore"],
+  ["chromeWildcardHostPermission", "ignore"],
+  ["chronoAnomaly", "ignore"],
+  ["compromisedSSHKey", "ignore"],
+  ["copyleftLicense", "ignore"],
+  ["cve", "ignore"],
+  ["debugAccess", "ignore"],
+  ["deprecatedLicense", "ignore"],
+  ["deprecatedException", "ignore"],
+  ["dynamicRequire", "ignore"],
+  ["emptyPackage", "ignore"],
+  ["envVars", "ignore"],
+  ["explicitlyUnlicensedItem", "ignore"],
+  ["extraneousDependency", "ignore"],
+  ["fileDependency", "ignore"],
+  ["filesystemAccess", "ignore"],
+  ["floatingDependency", "ignore"],
+  ["gitHubDependency", "ignore"],
+  ["gptAnomaly", "ignore"],
+  ["gptDidYouMean", "ignore"],
+  ["gptMalware", "ignore"],
+  ["gptSecurity", "ignore"],
+  ["hasNativeCode", "ignore"],
+  ["highEntropyStrings", "ignore"],
+  ["homoglyphs", "ignore"],
+  ["installScripts", "ignore"],
+  ["invalidPackageJSON", "ignore"],
+  ["invisibleChars", "ignore"],
+  ["licenseChange", "ignore"],
+  ["licenseException", "ignore"],
+  ["longStrings", "ignore"],
+  ["majorRefactor", "ignore"],
+  ["manifestConfusion", "ignore"],
+  ["minifiedFile", "ignore"],
+  ["miscLicenseIssues", "ignore"],
+  ["missingAuthor", "ignore"],
+  ["missingDependency", "ignore"],
+  ["missingLicense", "ignore"],
+  ["missingTarball", "ignore"],
+  ["mixedLicense", "ignore"],
+  ["modifiedException", "ignore"],
+  ["modifiedLicense", "ignore"],
+  ["networkAccess", "ignore"],
+  ["newAuthor", "ignore"],
+  ["noAuthorData", "ignore"],
+  ["noBugTracker", "ignore"],
+  ["noLicenseFound", "ignore"],
+  ["noREADME", "ignore"],
+  ["noRepository", "ignore"],
+  ["noTests", "ignore"],
+  ["noV1", "ignore"],
+  ["noWebsite", "ignore"],
+  ["nonOSILicense", "ignore"],
+  ["nonSPDXLicense", "ignore"],
+  ["nonpermissiveLicense", "ignore"],
+  ["notice", "ignore"],
+  ["obfuscatedRequire", "ignore"],
+  ["peerDependency", "ignore"],
+  ["potentialVulnerability", "ignore"],
+  ["semverAnomaly", "ignore"],
+  ["shellAccess", "ignore"],
+  ["shellScriptOverride", "ignore"],
+  ["socketUpgradeAvailable", "ignore"],
+  ["suspiciousStarActivity", "ignore"],
+  ["suspiciousString", "ignore"],
+  ["trivialPackage", "ignore"],
+  ["typeModuleCompatibility", "ignore"],
+  ["uncaughtOptionalDependency", "ignore"],
+  ["unclearLicense", "ignore"],
+  ["unidentifiedLicense", "ignore"],
+  ["unmaintained", "ignore"],
+  ["unpublished", "ignore"],
+  ["unresolvedRequire", "ignore"],
+  ["unsafeCopyright", "ignore"],
+  ["unusedDependency", "ignore"],
+  ["urlStrings", "ignore"],
+  ["usesEval", "ignore"],
+  ["zeroWidth", "ignore"]
+]);
+// src/utils.ts
+import path from "node:path";
+import { memoize } from "@socketsecurity/lib/memoization";
+import { normalizePath } from "@socketsecurity/lib/path";
+var normalizeBaseUrl = memoize(
+  (baseUrl) => {
+    return baseUrl.endsWith("/") ? baseUrl : `${baseUrl}/`;
+  },
+  { name: "normalizeBaseUrl" }
+);
+function promiseWithResolvers() {
+  if (Promise.withResolvers) {
+    return Promise.withResolvers();
+  }
+  const obj = {};
+  obj.promise = new Promise((resolver, reject) => {
+    obj.resolve = resolver;
+    obj.reject = reject;
+  });
+  return obj;
+}
+function queryToSearchParams(init) {
+  const params = new URLSearchParams(
+    init
+  );
+  const normalized = { __proto__: null };
+  const entries = params.entries();
+  for (const entry of entries) {
+    let key = entry[0];
+    const value = entry[1];
+    if (key === "defaultBranch") {
+      key = "default_branch";
+    } else if (key === "perPage") {
+      key = "per_page";
+    }
+    if (value) {
+      normalized[key] = value;
+    }
+  }
+  return new URLSearchParams(normalized);
+}
+function resolveAbsPaths(filepaths, pathsRelativeTo) {
+  const basePath = resolveBasePath(pathsRelativeTo);
+  return filepaths.map((p) => normalizePath(path.resolve(basePath, p)));
+}
+function resolveBasePath(pathsRelativeTo = ".") {
+  return normalizePath(path.resolve(process.cwd(), pathsRelativeTo));
+}
+// src/file-upload.ts
+import events from "node:events";
+import { createReadStream } from "node:fs";
+import path2 from "node:path";
+import { Readable } from "node:stream";
+import { normalizePath as normalizePath2 } from "@socketsecurity/lib/path";
+// src/http-client.ts
+import http from "node:http";
+import https from "node:https";
+import { debugLog } from "@socketsecurity/lib/debug";
+import { jsonParse } from "@socketsecurity/lib/json";
+import { perfTimer } from "@socketsecurity/lib/performance";
+var ResponseError = class _ResponseError extends Error {
+  response;
+  /**
+   * Create a new ResponseError from an HTTP response.
+   * Automatically formats error message with status code and message.
+   */
+  constructor(response, message = "") {
+    const statusCode = response.statusCode ?? "unknown";
+    const statusMessage = response.statusMessage ?? "No status message";
+    super(
+      /* c8 ignore next - fallback empty message if not provided */
+      `Socket API ${message || "Request failed"} (${statusCode}): ${statusMessage}`
+    );
+    this.name = "ResponseError";
+    this.response = response;
+    Error.captureStackTrace(this, _ResponseError);
+  }
+};
+async function createDeleteRequest(baseUrl, urlPath, options) {
+  const req = getHttpModule(baseUrl).request(`${baseUrl}${urlPath}`, {
+    method: "DELETE",
+    ...options
+  }).end();
+  return await getResponse(req);
+}
+async function createGetRequest(baseUrl, urlPath, options) {
+  const stopTimer = perfTimer("http:get", { urlPath });
+  try {
+    const req = getHttpModule(baseUrl).request(`${baseUrl}${urlPath}`, {
+      method: "GET",
+      ...options
+    }).end();
+    const response = await getResponse(req);
+    stopTimer({ statusCode: response.statusCode });
+    return response;
+  } catch (error) {
+    stopTimer({ error: true });
+    throw error;
+  }
+}
+async function createRequestWithJson(method, baseUrl, urlPath, json, options) {
+  const stopTimer = perfTimer(`http:${method.toLowerCase()}`, {
+    urlPath
+  });
+  try {
+    const body = JSON.stringify(json);
+    const req = getHttpModule(baseUrl).request(`${baseUrl}${urlPath}`, {
+      method,
+      ...options,
+      headers: {
+        ...options.headers,
+        "Content-Length": Buffer.byteLength(body, "utf8"),
+        "Content-Type": "application/json"
+      }
+    });
+    req.write(body);
+    req.end();
+    const response = await getResponse(req);
+    stopTimer({ statusCode: response.statusCode });
+    return response;
+  } catch (error) {
+    stopTimer({ error: true });
+    throw error;
+  }
+}
+async function getErrorResponseBody(response) {
+  return await new Promise((resolve, reject) => {
+    let body = "";
+    let totalBytes = 0;
+    response.setEncoding("utf8");
+    response.on("data", (chunk) => {
+      const chunkBytes = Buffer.byteLength(chunk, "utf8");
+      totalBytes += chunkBytes;
+      if (totalBytes > MAX_RESPONSE_SIZE) {
+        response.destroy();
+        const sizeMB = (totalBytes / (1024 * 1024)).toFixed(2);
+        const maxMB = (MAX_RESPONSE_SIZE / (1024 * 1024)).toFixed(2);
+        const message = [
+          `Response exceeds maximum size limit (${sizeMB}MB > ${maxMB}MB)`,
+          "\u2192 The API response is too large to process safely.",
+          "\u2192 Try: Use pagination parameters (limit, offset) to reduce response size.",
+          "\u2192 Try: Request specific fields instead of full objects.",
+          "\u2192 Contact support if you need to process larger responses."
+        ].join("\n");
+        reject(new Error(message));
+        return;
+      }
+      body += chunk;
+    });
+    response.on("end", () => resolve(body));
+    response.on("error", (e) => reject(e));
+  });
+}
+function getHttpModule(url) {
+  return url.startsWith("https:") ? https : http;
+}
+async function getResponse(req) {
+  return await new Promise((resolve, reject) => {
+    let timedOut = false;
+    req.on("response", (response) => {
+      if (timedOut) {
+        return;
+      }
+      resolve(response);
+    });
+    req.on("timeout", () => {
+      timedOut = true;
+      req.destroy();
+      const method = req.method || "REQUEST";
+      const path3 = req.path || "unknown";
+      const timeout = req.timeout || "configured timeout";
+      const message = [
+        `${method} request timed out after ${timeout}ms: ${path3}`,
+        "\u2192 The Socket API did not respond in time.",
+        "\u2192 Try: Increase timeout option or check network connectivity.",
+        "\u2192 If problem persists, Socket API may be experiencing issues."
+      ].join("\n");
+      reject(new Error(message));
+    });
+    req.on("error", (e) => {
+      if (!timedOut) {
+        const err = e;
+        const method = req.method || "REQUEST";
+        const path3 = req.path || "unknown";
+        let message = `${method} request failed: ${path3}`;
+        if (err.code === "ECONNREFUSED") {
+          message += [
+            "",
+            "\u2192 Connection refused. Socket API server is unreachable.",
+            "\u2192 Check: Network connectivity and firewall settings.",
+            "\u2192 Verify: Base URL is correct (default: https://api.socket.dev)"
+          ].join("\n");
+        } else if (err.code === "ENOTFOUND") {
+          message += [
+            "",
+            "\u2192 DNS lookup failed. Cannot resolve hostname.",
+            "\u2192 Check: Internet connection and DNS settings.",
+            "\u2192 Verify: Base URL hostname is correct."
+          ].join("\n");
+        } else if (err.code === "ETIMEDOUT") {
+          message += [
+            "",
+            "\u2192 Connection timed out. Network or server issue.",
+            "\u2192 Try: Check network connectivity and retry.",
+            "\u2192 If using proxy, verify proxy configuration."
+          ].join("\n");
+        } else if (err.code === "ECONNRESET") {
+          message += [
+            "",
+            "\u2192 Connection reset by server. Possible network interruption.",
+            "\u2192 Try: Retry the request. Enable retries option if not set."
+          ].join("\n");
+        } else if (err.code === "EPIPE") {
+          message += [
+            "",
+            "\u2192 Broken pipe. Server closed connection unexpectedly.",
+            "\u2192 Possible: Authentication issue or server error.",
+            "\u2192 Check: API token is valid and has required permissions."
+          ].join("\n");
+        } else if (err.code === "CERT_HAS_EXPIRED" || err.code === "UNABLE_TO_VERIFY_LEAF_SIGNATURE") {
+          message += [
+            "",
+            "\u2192 SSL/TLS certificate error.",
+            "\u2192 Check: System time and date are correct.",
+            "\u2192 Try: Update CA certificates on your system."
+          ].join("\n");
+        } else if (err.code) {
+          message += `
+\u2192 Error code: ${err.code}`;
+        }
+        const enhancedError = new Error(message, { cause: e });
+        reject(enhancedError);
+      }
+    });
+  });
+}
+async function getResponseJson(response, method) {
+  const stopTimer = perfTimer("http:parse-json");
+  try {
+    if (!isResponseOk(response)) {
+      throw new ResponseError(
+        response,
+        method ? `${method} Request failed` : void 0
+      );
+    }
+    const responseBody = await getErrorResponseBody(response);
+    if (responseBody === "") {
+      debugLog("API response: empty response treated as {}");
+      stopTimer({ success: true });
+      return {};
+    }
+    try {
+      const responseJson = jsonParse(responseBody);
+      debugLog("API response:", responseJson);
+      stopTimer({ success: true });
+      return responseJson;
+    } catch (e) {
+      stopTimer({ error: true });
+      if (e instanceof SyntaxError) {
+        const contentType = response.headers["content-type"];
+        const preview = responseBody.length > 200 ? `${responseBody.slice(0, 200)}...` : responseBody;
+        const messageParts = [
+          "Socket API returned invalid JSON response",
+          `\u2192 Response preview: ${preview}`,
+          `\u2192 Parse error: ${e.message}`
+        ];
+        if (contentType && !contentType.includes("application/json")) {
+          messageParts.push(
+            `\u2192 Unexpected Content-Type: ${contentType} (expected application/json)`,
+            "\u2192 The API may have returned an error page instead of JSON."
+          );
+        } else if (responseBody.startsWith("<")) {
+          messageParts.push(
+            "\u2192 Response appears to be HTML, not JSON.",
+            "\u2192 This may indicate an API endpoint error or network interception."
+          );
+        } else if (responseBody.length === 0) {
+          messageParts.push("\u2192 Response body is empty when JSON was expected.");
+        } else if (responseBody.includes("502 Bad Gateway") || responseBody.includes("503 Service")) {
+          messageParts.push(
+            "\u2192 Response indicates a server error.",
+            "\u2192 The Socket API may be temporarily unavailable."
+          );
+        }
+        const enhancedError = new Error(messageParts.join("\n"), {
+          cause: e
+        });
+        enhancedError.name = "SyntaxError";
+        enhancedError.originalResponse = responseBody;
+        Object.setPrototypeOf(enhancedError, SyntaxError.prototype);
+        throw enhancedError;
+      }
+      if (e instanceof Error) {
+        throw e;
+      }
+      const unknownError = new Error("Unknown JSON parsing error", {
+        cause: e
+      });
+      unknownError.name = "SyntaxError";
+      unknownError.originalResponse = responseBody;
+      Object.setPrototypeOf(unknownError, SyntaxError.prototype);
+      throw unknownError;
+    }
+  } catch (error) {
+    stopTimer({ error: true });
+    throw error;
+  }
+}
+function isResponseOk(response) {
+  const { statusCode } = response;
+  return statusCode ? statusCode >= 200 && statusCode < 300 : false;
+}
+function reshapeArtifactForPublicPolicy(data, isAuthenticated, actions) {
+  if (!isAuthenticated) {
+    const allowedActions = actions ? actions.split(",") : void 0;
+    const reshapeArtifact = (artifact) => ({
+      name: artifact.name,
+      version: artifact.version,
+      size: artifact.size,
+      author: artifact.author,
+      type: artifact.type,
+      supplyChainRisk: artifact.supplyChainRisk,
+      scorecards: artifact.scorecards,
+      topLevelAncestors: artifact.topLevelAncestors,
+      // Compact the alerts array to reduce response size for non-authenticated
+      // requests.
+      alerts: artifact.alerts?.filter((alert) => {
+        if (alert.severity === "low") {
+          return false;
+        }
+        if (allowedActions && alert.action && !allowedActions.includes(alert.action)) {
+          return false;
+        }
+        return true;
+      }).map((alert) => ({
+        type: alert.type,
+        severity: alert.severity,
+        key: alert.key
+      }))
+    });
+    if (data["artifacts"]) {
+      const artifacts = data["artifacts"];
+      return {
+        ...data,
+        artifacts: Array.isArray(artifacts) ? artifacts.map(reshapeArtifact) : artifacts
+      };
+    }
+    if (data["alerts"]) {
+      return reshapeArtifact(
+        data
+      );
+    }
+  }
+  return data;
+}
+// src/file-upload.ts
+function createRequestBodyForFilepaths(filepaths, basePath) {
+  const requestBody = [];
+  for (const absPath of filepaths) {
+    const relPath = normalizePath2(path2.relative(basePath, absPath));
+    const filename = path2.basename(absPath);
+    let stream;
+    try {
+      stream = createReadStream(absPath, { highWaterMark: 1024 * 1024 });
+    } catch (error) {
+      const err = error;
+      let message = `Failed to read file: ${absPath}`;
+      if (err.code === "ENOENT") {
+        message += "\n\u2192 File does not exist. Check the file path and try again.";
+      } else if (err.code === "EACCES") {
+        message += `
+\u2192 Permission denied. Run: chmod +r "${absPath}"`;
+      } else if (err.code === "EISDIR") {
+        message += "\n\u2192 Expected a file but found a directory.";
+      } else if (err.code) {
+        message += `
+\u2192 Error code: ${err.code}`;
+      }
+      throw new Error(message, { cause: error });
+    }
+    requestBody.push([
+      `Content-Disposition: form-data; name="${relPath}"; filename="${filename}"\r
+`,
+      "Content-Type: application/octet-stream\r\n\r\n",
+      stream
+    ]);
+  }
+  return requestBody;
+}
+function createRequestBodyForJson(jsonData, basename = "data.json") {
+  const ext = path2.extname(basename);
+  const name = path2.basename(basename, ext);
+  return [
+    `Content-Disposition: form-data; name="${name}"; filename="${basename}"\r
 Content-Type: application/json\r
 \r
-`,Pe.from(JSON.stringify(o),{highWaterMark:1024*1024}),`\r
-`]}async function v(o,t,e,s){return await new Promise(async(r,n)=>{let a=`NodeMultipartBoundary${Date.now()}`,i=`--${a}\r
-`,c=`--${a}--\r
-`,u=[...e.flatMap(p=>[i,...Array.isArray(p)?p:[p]]),c],l=new URL(t,o),h=P(o).request(l,{method:"POST",...s,headers:{...s?.headers,"Content-Type":`multipart/form-data; boundary=${a}`}});h.flushHeaders(),T(h).then(r,n);let g=!1;h.on("error",()=>g=!0),h.on("close",()=>g=!0);try{for(let p of u){if(g)break;if(typeof p=="string")h.write(p)||await W.once(h,"drain");else if(typeof p?.pipe=="function"){let f=p;try{for await(let S of f){if(g)break;h.write(S)||await W.once(h,"drain")}}catch(S){let w=S,E="Failed to read file during upload";throw w.code==="ENOENT"?E+=`
-\u2192 File was deleted during upload. Ensure files remain accessible during the upload process.`:w.code==="EACCES"?E+=`
-\u2192 Permission denied while reading file. Check file permissions.`:w.code&&(E+=`
-\u2192 Error code: ${w.code}`),new Error(E,{cause:S})}!g&&!h.write(`\r
-`)&&await W.once(h,"drain"),typeof p.destroy=="function"&&p.destroy()}else throw new TypeError('Expected "string" or "stream" type')}}catch(p){h.destroy(p),n(p)}finally{g||h.end()}})}import{existsSync as Oe,readFileSync as be}from"node:fs";import{join as Ie}from"node:path";import{memoize as C,once as Ae}from"@socketsecurity/lib/memoization";var b=Ae(()=>{try{let o=Ie(__dirname,"..","data","api-method-quota-and-permissions.json");if(!Oe(o))throw new Error(`Requirements file not found at: ${o}`);let t=be(o,"utf8");return JSON.parse(t)}catch(o){throw new Error("Failed to load SDK method requirements",{cause:o})}});function ue(o){return o.reduce((t,e)=>t+de(e),0)}function Ce(){let o=b(),t={};return Object.entries(o.api).forEach(([e,s])=>{t[e]={permissions:[...s.permissions],quota:s.quota}}),t}var $e=C(o=>{let e=b().api[o];if(!e)throw new Error(`Unknown SDK method: "${String(o)}"`);return{permissions:[...e.permissions],quota:e.quota}},{name:"getMethodRequirements"}),Ue=C(o=>{let t=b();return Object.entries(t.api).filter(([,e])=>o.some(s=>e.permissions.includes(s))).map(([e])=>e).sort()},{name:"getMethodsByPermissions"}),Fe=C(o=>{let t=b();return Object.entries(t.api).filter(([,e])=>e.quota===o).map(([e])=>e).sort()},{name:"getMethodsByQuotaCost"}),de=C(o=>{let e=b().api[o];if(!e)throw new Error(`Unknown SDK method: "${String(o)}"`);return e.quota},{name:"getQuotaCost"}),ve=C(()=>{let o=b(),t={};return Object.entries(o.api).forEach(([e,s])=>{let r=`${s.quota} units`;t[r]||(t[r]=[]),t[r].push(e)}),Object.keys(t).forEach(e=>{t[e]?.sort()}),t},{name:"getQuotaUsageSummary"}),xe=C(o=>{let e=b().api[o];if(!e)throw new Error(`Unknown SDK method: "${String(o)}"`);return[...e.permissions]},{name:"getRequiredPermissions"});function Le(o,t){let e=ue(t);return o>=e}import{createWriteStream as Me}from"node:fs";import H from"node:readline";import{createTtlCache as _e}from"@socketsecurity/lib/cache-with-ttl";import{UNKNOWN_ERROR as K}from"@socketsecurity/lib/constants/core";import{getAbortSignal as De}from"@socketsecurity/lib/constants/process";import{SOCKET_PUBLIC_API_TOKEN as le}from"@socketsecurity/lib/constants/socket";import{debugLog as ge,isDebugNs as qe}from"@socketsecurity/lib/debug";import{validateFiles as V}from"@socketsecurity/lib/fs";import{jsonParse as pe}from"@socketsecurity/lib/json";import{getOwn as Be,isObjectObject as me}from"@socketsecurity/lib/objects";import{pRetry as Ne}from"@socketsecurity/lib/promises";import{setMaxEventTargetListeners as je}from"@socketsecurity/lib/suppress-warnings";import{urlSearchParamAsBoolean as Ge}from"@socketsecurity/lib/url";var D=De(),Y=class{#a;#e;#i;#o;#t;#c;#u;constructor(t,e){if(typeof t!="string")throw new TypeError('"apiToken" is required and must be a string');let r=t.trim();if(!r)throw new Error('"apiToken" cannot be empty or whitespace-only');if(r.length>1024)throw new Error('"apiToken" exceeds maximum length of 1024 characters');let{agent:n,baseUrl:a="https://api.socket.dev/v0/",cache:i=!1,cacheTtl:c=300*1e3,onFileValidation:u,retries:l=ee,retryDelay:h=te,timeout:g=Z,userAgent:p}={__proto__:null,...e};if(g!==void 0&&(typeof g!="number"||g<N||g>B))throw new TypeError(`"timeout" must be a number between ${N} and ${B} milliseconds`);let f=n?Object.keys(n):[],S=n,w=f.length&&f.every(E=>G.has(E))?S.https||S.http||S.http2:n;this.#a=r,this.#e=Q(a),this.#i=i?_e({memoize:!0,prefix:"socket-sdk",ttl:c}):void 0,this.#o=u,this.#c=l,this.#u=h,this.#t={...w?{agent:w}:{},headers:{Authorization:`Basic ${btoa(`${r}:`)}`,"User-Agent":p??q},signal:D,...g?{timeout:g}:{}}}#p(t){if(!t)return;let e=Array.isArray(t)?t[0]:t;if(!e)return;let s=Number.parseInt(e,10);if(!Number.isNaN(s)&&s>=0)return s*1e3;let r=new Date(e);if(!Number.isNaN(r.getTime())){let n=r.getTime()-Date.now();if(n>0)return n}}async#r(t){let e=await Ne(t,{baseDelayMs:this.#u,onRetry:(s,r,n)=>{if(!(r instanceof R))return;let{statusCode:a}=r.response;if(a===401||a===403)throw r;if(a===429){let i=this.#p(r.response.headers["retry-after"]);if(i!==void 0)return i}},onRetryRethrow:!0,retries:this.#c});if(e===void 0)throw new Error("Request aborted");return e}async#d(t,e){return this.#i?await this.#i.getOrFetch(t,async()=>await this.#r(e)):await this.#r(e)}async*#m(t,e){let s;try{s=await this.#r(()=>this.#l(t,e))}catch(a){yield await this.#s(a);return}if(!s)throw new Error("Failed to get response from batch PURL request");let r=H.createInterface({input:s,crlfDelay:Number.POSITIVE_INFINITY,signal:D}),n=this.#a===le;for await(let a of r){let c=a.trim()?pe(a,{throws:!1}):null;me(c)&&(yield this.#n(n?M(c,!1,e?.actions):c))}}async#l(t,e){let s=P(this.#e).request(`${this.#e}purl?${k(e)}`,{method:"POST",...this.#t}).end(JSON.stringify(t)),r=await T(s);if(!O(r))throw new R(r);return r}#g(t){if(t instanceof SyntaxError){let r=t.originalResponse||"";return r||(r=t.message.match(/Invalid JSON response:\n([\s\S]*?)\n→/)?.[1]||""),{cause:`Please report this. JSON.parse threw an error over the following response: \`${(r.slice(0,100)||"").trim()}${r.length>100?"\u2026":""}\``,data:void 0,error:"Server returned invalid JSON",status:0,success:!1}}return{cause:(t?String(t).trim():"")||K,data:void 0,error:"API request failed",status:0,success:!1}}async#h(t){let e=[],s=0,r=50*1024*1024;for await(let n of t){if(s+=n.length,s>r)throw new Error("Response body exceeds maximum size limit");e.push(n)}return Buffer.concat(e).toString("utf8")}async#s(t){if(!(t instanceof R))throw new Error("Unexpected Socket API error",{cause:t});let{statusCode:e}=t.response;if(e&&e>=500)throw new Error(`Socket API server error (${e})`,{cause:t});let s=await L(t.response),r;try{let u=JSON.parse(s);if(typeof u?.error?.message=="string"&&(r=u.error.message,u.error.details)){let l=typeof u.error.details=="string"?u.error.details:JSON.stringify(u.error.details);r=`${r} - Details: ${l}`}}catch{r=s}let n=t.message??K,a=r?.trim();if(a&&!n.includes(a)){let u=t.response?.statusMessage;u&&n.includes(u)?n=n.replace(u,a):n=`${n}: ${a}`}let i;if(e===401)i=["\u2192 Authentication failed. API token is invalid or expired.","\u2192 Check: Your API token is correct and active.",`\u2192 Generate a new token at: ${re}`].join(`
-`);else if(e===403)i=["\u2192 Authorization failed. Insufficient permissions.","\u2192 Check: Your API token has required permissions for this operation.","\u2192 Check: You have access to the specified organization/repository.",`\u2192 Verify: Organization settings at ${oe}`].join(`
-`);else if(e===404)i=["\u2192 Resource not found.","\u2192 Verify: Package name, version, or resource ID is correct.","\u2192 Check: Organization or repository exists and is accessible."].join(`
-`);else if(e===429){let u=t.response.headers["retry-after"];i=["\u2192 Rate limit exceeded. Too many requests.",`\u2192 ${u?`Retry after ${u} seconds.`:"Wait before retrying."}`,"\u2192 Try: Implement exponential backoff or enable SDK retry option.",`\u2192 Contact support to increase rate limits: ${ne}`].join(`
-`)}else e===400?i=["\u2192 Bad request. Invalid parameters or request body.","\u2192 Check: All required parameters are provided and correctly formatted.","\u2192 Verify: Package URLs (PURLs) follow correct format."].join(`
-`):e===413&&(i=["\u2192 Payload too large. Request exceeds size limits.","\u2192 Try: Reduce the number of files or packages in a single request.","\u2192 Try: Use batch operations with smaller chunks."].join(`
-`));return{cause:i?[a,"",i].filter(Boolean).join(`
-`):r,data:void 0,error:n,status:e??0,success:!1}}#n(t){return{cause:void 0,data:t,error:void 0,status:200,success:!0}}async#f(t,e){return e==="response"?t:e==="text"?await this.#h(t):e==="json"?await d(t):t}async batchPackageFetch(t,e){let s;try{s=await this.#l(t,e)}catch(c){return await this.#s(c)}if(!s)throw new Error("Failed to get response from batch PURL request");let r=H.createInterface({input:s,crlfDelay:Number.POSITIVE_INFINITY,signal:D}),n=this.#a===le,a=[];for await(let c of r){let l=c.trim()?pe(c,{throws:!1}):null;me(l)&&a.push(n?M(l,!1,e?.actions):l)}let i=Ge(Be(e,"compact"));return this.#n(a)}async*batchPackageStream(t,e){let{chunkSize:s=100,concurrencyLimit:r=10,queryParams:n}={__proto__:null,...e},a=r*2;je(D,a);let{components:i}=t,{length:c}=i,u=[],l=0,h=()=>{if(l>=c)return;let p=this.#m({components:i.slice(l,l+s)},n);g(p),l+=s},g=p=>{let{promise:f,reject:S,resolve:w}=z();u.push({generator:p,promise:f}),p.next().then(E=>w({generator:p,iteratorResult:E}),S)};for(;u.length<r&&l<c;)h();for(;u.length>0;){let{generator:p,iteratorResult:f}=await Promise.race(u.map(w=>w.promise)),S=u.findIndex(w=>w.generator===p);S!==-1&&(u.splice(S,1),f.value&&(yield f.value),f.done?h():g(p))}}async createDependenciesSnapshot(t,e){let{pathsRelativeTo:s=".",queryParams:r}={__proto__:null,...e},n=I(s),a=U(t,n),{invalidPaths:i,validPaths:c}=V(a);if(this.#o&&i.length>0){let u=await this.#o(c,i,{operation:"createDependenciesSnapshot"});if(!u.shouldContinue)return{cause:u.errorCause,data:void 0,error:u.errorMessage??"File validation failed",status:400,success:!1}}if(!this.#o&&i.length>0){let u=i.slice(0,3).join(`
-  - `),l=i.length>3?`
-  ... and ${i.length-3} more`:"";console.warn(`Warning: ${i.length} files skipped (unreadable):
-  - ${u}${l}
+`,
+    Readable.from(JSON.stringify(jsonData), { highWaterMark: 1024 * 1024 }),
+    "\r\n"
+  ];
+}
+async function createUploadRequest(baseUrl, urlPath, requestBodyNoBoundaries, options) {
+  return await new Promise(async (pass, fail) => {
+    const boundary = `NodeMultipartBoundary${Date.now()}`;
+    const boundarySep = `--${boundary}\r
+`;
+    const finalBoundary = `--${boundary}--\r
+`;
+    const requestBody = [
+      ...requestBodyNoBoundaries.flatMap((part) => [
+        boundarySep,
+        /* c8 ignore next - Array.isArray branch for part is defensive coding for edge cases. */
+        ...Array.isArray(part) ? part : [part]
+      ]),
+      finalBoundary
+    ];
+    const url = new URL(urlPath, baseUrl);
+    const req = getHttpModule(baseUrl).request(url, {
+      method: "POST",
+      ...options,
+      headers: {
+        ...options?.headers,
+        "Content-Type": `multipart/form-data; boundary=${boundary}`
+      }
+    });
+    req.flushHeaders();
+    getResponse(req).then(pass, fail);
+    let aborted = false;
+    req.on("error", () => aborted = true);
+    req.on("close", () => aborted = true);
+    try {
+      for (const part of requestBody) {
+        if (aborted) {
+          break;
+        }
+        if (typeof part === "string") {
+          if (!req.write(part)) {
+            await events.once(req, "drain");
+          }
+        } else if (typeof part?.pipe === "function") {
+          const stream = part;
+          try {
+            for await (const chunk of stream) {
+              if (aborted) {
+                break;
+              }
+              if (!req.write(chunk)) {
+                await events.once(req, "drain");
+              }
+            }
+          } catch (streamError) {
+            const err = streamError;
+            let message = "Failed to read file during upload";
+            if (err.code === "ENOENT") {
+              message += "\n\u2192 File was deleted during upload. Ensure files remain accessible during the upload process.";
+            } else if (err.code === "EACCES") {
+              message += "\n\u2192 Permission denied while reading file. Check file permissions.";
+            } else if (err.code) {
+              message += `
+\u2192 Error code: ${err.code}`;
+            }
+            throw new Error(message, { cause: streamError });
+          }
+          if (!aborted && !req.write("\r\n")) {
+            await events.once(req, "drain");
+          }
+          if (typeof part.destroy === "function") {
+            part.destroy();
+          }
+        } else {
+          throw new TypeError('Expected "string" or "stream" type');
+        }
+      }
+    } catch (e) {
+      req.destroy(e);
+      fail(e);
+    } finally {
+      if (!aborted) {
+        req.end();
+      }
+    }
+  });
+}
+// src/quota-utils.ts
+import { existsSync, readFileSync } from "node:fs";
+import { join } from "node:path";
+import { memoize as memoize2, once } from "@socketsecurity/lib/memoization";
+var loadRequirements = once(() => {
+  try {
+    const requirementsPath = join(
+      __dirname,
+      "..",
+      "data",
+      "api-method-quota-and-permissions.json"
+    );
+    if (!existsSync(requirementsPath)) {
+      throw new Error(`Requirements file not found at: ${requirementsPath}`);
+    }
+    const data = readFileSync(requirementsPath, "utf8");
+    return JSON.parse(data);
+  } catch (e) {
+    throw new Error("Failed to load SDK method requirements", { cause: e });
+  }
+});
+function calculateTotalQuotaCost(methodNames) {
+  return methodNames.reduce((total, methodName) => {
+    return total + getQuotaCost(methodName);
+  }, 0);
+}
+function getAllMethodRequirements() {
+  const reqs = loadRequirements();
+  const result = {};
+  Object.entries(reqs.api).forEach(([methodName, requirement]) => {
+    result[methodName] = {
+      permissions: [...requirement.permissions],
+      quota: requirement.quota
+    };
+  });
+  return result;
+}
+var getMethodRequirements = memoize2(
+  (methodName) => {
+    const reqs = loadRequirements();
+    const requirement = reqs.api[methodName];
+    if (!requirement) {
+      throw new Error(`Unknown SDK method: "${String(methodName)}"`);
+    }
+    return {
+      permissions: [...requirement.permissions],
+      quota: requirement.quota
+    };
+  },
+  { name: "getMethodRequirements" }
+);
+var getMethodsByPermissions = memoize2(
+  (permissions) => {
+    const reqs = loadRequirements();
+    return Object.entries(reqs.api).filter(([, requirement]) => {
+      return permissions.some(
+        (permission) => requirement.permissions.includes(permission)
+      );
+    }).map(([methodName]) => methodName).sort();
+  },
+  { name: "getMethodsByPermissions" }
+);
+var getMethodsByQuotaCost = memoize2(
+  (quotaCost) => {
+    const reqs = loadRequirements();
+    return Object.entries(reqs.api).filter(([, requirement]) => requirement.quota === quotaCost).map(([methodName]) => methodName).sort();
+  },
+  { name: "getMethodsByQuotaCost" }
+);
+var getQuotaCost = memoize2(
+  (methodName) => {
+    const reqs = loadRequirements();
+    const requirement = reqs.api[methodName];
+    if (!requirement) {
+      throw new Error(`Unknown SDK method: "${String(methodName)}"`);
+    }
+    return requirement.quota;
+  },
+  { name: "getQuotaCost" }
+);
+var getQuotaUsageSummary = memoize2(
+  () => {
+    const reqs = loadRequirements();
+    const summary = {};
+    Object.entries(reqs.api).forEach(([methodName, requirement]) => {
+      const costKey = `${requirement.quota} units`;
+      if (!summary[costKey]) {
+        summary[costKey] = [];
+      }
+      summary[costKey].push(methodName);
+    });
+    Object.keys(summary).forEach((costKey) => {
+      summary[costKey]?.sort();
+    });
+    return summary;
+  },
+  { name: "getQuotaUsageSummary" }
+);
+var getRequiredPermissions = memoize2(
+  (methodName) => {
+    const reqs = loadRequirements();
+    const requirement = reqs.api[methodName];
+    if (!requirement) {
+      throw new Error(`Unknown SDK method: "${String(methodName)}"`);
+    }
+    return [...requirement.permissions];
+  },
+  { name: "getRequiredPermissions" }
+);
+function hasQuotaForMethods(availableQuota, methodNames) {
+  const totalCost = calculateTotalQuotaCost(methodNames);
+  return availableQuota >= totalCost;
+}
+// src/socket-sdk-class.ts
+import { createWriteStream } from "node:fs";
+import readline from "node:readline";
+import { createTtlCache } from "@socketsecurity/lib/cache-with-ttl";
+import { UNKNOWN_ERROR } from "@socketsecurity/lib/constants/core";
+import { getAbortSignal } from "@socketsecurity/lib/constants/process";
+import { SOCKET_PUBLIC_API_TOKEN } from "@socketsecurity/lib/constants/socket";
+import { debugLog as debugLog2, isDebugNs } from "@socketsecurity/lib/debug";
+import { validateFiles } from "@socketsecurity/lib/fs";
+import { jsonParse as jsonParse2 } from "@socketsecurity/lib/json";
+import { getOwn, isObjectObject } from "@socketsecurity/lib/objects";
+import { pRetry } from "@socketsecurity/lib/promises";
+import { setMaxEventTargetListeners } from "@socketsecurity/lib/suppress-warnings";
+import { urlSearchParamAsBoolean } from "@socketsecurity/lib/url";
+var abortSignal = getAbortSignal();
+var SocketSdk = class {
+  #apiToken;
+  #baseUrl;
+  #cache;
+  #onFileValidation;
+  #reqOptions;
+  #retries;
+  #retryDelay;
+  /**
+   * Initialize Socket SDK with API token and configuration options.
+   * Sets up authentication, base URL, HTTP client options, retry behavior, and caching.
+   */
+  constructor(apiToken, options) {
+    const MAX_API_TOKEN_LENGTH = 1024;
+    if (typeof apiToken !== "string") {
+      throw new TypeError('"apiToken" is required and must be a string');
+    }
+    const trimmedToken = apiToken.trim();
+    if (!trimmedToken) {
+      throw new Error('"apiToken" cannot be empty or whitespace-only');
+    }
+    if (trimmedToken.length > MAX_API_TOKEN_LENGTH) {
+      throw new Error(
+        `"apiToken" exceeds maximum length of ${MAX_API_TOKEN_LENGTH} characters`
+      );
+    }
+    const {
+      agent: agentOrObj,
+      baseUrl = "https://api.socket.dev/v0/",
+      cache = false,
+      cacheTtl = 5 * 60 * 1e3,
+      onFileValidation,
+      retries = DEFAULT_RETRIES,
+      retryDelay = DEFAULT_RETRY_DELAY,
+      timeout = DEFAULT_HTTP_TIMEOUT,
+      userAgent
+    } = { __proto__: null, ...options };
+    if (timeout !== void 0) {
+      if (typeof timeout !== "number" || timeout < MIN_HTTP_TIMEOUT || timeout > MAX_HTTP_TIMEOUT) {
+        throw new TypeError(
+          `"timeout" must be a number between ${MIN_HTTP_TIMEOUT} and ${MAX_HTTP_TIMEOUT} milliseconds`
+        );
+      }
+    }
+    const agentKeys = agentOrObj ? Object.keys(agentOrObj) : [];
+    const agentAsGotOptions = agentOrObj;
+    const agent = agentKeys.length && agentKeys.every((k) => httpAgentNames.has(k)) ? (
+      /* c8 ignore next 3 - Got-style agent options compatibility layer */
+      agentAsGotOptions.https || agentAsGotOptions.http || agentAsGotOptions.http2
+    ) : agentOrObj;
+    this.#apiToken = trimmedToken;
+    this.#baseUrl = normalizeBaseUrl(baseUrl);
+    this.#cache = cache ? createTtlCache({
+      memoize: true,
+      prefix: "socket-sdk",
+      ttl: cacheTtl
+    }) : (
+      /* c8 ignore next - cache disabled by default */
+      void 0
+    );
+    this.#onFileValidation = onFileValidation;
+    this.#retries = retries;
+    this.#retryDelay = retryDelay;
+    this.#reqOptions = {
+      ...agent ? { agent } : {},
+      headers: {
+        Authorization: `Basic ${btoa(`${trimmedToken}:`)}`,
+        "User-Agent": userAgent ?? DEFAULT_USER_AGENT
+      },
+      signal: abortSignal,
+      /* c8 ignore next - Optional timeout parameter, tested implicitly through method calls */
+      ...timeout ? { timeout } : {}
+    };
+  }
+  /**
+   * Parse Retry-After header value and return delay in milliseconds.
+   * Supports both delay-seconds (integer) and HTTP-date formats.
+   */
+  #parseRetryAfter(retryAfterValue) {
+    if (!retryAfterValue) {
+      return void 0;
+    }
+    const value = Array.isArray(retryAfterValue) ? retryAfterValue[0] : retryAfterValue;
+    if (!value) {
+      return void 0;
+    }
+    const seconds = Number.parseInt(value, 10);
+    if (!Number.isNaN(seconds) && seconds >= 0) {
+      return seconds * 1e3;
+    }
+    const date = new Date(value);
+    if (!Number.isNaN(date.getTime())) {
+      const delayMs = date.getTime() - Date.now();
+      if (delayMs > 0) {
+        return delayMs;
+      }
+    }
+    return void 0;
+  }
+  /**
+   * Execute an HTTP request with retry logic.
+   * Internal method for wrapping HTTP operations with exponential backoff.
+   */
+  async #executeWithRetry(operation) {
+    const result = await pRetry(operation, {
+      baseDelayMs: this.#retryDelay,
+      onRetry: (_attempt, error, _delay) => {
+        if (!(error instanceof ResponseError)) {
+          return void 0;
+        }
+        const { statusCode } = error.response;
+        if (statusCode === 401 || statusCode === 403) {
+          throw error;
+        }
+        if (statusCode === 429) {
+          const retryAfter = this.#parseRetryAfter(
+            error.response.headers["retry-after"]
+          );
+          if (retryAfter !== void 0) {
+            return retryAfter;
+          }
+        }
+        return void 0;
+      },
+      onRetryRethrow: true,
+      retries: this.#retries
+    });
+    if (result === void 0) {
+      throw new Error("Request aborted");
+    }
+    return result;
+  }
+  /**
+   * Execute a GET request with optional caching.
+   * Internal method for handling cached GET requests with retry logic.
+   */
+  async #getCached(cacheKey, fetcher) {
+    if (!this.#cache) {
+      return await this.#executeWithRetry(fetcher);
+    }
+    return await this.#cache.getOrFetch(cacheKey, async () => {
+      return await this.#executeWithRetry(fetcher);
+    });
+  }
+  /**
+   * Create async generator for streaming batch package URL processing.
+   * Internal method for handling chunked PURL responses with error handling.
+   */
+  async *#createBatchPurlGenerator(componentsObj, queryParams) {
+    let res;
+    try {
+      res = await this.#executeWithRetry(
+        () => this.#createBatchPurlRequest(componentsObj, queryParams)
+      );
+    } catch (e) {
+      yield await this.#handleApiError(e);
+      return;
+    }
+    if (!res) {
+      throw new Error("Failed to get response from batch PURL request");
+    }
+    const rli = readline.createInterface({
+      input: res,
+      crlfDelay: Number.POSITIVE_INFINITY,
+      signal: abortSignal
+    });
+    const isPublicToken = this.#apiToken === SOCKET_PUBLIC_API_TOKEN;
+    for await (const line of rli) {
+      const trimmed = line.trim();
+      const artifact = trimmed ? jsonParse2(line, { throws: false }) : (
+        /* c8 ignore next - Empty line handling in batch streaming response parsing. */
+        null
+      );
+      if (isObjectObject(artifact)) {
+        yield this.#handleApiSuccess(
+          /* c8 ignore next 7 - Public token artifact reshaping branch for policy compliance. */
+          isPublicToken ? reshapeArtifactForPublicPolicy(
+            artifact,
+            false,
+            queryParams?.["actions"]
+          ) : artifact
+        );
+      }
+    }
+  }
+  /**
+   * Create HTTP request for batch package URL processing.
+   * Internal method for handling PURL batch API calls with retry logic.
+   */
+  async #createBatchPurlRequest(componentsObj, queryParams) {
+    const req = getHttpModule(this.#baseUrl).request(`${this.#baseUrl}purl?${queryToSearchParams(queryParams)}`, {
+      method: "POST",
+      ...this.#reqOptions
+    }).end(JSON.stringify(componentsObj));
+    const response = await getResponse(req);
+    if (!isResponseOk(response)) {
+      throw new ResponseError(response);
+    }
+    return response;
+  }
+  /**
+   * Create standardized error result from query operation exceptions.
+   * Internal error handling for non-throwing query API methods.
+   */
+  #createQueryErrorResult(e) {
+    if (e instanceof SyntaxError) {
+      const enhancedError = e;
+      let responseText = enhancedError.originalResponse || "";
+      if (!responseText) {
+        const match = e.message.match(/Invalid JSON response:\n([\s\S]*?)\n→/);
+        responseText = match?.[1] || "";
+      }
+      const preview = responseText.slice(0, 100) || "";
+      return {
+        cause: `Please report this. JSON.parse threw an error over the following response: \`${preview.trim()}${responseText.length > 100 ? "\u2026" : ""}\``,
+        data: void 0,
+        error: "Server returned invalid JSON",
+        status: 0,
+        success: false
+      };
+    }
+    const errStr = e ? String(e).trim() : "";
+    return {
+      cause: errStr || UNKNOWN_ERROR,
+      data: void 0,
+      error: "API request failed",
+      status: 0,
+      success: false
+    };
+  }
+  /**
+   * Extract text content from HTTP response stream.
+   * Internal method with size limits to prevent memory exhaustion.
+   */
+  /* c8 ignore start - unused utility method reserved for future text response handling */
+  async #getResponseText(response) {
+    const chunks = [];
+    let size = 0;
+    const MAX = 50 * 1024 * 1024;
+    for await (const chunk of response) {
+      size += chunk.length;
+      if (size > MAX) {
+        throw new Error("Response body exceeds maximum size limit");
+      }
+      chunks.push(chunk);
+    }
+    return Buffer.concat(chunks).toString("utf8");
+  }
+  /* c8 ignore stop */
+  /**
+   * Handle API error responses and convert to standardized error result.
+   * Internal error handling with status code analysis and message formatting.
+   */
+  async #handleApiError(error) {
+    if (!(error instanceof ResponseError)) {
+      throw new Error("Unexpected Socket API error", {
+        cause: error
+      });
+    }
+    const { statusCode } = error.response;
+    if (statusCode && statusCode >= 500) {
+      throw new Error(`Socket API server error (${statusCode})`, {
+        cause: error
+      });
+    }
+    const bodyStr = await getErrorResponseBody(error.response);
+    let body;
+    try {
+      const parsed = JSON.parse(bodyStr);
+      if (typeof parsed?.error?.message === "string") {
+        body = parsed.error.message;
+        if (parsed.error.details) {
+          const detailsStr = typeof parsed.error.details === "string" ? parsed.error.details : JSON.stringify(parsed.error.details);
+          body = `${body} - Details: ${detailsStr}`;
+        }
+      }
+    } catch {
+      body = bodyStr;
+    }
+    let errorMessage = error.message ?? /* c8 ignore next - fallback for missing error message */
+    UNKNOWN_ERROR;
+    const trimmedBody = body?.trim();
+    if (trimmedBody && !errorMessage.includes(trimmedBody)) {
+      const statusMessage = error.response?.statusMessage;
+      if (statusMessage && errorMessage.includes(statusMessage)) {
+        errorMessage = errorMessage.replace(statusMessage, trimmedBody);
+      } else {
+        errorMessage = `${errorMessage}: ${trimmedBody}`;
+      }
+    }
+    let actionableGuidance;
+    if (statusCode === 401) {
+      actionableGuidance = [
+        "\u2192 Authentication failed. API token is invalid or expired.",
+        "\u2192 Check: Your API token is correct and active.",
+        `\u2192 Generate a new token at: ${SOCKET_API_TOKENS_URL}`
+      ].join("\n");
+    } else if (statusCode === 403) {
+      actionableGuidance = [
+        "\u2192 Authorization failed. Insufficient permissions.",
+        "\u2192 Check: Your API token has required permissions for this operation.",
+        "\u2192 Check: You have access to the specified organization/repository.",
+        `\u2192 Verify: Organization settings at ${SOCKET_DASHBOARD_URL}`
+      ].join("\n");
+    } else if (statusCode === 404) {
+      actionableGuidance = [
+        "\u2192 Resource not found.",
+        "\u2192 Verify: Package name, version, or resource ID is correct.",
+        "\u2192 Check: Organization or repository exists and is accessible."
+      ].join("\n");
+    } else if (statusCode === 429) {
+      const retryAfter = error.response.headers["retry-after"];
+      const retryMsg = retryAfter ? `Retry after ${retryAfter} seconds.` : "Wait before retrying.";
+      actionableGuidance = [
+        "\u2192 Rate limit exceeded. Too many requests.",
+        `\u2192 ${retryMsg}`,
+        "\u2192 Try: Implement exponential backoff or enable SDK retry option.",
+        `\u2192 Contact support to increase rate limits: ${SOCKET_CONTACT_URL}`
+      ].join("\n");
+    } else if (statusCode === 400) {
+      actionableGuidance = [
+        "\u2192 Bad request. Invalid parameters or request body.",
+        "\u2192 Check: All required parameters are provided and correctly formatted.",
+        "\u2192 Verify: Package URLs (PURLs) follow correct format."
+      ].join("\n");
+    } else if (statusCode === 413) {
+      actionableGuidance = [
+        "\u2192 Payload too large. Request exceeds size limits.",
+        "\u2192 Try: Reduce the number of files or packages in a single request.",
+        "\u2192 Try: Use batch operations with smaller chunks."
+      ].join("\n");
+    }
+    const causeWithGuidance = actionableGuidance ? [trimmedBody, "", actionableGuidance].filter(Boolean).join("\n") : body;
+    return {
+      cause: causeWithGuidance,
+      data: void 0,
+      error: errorMessage,
+      /* c8 ignore next - fallback for missing status code in edge cases. */
+      status: statusCode ?? 0,
+      success: false
+    };
+  }
+  /**
+   * Handle successful API responses and convert to standardized success result.
+   * Internal success handling with consistent response formatting.
+   */
+  #handleApiSuccess(data) {
+    return {
+      cause: void 0,
+      data,
+      error: void 0,
+      // Use generic 200 OK status for all successful API responses.
+      status: 200,
+      success: true
+    };
+  }
+  /**
+   * Handle query API response data based on requested response type.
+   * Internal method for processing different response formats (json, text, response).
+   */
+  async #handleQueryResponseData(response, responseType) {
+    if (responseType === "response") {
+      return response;
+    }
+    if (responseType === "text") {
+      return await this.#getResponseText(response);
+    }
+    if (responseType === "json") {
+      return await getResponseJson(response);
+    }
+    return response;
+  }
+  /**
+   * Fetch package analysis data for multiple packages in a single batch request.
+   * Returns all results at once after processing is complete.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async batchPackageFetch(componentsObj, queryParams) {
+    let res;
+    try {
+      res = await this.#createBatchPurlRequest(componentsObj, queryParams);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+    if (!res) {
+      throw new Error("Failed to get response from batch PURL request");
+    }
+    const rli = readline.createInterface({
+      input: res,
+      crlfDelay: Number.POSITIVE_INFINITY,
+      signal: abortSignal
+    });
+    const isPublicToken = this.#apiToken === SOCKET_PUBLIC_API_TOKEN;
+    const results = [];
+    for await (const line of rli) {
+      const trimmed = line.trim();
+      const artifact = trimmed ? jsonParse2(line, { throws: false }) : (
+        /* c8 ignore next - Empty line handling in batch parsing. */
+        null
+      );
+      if (isObjectObject(artifact)) {
+        results.push(
+          /* c8 ignore next 7 - Public token artifact reshaping for policy compliance. */
+          isPublicToken ? reshapeArtifactForPublicPolicy(
+            artifact,
+            false,
+            queryParams?.["actions"]
+          ) : artifact
+        );
+      }
+    }
+    const compact = urlSearchParamAsBoolean(
+      getOwn(queryParams, "compact")
+    );
+    return this.#handleApiSuccess(
+      compact ? results : results
+    );
+  }
+  /**
+   * Stream package analysis data for multiple packages with chunked processing and concurrency control.
+   * Returns results as they become available via async generator.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async *batchPackageStream(componentsObj, options) {
+    const {
+      chunkSize = 100,
+      concurrencyLimit = 10,
+      queryParams
+    } = {
+      __proto__: null,
+      ...options
+    };
+    const neededMaxListeners = concurrencyLimit * 2;
+    setMaxEventTargetListeners(abortSignal, neededMaxListeners);
+    const { components } = componentsObj;
+    const { length: componentsCount } = components;
+    const running = [];
+    let index = 0;
+    const enqueueGen = () => {
+      if (index >= componentsCount) {
+        return;
+      }
+      const generator = this.#createBatchPurlGenerator(
+        {
+          // Chunk components.
+          components: components.slice(index, index + chunkSize)
+        },
+        queryParams
+      );
+      continueGen(generator);
+      index += chunkSize;
+    };
+    const continueGen = (generator) => {
+      const {
+        promise,
+        reject: rejectFn,
+        resolve: resolveFn
+      } = promiseWithResolvers();
+      running.push({
+        generator,
+        promise
+      });
+      void generator.next().then(
+        (iteratorResult) => resolveFn({ generator, iteratorResult }),
+        rejectFn
+      );
+    };
+    while (running.length < concurrencyLimit && index < componentsCount) {
+      enqueueGen();
+    }
+    while (running.length > 0) {
+      const { generator, iteratorResult } = await Promise.race(
+        running.map((entry) => entry.promise)
+      );
+      const index2 = running.findIndex((entry) => entry.generator === generator);
+      if (index2 === -1) {
+        continue;
+      }
+      running.splice(index2, 1);
+      if (iteratorResult.value) {
+        yield iteratorResult.value;
+      }
+      if (iteratorResult.done) {
+        enqueueGen();
+      } else {
+        continueGen(generator);
+      }
+    }
+  }
+  /**
+   * Create a snapshot of project dependencies by uploading manifest files.
+   * Analyzes dependency files to generate a comprehensive security report.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async createDependenciesSnapshot(filepaths, options) {
+    const { pathsRelativeTo = ".", queryParams } = {
+      __proto__: null,
+      ...options
+    };
+    const basePath = resolveBasePath(pathsRelativeTo);
+    const absFilepaths = resolveAbsPaths(filepaths, basePath);
+    const { invalidPaths, validPaths } = validateFiles(absFilepaths);
+    if (this.#onFileValidation && invalidPaths.length > 0) {
+      const result = await this.#onFileValidation(validPaths, invalidPaths, {
+        operation: "createDependenciesSnapshot"
+      });
+      if (!result.shouldContinue) {
+        return {
+          cause: result.errorCause,
+          data: void 0,
+          error: result.errorMessage ?? "File validation failed",
+          status: 400,
+          success: false
+        };
+      }
+    }
+    if (!this.#onFileValidation && invalidPaths.length > 0) {
+      const samplePaths = invalidPaths.slice(0, 3).join("\n  - ");
+      const remaining = invalidPaths.length > 3 ? `
+  ... and ${invalidPaths.length - 3} more` : "";
+      console.warn(
+        `Warning: ${invalidPaths.length} files skipped (unreadable):
+  - ${samplePaths}${remaining}
 \u2192 This may occur with Yarn Berry PnP or pnpm symlinks.
-\u2192 Try: Run installation command to ensure files are accessible.`)}if(c.length===0){let u=i.slice(0,5).join(`
-  - `),l=i.length>5?`
-  ... and ${i.length-5} more`:"";return{cause:[`All ${i.length} files failed validation:`,`  - ${u}${l}`,"","\u2192 Common causes:","  \u2022 Yarn Berry PnP virtual filesystem (files are not on disk)","  \u2022 pnpm symlinks pointing to inaccessible locations","  \u2022 Incorrect file permissions","  \u2022 Files were deleted after discovery","","\u2192 Solutions:","  \u2022 Yarn Berry: Use `nodeLinker: node-modules` in .yarnrc.yml","  \u2022 pnpm: Use `node-linker=hoisted` in .npmrc","  \u2022 Check file permissions with: ls -la <file>","  \u2022 Run package manager install command"].join(`
-`),data:void 0,error:"No readable manifest files found",status:400,success:!1}}try{let u=await this.#r(async()=>await d(await v(this.#e,`dependencies/upload?${k(r)}`,F(c,n),this.#t)));return this.#n(u)}catch(u){return await this.#s(u)}}async createOrgDiffScanFromIds(t,e){try{let s=await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/diff-scans?${k(e)}`,{},this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async createFullScan(t,e,s){let{pathsRelativeTo:r=".",...n}={__proto__:null,...s},a=I(r),i=U(e,a),{invalidPaths:c,validPaths:u}=V(i);if(this.#o&&c.length>0){let l=await this.#o(u,c,{operation:"createOrgFullScan",orgSlug:t});if(!l.shouldContinue)return{cause:l.errorCause,data:void 0,error:l.errorMessage??"File validation failed",status:400,success:!1}}if(!this.#o&&c.length>0){let l=c.slice(0,3).join(`
-  - `),h=c.length>3?`
-  ... and ${c.length-3} more`:"";console.warn(`Warning: ${c.length} files skipped (unreadable):
-  - ${l}${h}
+\u2192 Try: Run installation command to ensure files are accessible.`
+      );
+    }
+    if (validPaths.length === 0) {
+      const samplePaths = invalidPaths.slice(0, 5).join("\n  - ");
+      const remaining = invalidPaths.length > 5 ? `
+  ... and ${invalidPaths.length - 5} more` : "";
+      return {
+        cause: [
+          `All ${invalidPaths.length} files failed validation:`,
+          `  - ${samplePaths}${remaining}`,
+          "",
+          "\u2192 Common causes:",
+          "  \u2022 Yarn Berry PnP virtual filesystem (files are not on disk)",
+          "  \u2022 pnpm symlinks pointing to inaccessible locations",
+          "  \u2022 Incorrect file permissions",
+          "  \u2022 Files were deleted after discovery",
+          "",
+          "\u2192 Solutions:",
+          "  \u2022 Yarn Berry: Use `nodeLinker: node-modules` in .yarnrc.yml",
+          "  \u2022 pnpm: Use `node-linker=hoisted` in .npmrc",
+          "  \u2022 Check file permissions with: ls -la <file>",
+          "  \u2022 Run package manager install command"
+        ].join("\n"),
+        data: void 0,
+        error: "No readable manifest files found",
+        status: 400,
+        success: false
+      };
+    }
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createUploadRequest(
+            this.#baseUrl,
+            `dependencies/upload?${queryToSearchParams(queryParams)}`,
+            createRequestBodyForFilepaths(validPaths, basePath),
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Create a diff scan from two full scan IDs.
+   * Compares two existing full scans to identify changes.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async createOrgDiffScanFromIds(orgSlug, queryParams) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/diff-scans?${queryToSearchParams(queryParams)}`,
+            {},
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Create a full security scan for an organization.
+   *
+   * Uploads project manifest files and initiates full security analysis.
+   * Returns scan metadata with guaranteed required fields.
+   *
+   * @param orgSlug - Organization identifier
+   * @param filepaths - Array of file paths to upload (package.json, package-lock.json, etc.)
+   * @param options - Scan configuration including repository, branch, and commit details
+   * @returns Full scan metadata including ID and URLs
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.createFullScan('my-org',
+   *   ['package.json', 'package-lock.json'],
+   *   {
+   *     repo: 'my-repo',
+   *     branch: 'main',
+   *     commit_message: 'Update dependencies',
+   *     commit_hash: 'abc123',
+   *     pathsRelativeTo: './my-project'
+   *   }
+   * )
+   *
+   * if (result.success) {
+   *   console.log('Scan ID:', result.data.id)
+   *   console.log('Report URL:', result.data.html_report_url)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/createorgfullscan
+   * @apiEndpoint POST /orgs/{org_slug}/full-scans
+   * @quota 1 unit
+   * @scopes full-scans:create
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async createFullScan(orgSlug, filepaths, options) {
+    const { pathsRelativeTo = ".", ...queryParams } = {
+      __proto__: null,
+      ...options
+    };
+    const basePath = resolveBasePath(pathsRelativeTo);
+    const absFilepaths = resolveAbsPaths(filepaths, basePath);
+    const { invalidPaths, validPaths } = validateFiles(absFilepaths);
+    if (this.#onFileValidation && invalidPaths.length > 0) {
+      const result = await this.#onFileValidation(validPaths, invalidPaths, {
+        operation: "createOrgFullScan",
+        orgSlug
+      });
+      if (!result.shouldContinue) {
+        return {
+          cause: result.errorCause,
+          data: void 0,
+          error: result.errorMessage ?? "File validation failed",
+          status: 400,
+          success: false
+        };
+      }
+    }
+    if (!this.#onFileValidation && invalidPaths.length > 0) {
+      const samplePaths = invalidPaths.slice(0, 3).join("\n  - ");
+      const remaining = invalidPaths.length > 3 ? `
+  ... and ${invalidPaths.length - 3} more` : "";
+      console.warn(
+        `Warning: ${invalidPaths.length} files skipped (unreadable):
+  - ${samplePaths}${remaining}
 \u2192 This may occur with Yarn Berry PnP or pnpm symlinks.
-\u2192 Try: Run installation command to ensure files are accessible.`)}if(u.length===0){let l=c.slice(0,5).join(`
-  - `),h=c.length>5?`
-  ... and ${c.length-5} more`:"";return{cause:[`All ${c.length} files failed validation:`,`  - ${l}${h}`,"","\u2192 Common causes:","  \u2022 Yarn Berry PnP virtual filesystem (files are not on disk)","  \u2022 pnpm symlinks pointing to inaccessible locations","  \u2022 Incorrect file permissions","  \u2022 Files were deleted after discovery","","\u2192 Solutions:","  \u2022 Yarn Berry: Use `nodeLinker: node-modules` in .yarnrc.yml","  \u2022 pnpm: Use `node-linker=hoisted` in .npmrc","  \u2022 Check file permissions with: ls -la <file>","  \u2022 Run package manager install command"].join(`
-`),data:void 0,error:"No readable manifest files found",status:400,success:!1}}try{return{cause:void 0,data:await this.#r(async()=>await d(await v(this.#e,`orgs/${encodeURIComponent(t)}/full-scans?${k(n)}`,F(u,a),this.#t))),error:void 0,status:200,success:!0}}catch(l){let h=await this.#s(l);return{cause:h.cause,data:void 0,error:h.error,status:h.status,success:!1}}}async createRepository(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/repos`,e,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async createRepositoryLabel(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/repos/labels`,e,this.#t))),error:void 0,status:201,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async deleteOrgDiffScan(t,e){try{let s=await this.#r(async()=>await d(await A(this.#e,`orgs/${encodeURIComponent(t)}/diff-scans/${encodeURIComponent(e)}`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async deleteFullScan(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await A(this.#e,`orgs/${encodeURIComponent(t)}/full-scans/${encodeURIComponent(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async deleteRepository(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await A(this.#e,`orgs/${encodeURIComponent(t)}/repos/${encodeURIComponent(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async deleteRepositoryLabel(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await A(this.#e,`orgs/${encodeURIComponent(t)}/repos/labels/${encodeURIComponent(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async exportCDX(t,e){try{let s=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/full-scans/${encodeURIComponent(e)}/sbom/export/cdx`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async exportSPDX(t,e){try{let s=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/full-scans/${encodeURIComponent(e)}/sbom/export/spdx`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async getApi(t,e){let{responseType:s="response",throws:r=!0}={__proto__:null,...e};try{let n=await m(this.#e,t,this.#t);if(!O(n)){if(r)throw new R(n);let i=await this.#s(new R(n));return{cause:i.cause,data:void 0,error:i.error,status:i.status,success:!1}}let a=await this.#f(n,s);return r?a:{cause:void 0,data:a,error:void 0,status:n.statusCode??200,success:!0}}catch(n){if(r)throw n;if(n instanceof R){let a=await this.#s(n);return{cause:a.cause,data:void 0,error:a.error,status:a.status,success:!1}}return this.#g(n)}}async getAPITokens(t){try{let e=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/tokens`,this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async getAuditLogEvents(t,e){try{let s=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/audit-log?${k(e)}`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async getDiffScanById(t,e){try{let s=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/diff-scans/${encodeURIComponent(e)}`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async getEnabledEntitlements(t){return((await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/entitlements`,this.#t))))?.items||[]).filter(r=>r&&r.enabled===!0&&r.key).map(r=>r.key)}async getEntitlements(t){return(await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/entitlements`,this.#t))))?.items||[]}async getIssuesByNpmPackage(t,e){try{let s=await this.#r(async()=>await d(await m(this.#e,`npm/${encodeURIComponent(t)}/${encodeURIComponent(e)}/issues`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async getOrgAnalytics(t){try{let e=await this.#r(async()=>await d(await m(this.#e,`analytics/org/${encodeURIComponent(t)}`,this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async listOrganizations(){try{return{cause:void 0,data:await this.#d("organizations",async()=>await d(await m(this.#e,"organizations",this.#t))),error:void 0,status:200,success:!0}}catch(t){let e=await this.#s(t);return{cause:e.cause,data:void 0,error:e.error,status:e.status,success:!1}}}async getFullScan(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/full-scans/${encodeURIComponent(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async listFullScans(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/full-scans?${k(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async getFullScanMetadata(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/full-scans/${encodeURIComponent(e)}/metadata`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async getOrgLicensePolicy(t){try{let e=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/settings/license-policy`,this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async getRepository(t,e){let s=encodeURIComponent(t),r=encodeURIComponent(e);try{return{cause:void 0,data:await this.#r(async()=>await d(await m(this.#e,`orgs/${s}/repos/${r}`,this.#t))),error:void 0,status:200,success:!0}}catch(n){let a=await this.#s(n);return{cause:a.cause,data:void 0,error:a.error,status:a.status,success:!1}}}async getRepositoryLabel(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/repos/labels/${encodeURIComponent(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async listRepositoryLabels(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/repos/labels?${k(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async listRepositories(t,e){try{return{cause:void 0,data:await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/repos?${k(e)}`,this.#t))),error:void 0,status:200,success:!0}}catch(s){let r=await this.#s(s);return{cause:r.cause,data:void 0,error:r.error,status:r.status,success:!1}}}async getOrgSecurityPolicy(t){try{let e=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/settings/security-policy`,this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async getOrgTriage(t){try{let e=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/triage`,this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async getQuota(){try{let t=await this.#d("quota",async()=>await d(await m(this.#e,"quota",this.#t)));return this.#n(t)}catch(t){return await this.#s(t)}}async getRepoAnalytics(t,e){try{let s=await this.#r(async()=>await d(await m(this.#e,`analytics/repo/${encodeURIComponent(t)}/${encodeURIComponent(e)}`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async getScoreByNpmPackage(t,e){try{let s=await this.#r(async()=>await d(await m(this.#e,`npm/${encodeURIComponent(t)}/${encodeURIComponent(e)}/score`,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async getSupportedScanFiles(){try{let t=await this.#r(async()=>await d(await m(this.#e,"report/supported",this.#t)));return this.#n(t)}catch(t){return await this.#s(t)}}async listOrgDiffScans(t){try{let e=await this.#r(async()=>await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/diff-scans`,this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async postAPIToken(t,e){try{let s=await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/tokens`,e,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async postAPITokensRevoke(t,e){try{let s=await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/tokens/${encodeURIComponent(e)}/revoke`,{},this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async postAPITokensRotate(t,e){try{let s=await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/tokens/${encodeURIComponent(e)}/rotate`,{},this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async postAPITokenUpdate(t,e,s){try{let r=await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/tokens/${encodeURIComponent(e)}/update`,s,this.#t)));return this.#n(r)}catch(r){return await this.#s(r)}}async postSettings(t){try{let e=await this.#r(async()=>await d(await y("POST",this.#e,"settings",{json:t},this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async searchDependencies(t){try{let e=await this.#r(async()=>await d(await y("POST",this.#e,"dependencies/search",t,this.#t)));return this.#n(e)}catch(e){return await this.#s(e)}}async sendApi(t,e){let{body:s,method:r="POST",throws:n=!0}={__proto__:null,...e};try{let a=await y(r,this.#e,t,s,this.#t),i=await d(a);return n?i:{cause:void 0,data:i,error:void 0,status:a.statusCode??200,success:!0}}catch(a){if(n)throw a;if(a instanceof R){let c=await this.#s(a);return{cause:c.cause,data:void 0,error:c.error,status:c.status,success:!1}}return{cause:(a?String(a).trim():"")||K,data:void 0,error:"API request failed",status:0,success:!1}}}async streamFullScan(t,e,s){let{output:r}={__proto__:null,...s};try{let n=P(this.#e).request(`${this.#e}orgs/${encodeURIComponent(t)}/full-scans/${encodeURIComponent(e)}`,{method:"GET",...this.#t}).end(),a=await T(n);if(!O(a))throw new R(a);if(typeof r=="string"){let i=Me(r),c=0;a.on("data",u=>{if(c+=u.length,c>$)throw a.destroy(),i.destroy(),new Error(`Response exceeds maximum stream size of ${$} bytes`)}),a.pipe(i),i.on("error",u=>{throw new Error(`Failed to write to file: ${r}`,{cause:u})})}else if(r===!0){let i=0;a.on("data",c=>{if(i+=c.length,i>$)throw a.destroy(),new Error(`Response exceeds maximum stream size of ${$} bytes`)}),a.pipe(process.stdout),process.stdout.on("error",c=>{throw new Error("Failed to write to stdout",{cause:c})})}return this.#n(a)}catch(n){return await this.#s(n)}}async streamPatchesFromScan(t,e){let s=await this.#r(async()=>await m(this.#e,`orgs/${encodeURIComponent(t)}/patches/scan?scan_id=${encodeURIComponent(e)}`,this.#t));if(!O(s))throw new R(s,"GET Request failed");let r=H.createInterface({input:s,crlfDelay:Number.POSITIVE_INFINITY});return new ReadableStream({async start(n){try{for await(let a of r){let i=a.trim();if(i)try{let c=JSON.parse(i);n.enqueue(c)}catch(c){ge("streamPatchesFromScan",`Failed to parse line: ${c}`)}}}catch(a){n.error(a)}finally{n.close()}}})}async updateOrgAlertTriage(t,e,s){try{let r=await this.#r(async()=>await d(await y("PUT",this.#e,`orgs/${encodeURIComponent(t)}/triage/${encodeURIComponent(e)}`,s,this.#t)));return this.#n(r)}catch(r){return await this.#s(r)}}async updateOrgLicensePolicy(t,e,s){try{let r=await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/settings/license-policy?${k(s)}`,e,this.#t)));return this.#n(r)}catch(r){return await this.#s(r)}}async updateRepository(t,e,s){try{return{cause:void 0,data:await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/repos/${encodeURIComponent(e)}`,s,this.#t))),error:void 0,status:200,success:!0}}catch(r){let n=await this.#s(r);return{cause:n.cause,data:void 0,error:n.error,status:n.status,success:!1}}}async updateRepositoryLabel(t,e,s){try{return{cause:void 0,data:await this.#r(async()=>await d(await y("PUT",this.#e,`orgs/${encodeURIComponent(t)}/repos/labels/${encodeURIComponent(e)}`,s,this.#t))),error:void 0,status:200,success:!0}}catch(r){let n=await this.#s(r);return{cause:n.cause,data:void 0,error:n.error,status:n.status,success:!1}}}async updateOrgSecurityPolicy(t,e){try{let s=await this.#r(async()=>await d(await y("POST",this.#e,`orgs/${encodeURIComponent(t)}/settings/security-policy`,e,this.#t)));return this.#n(s)}catch(s){return await this.#s(s)}}async uploadManifestFiles(t,e,s){let{pathsRelativeTo:r="."}={__proto__:null,...s},n=I(r),a=U(e,n),{invalidPaths:i,validPaths:c}=V(a);if(this.#o&&i.length>0){let u=await this.#o(c,i,{operation:"uploadManifestFiles",orgSlug:t});if(!u.shouldContinue)return{error:u.errorMessage??"File validation failed",status:400,success:!1,...u.errorCause?{cause:u.errorCause}:{}}}if(!this.#o&&i.length>0){let u=i.slice(0,3).join(`
-  - `),l=i.length>3?`
-  ... and ${i.length-3} more`:"";console.warn(`Warning: ${i.length} files skipped (unreadable):
-  - ${u}${l}
+\u2192 Try: Run installation command to ensure files are accessible.`
+      );
+    }
+    if (validPaths.length === 0) {
+      const samplePaths = invalidPaths.slice(0, 5).join("\n  - ");
+      const remaining = invalidPaths.length > 5 ? `
+  ... and ${invalidPaths.length - 5} more` : "";
+      return {
+        cause: [
+          `All ${invalidPaths.length} files failed validation:`,
+          `  - ${samplePaths}${remaining}`,
+          "",
+          "\u2192 Common causes:",
+          "  \u2022 Yarn Berry PnP virtual filesystem (files are not on disk)",
+          "  \u2022 pnpm symlinks pointing to inaccessible locations",
+          "  \u2022 Incorrect file permissions",
+          "  \u2022 Files were deleted after discovery",
+          "",
+          "\u2192 Solutions:",
+          "  \u2022 Yarn Berry: Use `nodeLinker: node-modules` in .yarnrc.yml",
+          "  \u2022 pnpm: Use `node-linker=hoisted` in .npmrc",
+          "  \u2022 Check file permissions with: ls -la <file>",
+          "  \u2022 Run package manager install command"
+        ].join("\n"),
+        data: void 0,
+        error: "No readable manifest files found",
+        status: 400,
+        success: false
+      };
+    }
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createUploadRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/full-scans?${queryToSearchParams(queryParams)}`,
+            createRequestBodyForFilepaths(validPaths, basePath),
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Create a new repository in an organization.
+   *
+   * Registers a repository for monitoring and security scanning.
+   *
+   * @param orgSlug - Organization identifier
+   * @param params - Repository configuration (name, description, homepage, etc.)
+   * @returns Created repository details
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.createRepository('my-org', {
+   *   name: 'my-repo',
+   *   description: 'My project repository',
+   *   homepage: 'https://example.com'
+   * })
+   *
+   * if (result.success) {
+   *   console.log('Repository created:', result.data.id)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/createorgrepo
+   * @apiEndpoint POST /orgs/{org_slug}/repos
+   * @quota 1 unit
+   * @scopes repo:write
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async createRepository(orgSlug, params) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos`,
+            params,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Create a new repository label for an organization.
+   *
+   * Labels can be used to group and organize repositories and apply security/license policies.
+   *
+   * @param orgSlug - Organization identifier
+   * @param labelData - Label configuration (must include name property)
+   * @returns Created label with guaranteed id and name fields
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.createRepositoryLabel('my-org', { name: 'production' })
+   *
+   * if (result.success) {
+   *   console.log('Label created:', result.data.id)
+   *   console.log('Label name:', result.data.name)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/createorgrepolabel
+   * @apiEndpoint POST /orgs/{org_slug}/repos/labels
+   * @quota 1 unit
+   * @scopes repo-label:create
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async createRepositoryLabel(orgSlug, labelData) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos/labels`,
+            labelData,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 201,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Delete a diff scan from an organization.
+   * Permanently removes diff scan data and results.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async deleteOrgDiffScan(orgSlug, diffScanId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createDeleteRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/diff-scans/${encodeURIComponent(diffScanId)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Delete a full scan from an organization.
+   *
+   * Permanently removes scan data and results.
+   *
+   * @param orgSlug - Organization identifier
+   * @param scanId - Full scan identifier to delete
+   * @returns Success confirmation
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.deleteFullScan('my-org', 'scan_123')
+   *
+   * if (result.success) {
+   *   console.log('Scan deleted successfully')
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/deleteorgfullscan
+   * @apiEndpoint DELETE /orgs/{org_slug}/full-scans/{full_scan_id}
+   * @quota 1 unit
+   * @scopes full-scans:delete
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async deleteFullScan(orgSlug, scanId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createDeleteRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(scanId)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Delete a repository from an organization.
+   *
+   * Removes repository monitoring and associated scan data.
+   *
+   * @param orgSlug - Organization identifier
+   * @param repoSlug - Repository slug/name to delete
+   * @returns Success confirmation
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.deleteRepository('my-org', 'old-repo')
+   *
+   * if (result.success) {
+   *   console.log('Repository deleted')
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/deleteorgrepo
+   * @apiEndpoint DELETE /orgs/{org_slug}/repos/{repo_slug}
+   * @quota 1 unit
+   * @scopes repo:write
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async deleteRepository(orgSlug, repoSlug) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createDeleteRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Delete a repository label from an organization.
+   *
+   * Removes label and all its associations (repositories, security policy, license policy, etc.).
+   *
+   * @param orgSlug - Organization identifier
+   * @param labelId - Label identifier
+   * @returns Deletion confirmation
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.deleteRepositoryLabel('my-org', 'label-id-123')
+   *
+   * if (result.success) {
+   *   console.log('Label deleted:', result.data.status)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/deleteorgrepolabel
+   * @apiEndpoint DELETE /orgs/{org_slug}/repos/labels/{label_id}
+   * @quota 1 unit
+   * @scopes repo-label:delete
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async deleteRepositoryLabel(orgSlug, labelId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createDeleteRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos/labels/${encodeURIComponent(labelId)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Delete a legacy scan report permanently.
+  /**
+   * Export scan results in CycloneDX SBOM format.
+   * Returns Software Bill of Materials compliant with CycloneDX standard.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async exportCDX(orgSlug, fullScanId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/sbom/export/cdx`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Export scan results in SPDX SBOM format.
+   * Returns Software Bill of Materials compliant with SPDX standard.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async exportSPDX(orgSlug, fullScanId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/sbom/export/spdx`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Execute a raw GET request to any API endpoint with configurable response type.
+   * Supports both throwing (default) and non-throwing modes.
+   * @param urlPath - API endpoint path (e.g., 'organizations')
+   * @param options - Request options including responseType and throws behavior
+   * @returns Raw response, parsed data, or SocketSdkGenericResult based on options
+   */
+  async getApi(urlPath, options) {
+    const { responseType = "response", throws = true } = {
+      __proto__: null,
+      ...options
+    };
+    try {
+      const response = await createGetRequest(
+        this.#baseUrl,
+        urlPath,
+        this.#reqOptions
+      );
+      if (!isResponseOk(response)) {
+        if (throws) {
+          throw new ResponseError(response);
+        }
+        const errorResult = await this.#handleApiError(
+          new ResponseError(response)
+        );
+        return {
+          cause: errorResult.cause,
+          data: void 0,
+          error: errorResult.error,
+          status: errorResult.status,
+          success: false
+        };
+      }
+      const data = await this.#handleQueryResponseData(
+        response,
+        responseType
+      );
+      if (throws) {
+        return data;
+      }
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        /* c8 ignore next - Defensive fallback: response.statusCode is always defined in Node.js http/https */
+        status: response.statusCode ?? 200,
+        success: true
+      };
+    } catch (e) {
+      if (throws) {
+        throw e;
+      }
+      if (e instanceof ResponseError) {
+        const errorResult = await this.#handleApiError(e);
+        return {
+          cause: errorResult.cause,
+          data: void 0,
+          error: errorResult.error,
+          status: errorResult.status,
+          success: false
+        };
+      }
+      return this.#createQueryErrorResult(e);
+    }
+  }
+  /**
+   * Get list of API tokens for an organization.
+   * Returns organization API tokens with metadata and permissions.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getAPITokens(orgSlug) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/tokens`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Retrieve audit log events for an organization.
+   * Returns chronological log of security and administrative actions.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getAuditLogEvents(orgSlug, queryParams) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/audit-log?${queryToSearchParams(queryParams)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get details for a specific diff scan.
+   * Returns comparison between two full scans with artifact changes.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getDiffScanById(orgSlug, diffScanId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/diff-scans/${encodeURIComponent(diffScanId)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Retrieve the enabled entitlements for an organization.
+   *
+   * This method fetches the organization's entitlements and filters for only* the enabled ones, returning their keys. Entitlements represent Socket
+   * Products that the organization has access to use.
+   */
+  async getEnabledEntitlements(orgSlug) {
+    const data = await this.#executeWithRetry(
+      async () => await getResponseJson(
+        await createGetRequest(
+          this.#baseUrl,
+          `orgs/${encodeURIComponent(orgSlug)}/entitlements`,
+          this.#reqOptions
+        )
+      )
+    );
+    const items = data?.items || [];
+    return items.filter((item) => item && item.enabled === true && item.key).map((item) => item.key);
+  }
+  /**
+   * Retrieve all entitlements for an organization.
+   *
+   * This method fetches all entitlements (both enabled and disabled) for
+   * an organization, returning the complete list with their status.
+   */
+  async getEntitlements(orgSlug) {
+    const data = await this.#executeWithRetry(
+      async () => await getResponseJson(
+        await createGetRequest(
+          this.#baseUrl,
+          `orgs/${encodeURIComponent(orgSlug)}/entitlements`,
+          this.#reqOptions
+        )
+      )
+    );
+    return data?.items || [];
+  }
+  /**
+   * Get security issues for a specific npm package and version.
+   * Returns detailed vulnerability and security alert information.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getIssuesByNpmPackage(pkgName, version) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `npm/${encodeURIComponent(pkgName)}/${encodeURIComponent(version)}/issues`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get analytics data for organization usage patterns and security metrics.
+   * Returns statistical analysis for specified time period.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getOrgAnalytics(time) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `analytics/org/${encodeURIComponent(time)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * List all organizations accessible to the current user.
+   *
+   * Returns organization details and access permissions with guaranteed required fields.
+   *
+   * @returns List of organizations with metadata
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.listOrganizations()
+   *
+   * if (result.success) {
+   *   result.data.organizations.forEach(org => {
+   *     console.log(org.name, org.slug)  // Guaranteed fields
+   *   })
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorganizations
+   * @apiEndpoint GET /organizations
+   * @quota 1 unit
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async listOrganizations() {
+    try {
+      const data = await this.#getCached(
+        "organizations",
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            "organizations",
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Get complete full scan results buffered in memory.
+   *
+   * Returns entire scan data as JSON for programmatic processing.
+   * For large scans, consider using streamFullScan() instead.
+   *
+   * @param orgSlug - Organization identifier
+   * @param scanId - Full scan identifier
+   * @returns Complete full scan data including all artifacts
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.getFullScan('my-org', 'scan_123')
+   *
+   * if (result.success) {
+   *   console.log('Scan status:', result.data.scan_state)
+   *   console.log('Repository:', result.data.repository_slug)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgfullscan
+   * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}
+   * @quota 1 unit
+   * @scopes full-scans:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getFullScan(orgSlug, scanId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(scanId)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * List all full scans for an organization.
+   *
+   * Returns paginated list of full scan metadata with guaranteed required fields
+   * for improved TypeScript autocomplete.
+   *
+   * @param orgSlug - Organization identifier
+   * @param options - Filtering and pagination options
+   * @returns List of full scans with metadata
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.listFullScans('my-org', {
+   *   branch: 'main',
+   *   per_page: 50,
+   *   use_cursor: true
+   * })
+   *
+   * if (result.success) {
+   *   result.data.results.forEach(scan => {
+   *     console.log(scan.id, scan.created_at)  // Guaranteed fields
+   *   })
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgfullscanlist
+   * @apiEndpoint GET /orgs/{org_slug}/full-scans
+   * @quota 1 unit
+   * @scopes full-scans:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async listFullScans(orgSlug, options) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/full-scans?${queryToSearchParams(options)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Get metadata for a specific full scan.
+   *
+   * Returns scan configuration, status, and summary information without full artifact data.
+   * Useful for checking scan status without downloading complete results.
+   *
+   * @param orgSlug - Organization identifier
+   * @param scanId - Full scan identifier
+   * @returns Scan metadata including status and configuration
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.getFullScanMetadata('my-org', 'scan_123')
+   *
+   * if (result.success) {
+   *   console.log('Scan state:', result.data.scan_state)
+   *   console.log('Branch:', result.data.branch)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgfullscanmetadata
+   * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}/metadata
+   * @quota 1 unit
+   * @scopes full-scans:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getFullScanMetadata(orgSlug, scanId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(scanId)}/metadata`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Get organization's license policy configuration.* Returns allowed, restricted, and monitored license types.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getOrgLicensePolicy(orgSlug) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/settings/license-policy`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get details for a specific repository.
+   *
+   * Returns repository configuration, monitoring status, and metadata.
+   *
+   * @param orgSlug - Organization identifier
+   * @param repoSlug - Repository slug/name
+   * @returns Repository details with configuration
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.getRepository('my-org', 'my-repo')
+   *
+   * if (result.success) {
+   *   console.log('Repository:', result.data.name)
+   *   console.log('Visibility:', result.data.visibility)
+   *   console.log('Default branch:', result.data.default_branch)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgrepo
+   * @apiEndpoint GET /orgs/{org_slug}/repos/{repo_slug}
+   * @quota 1 unit
+   * @scopes repo:read
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getRepository(orgSlug, repoSlug) {
+    const orgSlugParam = encodeURIComponent(orgSlug);
+    const repoSlugParam = encodeURIComponent(repoSlug);
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${orgSlugParam}/repos/${repoSlugParam}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Get details for a specific repository label.
+   *
+   * Returns label configuration, associated repositories, and policy settings.
+   *
+   * @param orgSlug - Organization identifier
+   * @param labelId - Label identifier
+   * @returns Label details with guaranteed id and name fields
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.getRepositoryLabel('my-org', 'label-id-123')
+   *
+   * if (result.success) {
+   *   console.log('Label name:', result.data.name)
+   *   console.log('Associated repos:', result.data.repository_ids)
+   *   console.log('Has security policy:', result.data.has_security_policy)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgrepolabel
+   * @apiEndpoint GET /orgs/{org_slug}/repos/labels/{label_id}
+   * @quota 1 unit
+   * @scopes repo-label:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getRepositoryLabel(orgSlug, labelId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos/labels/${encodeURIComponent(labelId)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * List all repository labels for an organization.
+   *
+   * Returns paginated list of labels configured for repository organization and policy management.
+   *
+   * @param orgSlug - Organization identifier
+   * @param options - Pagination options
+   * @returns List of labels with guaranteed id and name fields
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.listRepositoryLabels('my-org', { per_page: 50, page: 1 })
+   *
+   * if (result.success) {
+   *   result.data.results.forEach(label => {
+   *     console.log('Label:', label.name)
+   *     console.log('Associated repos:', label.repository_ids?.length || 0)
+   *   })
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgrepolabellist
+   * @apiEndpoint GET /orgs/{org_slug}/repos/labels
+   * @quota 1 unit
+   * @scopes repo-label:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async listRepositoryLabels(orgSlug, options) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos/labels?${queryToSearchParams(options)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * List all repositories in an organization.
+   *
+   * Returns paginated list of repository metadata with guaranteed required fields.
+   *
+   * @param orgSlug - Organization identifier
+   * @param options - Pagination and filtering options
+   * @returns List of repositories with metadata
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.listRepositories('my-org', {
+   *   per_page: 50,
+   *   sort: 'name',
+   *   direction: 'asc'
+   * })
+   *
+   * if (result.success) {
+   *   result.data.results.forEach(repo => {
+   *     console.log(repo.name, repo.visibility)
+   *   })
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgrepolist
+   * @apiEndpoint GET /orgs/{org_slug}/repos
+   * @quota 1 unit
+   * @scopes repo:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async listRepositories(orgSlug, options) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos?${queryToSearchParams(options)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Get organization's security policy configuration.* Returns alert rules, severity thresholds, and enforcement settings.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getOrgSecurityPolicy(orgSlug) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/settings/security-policy`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get organization triage settings and status.
+   * Returns alert triage configuration and current state.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getOrgTriage(orgSlug) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/triage`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get current API quota usage and limits.
+   * Returns remaining requests, rate limits, and quota reset times.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getQuota() {
+    try {
+      const data = await this.#getCached(
+        "quota",
+        async () => await getResponseJson(
+          await createGetRequest(this.#baseUrl, "quota", this.#reqOptions)
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get analytics data for a specific repository.
+   * Returns security metrics, dependency trends, and vulnerability statistics.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getRepoAnalytics(repo, time) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `analytics/repo/${encodeURIComponent(repo)}/${encodeURIComponent(time)}`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get detailed results for a legacy scan report.
+  /**
+  /**
+   * Get security score for a specific npm package and version.
+   * Returns numerical security rating and scoring breakdown.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getScoreByNpmPackage(pkgName, version) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `npm/${encodeURIComponent(pkgName)}/${encodeURIComponent(version)}/score`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Get list of file types and formats supported for scanning.
+   * Returns supported manifest files, lockfiles, and configuration formats.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getSupportedScanFiles() {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            "report/supported",
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * List all diff scans for an organization.
+   * Returns paginated list of diff scan metadata and status.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async listOrgDiffScans(orgSlug) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/diff-scans`,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Create a new API token for an organization.
+   * Generates API token with specified scopes and metadata.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async postAPIToken(orgSlug, tokenData) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/tokens`,
+            tokenData,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Revoke an API token for an organization.
+   * Permanently disables the token and removes access.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async postAPITokensRevoke(orgSlug, tokenId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/tokens/${encodeURIComponent(tokenId)}/revoke`,
+            {},
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Rotate an API token for an organization.
+   * Generates new token value while preserving token metadata.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async postAPITokensRotate(orgSlug, tokenId) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/tokens/${encodeURIComponent(tokenId)}/rotate`,
+            {},
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Update an existing API token for an organization.
+   * Modifies token metadata, scopes, or other properties.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async postAPITokenUpdate(orgSlug, tokenId, updateData) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/tokens/${encodeURIComponent(tokenId)}/update`,
+            updateData,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Update user or organization settings.
+   * Configures preferences, notifications, and security policies.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async postSettings(selectors) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            "settings",
+            { json: selectors },
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Search for dependencies across monitored projects.
+   * Returns matching packages with security information and usage patterns.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async searchDependencies(queryParams) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            "dependencies/search",
+            queryParams,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Send POST or PUT request with JSON body and return parsed JSON response.
+   * Supports both throwing (default) and non-throwing modes.
+   * @param urlPath - API endpoint path (e.g., 'organizations')
+   * @param options - Request options including method, body, and throws behavior
+   * @returns Parsed JSON response or SocketSdkGenericResult based on options
+   */
+  async sendApi(urlPath, options) {
+    const {
+      body,
+      // Default to POST method for JSON API requests.
+      method = "POST",
+      throws = true
+    } = { __proto__: null, ...options };
+    try {
+      const response = await createRequestWithJson(
+        method,
+        this.#baseUrl,
+        urlPath,
+        body,
+        this.#reqOptions
+      );
+      const data = await getResponseJson(response);
+      if (throws) {
+        return data;
+      }
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        /* c8 ignore next - Defensive fallback: response.statusCode is always defined in Node.js http/https */
+        status: response.statusCode ?? 200,
+        success: true
+      };
+    } catch (e) {
+      if (throws) {
+        throw e;
+      }
+      if (e instanceof ResponseError) {
+        const errorResult = await this.#handleApiError(e);
+        return {
+          cause: errorResult.cause,
+          data: void 0,
+          error: errorResult.error,
+          status: errorResult.status,
+          success: false
+        };
+      }
+      const errStr = e ? String(e).trim() : "";
+      return {
+        cause: errStr || UNKNOWN_ERROR,
+        data: void 0,
+        error: "API request failed",
+        status: 0,
+        success: false
+      };
+    }
+  }
+  /**
+   * Stream a full scan's results to file or stdout.
+   *
+   * Provides efficient streaming for large scan datasets without loading
+   * entire response into memory. Useful for processing large SBOMs.
+   *
+   * @param orgSlug - Organization identifier
+   * @param scanId - Full scan identifier
+   * @param options - Streaming options (output file path, stdout, or buffered)
+   * @returns Scan result with streaming response
+   *
+   * @example
+   * ```typescript
+   * // Stream to file
+   * await sdk.streamFullScan('my-org', 'scan_123', {
+   *   output: './scan-results.json'
+   * })
+   *
+   * // Stream to stdout
+   * await sdk.streamFullScan('my-org', 'scan_123', {
+   *   output: true
+   * })
+   *
+   * // Get buffered response
+   * const result = await sdk.streamFullScan('my-org', 'scan_123')
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getorgfullscan
+   * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}
+   * @quota 1 unit
+   * @scopes full-scans:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async streamFullScan(orgSlug, scanId, options) {
+    const { output } = {
+      __proto__: null,
+      ...options
+    };
+    try {
+      const req = getHttpModule(this.#baseUrl).request(
+        `${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(scanId)}`,
+        {
+          method: "GET",
+          ...this.#reqOptions
+        }
+      ).end();
+      const res = await getResponse(req);
+      if (!isResponseOk(res)) {
+        throw new ResponseError(res);
+      }
+      if (typeof output === "string") {
+        const writeStream = createWriteStream(output);
+        let bytesWritten = 0;
+        res.on("data", (chunk) => {
+          bytesWritten += chunk.length;
+          if (bytesWritten > MAX_STREAM_SIZE) {
+            res.destroy();
+            writeStream.destroy();
+            throw new Error(
+              `Response exceeds maximum stream size of ${MAX_STREAM_SIZE} bytes`
+            );
+          }
+        });
+        res.pipe(writeStream);
+        writeStream.on("error", (error) => {
+          throw new Error(`Failed to write to file: ${output}`, {
+            cause: error
+          });
+        });
+      } else if (output === true) {
+        let bytesWritten = 0;
+        res.on("data", (chunk) => {
+          bytesWritten += chunk.length;
+          if (bytesWritten > MAX_STREAM_SIZE) {
+            res.destroy();
+            throw new Error(
+              `Response exceeds maximum stream size of ${MAX_STREAM_SIZE} bytes`
+            );
+          }
+        });
+        res.pipe(process.stdout);
+        process.stdout.on("error", (error) => {
+          throw new Error("Failed to write to stdout", { cause: error });
+        });
+      }
+      return this.#handleApiSuccess(res);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Stream patches for artifacts in a scan report.
+   *
+   * This method streams all available patches for artifacts in a scan.
+   * Free tier users will only receive free patches.
+   *
+   * Note: This method returns a ReadableStream for processing large datasets.
+   */
+  async streamPatchesFromScan(orgSlug, scanId) {
+    const response = await this.#executeWithRetry(
+      async () => await createGetRequest(
+        this.#baseUrl,
+        `orgs/${encodeURIComponent(orgSlug)}/patches/scan?scan_id=${encodeURIComponent(scanId)}`,
+        this.#reqOptions
+      )
+    );
+    if (!isResponseOk(response)) {
+      throw new ResponseError(response, "GET Request failed");
+    }
+    const rli = readline.createInterface({
+      input: response,
+      crlfDelay: Number.POSITIVE_INFINITY
+    });
+    return new ReadableStream({
+      async start(controller) {
+        try {
+          for await (const line of rli) {
+            const trimmed = line.trim();
+            if (!trimmed) {
+              continue;
+            }
+            try {
+              const data = JSON.parse(trimmed);
+              controller.enqueue(data);
+            } catch (e) {
+              debugLog2("streamPatchesFromScan", `Failed to parse line: ${e}`);
+            }
+          }
+        } catch (error) {
+          controller.error(error);
+        } finally {
+          controller.close();
+        }
+      }
+    });
+  }
+  /**
+   * Update alert triage status for an organization.
+   * Modifies alert resolution status and triage decisions.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async updateOrgAlertTriage(orgSlug, alertId, triageData) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "PUT",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/triage/${encodeURIComponent(alertId)}`,
+            triageData,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Update organization's license policy configuration.* Modifies allowed, restricted, and monitored license types.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async updateOrgLicensePolicy(orgSlug, policyData, queryParams) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/settings/license-policy?${queryToSearchParams(queryParams)}`,
+            policyData,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Update configuration for a repository.
+   *
+   * Modifies monitoring settings, branch configuration, and scan preferences.
+   *
+   * @param orgSlug - Organization identifier
+   * @param repoSlug - Repository slug/name
+   * @param params - Configuration updates (description, homepage, default_branch, etc.)
+   * @returns Updated repository details
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.updateRepository('my-org', 'my-repo', {
+   *   description: 'Updated description',
+   *   default_branch: 'develop'
+   * })
+   *
+   * if (result.success) {
+   *   console.log('Repository updated:', result.data.name)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/updateorgrepo
+   * @apiEndpoint POST /orgs/{org_slug}/repos/{repo_slug}
+   * @quota 1 unit
+   * @scopes repo:write
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async updateRepository(orgSlug, repoSlug, params) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos/${encodeURIComponent(repoSlug)}`,
+            params,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Update a repository label for an organization.
+   *
+   * Modifies label properties like name. Label names must be non-empty and less than 1000 characters.
+   *
+   * @param orgSlug - Organization identifier
+   * @param labelId - Label identifier
+   * @param labelData - Label updates (typically name property)
+   * @returns Updated label with guaranteed id and name fields
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.updateRepositoryLabel('my-org', 'label-id-123', { name: 'staging' })
+   *
+   * if (result.success) {
+   *   console.log('Label updated:', result.data.name)
+   *   console.log('Label ID:', result.data.id)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/updateorgrepolabel
+   * @apiEndpoint PUT /orgs/{org_slug}/repos/labels/{label_id}
+   * @quota 1 unit
+   * @scopes repo-label:update
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async updateRepositoryLabel(orgSlug, labelId, labelData) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "PUT",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/repos/labels/${encodeURIComponent(labelId)}`,
+            labelData,
+            this.#reqOptions
+          )
+        )
+      );
+      return {
+        cause: void 0,
+        data,
+        error: void 0,
+        status: 200,
+        success: true
+      };
+    } catch (e) {
+      const errorResult = await this.#handleApiError(e);
+      return {
+        cause: errorResult.cause,
+        data: void 0,
+        error: errorResult.error,
+        status: errorResult.status,
+        success: false
+      };
+    }
+  }
+  /**
+   * Update organization's security policy configuration.* Modifies alert rules, severity thresholds, and enforcement settings.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async updateOrgSecurityPolicy(orgSlug, policyData) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createRequestWithJson(
+            "POST",
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/settings/security-policy`,
+            policyData,
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
+  /**
+   * Upload manifest files for dependency analysis.
+   * Processes package files to create dependency snapshots and security analysis.
+   *
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async uploadManifestFiles(orgSlug, filepaths, options) {
+    const { pathsRelativeTo = "." } = {
+      __proto__: null,
+      ...options
+    };
+    const basePath = resolveBasePath(pathsRelativeTo);
+    const absFilepaths = resolveAbsPaths(filepaths, basePath);
+    const { invalidPaths, validPaths } = validateFiles(absFilepaths);
+    if (this.#onFileValidation && invalidPaths.length > 0) {
+      const result = await this.#onFileValidation(validPaths, invalidPaths, {
+        operation: "uploadManifestFiles",
+        orgSlug
+      });
+      if (!result.shouldContinue) {
+        return {
+          error: result.errorMessage ?? "File validation failed",
+          status: 400,
+          success: false,
+          ...result.errorCause ? { cause: result.errorCause } : {}
+        };
+      }
+    }
+    if (!this.#onFileValidation && invalidPaths.length > 0) {
+      const samplePaths = invalidPaths.slice(0, 3).join("\n  - ");
+      const remaining = invalidPaths.length > 3 ? `
+  ... and ${invalidPaths.length - 3} more` : "";
+      console.warn(
+        `Warning: ${invalidPaths.length} files skipped (unreadable):
+  - ${samplePaths}${remaining}
 \u2192 This may occur with Yarn Berry PnP or pnpm symlinks.
-\u2192 Try: Run installation command to ensure files are accessible.`)}if(c.length===0){let u=i.slice(0,5).join(`
-  - `),l=i.length>5?`
-  ... and ${i.length-5} more`:"";return{cause:[`All ${i.length} files failed validation:`,`  - ${u}${l}`,"","\u2192 Common causes:","  \u2022 Yarn Berry PnP virtual filesystem (files are not on disk)","  \u2022 pnpm symlinks pointing to inaccessible locations","  \u2022 Incorrect file permissions","  \u2022 Files were deleted after discovery","","\u2192 Solutions:","  \u2022 Yarn Berry: Use `nodeLinker: node-modules` in .yarnrc.yml","  \u2022 pnpm: Use `node-linker=hoisted` in .npmrc","  \u2022 Check file permissions with: ls -la <file>","  \u2022 Run package manager install command"].join(`
-`),error:"No readable manifest files found",status:400,success:!1}}try{let u=await this.#r(async()=>await d(await v(this.#e,`orgs/${encodeURIComponent(t)}/upload-manifest-files`,F(c,n),this.#t)));return this.#n(u)}catch(u){return await this.#s(u)}}async viewPatch(t,e){return await d(await m(this.#e,`orgs/${encodeURIComponent(t)}/patches/view/${encodeURIComponent(e)}`,this.#t))}async downloadPatch(t,e){let s=await import("node:https"),r=await import("node:http"),n=`/blob/${encodeURIComponent(t)}`,i=`${e?.baseUrl||se}${n}`,c=i.startsWith("https:");return await new Promise((u,l)=>{(c?s:r).get(i,g=>{if(g.statusCode===404){let f=[`Blob not found: ${t}`,`\u2192 URL: ${i}`,"\u2192 The patch file may have expired or the hash is incorrect.","\u2192 Verify: The blob hash is correct.","\u2192 Note: Blob URLs may expire after a certain time period."].join(`
-`);l(new Error(f));return}if(g.statusCode!==200){let f=[`Failed to download blob: ${g.statusCode} ${g.statusMessage}`,`\u2192 Hash: ${t}`,`\u2192 URL: ${i}`,"\u2192 The blob storage service may be temporarily unavailable.",g.statusCode&&g.statusCode>=500?"\u2192 Try: Retry the download after a short delay.":"\u2192 Verify: The blob hash and URL are correct."].join(`
-`);l(new Error(f));return}let p="";g.on("data",f=>{p+=f}),g.on("end",()=>{u(p)}),g.on("error",f=>{l(f)})}).on("error",g=>{let p=g,f=[`Error downloading blob: ${t}`,`\u2192 URL: ${i}`,`\u2192 Network error: ${p.message}`];p.code==="ENOTFOUND"?f.push("\u2192 DNS lookup failed. Cannot resolve blob storage hostname.","\u2192 Check: Internet connection and DNS settings."):p.code==="ECONNREFUSED"?f.push("\u2192 Connection refused. Blob storage service is unreachable.","\u2192 Check: Network connectivity and firewall settings."):p.code==="ETIMEDOUT"?f.push("\u2192 Connection timed out.","\u2192 Try: Check network connectivity and retry."):p.code&&f.push(`\u2192 Error code: ${p.code}`),l(new Error(f.join(`
-`),{cause:g}))})})}};if(qe("heap")){let o=process.memoryUsage();ge("heap",`heap used: ${Math.round(o.heapUsed/1024/1024)}MB`)}export{q as DEFAULT_USER_AGENT,R as ResponseError,Y as SocketSdk,ue as calculateTotalQuotaCost,A as createDeleteRequest,m as createGetRequest,F as createRequestBodyForFilepaths,Ee as createRequestBodyForJson,y as createRequestWithJson,v as createUploadRequest,x as createUserAgentFromPkgJson,Ce as getAllMethodRequirements,L as getErrorResponseBody,P as getHttpModule,$e as getMethodRequirements,Ue as getMethodsByPermissions,Fe as getMethodsByQuotaCost,de as getQuotaCost,ve as getQuotaUsageSummary,xe as getRequiredPermissions,T as getResponse,d as getResponseJson,Le as hasQuotaForMethods,G as httpAgentNames,O as isResponseOk,Q as normalizeBaseUrl,z as promiseWithResolvers,fe as publicPolicy,k as queryToSearchParams,M as reshapeArtifactForPublicPolicy,U as resolveAbsPaths,I as resolveBasePath};
+\u2192 Try: Run installation command to ensure files are accessible.`
+      );
+    }
+    if (validPaths.length === 0) {
+      const samplePaths = invalidPaths.slice(0, 5).join("\n  - ");
+      const remaining = invalidPaths.length > 5 ? `
+  ... and ${invalidPaths.length - 5} more` : "";
+      return {
+        cause: [
+          `All ${invalidPaths.length} files failed validation:`,
+          `  - ${samplePaths}${remaining}`,
+          "",
+          "\u2192 Common causes:",
+          "  \u2022 Yarn Berry PnP virtual filesystem (files are not on disk)",
+          "  \u2022 pnpm symlinks pointing to inaccessible locations",
+          "  \u2022 Incorrect file permissions",
+          "  \u2022 Files were deleted after discovery",
+          "",
+          "\u2192 Solutions:",
+          "  \u2022 Yarn Berry: Use `nodeLinker: node-modules` in .yarnrc.yml",
+          "  \u2022 pnpm: Use `node-linker=hoisted` in .npmrc",
+          "  \u2022 Check file permissions with: ls -la <file>",
+          "  \u2022 Run package manager install command"
+        ].join("\n"),
+        error: "No readable manifest files found",
+        status: 400,
+        success: false
+      };
+    }
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createUploadRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/upload-manifest-files`,
+            createRequestBodyForFilepaths(validPaths, basePath),
+            this.#reqOptions
+          )
+        )
+      );
+      return this.#handleApiSuccess(
+        data
+      );
+    } catch (e) {
+      return await this.#handleApiError(
+        e
+      );
+    }
+  }
+  /**
+   * View detailed information about a specific patch by its UUID.
+   *
+   * This method retrieves comprehensive patch details including files,
+   * vulnerabilities, description, license, and tier information.
+   */
+  async viewPatch(orgSlug, uuid) {
+    const data = await getResponseJson(
+      await createGetRequest(
+        this.#baseUrl,
+        `orgs/${encodeURIComponent(orgSlug)}/patches/view/${encodeURIComponent(uuid)}`,
+        this.#reqOptions
+      )
+    );
+    return data;
+  }
+  /**
+   * Download patch file content by hash.
+   *
+   * Downloads the actual patched file content from the public Socket blob store.
+   * This is used after calling viewPatch() to get the patch metadata.
+   * No authentication is required as patch blobs are publicly accessible.
+   *
+   * @param hash - The blob hash in SSRI (sha256-base64) or hex format
+   * @param options - Optional configuration
+   * @param options.baseUrl - Override blob store URL (for testing)
+   * @returns Promise<string> - The patch file content as UTF-8 string
+   * @throws Error if blob not found (404) or download fails
+   *
+   * @example
+   * ```typescript
+   * const sdk = new SocketSdk('your-api-token')
+   * // First get patch metadata
+   * const patch = await sdk.viewPatch('my-org', 'patch-uuid')
+   * // Then download the actual patched file
+   * const fileContent = await sdk.downloadPatch(patch.files['index.js'].socketBlob)
+   * ```
+   */
+  async downloadPatch(hash, options) {
+    const https2 = await import("node:https");
+    const http2 = await import("node:http");
+    const blobPath = `/blob/${encodeURIComponent(hash)}`;
+    const blobBaseUrl = options?.baseUrl || SOCKET_PUBLIC_BLOB_STORE_URL;
+    const url = `${blobBaseUrl}${blobPath}`;
+    const isHttps = url.startsWith("https:");
+    return await new Promise((resolve, reject) => {
+      const client = isHttps ? https2 : http2;
+      client.get(url, (res) => {
+        if (res.statusCode === 404) {
+          const message = [
+            `Blob not found: ${hash}`,
+            `\u2192 URL: ${url}`,
+            "\u2192 The patch file may have expired or the hash is incorrect.",
+            "\u2192 Verify: The blob hash is correct.",
+            "\u2192 Note: Blob URLs may expire after a certain time period."
+          ].join("\n");
+          reject(new Error(message));
+          return;
+        }
+        if (res.statusCode !== 200) {
+          const message = [
+            `Failed to download blob: ${res.statusCode} ${res.statusMessage}`,
+            `\u2192 Hash: ${hash}`,
+            `\u2192 URL: ${url}`,
+            "\u2192 The blob storage service may be temporarily unavailable.",
+            res.statusCode && res.statusCode >= 500 ? "\u2192 Try: Retry the download after a short delay." : "\u2192 Verify: The blob hash and URL are correct."
+          ].join("\n");
+          reject(new Error(message));
+          return;
+        }
+        let data = "";
+        res.on("data", (chunk) => {
+          data += chunk;
+        });
+        res.on("end", () => {
+          resolve(data);
+        });
+        res.on("error", (err) => {
+          reject(err);
+        });
+      }).on("error", (err) => {
+        const nodeErr = err;
+        const message = [
+          `Error downloading blob: ${hash}`,
+          `\u2192 URL: ${url}`,
+          `\u2192 Network error: ${nodeErr.message}`
+        ];
+        if (nodeErr.code === "ENOTFOUND") {
+          message.push(
+            "\u2192 DNS lookup failed. Cannot resolve blob storage hostname.",
+            "\u2192 Check: Internet connection and DNS settings."
+          );
+        } else if (nodeErr.code === "ECONNREFUSED") {
+          message.push(
+            "\u2192 Connection refused. Blob storage service is unreachable.",
+            "\u2192 Check: Network connectivity and firewall settings."
+          );
+        } else if (nodeErr.code === "ETIMEDOUT") {
+          message.push(
+            "\u2192 Connection timed out.",
+            "\u2192 Try: Check network connectivity and retry."
+          );
+        } else if (nodeErr.code) {
+          message.push(`\u2192 Error code: ${nodeErr.code}`);
+        }
+        reject(new Error(message.join("\n"), { cause: err }));
+      });
+    });
+  }
+};
+if (isDebugNs("heap")) {
+  const used = process.memoryUsage();
+  debugLog2("heap", `heap used: ${Math.round(used.heapUsed / 1024 / 1024)}MB`);
+}
+export {
+  DEFAULT_USER_AGENT,
+  ResponseError,
+  SocketSdk,
+  calculateTotalQuotaCost,
+  createDeleteRequest,
+  createGetRequest,
+  createRequestBodyForFilepaths,
+  createRequestBodyForJson,
+  createRequestWithJson,
+  createUploadRequest,
+  createUserAgentFromPkgJson,
+  getAllMethodRequirements,
+  getErrorResponseBody,
+  getHttpModule,
+  getMethodRequirements,
+  getMethodsByPermissions,
+  getMethodsByQuotaCost,
+  getQuotaCost,
+  getQuotaUsageSummary,
+  getRequiredPermissions,
+  getResponse,
+  getResponseJson,
+  hasQuotaForMethods,
+  httpAgentNames,
+  isResponseOk,
+  normalizeBaseUrl,
+  promiseWithResolvers,
+  publicPolicy,
+  queryToSearchParams,
+  reshapeArtifactForPublicPolicy,
+  resolveAbsPaths,
+  resolveBasePath
+};