@socketsecurity/sdk 3.1.3 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/CHANGELOG.md +51 -3
  2. package/README.md +5 -129
  3. package/dist/constants.d.ts +4 -1
  4. package/dist/file-upload.d.ts +7 -8
  5. package/dist/http-client.d.ts +31 -27
  6. package/dist/index.d.ts +4 -4
  7. package/dist/index.js +2964 -22582
  8. package/dist/promise-queue.d.ts +9 -9
  9. package/dist/socket-sdk-class.d.ts +556 -172
  10. package/dist/testing.d.ts +9 -9
  11. package/dist/testing.js +0 -1
  12. package/dist/types-strict.d.ts +180 -144
  13. package/dist/types.d.ts +71 -12
  14. package/dist/utils.d.ts +61 -0
  15. package/package.json +14 -5
  16. package/types/api.d.ts +2690 -234
package/types/api.d.ts CHANGED
@@ -7,12 +7,17 @@ export interface paths {
7
7
  '/purl': {
8
8
  /**
9
9
  * Get Packages by PURL
10
- * @description Batch retrieval of package metadata and alerts by PURL strings. Compatible witch CycloneDX reports.
10
+ * @deprecated
11
+ * @description **This endpoint is deprecated.** Deprecated since 2026-01-05. It will be removed on 2026-07-30.
12
+ *
13
+ * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
11
14
  *
12
15
  * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
13
16
  * CycloneDX SBOMs use the purl format to identify components.
14
17
  * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report.
15
18
  *
19
+ * **Note:** This endpoint has a batch size limit (default: 1024 PURLs per request). Requests exceeding this limit will return a 400 Bad Request error.
20
+ *
16
21
  * More information on purl and CycloneDX:
17
22
  *
18
23
  * - [`purl` Spec](https://github.com/package-url/purl-spec)
@@ -133,7 +138,7 @@ export interface paths {
133
138
  *
134
139
  * To get a list of supported filetypes that can be uploaded in a full-scan, see the [Get supported file types](/reference/getsupportedfiles) endpoint.
135
140
  *
136
- * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
141
+ * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
137
142
  *
138
143
  * **Query Parameters:**
139
144
  * - `scan_type` (optional): The type of scan to perform. Defaults to 'socket'. Must be 32 characters or less. Used for categorizing multiple SBOM heads per repository branch.
@@ -212,6 +217,46 @@ export interface paths {
212
217
  */
213
218
  get: operations['GetOrgFullScanDiffGfm']
214
219
  }
220
+ '/orgs/{org_slug}/full-scans/{full_scan_id}/files/tar': {
221
+ /**
222
+ * Download full scan files as tarball
223
+ * @description Download all files associated with a full scan in tar format.
224
+ *
225
+ * This endpoint consumes 1 unit of your quota.
226
+ *
227
+ * This endpoint requires the following org token scopes:
228
+ * - full-scans:list
229
+ */
230
+ get: operations['downloadOrgFullScanFilesAsTar']
231
+ }
232
+ '/orgs/{org_slug}/full-scans/archive': {
233
+ /**
234
+ * Create full scan from archive
235
+ * @description Create a full scan by uploading one or more archives. Supported archive formats include **.tar**, **.tar.gz/.tgz**, and **.zip**.
236
+ *
237
+ * Each uploaded archive is extracted server-side and any supported manifest files (like package.json, package-lock.json, pnpm-lock.yaml, etc.) are ingested for the scan. If you upload multiple archives in a single request, the manifests from every archive are merged into one full scan. The response includes any files that were ignored.
238
+ *
239
+ * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 268 MB.
240
+ *
241
+ * This endpoint consumes 1 unit of your quota.
242
+ *
243
+ * This endpoint requires the following org token scopes:
244
+ * - full-scans:create
245
+ */
246
+ post: operations['CreateOrgFullScanArchive']
247
+ }
248
+ '/orgs/{org_slug}/full-scans/{full_scan_id}/rescan': {
249
+ /**
250
+ * Rescan full scan
251
+ * @description Create a new full scan by rescanning an existing scan. A "shallow" rescan reapplies the latest policies to the previously cached dependency resolution results. A "deep" rescan reruns dependency resolution and applies the latest policies to the results.
252
+ *
253
+ * This endpoint consumes 1 unit of your quota.
254
+ *
255
+ * This endpoint requires the following org token scopes:
256
+ * - full-scans:create
257
+ */
258
+ post: operations['rescanOrgFullScan']
259
+ }
215
260
  '/orgs/{org_slug}/export/cdx/{id}': {
216
261
  /**
217
262
  * Export CycloneDX SBOM (Beta)
@@ -238,6 +283,31 @@ export interface paths {
238
283
  */
239
284
  get: operations['exportCDX']
240
285
  }
286
+ '/orgs/{org_slug}/export/openvex/{id}': {
287
+ /**
288
+ * Export OpenVEX Document (Beta)
289
+ * @description Export vulnerability exploitability data as an OpenVEX v0.2.0 document.
290
+ *
291
+ * OpenVEX (Vulnerability Exploitability eXchange) documents communicate the
292
+ * exploitability status of vulnerabilities in software products. This export
293
+ * includes:
294
+ *
295
+ * - **Patch data**: Vulnerabilities fixed by applied Socket patches are marked as "fixed"
296
+ * - **Reachability analysis**: Code reachability determines if vulnerable code is exploitable:
297
+ * - Unreachable code → "not_affected" with justification
298
+ * - Reachable code → "affected"
299
+ * - Unknown/pending → "under_investigation"
300
+ *
301
+ * Each statement in the document represents a single artifact-vulnerability pair
302
+ * for granular reachability information.
303
+ *
304
+ * This endpoint consumes 1 unit of your quota.
305
+ *
306
+ * This endpoint requires the following org token scopes:
307
+ * - report:read
308
+ */
309
+ get: operations['exportOpenVEX']
310
+ }
241
311
  '/orgs/{org_slug}/export/spdx/{id}': {
242
312
  /**
243
313
  * Export SPDX SBOM (Beta)
@@ -317,7 +387,7 @@ export interface paths {
317
387
  * Returns metadata about the diff scan. Once the diff scan is created, fetch the diff scan from
318
388
  * the [api_url](/reference/getDiffScanById) URL to get the contents of the diff.
319
389
  *
320
- * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
390
+ * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
321
391
  *
322
392
  * This endpoint consumes 1 unit of your quota.
323
393
  *
@@ -901,6 +971,271 @@ export interface paths {
901
971
  */
902
972
  get: operations['getOrgThreatFeedItems']
903
973
  }
974
+ '/orgs/{org_slug}/purl': {
975
+ /**
976
+ * Get Packages by PURL (Org Scoped)
977
+ * @description Batch retrieval of package metadata and alerts by PURL strings for a specific organization. Compatible with CycloneDX reports.
978
+ *
979
+ * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
980
+ * CycloneDX SBOMs use the purl format to identify components.
981
+ * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report.
982
+ *
983
+ * **Note:** This endpoint has a batch size limit (default: 1024 PURLs per request). Requests exceeding this limit will return a 400 Bad Request error.
984
+ *
985
+ * More information on purl and CycloneDX:
986
+ *
987
+ * - [`purl` Spec](https://github.com/package-url/purl-spec)
988
+ * - [CycloneDX Spec](https://cyclonedx.org/specification/overview/#components)
989
+ *
990
+ * This endpoint returns the latest available alert data for artifacts in the batch (stale while revalidate).
991
+ * Actively running analysis will be returned when available on subsequent runs.
992
+ *
993
+ * ## Query Parameters
994
+ *
995
+ * This endpoint supports all query parameters from `POST /v0/purl` including: `alerts`, `actions`, `compact`, `fixable`, `licenseattrib`, `licensedetails`, `purlErrors`, `cachedResultsOnly`, and `summary`.
996
+ *
997
+ * Additionally, you may provide a `labels` query parameter to apply a repository label's security policies. Pass the label slug as the value (e.g., `?labels=production`). Only one label is currently supported.
998
+ *
999
+ * ## Examples:
1000
+ *
1001
+ * ### Looking up an npm package:
1002
+ *
1003
+ * ```json
1004
+ * {
1005
+ * "components": [
1006
+ * {
1007
+ * "purl": "pkg:npm/express@4.19.2"
1008
+ * }
1009
+ * ]
1010
+ * }
1011
+ * ```
1012
+ *
1013
+ * ### Looking up a PyPi package:
1014
+ *
1015
+ * ```json
1016
+ * {
1017
+ * "components": [
1018
+ * {
1019
+ * "purl": "pkg:pypi/django@5.0.6"
1020
+ * }
1021
+ * ]
1022
+ * }
1023
+ * ```
1024
+ *
1025
+ * ### Looking up a Maven package:
1026
+ *
1027
+ * ```json
1028
+ * {
1029
+ * "components": [
1030
+ * {
1031
+ * "purl": "pkg:maven/log4j/log4j@1.2.17"
1032
+ * }
1033
+ * ]
1034
+ * }
1035
+ * ```
1036
+ *
1037
+ * ### Batch lookup
1038
+ *
1039
+ * ```json
1040
+ * {
1041
+ * "components": [
1042
+ * {
1043
+ * "purl": "pkg:npm/express@4.19.2"
1044
+ * },
1045
+ * {
1046
+ * "purl": "pkg:pypi/django@5.0.6"
1047
+ * },
1048
+ * {
1049
+ * "purl": "pkg:maven/log4j/log4j@1.2.17"
1050
+ * }
1051
+ * ]
1052
+ * }
1053
+ * ```
1054
+ *
1055
+ * ### With label and options (query parameters):
1056
+ *
1057
+ * ```
1058
+ * POST /v0/orgs/{org_slug}/purl?labels=production&alerts=true&compact=true
1059
+ * {
1060
+ * "components": [
1061
+ * {
1062
+ * "purl": "pkg:npm/express@4.19.2"
1063
+ * }
1064
+ * ]
1065
+ * }
1066
+ * ```
1067
+ *
1068
+ * This endpoint consumes 100 units of your quota.
1069
+ *
1070
+ * This endpoint requires the following org token scopes:
1071
+ * - packages:list
1072
+ */
1073
+ post: operations['batchPackageFetchByOrg']
1074
+ }
1075
+ '/orgs/{org_slug}/fixes': {
1076
+ /**
1077
+ * Fetch fixes for vulnerabilities in a repository or scan
1078
+ * @description Fetches available fixes for vulnerabilities in a repository or scan.
1079
+ * Requires either repo_slug or full_scan_id as well as vulnerability_ids to be provided.
1080
+ * vulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities.
1081
+ *
1082
+ * ## Response Structure
1083
+ *
1084
+ * The response contains a `fixDetails` object where each key is a vulnerability ID (GHSA or CVE) and the value is a discriminated union based on the `type` field.
1085
+ *
1086
+ * ### Common Fields
1087
+ *
1088
+ * All response variants include:
1089
+ * - `type`: Discriminator field (one of: "fixFound", "partialFixFound", "noFixAvailable", "fixNotApplicable", "errorComputingFix")
1090
+ * - `value`: Object containing the variant-specific data
1091
+ *
1092
+ * The `value` object always contains:
1093
+ * - `ghsa`: string | null - The GHSA ID
1094
+ * - `cve`: string | null - The CVE ID (if available)
1095
+ * - `advisoryDetails`: object | null - Advisory details (only if include_details=true)
1096
+ *
1097
+ * ### Response Variants
1098
+ *
1099
+ * **fixFound**: A complete fix is available for all vulnerable packages
1100
+ * - `value.fixDetails.fixes`: Array of fix objects, each containing:
1101
+ * - `purl`: Package URL to upgrade
1102
+ * - `fixedVersion`: Version to upgrade to
1103
+ * - `manifestFiles`: Array of manifest files containing the package
1104
+ * - `updateType`: "patch" | "minor" | "major" | "unknown"
1105
+ * - `value.fixDetails.responsibleDirectDependencies`: (optional) Map of direct dependencies responsible for the vulnerability
1106
+ *
1107
+ * **partialFixFound**: Fixes available for some but not all vulnerable packages
1108
+ * - Same as fixFound, plus:
1109
+ * - `value.fixDetails.unfixablePurls`: Array of packages that cannot be fixed, each containing:
1110
+ * - `purl`: Package URL
1111
+ * - `manifestFiles`: Array of manifest files
1112
+ *
1113
+ * **noFixAvailable**: No fix exists for this vulnerability (no patched version published)
1114
+ *
1115
+ * **fixNotApplicable**: A fix exists but cannot be applied due to version constraints
1116
+ * - `value.vulnerableArtifacts`: Array of vulnerable packages with their manifest files
1117
+ *
1118
+ * **errorComputingFix**: An error occurred while computing fixes
1119
+ * - `value.message`: Error description
1120
+ *
1121
+ * ### Advisory Details (when include_details=true)
1122
+ *
1123
+ * - `title`: string | null
1124
+ * - `description`: string | null
1125
+ * - `cwes`: string[] - CWE identifiers
1126
+ * - `severity`: "LOW" | "MODERATE" | "HIGH" | "CRITICAL"
1127
+ * - `cvssVector`: string | null
1128
+ * - `publishedAt`: string (ISO date)
1129
+ * - `kev`: boolean - Whether it's a Known Exploited Vulnerability
1130
+ * - `epss`: number | null - Exploit Prediction Scoring System score
1131
+ * - `affectedPurls`: Array of affected packages with version ranges
1132
+ *
1133
+ * This endpoint consumes 10 units of your quota.
1134
+ *
1135
+ * This endpoint requires the following org token scopes:
1136
+ * - fixes:list
1137
+ */
1138
+ get: operations['fetch-fixes']
1139
+ }
1140
+ '/orgs/{org_slug}/telemetry/config': {
1141
+ /**
1142
+ * Get Organization Telemetry Config
1143
+ * @description Retrieve the telemetry config of an organization.
1144
+ *
1145
+ * This endpoint consumes 1 unit of your quota.
1146
+ *
1147
+ * This endpoint requires the following org token scopes:
1148
+ */
1149
+ get: operations['getOrgTelemetryConfig']
1150
+ /**
1151
+ * Update Telemetry Config
1152
+ * @description Update the telemetry config of an organization.
1153
+ *
1154
+ * This endpoint consumes 1 unit of your quota.
1155
+ *
1156
+ * This endpoint requires the following org token scopes:
1157
+ * - telemetry-policy:update
1158
+ */
1159
+ put: operations['updateOrgTelemetryConfig']
1160
+ }
1161
+ '/orgs/{org_slug}/webhooks': {
1162
+ /**
1163
+ * List all webhooks
1164
+ * @description List all webhooks in the specified organization.
1165
+ *
1166
+ * This endpoint consumes 1 unit of your quota.
1167
+ *
1168
+ * This endpoint requires the following org token scopes:
1169
+ * - webhooks:list
1170
+ */
1171
+ get: operations['getOrgWebhooksList']
1172
+ /**
1173
+ * Create a webhook
1174
+ * @description Create a new webhook. Returns the created webhook details.
1175
+ *
1176
+ * This endpoint consumes 1 unit of your quota.
1177
+ *
1178
+ * This endpoint requires the following org token scopes:
1179
+ * - webhooks:create
1180
+ */
1181
+ post: operations['createOrgWebhook']
1182
+ }
1183
+ '/orgs/{org_slug}/webhooks/{webhook_id}': {
1184
+ /**
1185
+ * Get webhook
1186
+ * @description Get a webhook for the specified organization.
1187
+ *
1188
+ * This endpoint consumes 1 unit of your quota.
1189
+ *
1190
+ * This endpoint requires the following org token scopes:
1191
+ * - webhooks:list
1192
+ */
1193
+ get: operations['getOrgWebhook']
1194
+ /**
1195
+ * Update webhook
1196
+ * @description Update details of an existing webhook.
1197
+ *
1198
+ * This endpoint consumes 1 unit of your quota.
1199
+ *
1200
+ * This endpoint requires the following org token scopes:
1201
+ * - webhooks:update
1202
+ */
1203
+ put: operations['updateOrgWebhook']
1204
+ /**
1205
+ * Delete webhook
1206
+ * @description Delete a webhook. This will stop all future webhook deliveries to the webhook URL.
1207
+ *
1208
+ * This endpoint consumes 1 unit of your quota.
1209
+ *
1210
+ * This endpoint requires the following org token scopes:
1211
+ * - webhooks:delete
1212
+ */
1213
+ delete: operations['deleteOrgWebhook']
1214
+ }
1215
+ '/orgs/{org_slug}/alerts': {
1216
+ /**
1217
+ * List latest alerts (Beta)
1218
+ * @description List latest alerts.
1219
+ *
1220
+ * This endpoint consumes 10 units of your quota.
1221
+ *
1222
+ * This endpoint requires the following org token scopes:
1223
+ * - alerts:list
1224
+ */
1225
+ get: operations['alertsList']
1226
+ }
1227
+ '/orgs/{org_slug}/alert-full-scan-search': {
1228
+ /**
1229
+ * List full scans associated with alert (Beta)
1230
+ * @description List full scans associated with alert.
1231
+ *
1232
+ * This endpoint consumes 10 units of your quota.
1233
+ *
1234
+ * This endpoint requires the following org token scopes:
1235
+ * - alerts:list
1236
+ */
1237
+ get: operations['alertFullScans']
1238
+ }
904
1239
  '/license-policy': {
905
1240
  /**
906
1241
  * License Policy (Beta)
@@ -1502,7 +1837,12 @@ export interface components {
1502
1837
  _type: 'purlError'
1503
1838
  value: components['schemas']['PurlErrorSchema']
1504
1839
  }
1505
- SocketBatchPURLFetch: {
1840
+ | {
1841
+ /** @enum {string} */
1842
+ _type: 'summary'
1843
+ value: components['schemas']['PurlSummarySchema']
1844
+ }
1845
+ SocketOrgBatchPURLFetch: {
1506
1846
  components: Array<components['schemas']['SocketBatchPURLRequest']>
1507
1847
  }
1508
1848
  SocketArtifact: components['schemas']['SocketPURL'] &
@@ -1679,6 +2019,25 @@ export interface components {
1679
2019
  }
1680
2020
  }>
1681
2021
  }
2022
+ OpenVEXDocumentSchema: {
2023
+ /** @default https://openvex.dev/ns/v0.2.0 */
2024
+ '@context': string
2025
+ /** @default */
2026
+ '@id': string
2027
+ /** @default Socket Security */
2028
+ author: string
2029
+ /** @default */
2030
+ timestamp: string
2031
+ /** @default 1 */
2032
+ version: number
2033
+ statements: Array<components['schemas']['OpenVEXStatementSchema']>
2034
+ /** @default VEX Generator */
2035
+ role?: string
2036
+ /** @default */
2037
+ last_updated?: string
2038
+ /** @default Socket Security VEX Generator */
2039
+ tooling?: string
2040
+ }
1682
2041
  SPDXManifestSchema: {
1683
2042
  /** @default SPDX-2.3 */
1684
2043
  spdxVersion: string
@@ -1884,6 +2243,18 @@ export interface components {
1884
2243
  /** @default */
1885
2244
  inputPurl: string
1886
2245
  }
2246
+ PurlSummarySchema: {
2247
+ /** @default 0 */
2248
+ purl_input: number
2249
+ /** @default 0 */
2250
+ resolved: number
2251
+ errors: {
2252
+ /** @default 0 */
2253
+ purl_malformed: number
2254
+ /** @default 0 */
2255
+ package_not_found: number
2256
+ }
2257
+ }
1887
2258
  SocketBatchPURLRequest: {
1888
2259
  /** @default */
1889
2260
  purl: string
@@ -2281,6 +2652,32 @@ export interface components {
2281
2652
  }>
2282
2653
  components?: Array<components['schemas']['CDXComponentSchema']>
2283
2654
  }
2655
+ OpenVEXStatementSchema: {
2656
+ vulnerability: components['schemas']['OpenVEXVulnerabilitySchema']
2657
+ products: Array<components['schemas']['OpenVEXProductSchema']>
2658
+ /** @default affected */
2659
+ status: string
2660
+ /** @default */
2661
+ '@id'?: string
2662
+ /** @default 0 */
2663
+ version?: number
2664
+ /** @default */
2665
+ timestamp?: string
2666
+ /** @default */
2667
+ last_updated?: string
2668
+ /** @default */
2669
+ supplier?: string
2670
+ /** @default */
2671
+ status_notes?: string
2672
+ /** @default */
2673
+ justification?: string
2674
+ /** @default */
2675
+ impact_statement?: string
2676
+ /** @default */
2677
+ action_statement?: string
2678
+ /** @default */
2679
+ action_statement_timestamp?: string
2680
+ }
2284
2681
  LicenseAllowListElabbed: {
2285
2682
  strings: string[]
2286
2683
  classes: string[]
@@ -2897,6 +3294,19 @@ export interface components {
2897
3294
  usage?: components['schemas']['SocketUsageRef']
2898
3295
  }
2899
3296
  }
3297
+ | {
3298
+ /** @enum {string} */
3299
+ type?: 'tooManyFiles'
3300
+ value?: components['schemas']['SocketIssueBasics'] & {
3301
+ /** @default */
3302
+ description: string
3303
+ props: {
3304
+ /** @default 0 */
3305
+ fileCount: number
3306
+ }
3307
+ usage?: components['schemas']['SocketUsageRef']
3308
+ }
3309
+ }
2900
3310
  | {
2901
3311
  /** @enum {string} */
2902
3312
  type?: 'generic'
@@ -3026,31 +3436,46 @@ export interface components {
3026
3436
  }
3027
3437
  | {
3028
3438
  /** @enum {string} */
3029
- type?: 'licenseSpdxDisj'
3439
+ type?: 'recentlyPublished'
3030
3440
  value?: components['schemas']['SocketIssueBasics'] & {
3031
3441
  /** @default */
3032
3442
  description: string
3033
3443
  props: {
3034
3444
  /** @default */
3035
- spdxDisj: string
3445
+ publishedAt: string
3036
3446
  /** @default */
3037
- licenseScanResult: string
3038
- violationData: Array<Record<string, never>>
3039
- warnData: Array<Record<string, never>>
3040
- monitorData: Array<Record<string, never>>
3447
+ checkedAt: string
3041
3448
  }
3042
3449
  usage?: components['schemas']['SocketUsageRef']
3043
3450
  }
3044
3451
  }
3045
3452
  | {
3046
3453
  /** @enum {string} */
3047
- type?: 'unsafeCopyright'
3454
+ type?: 'licenseSpdxDisj'
3048
3455
  value?: components['schemas']['SocketIssueBasics'] & {
3049
3456
  /** @default */
3050
3457
  description: string
3051
- props: Record<string, never>
3052
- usage?: components['schemas']['SocketUsageRef']
3053
- }
3458
+ props: {
3459
+ /** @default */
3460
+ spdxDisj: string
3461
+ /** @default */
3462
+ licenseScanResult: string
3463
+ violationData: Array<Record<string, never>>
3464
+ warnData: Array<Record<string, never>>
3465
+ monitorData: Array<Record<string, never>>
3466
+ }
3467
+ usage?: components['schemas']['SocketUsageRef']
3468
+ }
3469
+ }
3470
+ | {
3471
+ /** @enum {string} */
3472
+ type?: 'unsafeCopyright'
3473
+ value?: components['schemas']['SocketIssueBasics'] & {
3474
+ /** @default */
3475
+ description: string
3476
+ props: Record<string, never>
3477
+ usage?: components['schemas']['SocketUsageRef']
3478
+ }
3054
3479
  }
3055
3480
  | {
3056
3481
  /** @enum {string} */
@@ -4229,6 +4654,7 @@ export interface components {
4229
4654
  * @enum {string}
4230
4655
  */
4231
4656
  SocketPURL_Type:
4657
+ | 'alpm'
4232
4658
  | 'apk'
4233
4659
  | 'bitbucket'
4234
4660
  | 'cocoapods'
@@ -4256,8 +4682,10 @@ export interface components {
4256
4682
  | 'pub'
4257
4683
  | 'pypi'
4258
4684
  | 'rpm'
4685
+ | 'socket'
4259
4686
  | 'swid'
4260
4687
  | 'swift'
4688
+ | 'vscode'
4261
4689
  | 'unknown'
4262
4690
  /**
4263
4691
  * @default low
@@ -4303,6 +4731,22 @@ export interface components {
4303
4731
  /** @description Reachability analysis results for each vulnerability */
4304
4732
  results: Array<components['schemas']['ReachabilityResultItem']>
4305
4733
  }
4734
+ OpenVEXVulnerabilitySchema: {
4735
+ /** @default */
4736
+ name: string
4737
+ /** @default */
4738
+ '@id'?: string
4739
+ /** @default */
4740
+ description?: string
4741
+ aliases?: string[]
4742
+ }
4743
+ OpenVEXProductSchema: {
4744
+ /** @default */
4745
+ '@id': string
4746
+ identifiers?: components['schemas']['OpenVEXIdentifiersSchema']
4747
+ hashes?: components['schemas']['OpenVEXHashesSchema']
4748
+ subcomponents?: Array<components['schemas']['OpenVEXComponentSchema']>
4749
+ }
4306
4750
  SocketIssueBasics: {
4307
4751
  severity: components['schemas']['SocketIssueSeverity']
4308
4752
  category: components['schemas']['SocketCategory']
@@ -4358,6 +4802,46 @@ export interface components {
4358
4802
  */
4359
4803
  subprojectPath?: string
4360
4804
  }
4805
+ OpenVEXIdentifiersSchema: {
4806
+ /** @default */
4807
+ purl?: string
4808
+ /** @default */
4809
+ cpe23?: string
4810
+ /** @default */
4811
+ cpe22?: string
4812
+ }
4813
+ OpenVEXHashesSchema: {
4814
+ /** @default */
4815
+ md5?: string
4816
+ /** @default */
4817
+ sha1?: string
4818
+ /** @default */
4819
+ 'sha-256'?: string
4820
+ /** @default */
4821
+ 'sha-384'?: string
4822
+ /** @default */
4823
+ 'sha-512'?: string
4824
+ /** @default */
4825
+ 'sha3-224'?: string
4826
+ /** @default */
4827
+ 'sha3-256'?: string
4828
+ /** @default */
4829
+ 'sha3-384'?: string
4830
+ /** @default */
4831
+ 'sha3-512'?: string
4832
+ /** @default */
4833
+ 'blake2s-256'?: string
4834
+ /** @default */
4835
+ 'blake2b-256'?: string
4836
+ /** @default */
4837
+ 'blake2b-512'?: string
4838
+ }
4839
+ OpenVEXComponentSchema: {
4840
+ /** @default */
4841
+ '@id'?: string
4842
+ identifiers?: components['schemas']['OpenVEXIdentifiersSchema']
4843
+ hashes?: components['schemas']['OpenVEXHashesSchema']
4844
+ }
4361
4845
  SocketRefList: Array<components['schemas']['SocketRef']>
4362
4846
  SocketRefFile: {
4363
4847
  /** @default */
@@ -4627,6 +5111,19 @@ export interface components {
4627
5111
  }
4628
5112
  }
4629
5113
  }
5114
+ /** @description Resource already exists */
5115
+ SocketConflict: {
5116
+ content: {
5117
+ 'application/json': {
5118
+ error: {
5119
+ /** @default */
5120
+ message: string
5121
+ /** @default null */
5122
+ details: Record<string, unknown> | null
5123
+ }
5124
+ }
5125
+ }
5126
+ }
4630
5127
  /** @description Gone */
4631
5128
  SocketGone: {
4632
5129
  content: {
@@ -4654,12 +5151,17 @@ export type external = Record<string, never>
4654
5151
  export interface operations {
4655
5152
  /**
4656
5153
  * Get Packages by PURL
4657
- * @description Batch retrieval of package metadata and alerts by PURL strings. Compatible witch CycloneDX reports.
5154
+ * @deprecated
5155
+ * @description **This endpoint is deprecated.** Deprecated since 2026-01-05. It will be removed on 2026-07-30.
5156
+ *
5157
+ * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
4658
5158
  *
4659
5159
  * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
4660
5160
  * CycloneDX SBOMs use the purl format to identify components.
4661
5161
  * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report.
4662
5162
  *
5163
+ * **Note:** This endpoint has a batch size limit (default: 1024 PURLs per request). Requests exceeding this limit will return a 400 Bad Request error.
5164
+ *
4663
5165
  * More information on purl and CycloneDX:
4664
5166
  *
4665
5167
  * - [`purl` Spec](https://github.com/package-url/purl-spec)
@@ -4736,7 +5238,7 @@ export interface operations {
4736
5238
  alerts?: boolean
4737
5239
  /** @description Include only alerts with comma separated actions defined by security policy. */
4738
5240
  actions?: Array<'error' | 'monitor' | 'warn' | 'ignore'>
4739
- /** @description Compact metadata. */
5241
+ /** @description Compact metadata. When enabled, excludes metadata fields like author, scores, size, dependencies, and manifest files. Always includes: id, type, name, version, release, namespace, subpath, alerts, and alertPriorities. */
4740
5242
  compact?: boolean
4741
5243
  /** @description Include only fixable alerts. */
4742
5244
  fixable?: boolean
@@ -4746,11 +5248,15 @@ export interface operations {
4746
5248
  licensedetails?: boolean
4747
5249
  /** @description Return errors found with handling PURLs as error objects in the stream. */
4748
5250
  purlErrors?: boolean
5251
+ /** @description Return only cached results, do not attempt to scan new artifacts or rescan stale results. */
5252
+ cachedResultsOnly?: boolean
5253
+ /** @description Include a summary object at the end of the stream with counts of malformed, resolved, and not found PURLs. */
5254
+ summary?: boolean
4749
5255
  }
4750
5256
  }
4751
5257
  requestBody?: {
4752
5258
  content: {
4753
- 'application/json': components['schemas']['SocketBatchPURLFetch']
5259
+ 'application/json': components['schemas']['SocketOrgBatchPURLFetch']
4754
5260
  }
4755
5261
  }
4756
5262
  responses: {
@@ -5000,7 +5506,7 @@ export interface operations {
5000
5506
  *
5001
5507
  * To get a list of supported filetypes that can be uploaded in a full-scan, see the [Get supported file types](/reference/getsupportedfiles) endpoint.
5002
5508
  *
5003
- * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
5509
+ * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
5004
5510
  *
5005
5511
  * **Query Parameters:**
5006
5512
  * - `scan_type` (optional): The type of scan to perform. Defaults to 'socket'. Must be 32 characters or less. Used for categorizing multiple SBOM heads per repository branch.
@@ -5025,10 +5531,16 @@ export interface operations {
5025
5531
  commit_hash?: string
5026
5532
  /** @description The pull request number to associate the full-scan with. */
5027
5533
  pull_request?: number
5028
- /** @description The committers to associate the full-scan with. Set query more than once to set multiple. */
5534
+ /** @description The committers to associate with the full-scan. Set query more than once to set multiple. */
5029
5535
  committers?: string
5030
5536
  /** @description The integration type to associate the full-scan with. Defaults to "Api" if omitted. */
5031
- integration_type?: 'api' | 'github' | 'gitlab' | 'bitbucket' | 'azure'
5537
+ integration_type?:
5538
+ | 'api'
5539
+ | 'github'
5540
+ | 'gitlab'
5541
+ | 'bitbucket'
5542
+ | 'azure'
5543
+ | 'web'
5032
5544
  /** @description The integration org slug to associate the full-scan with. If omitted, the Socket org name will be used. This is used to generate links and badges. */
5033
5545
  integration_org_slug?: string
5034
5546
  /** @description Set the default branch of the repository to the branch of this full-scan. A branch name is required with this option. */
@@ -5138,6 +5650,8 @@ export interface operations {
5138
5650
  | Array<'component' | 'formula'>
5139
5651
  /** @description Include license details in the response. This can increase the response size significantly. */
5140
5652
  include_license_details: boolean
5653
+ /** @description Return cached immutable scan results. When enabled and results are cached, returns the pre-computed scan. When results are not yet cached, returns 202 Accepted and enqueues a background job. */
5654
+ cached?: boolean
5141
5655
  }
5142
5656
  path: {
5143
5657
  /** @description The slug of the organization */
@@ -5153,6 +5667,17 @@ export interface operations {
5153
5667
  'application/x-ndjson': components['schemas']['SocketArtifact']
5154
5668
  }
5155
5669
  }
5670
+ /** @description Scan is being processed. Poll again later to retrieve results. */
5671
+ 202: {
5672
+ content: {
5673
+ 'application/json': {
5674
+ /** @default processing */
5675
+ status: string
5676
+ /** @default */
5677
+ id: string
5678
+ }
5679
+ }
5680
+ }
5156
5681
  400: components['responses']['SocketBadRequest']
5157
5682
  401: components['responses']['SocketUnauthorized']
5158
5683
  403: components['responses']['SocketForbidden']
@@ -5502,6 +6027,205 @@ export interface operations {
5502
6027
  429: components['responses']['SocketTooManyRequestsResponse']
5503
6028
  }
5504
6029
  }
6030
+ /**
6031
+ * Download full scan files as tarball
6032
+ * @description Download all files associated with a full scan in tar format.
6033
+ *
6034
+ * This endpoint consumes 1 unit of your quota.
6035
+ *
6036
+ * This endpoint requires the following org token scopes:
6037
+ * - full-scans:list
6038
+ */
6039
+ downloadOrgFullScanFilesAsTar: {
6040
+ parameters: {
6041
+ path: {
6042
+ /** @description The slug of the organization */
6043
+ org_slug: string
6044
+ /** @description The ID of the full scan */
6045
+ full_scan_id: string
6046
+ }
6047
+ }
6048
+ responses: {
6049
+ /** @description Tar archive of full scan files */
6050
+ 200: {
6051
+ content: {
6052
+ 'application/x-tar': unknown
6053
+ }
6054
+ }
6055
+ 400: components['responses']['SocketBadRequest']
6056
+ 401: components['responses']['SocketUnauthorized']
6057
+ 403: components['responses']['SocketForbidden']
6058
+ 404: components['responses']['SocketNotFoundResponse']
6059
+ 429: components['responses']['SocketTooManyRequestsResponse']
6060
+ }
6061
+ }
6062
+ /**
6063
+ * Create full scan from archive
6064
+ * @description Create a full scan by uploading one or more archives. Supported archive formats include **.tar**, **.tar.gz/.tgz**, and **.zip**.
6065
+ *
6066
+ * Each uploaded archive is extracted server-side and any supported manifest files (like package.json, package-lock.json, pnpm-lock.yaml, etc.) are ingested for the scan. If you upload multiple archives in a single request, the manifests from every archive are merged into one full scan. The response includes any files that were ignored.
6067
+ *
6068
+ * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 268 MB.
6069
+ *
6070
+ * This endpoint consumes 1 unit of your quota.
6071
+ *
6072
+ * This endpoint requires the following org token scopes:
6073
+ * - full-scans:create
6074
+ */
6075
+ CreateOrgFullScanArchive: {
6076
+ parameters: {
6077
+ query: {
6078
+ /** @description The slug of the repository to associate the full-scan with. */
6079
+ repo: string
6080
+ /** @description The workspace of the repository to associate the full-scan with. */
6081
+ workspace?: string
6082
+ /** @description The branch name to associate the full-scan with. Branch names must follow Git branch name rules: be 1–255 characters long; cannot be exactly @; cannot begin or end with /, ., or .lock; cannot contain "//", "..", or "@{"; and cannot include control characters, spaces, or any of ~^:?*[. */
6083
+ branch?: string
6084
+ /** @description The commit message to associate the full-scan with. */
6085
+ commit_message?: string
6086
+ /** @description The commit hash to associate the full-scan with. */
6087
+ commit_hash?: string
6088
+ /** @description The pull request number to associate the full-scan with. */
6089
+ pull_request?: number
6090
+ /** @description The committers to associate with the full-scan. Set query more than once to set multiple. */
6091
+ committers?: string
6092
+ /** @description The integration type to associate the full-scan with. Defaults to "Api" if omitted. */
6093
+ integration_type?:
6094
+ | 'api'
6095
+ | 'github'
6096
+ | 'gitlab'
6097
+ | 'bitbucket'
6098
+ | 'azure'
6099
+ | 'web'
6100
+ /** @description The integration org slug to associate the full-scan with. If omitted, the Socket org name will be used. This is used to generate links and badges. */
6101
+ integration_org_slug?: string
6102
+ /** @description Set the default branch of the repository to the branch of this full-scan. A branch name is required with this option. */
6103
+ make_default_branch?: boolean
6104
+ /** @description Designate this full-scan as the latest scan of a given branch. Default branch head scans are included in org alerts. This is only supported on the default branch. A branch name is required with this option. */
6105
+ set_as_pending_head?: boolean
6106
+ /** @description Create a temporary full-scan that is not listed in the reports dashboard. Cannot be used when set_as_pending_head=true. */
6107
+ tmp?: boolean
6108
+ /** @description The type of scan to perform. Defaults to 'socket'. Must be 32 characters or less. Used for categorizing multiple SBOM heads per repository branch. */
6109
+ scan_type?: string
6110
+ }
6111
+ path: {
6112
+ /** @description The slug of the organization */
6113
+ org_slug: string
6114
+ }
6115
+ }
6116
+ requestBody?: {
6117
+ content: {
6118
+ 'multipart/form-data': {
6119
+ [key: string]: never
6120
+ }
6121
+ }
6122
+ }
6123
+ responses: {
6124
+ /** @description The details of the created full scan. */
6125
+ 201: {
6126
+ content: {
6127
+ 'application/json': {
6128
+ /** @default */
6129
+ id?: string
6130
+ /** @default */
6131
+ created_at?: string
6132
+ /** @default */
6133
+ updated_at?: string
6134
+ /** @default */
6135
+ organization_id?: string
6136
+ /** @default */
6137
+ organization_slug?: string
6138
+ /** @default */
6139
+ repository_id?: string
6140
+ /** @default */
6141
+ repository_slug?: string
6142
+ /** @default */
6143
+ branch?: string | null
6144
+ /** @default */
6145
+ commit_message?: string | null
6146
+ /** @default */
6147
+ commit_hash?: string | null
6148
+ /** @default 0 */
6149
+ pull_request?: number | null
6150
+ committers?: string[]
6151
+ /** @default */
6152
+ html_url?: string | null
6153
+ /** @default */
6154
+ api_url?: string | null
6155
+ /** @default */
6156
+ workspace?: string
6157
+ /** @default */
6158
+ repo?: string
6159
+ /** @default */
6160
+ html_report_url?: string
6161
+ /** @default */
6162
+ integration_type?: string | null
6163
+ /** @default */
6164
+ integration_repo_url?: string
6165
+ /** @default */
6166
+ integration_branch_url?: string | null
6167
+ /** @default */
6168
+ integration_commit_url?: string | null
6169
+ /** @default */
6170
+ integration_pull_request_url?: string | null
6171
+ /**
6172
+ * @description The current processing status of the SBOM
6173
+ * @default pending
6174
+ * @enum {string|null}
6175
+ */
6176
+ scan_state?: 'pending' | 'precrawl' | 'resolve' | 'scan' | null
6177
+ unmatchedFiles?: string[]
6178
+ }
6179
+ }
6180
+ }
6181
+ 400: components['responses']['SocketBadRequest']
6182
+ 401: components['responses']['SocketUnauthorized']
6183
+ 403: components['responses']['SocketForbidden']
6184
+ 404: components['responses']['SocketNotFoundResponse']
6185
+ 429: components['responses']['SocketTooManyRequestsResponse']
6186
+ }
6187
+ }
6188
+ /**
6189
+ * Rescan full scan
6190
+ * @description Create a new full scan by rescanning an existing scan. A "shallow" rescan reapplies the latest policies to the previously cached dependency resolution results. A "deep" rescan reruns dependency resolution and applies the latest policies to the results.
6191
+ *
6192
+ * This endpoint consumes 1 unit of your quota.
6193
+ *
6194
+ * This endpoint requires the following org token scopes:
6195
+ * - full-scans:create
6196
+ */
6197
+ rescanOrgFullScan: {
6198
+ parameters: {
6199
+ query?: {
6200
+ /** @description The rescan mode: "shallow" (default) re-applies policies to cached data, "deep" re-fetches the SBOM stream. */
6201
+ mode?: 'shallow' | 'deep'
6202
+ }
6203
+ path: {
6204
+ /** @description The slug of the organization */
6205
+ org_slug: string
6206
+ /** @description The ID of the full scan to rescan */
6207
+ full_scan_id: string
6208
+ }
6209
+ }
6210
+ responses: {
6211
+ /** @description Rescan initiated successfully */
6212
+ 201: {
6213
+ content: {
6214
+ 'application/json': {
6215
+ /** @default The ID of the newly created full scan */
6216
+ id: string
6217
+ /** @default The status of the new scan */
6218
+ status: string
6219
+ }
6220
+ }
6221
+ }
6222
+ 400: components['responses']['SocketBadRequest']
6223
+ 401: components['responses']['SocketUnauthorized']
6224
+ 403: components['responses']['SocketForbidden']
6225
+ 404: components['responses']['SocketNotFoundResponse']
6226
+ 429: components['responses']['SocketTooManyRequestsResponse']
6227
+ }
6228
+ }
5505
6229
  /**
5506
6230
  * Export CycloneDX SBOM (Beta)
5507
6231
  * @description Export a Socket SBOM as a CycloneDX SBOM
@@ -5565,18 +6289,70 @@ export interface operations {
5565
6289
  }
5566
6290
  }
5567
6291
  /**
5568
- * Export SPDX SBOM (Beta)
5569
- * @description Export a Socket SBOM as a SPDX SBOM
6292
+ * Export OpenVEX Document (Beta)
6293
+ * @description Export vulnerability exploitability data as an OpenVEX v0.2.0 document.
5570
6294
  *
5571
- * Supported ecosystems:
6295
+ * OpenVEX (Vulnerability Exploitability eXchange) documents communicate the
6296
+ * exploitability status of vulnerabilities in software products. This export
6297
+ * includes:
5572
6298
  *
5573
- * - crates
5574
- * - go
5575
- * - maven
5576
- * - npm
5577
- * - nuget
5578
- * - pypi
5579
- * - rubygems
6299
+ * - **Patch data**: Vulnerabilities fixed by applied Socket patches are marked as "fixed"
6300
+ * - **Reachability analysis**: Code reachability determines if vulnerable code is exploitable:
6301
+ * - Unreachable code → "not_affected" with justification
6302
+ * - Reachable code → "affected"
6303
+ * - Unknown/pending → "under_investigation"
6304
+ *
6305
+ * Each statement in the document represents a single artifact-vulnerability pair
6306
+ * for granular reachability information.
6307
+ *
6308
+ * This endpoint consumes 1 unit of your quota.
6309
+ *
6310
+ * This endpoint requires the following org token scopes:
6311
+ * - report:read
6312
+ */
6313
+ exportOpenVEX: {
6314
+ parameters: {
6315
+ query?: {
6316
+ /** @description The author of the VEX document. Should be an individual or organization. */
6317
+ author?: string
6318
+ /** @description The role of the document author (e.g., "VEX Generator", "Security Team"). */
6319
+ role?: string
6320
+ /** @description Custom IRI for the VEX document. If not provided, a default IRI will be generated. */
6321
+ document_id?: string
6322
+ }
6323
+ path: {
6324
+ /** @description The slug of the organization */
6325
+ org_slug: string
6326
+ /** @description The full scan OR sbom report ID */
6327
+ id: string
6328
+ }
6329
+ }
6330
+ responses: {
6331
+ /** @description OpenVEX v0.2.0 document */
6332
+ 200: {
6333
+ content: {
6334
+ 'application/json': components['schemas']['OpenVEXDocumentSchema']
6335
+ }
6336
+ }
6337
+ 400: components['responses']['SocketBadRequest']
6338
+ 401: components['responses']['SocketUnauthorized']
6339
+ 403: components['responses']['SocketForbidden']
6340
+ 429: components['responses']['SocketTooManyRequestsResponse']
6341
+ }
6342
+ }
6343
+ /**
6344
+ * Export SPDX SBOM (Beta)
6345
+ * @description Export a Socket SBOM as a SPDX SBOM
6346
+ *
6347
+ * Supported ecosystems:
6348
+ *
6349
+ * - crates
6350
+ * - go
6351
+ * - maven
6352
+ * - npm
6353
+ * - nuget
6354
+ * - pypi
6355
+ * - rubygems
5580
6356
  * - spdx
5581
6357
  * - cdx
5582
6358
  *
@@ -5719,6 +6495,8 @@ export interface operations {
5719
6495
  omit_license_details?: boolean
5720
6496
  /** @description Omit unchanged artifacts from the response. When set to true, the unchanged field will be set to null. */
5721
6497
  omit_unchanged?: boolean
6498
+ /** @description Return cached immutable scan results. When enabled and results are cached, returns the pre-computed scan. When results are not yet cached, returns 202 Accepted and enqueues a background job. Note: When cached=true, the omit_license_details parameter is ignored as cached results always includes license details. */
6499
+ cached?: boolean
5722
6500
  }
5723
6501
  path: {
5724
6502
  /** @description The slug of the organization */
@@ -5824,6 +6602,17 @@ export interface operations {
5824
6602
  }
5825
6603
  }
5826
6604
  }
6605
+ /** @description Scan is being processed. Poll again later to retrieve results. */
6606
+ 202: {
6607
+ content: {
6608
+ 'application/json': {
6609
+ /** @default processing */
6610
+ status: string
6611
+ /** @default */
6612
+ id: string
6613
+ }
6614
+ }
6615
+ }
5827
6616
  400: components['responses']['SocketBadRequest']
5828
6617
  401: components['responses']['SocketUnauthorized']
5829
6618
  403: components['responses']['SocketForbidden']
@@ -5995,7 +6784,7 @@ export interface operations {
5995
6784
  * Returns metadata about the diff scan. Once the diff scan is created, fetch the diff scan from
5996
6785
  * the [api_url](/reference/getDiffScanById) URL to get the contents of the diff.
5997
6786
  *
5998
- * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
6787
+ * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
5999
6788
  *
6000
6789
  * This endpoint consumes 1 unit of your quota.
6001
6790
  *
@@ -6022,7 +6811,13 @@ export interface operations {
6022
6811
  /** @description The committers to associate the new full-scan with. Set query more than once to set multiple committers. */
6023
6812
  committers?: string
6024
6813
  /** @description The integration type to associate the new full-scan with. Defaults to "api" if omitted. */
6025
- integration_type?: 'api' | 'github' | 'gitlab' | 'bitbucket' | 'azure'
6814
+ integration_type?:
6815
+ | 'api'
6816
+ | 'github'
6817
+ | 'gitlab'
6818
+ | 'bitbucket'
6819
+ | 'azure'
6820
+ | 'web'
6026
6821
  /** @description The integration org slug to associate the new full-scan with. If omitted, the Socket org name will be used. This is used to generate links and badges. */
6027
6822
  integration_org_slug?: string
6028
6823
  /** @description Set to true when running a diff between a merged commit and its parent commit in the same branch. Set to false when running diffs in an open PR between unmerged commits. */
@@ -6137,6 +6932,7 @@ export interface operations {
6137
6932
  401: components['responses']['SocketUnauthorized']
6138
6933
  403: components['responses']['SocketForbidden']
6139
6934
  404: components['responses']['SocketNotFoundResponse']
6935
+ 409: components['responses']['SocketConflict']
6140
6936
  429: components['responses']['SocketTooManyRequestsResponse']
6141
6937
  }
6142
6938
  }
@@ -6263,6 +7059,7 @@ export interface operations {
6263
7059
  401: components['responses']['SocketUnauthorized']
6264
7060
  403: components['responses']['SocketForbidden']
6265
7061
  404: components['responses']['SocketNotFoundResponse']
7062
+ 409: components['responses']['SocketConflict']
6266
7063
  429: components['responses']['SocketTooManyRequestsResponse']
6267
7064
  }
6268
7065
  }
@@ -7544,6 +8341,13 @@ export interface operations {
7544
8341
  */
7545
8342
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
7546
8343
  }
8344
+ tooManyFiles?: {
8345
+ /**
8346
+ * @description The action to take for tooManyFiles issues.
8347
+ * @enum {string}
8348
+ */
8349
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
8350
+ }
7547
8351
  generic?: {
7548
8352
  /**
7549
8353
  * @description The action to take for generic issues.
@@ -7600,6 +8404,13 @@ export interface operations {
7600
8404
  */
7601
8405
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
7602
8406
  }
8407
+ recentlyPublished?: {
8408
+ /**
8409
+ * @description The action to take for recentlyPublished issues.
8410
+ * @enum {string}
8411
+ */
8412
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
8413
+ }
7603
8414
  licenseSpdxDisj?: {
7604
8415
  /**
7605
8416
  * @description The action to take for licenseSpdxDisj issues.
@@ -8423,6 +9234,13 @@ export interface operations {
8423
9234
  */
8424
9235
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
8425
9236
  }
9237
+ tooManyFiles?: {
9238
+ /**
9239
+ * @description The action to take for tooManyFiles issues.
9240
+ * @enum {string}
9241
+ */
9242
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9243
+ }
8426
9244
  generic?: {
8427
9245
  /**
8428
9246
  * @description The action to take for generic issues.
@@ -8479,6 +9297,13 @@ export interface operations {
8479
9297
  */
8480
9298
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
8481
9299
  }
9300
+ recentlyPublished?: {
9301
+ /**
9302
+ * @description The action to take for recentlyPublished issues.
9303
+ * @enum {string}
9304
+ */
9305
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9306
+ }
8482
9307
  licenseSpdxDisj?: {
8483
9308
  /**
8484
9309
  * @description The action to take for licenseSpdxDisj issues.
@@ -9456,6 +10281,13 @@ export interface operations {
9456
10281
  */
9457
10282
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9458
10283
  }
10284
+ tooManyFiles?: {
10285
+ /**
10286
+ * @description The action to take for tooManyFiles issues.
10287
+ * @enum {string}
10288
+ */
10289
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10290
+ }
9459
10291
  generic?: {
9460
10292
  /**
9461
10293
  * @description The action to take for generic issues.
@@ -9512,6 +10344,13 @@ export interface operations {
9512
10344
  */
9513
10345
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9514
10346
  }
10347
+ recentlyPublished?: {
10348
+ /**
10349
+ * @description The action to take for recentlyPublished issues.
10350
+ * @enum {string}
10351
+ */
10352
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10353
+ }
9515
10354
  licenseSpdxDisj?: {
9516
10355
  /**
9517
10356
  * @description The action to take for licenseSpdxDisj issues.
@@ -10328,6 +11167,13 @@ export interface operations {
10328
11167
  */
10329
11168
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10330
11169
  }
11170
+ tooManyFiles?: {
11171
+ /**
11172
+ * @description The action to take for tooManyFiles issues.
11173
+ * @enum {string}
11174
+ */
11175
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11176
+ }
10331
11177
  generic?: {
10332
11178
  /**
10333
11179
  * @description The action to take for generic issues.
@@ -10384,6 +11230,13 @@ export interface operations {
10384
11230
  */
10385
11231
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10386
11232
  }
11233
+ recentlyPublished?: {
11234
+ /**
11235
+ * @description The action to take for recentlyPublished issues.
11236
+ * @enum {string}
11237
+ */
11238
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11239
+ }
10387
11240
  licenseSpdxDisj?: {
10388
11241
  /**
10389
11242
  * @description The action to take for licenseSpdxDisj issues.
@@ -11169,6 +12022,13 @@ export interface operations {
11169
12022
  */
11170
12023
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11171
12024
  }
12025
+ tooManyFiles?: {
12026
+ /**
12027
+ * @description The action to take for tooManyFiles issues.
12028
+ * @enum {string}
12029
+ */
12030
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12031
+ }
11172
12032
  generic?: {
11173
12033
  /**
11174
12034
  * @description The action to take for generic issues.
@@ -11225,6 +12085,13 @@ export interface operations {
11225
12085
  */
11226
12086
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11227
12087
  }
12088
+ recentlyPublished?: {
12089
+ /**
12090
+ * @description The action to take for recentlyPublished issues.
12091
+ * @enum {string}
12092
+ */
12093
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12094
+ }
11228
12095
  licenseSpdxDisj?: {
11229
12096
  /**
11230
12097
  * @description The action to take for licenseSpdxDisj issues.
@@ -12525,34 +13392,6 @@ export interface operations {
12525
13392
  per_page?: number
12526
13393
  /** @description The pagination cursor that was returned as the "endCursor" property in previous request */
12527
13394
  startAfterCursor?: string
12528
- /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
12529
- 'filters.alertSeverity'?: string
12530
- /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
12531
- 'filters.alertSeverity.notIn'?: string
12532
- /** @description Comma-separated list of repo slugs that should be included */
12533
- 'filters.repoSlug'?: string
12534
- /** @description Comma-separated list of repo slugs that should be excluded */
12535
- 'filters.repoSlug.notIn'?: string
12536
- /** @description Comma-separated list of repo full names that should be included */
12537
- 'filters.repoFullName'?: string
12538
- /** @description Comma-separated list of repo full names that should be excluded */
12539
- 'filters.repoFullName.notIn'?: string
12540
- /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
12541
- 'filters.repoLabels'?: string
12542
- /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
12543
- 'filters.repoLabels.notIn'?: string
12544
- /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
12545
- 'filters.alertType'?: string
12546
- /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
12547
- 'filters.alertType.notIn'?: string
12548
- /** @description Name of artifact */
12549
- 'filters.artifactName'?: string
12550
- /** @description Name of artifact */
12551
- 'filters.artifactName.notIn'?: string
12552
- /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
12553
- 'filters.artifactType'?: string
12554
- /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
12555
- 'filters.artifactType.notIn'?: string
12556
13395
  /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
12557
13396
  'filters.alertAction'?: string
12558
13397
  /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
@@ -12561,10 +13400,6 @@ export interface operations {
12561
13400
  'filters.alertActionSourceType'?: string
12562
13401
  /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
12563
13402
  'filters.alertActionSourceType.notIn'?: string
12564
- /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
12565
- 'filters.alertFixType'?: string
12566
- /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
12567
- 'filters.alertFixType.notIn'?: string
12568
13403
  /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
12569
13404
  'filters.alertCategory'?: string
12570
13405
  /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
@@ -12585,38 +13420,70 @@ export interface operations {
12585
13420
  'filters.alertCweName'?: string
12586
13421
  /** @description CWE name */
12587
13422
  'filters.alertCweName.notIn'?: string
12588
- /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
12589
- 'filters.alertReachabilityType'?: string
12590
- /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
12591
- 'filters.alertReachabilityType.notIn'?: string
12592
- /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
12593
- 'filters.alertReachabilityAnalysisType'?: string
12594
- /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
12595
- 'filters.alertReachabilityAnalysisType.notIn'?: string
12596
- /** @description Alert priority ("low", "medium", "high", or "critical") */
12597
- 'filters.alertPriority'?: string
12598
- /** @description Alert priority ("low", "medium", "high", or "critical") */
12599
- 'filters.alertPriority.notIn'?: string
12600
- /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
12601
- 'filters.alertKEV'?: boolean
12602
- /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
12603
- 'filters.alertKEV.notIn'?: boolean
12604
13423
  /** @description Alert EPSS ("low", "medium", "high", "critical") */
12605
13424
  'filters.alertEPSS'?: string
12606
13425
  /** @description Alert EPSS ("low", "medium", "high", "critical") */
12607
13426
  'filters.alertEPSS.notIn'?: string
12608
- /** @description Direct/transitive dependency filter flag */
12609
- 'filters.dependencyDirect'?: boolean
12610
- /** @description Direct/transitive dependency filter flag */
12611
- 'filters.dependencyDirect.notIn'?: boolean
12612
- /** @description Development/production dependency filter flag */
12613
- 'filters.dependencyDev'?: boolean
12614
- /** @description Development/production dependency filter flag */
12615
- 'filters.dependencyDev.notIn'?: boolean
13427
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
13428
+ 'filters.alertFixType'?: string
13429
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
13430
+ 'filters.alertFixType.notIn'?: string
13431
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
13432
+ 'filters.alertKEV'?: boolean
13433
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
13434
+ 'filters.alertKEV.notIn'?: boolean
13435
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13436
+ 'filters.alertPriority'?: string
13437
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13438
+ 'filters.alertPriority.notIn'?: string
13439
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
13440
+ 'filters.alertReachabilityAnalysisType'?: string
13441
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
13442
+ 'filters.alertReachabilityAnalysisType.notIn'?: string
13443
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
13444
+ 'filters.alertReachabilityType'?: string
13445
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
13446
+ 'filters.alertReachabilityType.notIn'?: string
13447
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
13448
+ 'filters.alertSeverity'?: string
13449
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
13450
+ 'filters.alertSeverity.notIn'?: string
13451
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
13452
+ 'filters.alertType'?: string
13453
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
13454
+ 'filters.alertType.notIn'?: string
13455
+ /** @description Name of artifact */
13456
+ 'filters.artifactName'?: string
13457
+ /** @description Name of artifact */
13458
+ 'filters.artifactName.notIn'?: string
13459
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
13460
+ 'filters.artifactType'?: string
13461
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13462
+ 'filters.artifactType.notIn'?: string
12616
13463
  /** @description Dead/reachable dependency filter flag */
12617
13464
  'filters.dependencyDead'?: boolean
12618
13465
  /** @description Dead/reachable dependency filter flag */
12619
13466
  'filters.dependencyDead.notIn'?: boolean
13467
+ /** @description Development/production dependency filter flag */
13468
+ 'filters.dependencyDev'?: boolean
13469
+ /** @description Development/production dependency filter flag */
13470
+ 'filters.dependencyDev.notIn'?: boolean
13471
+ /** @description Direct/transitive dependency filter flag */
13472
+ 'filters.dependencyDirect'?: boolean
13473
+ /** @description Direct/transitive dependency filter flag */
13474
+ 'filters.dependencyDirect.notIn'?: boolean
13475
+ /** @description Comma-separated list of repo full names that should be included */
13476
+ 'filters.repoFullName'?: string
13477
+ /** @description Comma-separated list of repo full names that should be excluded */
13478
+ 'filters.repoFullName.notIn'?: string
13479
+ /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
13480
+ 'filters.repoLabels'?: string
13481
+ /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
13482
+ 'filters.repoLabels.notIn'?: string
13483
+ /** @description Comma-separated list of repo slugs that should be included */
13484
+ 'filters.repoSlug'?: string
13485
+ /** @description Comma-separated list of repo slugs that should be excluded */
13486
+ 'filters.repoSlug.notIn'?: string
12620
13487
  }
12621
13488
  path: {
12622
13489
  /** @description The slug of the organization */
@@ -12726,54 +13593,92 @@ export interface operations {
12726
13593
  /** @default false */
12727
13594
  includeLatestAlertsOnly: boolean
12728
13595
  filters: {
12729
- /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
12730
- alertSeverity?: string[]
12731
- /** @description Comma-separated list of repo slugs that should be excluded */
12732
- repoSlug?: string[]
12733
- /** @description Comma-separated list of repo full names that should be excluded */
12734
- repoFullName?: string[]
12735
- /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
12736
- repoLabels?: string[]
12737
- /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
12738
- alertType?: string[]
12739
- /** @description Name of artifact */
12740
- artifactName?: string[]
12741
- /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
12742
- artifactType?: string[]
12743
- /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
13596
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
12744
13597
  alertAction?: string[]
12745
- /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
13598
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
13599
+ 'alertAction.notIn'?: string[]
13600
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included */
12746
13601
  alertActionSourceType?: string[]
12747
- /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
12748
- alertFixType?: string[]
12749
- /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
13602
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
13603
+ 'alertActionSourceType.notIn'?: string[]
13604
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
12750
13605
  alertCategory?: string[]
13606
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
13607
+ 'alertCategory.notIn'?: string[]
12751
13608
  /** @description CVE ID */
12752
13609
  alertCveId?: string[]
13610
+ /** @description CVE ID */
13611
+ 'alertCveId.notIn'?: string[]
12753
13612
  /** @description CVE title */
12754
13613
  alertCveTitle?: string[]
13614
+ /** @description CVE title */
13615
+ 'alertCveTitle.notIn'?: string[]
12755
13616
  /** @description CWE ID */
12756
13617
  alertCweId?: string[]
13618
+ /** @description CWE ID */
13619
+ 'alertCweId.notIn'?: string[]
12757
13620
  /** @description CWE name */
12758
13621
  alertCweName?: string[]
12759
- /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
12760
- alertReachabilityType?: string[]
12761
- /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
12762
- alertReachabilityAnalysisType?: string[]
12763
- /** @description Alert priority ("low", "medium", "high", or "critical") */
12764
- alertPriority?: string[]
12765
- /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
12766
- alertKEV?: boolean[]
13622
+ /** @description CWE name */
13623
+ 'alertCweName.notIn'?: string[]
12767
13624
  /** @description Alert EPSS ("low", "medium", "high", "critical") */
12768
13625
  alertEPSS?: string[]
12769
- /** @description Direct/transitive dependency filter flag */
12770
- dependencyDirect?: boolean[]
12771
- /** @description Development/production dependency filter flag */
12772
- dependencyDev?: boolean[]
12773
- /** @description Dead/reachable dependency filter flag */
12774
- dependencyDead?: boolean[]
12775
- }
12776
- }
13626
+ /** @description Alert EPSS ("low", "medium", "high", "critical") */
13627
+ 'alertEPSS.notIn'?: string[]
13628
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
13629
+ alertFixType?: string[]
13630
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
13631
+ 'alertFixType.notIn'?: string[]
13632
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
13633
+ alertKEV?: boolean[]
13634
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13635
+ alertPriority?: string[]
13636
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13637
+ 'alertPriority.notIn'?: string[]
13638
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
13639
+ alertReachabilityAnalysisType?: string[]
13640
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
13641
+ 'alertReachabilityAnalysisType.notIn'?: string[]
13642
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
13643
+ alertReachabilityType?: string[]
13644
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
13645
+ 'alertReachabilityType.notIn'?: string[]
13646
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
13647
+ alertSeverity?: string[]
13648
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
13649
+ 'alertSeverity.notIn'?: string[]
13650
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
13651
+ alertType?: string[]
13652
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
13653
+ 'alertType.notIn'?: string[]
13654
+ /** @description Name of artifact */
13655
+ artifactName?: string[]
13656
+ /** @description Name of artifact */
13657
+ 'artifactName.notIn'?: string[]
13658
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
13659
+ artifactType?: string[]
13660
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13661
+ 'artifactType.notIn'?: string[]
13662
+ /** @description Dead/reachable dependency filter flag */
13663
+ dependencyDead?: boolean[]
13664
+ /** @description Development/production dependency filter flag */
13665
+ dependencyDev?: boolean[]
13666
+ /** @description Direct/transitive dependency filter flag */
13667
+ dependencyDirect?: boolean[]
13668
+ /** @description Comma-separated list of repo full names that should be included */
13669
+ repoFullName?: string[]
13670
+ /** @description Comma-separated list of repo full names that should be excluded */
13671
+ 'repoFullName.notIn'?: string[]
13672
+ /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
13673
+ repoLabels?: string[]
13674
+ /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
13675
+ 'repoLabels.notIn'?: string[]
13676
+ /** @description Comma-separated list of repo slugs that should be included */
13677
+ repoSlug?: string[]
13678
+ /** @description Comma-separated list of repo slugs that should be excluded */
13679
+ 'repoSlug.notIn'?: string[]
13680
+ }
13681
+ }
12777
13682
  }
12778
13683
  }
12779
13684
  }
@@ -12801,34 +13706,6 @@ export interface operations {
12801
13706
  range?: string
12802
13707
  /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,alertReachabilityAnalysisType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
12803
13708
  'aggregation.fields'?: string
12804
- /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
12805
- 'filters.alertSeverity'?: string
12806
- /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
12807
- 'filters.alertSeverity.notIn'?: string
12808
- /** @description Comma-separated list of repo slugs that should be included */
12809
- 'filters.repoSlug'?: string
12810
- /** @description Comma-separated list of repo slugs that should be excluded */
12811
- 'filters.repoSlug.notIn'?: string
12812
- /** @description Comma-separated list of repo full names that should be included */
12813
- 'filters.repoFullName'?: string
12814
- /** @description Comma-separated list of repo full names that should be excluded */
12815
- 'filters.repoFullName.notIn'?: string
12816
- /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
12817
- 'filters.repoLabels'?: string
12818
- /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
12819
- 'filters.repoLabels.notIn'?: string
12820
- /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
12821
- 'filters.alertType'?: string
12822
- /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
12823
- 'filters.alertType.notIn'?: string
12824
- /** @description Name of artifact */
12825
- 'filters.artifactName'?: string
12826
- /** @description Name of artifact */
12827
- 'filters.artifactName.notIn'?: string
12828
- /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
12829
- 'filters.artifactType'?: string
12830
- /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
12831
- 'filters.artifactType.notIn'?: string
12832
13709
  /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
12833
13710
  'filters.alertAction'?: string
12834
13711
  /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
@@ -12837,10 +13714,6 @@ export interface operations {
12837
13714
  'filters.alertActionSourceType'?: string
12838
13715
  /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
12839
13716
  'filters.alertActionSourceType.notIn'?: string
12840
- /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
12841
- 'filters.alertFixType'?: string
12842
- /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
12843
- 'filters.alertFixType.notIn'?: string
12844
13717
  /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
12845
13718
  'filters.alertCategory'?: string
12846
13719
  /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
@@ -12861,38 +13734,70 @@ export interface operations {
12861
13734
  'filters.alertCweName'?: string
12862
13735
  /** @description CWE name */
12863
13736
  'filters.alertCweName.notIn'?: string
12864
- /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
12865
- 'filters.alertReachabilityType'?: string
12866
- /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
12867
- 'filters.alertReachabilityType.notIn'?: string
12868
- /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
12869
- 'filters.alertReachabilityAnalysisType'?: string
12870
- /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
12871
- 'filters.alertReachabilityAnalysisType.notIn'?: string
12872
- /** @description Alert priority ("low", "medium", "high", or "critical") */
12873
- 'filters.alertPriority'?: string
12874
- /** @description Alert priority ("low", "medium", "high", or "critical") */
12875
- 'filters.alertPriority.notIn'?: string
12876
- /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
12877
- 'filters.alertKEV'?: boolean
12878
- /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
12879
- 'filters.alertKEV.notIn'?: boolean
12880
13737
  /** @description Alert EPSS ("low", "medium", "high", "critical") */
12881
13738
  'filters.alertEPSS'?: string
12882
13739
  /** @description Alert EPSS ("low", "medium", "high", "critical") */
12883
13740
  'filters.alertEPSS.notIn'?: string
12884
- /** @description Direct/transitive dependency filter flag */
12885
- 'filters.dependencyDirect'?: boolean
12886
- /** @description Direct/transitive dependency filter flag */
12887
- 'filters.dependencyDirect.notIn'?: boolean
12888
- /** @description Development/production dependency filter flag */
12889
- 'filters.dependencyDev'?: boolean
12890
- /** @description Development/production dependency filter flag */
12891
- 'filters.dependencyDev.notIn'?: boolean
13741
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
13742
+ 'filters.alertFixType'?: string
13743
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
13744
+ 'filters.alertFixType.notIn'?: string
13745
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
13746
+ 'filters.alertKEV'?: boolean
13747
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
13748
+ 'filters.alertKEV.notIn'?: boolean
13749
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13750
+ 'filters.alertPriority'?: string
13751
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13752
+ 'filters.alertPriority.notIn'?: string
13753
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
13754
+ 'filters.alertReachabilityAnalysisType'?: string
13755
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
13756
+ 'filters.alertReachabilityAnalysisType.notIn'?: string
13757
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
13758
+ 'filters.alertReachabilityType'?: string
13759
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
13760
+ 'filters.alertReachabilityType.notIn'?: string
13761
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
13762
+ 'filters.alertSeverity'?: string
13763
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
13764
+ 'filters.alertSeverity.notIn'?: string
13765
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
13766
+ 'filters.alertType'?: string
13767
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
13768
+ 'filters.alertType.notIn'?: string
13769
+ /** @description Name of artifact */
13770
+ 'filters.artifactName'?: string
13771
+ /** @description Name of artifact */
13772
+ 'filters.artifactName.notIn'?: string
13773
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
13774
+ 'filters.artifactType'?: string
13775
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13776
+ 'filters.artifactType.notIn'?: string
12892
13777
  /** @description Dead/reachable dependency filter flag */
12893
13778
  'filters.dependencyDead'?: boolean
12894
13779
  /** @description Dead/reachable dependency filter flag */
12895
13780
  'filters.dependencyDead.notIn'?: boolean
13781
+ /** @description Development/production dependency filter flag */
13782
+ 'filters.dependencyDev'?: boolean
13783
+ /** @description Development/production dependency filter flag */
13784
+ 'filters.dependencyDev.notIn'?: boolean
13785
+ /** @description Direct/transitive dependency filter flag */
13786
+ 'filters.dependencyDirect'?: boolean
13787
+ /** @description Direct/transitive dependency filter flag */
13788
+ 'filters.dependencyDirect.notIn'?: boolean
13789
+ /** @description Comma-separated list of repo full names that should be included */
13790
+ 'filters.repoFullName'?: string
13791
+ /** @description Comma-separated list of repo full names that should be excluded */
13792
+ 'filters.repoFullName.notIn'?: string
13793
+ /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
13794
+ 'filters.repoLabels'?: string
13795
+ /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
13796
+ 'filters.repoLabels.notIn'?: string
13797
+ /** @description Comma-separated list of repo slugs that should be included */
13798
+ 'filters.repoSlug'?: string
13799
+ /** @description Comma-separated list of repo slugs that should be excluded */
13800
+ 'filters.repoSlug.notIn'?: string
12896
13801
  }
12897
13802
  path: {
12898
13803
  /** @description The slug of the organization */
@@ -12918,52 +13823,90 @@ export interface operations {
12918
13823
  groups: string[][]
12919
13824
  }
12920
13825
  filters: {
12921
- /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
12922
- alertSeverity?: string[]
12923
- /** @description Comma-separated list of repo slugs that should be excluded */
12924
- repoSlug?: string[]
12925
- /** @description Comma-separated list of repo full names that should be excluded */
12926
- repoFullName?: string[]
12927
- /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
12928
- repoLabels?: string[]
12929
- /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
12930
- alertType?: string[]
12931
- /** @description Name of artifact */
12932
- artifactName?: string[]
12933
- /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
12934
- artifactType?: string[]
12935
- /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
13826
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
12936
13827
  alertAction?: string[]
12937
- /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
13828
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
13829
+ 'alertAction.notIn'?: string[]
13830
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included */
12938
13831
  alertActionSourceType?: string[]
12939
- /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
12940
- alertFixType?: string[]
12941
- /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
13832
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
13833
+ 'alertActionSourceType.notIn'?: string[]
13834
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
12942
13835
  alertCategory?: string[]
13836
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
13837
+ 'alertCategory.notIn'?: string[]
12943
13838
  /** @description CVE ID */
12944
13839
  alertCveId?: string[]
13840
+ /** @description CVE ID */
13841
+ 'alertCveId.notIn'?: string[]
12945
13842
  /** @description CVE title */
12946
13843
  alertCveTitle?: string[]
13844
+ /** @description CVE title */
13845
+ 'alertCveTitle.notIn'?: string[]
12947
13846
  /** @description CWE ID */
12948
13847
  alertCweId?: string[]
13848
+ /** @description CWE ID */
13849
+ 'alertCweId.notIn'?: string[]
12949
13850
  /** @description CWE name */
12950
13851
  alertCweName?: string[]
12951
- /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
12952
- alertReachabilityType?: string[]
12953
- /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
12954
- alertReachabilityAnalysisType?: string[]
12955
- /** @description Alert priority ("low", "medium", "high", or "critical") */
12956
- alertPriority?: string[]
12957
- /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
12958
- alertKEV?: boolean[]
13852
+ /** @description CWE name */
13853
+ 'alertCweName.notIn'?: string[]
12959
13854
  /** @description Alert EPSS ("low", "medium", "high", "critical") */
12960
13855
  alertEPSS?: string[]
12961
- /** @description Direct/transitive dependency filter flag */
12962
- dependencyDirect?: boolean[]
12963
- /** @description Development/production dependency filter flag */
12964
- dependencyDev?: boolean[]
13856
+ /** @description Alert EPSS ("low", "medium", "high", "critical") */
13857
+ 'alertEPSS.notIn'?: string[]
13858
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
13859
+ alertFixType?: string[]
13860
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
13861
+ 'alertFixType.notIn'?: string[]
13862
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
13863
+ alertKEV?: boolean[]
13864
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13865
+ alertPriority?: string[]
13866
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
13867
+ 'alertPriority.notIn'?: string[]
13868
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
13869
+ alertReachabilityAnalysisType?: string[]
13870
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
13871
+ 'alertReachabilityAnalysisType.notIn'?: string[]
13872
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
13873
+ alertReachabilityType?: string[]
13874
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
13875
+ 'alertReachabilityType.notIn'?: string[]
13876
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
13877
+ alertSeverity?: string[]
13878
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
13879
+ 'alertSeverity.notIn'?: string[]
13880
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
13881
+ alertType?: string[]
13882
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
13883
+ 'alertType.notIn'?: string[]
13884
+ /** @description Name of artifact */
13885
+ artifactName?: string[]
13886
+ /** @description Name of artifact */
13887
+ 'artifactName.notIn'?: string[]
13888
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
13889
+ artifactType?: string[]
13890
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13891
+ 'artifactType.notIn'?: string[]
12965
13892
  /** @description Dead/reachable dependency filter flag */
12966
13893
  dependencyDead?: boolean[]
13894
+ /** @description Development/production dependency filter flag */
13895
+ dependencyDev?: boolean[]
13896
+ /** @description Direct/transitive dependency filter flag */
13897
+ dependencyDirect?: boolean[]
13898
+ /** @description Comma-separated list of repo full names that should be included */
13899
+ repoFullName?: string[]
13900
+ /** @description Comma-separated list of repo full names that should be excluded */
13901
+ 'repoFullName.notIn'?: string[]
13902
+ /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
13903
+ repoLabels?: string[]
13904
+ /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
13905
+ 'repoLabels.notIn'?: string[]
13906
+ /** @description Comma-separated list of repo slugs that should be included */
13907
+ repoSlug?: string[]
13908
+ /** @description Comma-separated list of repo slugs that should be excluded */
13909
+ 'repoSlug.notIn'?: string[]
12967
13910
  }
12968
13911
  }
12969
13912
  items: Array<{
@@ -13326,8 +14269,10 @@ export interface operations {
13326
14269
  | 'ChangeMemberRole'
13327
14270
  | 'ChangePlanSubscriptionSeats'
13328
14271
  | 'CreateApiToken'
14272
+ | 'CreateArtifact'
13329
14273
  | 'CreateLabel'
13330
14274
  | 'CreateWebhook'
14275
+ | 'DeleteApiToken'
13331
14276
  | 'DeleteFullScan'
13332
14277
  | 'DeleteLabel'
13333
14278
  | 'DeleteLabelSetting'
@@ -13337,6 +14282,9 @@ export interface operations {
13337
14282
  | 'DisassociateLabel'
13338
14283
  | 'DowngradeOrganizationPlan'
13339
14284
  | 'JoinOrganization'
14285
+ | 'MemberAdded'
14286
+ | 'MemberRemoved'
14287
+ | 'MemberRoleChanged'
13340
14288
  | 'RemoveLicenseOverlay'
13341
14289
  | 'RemoveMember'
13342
14290
  | 'ResetInvitationLink'
@@ -13439,6 +14387,8 @@ export interface operations {
13439
14387
  per_page?: number
13440
14388
  /** @description The token specifying which page to return. */
13441
14389
  page?: number
14390
+ /** @description Whether to include token values in response. Use "omit" to exclude tokens entirely. */
14391
+ token_values?: 'include' | 'omit'
13442
14392
  }
13443
14393
  path: {
13444
14394
  /** @description The slug of the organization */
@@ -13451,24 +14401,53 @@ export interface operations {
13451
14401
  content: {
13452
14402
  'application/json': {
13453
14403
  tokens: Array<{
14404
+ /** @description List of committers associated with this API Token */
13454
14405
  committers: {
13455
- /** @default */
14406
+ /**
14407
+ * @description Email address of the committer
14408
+ * @default
14409
+ */
13456
14410
  email?: string
13457
14411
  /**
14412
+ * @description The source control provider for the committer
13458
14413
  * @default api
13459
14414
  * @enum {string}
13460
14415
  */
13461
14416
  provider?: 'api' | 'azure' | 'bitbucket' | 'github' | 'gitlab'
13462
- /** @default */
14417
+ /**
14418
+ * @description Login name on the provider platform
14419
+ * @default
14420
+ */
13463
14421
  providerLoginName?: string
13464
- /** @default */
14422
+ /**
14423
+ * @description User ID on the provider platform
14424
+ * @default
14425
+ */
13465
14426
  providerUserId?: string
13466
14427
  }[]
14428
+ /**
14429
+ * Format: uuid
14430
+ * @description ID of the Socket user who created the API Token
14431
+ * @default
14432
+ */
14433
+ created_by: string | null
13467
14434
  /**
13468
14435
  * Format: date
14436
+ * @description Timestamp when the API Token was created
13469
14437
  * @default
13470
14438
  */
13471
14439
  created_at: string
14440
+ /**
14441
+ * Format: uuid
14442
+ * @description The stable group UUID that remains constant across token rotations
14443
+ * @default
14444
+ */
14445
+ group_uuid: string
14446
+ /**
14447
+ * @description SRI-format hash of the token (e.g., sha512-base64hash). Null for tokens created before hash column was added.
14448
+ * @default
14449
+ */
14450
+ hash: string | null
13472
14451
  /**
13473
14452
  * @description The ID of the API Token
13474
14453
  * @default
@@ -13476,16 +14455,21 @@ export interface operations {
13476
14455
  id: string
13477
14456
  /**
13478
14457
  * Format: date
14458
+ * @description Timestamp when the API Token was last used
13479
14459
  * @default
13480
14460
  */
13481
14461
  last_used_at: string
13482
- /** @default 1000 */
14462
+ /**
14463
+ * @description Maximum number of API calls allowed per month
14464
+ * @default 1000
14465
+ */
13483
14466
  max_quota: number
13484
14467
  /**
13485
14468
  * @description Name for the API Token
13486
14469
  * @default api token
13487
14470
  */
13488
14471
  name: string | null
14472
+ /** @description List of scopes granted to the API Token */
13489
14473
  scopes: (
13490
14474
  | 'alerts'
13491
14475
  | 'alerts:list'
@@ -13501,6 +14485,8 @@ export interface operations {
13501
14485
  | 'dependencies'
13502
14486
  | 'dependencies:list'
13503
14487
  | 'dependencies:trend'
14488
+ | 'fixes'
14489
+ | 'fixes:list'
13504
14490
  | 'full-scans'
13505
14491
  | 'full-scans:list'
13506
14492
  | 'full-scans:create'
@@ -13547,17 +14533,28 @@ export interface operations {
13547
14533
  | 'security-policy:read'
13548
14534
  | 'socket-basics'
13549
14535
  | 'socket-basics:read'
14536
+ | 'telemetry-policy'
14537
+ | 'telemetry-policy:update'
13550
14538
  | 'threat-feed'
13551
14539
  | 'threat-feed:list'
13552
14540
  | 'triage'
13553
14541
  | 'triage:alerts-list'
13554
14542
  | 'triage:alerts-update'
14543
+ | 'uploaded-artifacts'
14544
+ | 'uploaded-artifacts:create'
14545
+ | 'uploaded-artifacts:list'
14546
+ | 'webhooks'
14547
+ | 'webhooks:create'
14548
+ | 'webhooks:list'
14549
+ | 'webhooks:update'
14550
+ | 'webhooks:delete'
14551
+ | '*'
13555
14552
  )[]
13556
14553
  /**
13557
- * @description The obfuscated token of the API Token
14554
+ * @description The token of the API Token (redacted or omitted)
13558
14555
  * @default
13559
14556
  */
13560
- token: string
14557
+ token: string | null
13561
14558
  /**
13562
14559
  * @description The visibility of the API Token. Warning: this field is deprecated and will be removed in the future.
13563
14560
  * @default organization
@@ -13595,8 +14592,12 @@ export interface operations {
13595
14592
  requestBody?: {
13596
14593
  content: {
13597
14594
  'application/json': {
13598
- /** @default 1000 */
14595
+ /**
14596
+ * @description Maximum number of API calls allowed per month
14597
+ * @default 1000
14598
+ */
13599
14599
  max_quota: number
14600
+ /** @description List of scopes granted to the API Token */
13600
14601
  scopes: Array<
13601
14602
  | 'alerts'
13602
14603
  | 'alerts:list'
@@ -13612,6 +14613,8 @@ export interface operations {
13612
14613
  | 'dependencies'
13613
14614
  | 'dependencies:list'
13614
14615
  | 'dependencies:trend'
14616
+ | 'fixes'
14617
+ | 'fixes:list'
13615
14618
  | 'full-scans'
13616
14619
  | 'full-scans:list'
13617
14620
  | 'full-scans:create'
@@ -13658,11 +14661,22 @@ export interface operations {
13658
14661
  | 'security-policy:read'
13659
14662
  | 'socket-basics'
13660
14663
  | 'socket-basics:read'
14664
+ | 'telemetry-policy'
14665
+ | 'telemetry-policy:update'
13661
14666
  | 'threat-feed'
13662
14667
  | 'threat-feed:list'
13663
14668
  | 'triage'
13664
14669
  | 'triage:alerts-list'
13665
14670
  | 'triage:alerts-update'
14671
+ | 'uploaded-artifacts'
14672
+ | 'uploaded-artifacts:create'
14673
+ | 'uploaded-artifacts:list'
14674
+ | 'webhooks'
14675
+ | 'webhooks:create'
14676
+ | 'webhooks:list'
14677
+ | 'webhooks:update'
14678
+ | 'webhooks:delete'
14679
+ | '*'
13666
14680
  >
13667
14681
  /**
13668
14682
  * @description The visibility of the API Token. Warning: this field is deprecated and will be removed in the future.
@@ -13670,17 +14684,28 @@ export interface operations {
13670
14684
  * @enum {string}
13671
14685
  */
13672
14686
  visibility: 'admin' | 'organization'
14687
+ /** @description Committer information to associate with the API Token */
13673
14688
  committer: {
13674
- /** @default */
14689
+ /**
14690
+ * @description Email address of the committer
14691
+ * @default
14692
+ */
13675
14693
  email?: string
13676
14694
  /**
14695
+ * @description The source control provider for the committer
13677
14696
  * @default api
13678
14697
  * @enum {string}
13679
14698
  */
13680
14699
  provider?: 'api' | 'azure' | 'bitbucket' | 'github' | 'gitlab'
13681
- /** @default */
14700
+ /**
14701
+ * @description Login name on the provider platform
14702
+ * @default
14703
+ */
13682
14704
  providerLoginName?: string
13683
- /** @default */
14705
+ /**
14706
+ * @description User ID on the provider platform
14707
+ * @default
14708
+ */
13684
14709
  providerUserId?: string
13685
14710
  }
13686
14711
  /**
@@ -13688,16 +14713,48 @@ export interface operations {
13688
14713
  * @default api token
13689
14714
  */
13690
14715
  name?: string
14716
+ /** @description List of resources this API Token can access. Tokens with resource grants can only access a subset of routes that support this feature. */
14717
+ resources?: Array<{
14718
+ /**
14719
+ * @description Slug of the organization to grant access to
14720
+ * @default
14721
+ */
14722
+ organizationSlug: string
14723
+ /**
14724
+ * @description Slug of the repository to grant access to
14725
+ * @default
14726
+ */
14727
+ repositorySlug: string
14728
+ /**
14729
+ * @description Workspace slug containing the specified repo
14730
+ * @default
14731
+ */
14732
+ workspace?: string
14733
+ }>
13691
14734
  }
13692
14735
  }
13693
14736
  }
13694
14737
  responses: {
13695
- /** @description The newly created api token. */
14738
+ /** @description The newly created api token with its stable UUID and hash. */
13696
14739
  200: {
13697
14740
  content: {
13698
14741
  'application/json': {
14742
+ /**
14743
+ * Format: uuid
14744
+ * @description ID of the Socket user who created the API Token
14745
+ * @default
14746
+ */
14747
+ created_by: string | null
14748
+ /**
14749
+ * Format: uuid
14750
+ * @description The stable group UUID that remains constant across token rotations
14751
+ * @default
14752
+ */
14753
+ group_uuid: string
13699
14754
  /** @default */
13700
14755
  token: string
14756
+ /** @default */
14757
+ hash: string
13701
14758
  }
13702
14759
  }
13703
14760
  }
@@ -13726,8 +14783,12 @@ export interface operations {
13726
14783
  requestBody?: {
13727
14784
  content: {
13728
14785
  'application/json': {
13729
- /** @default 1000 */
14786
+ /**
14787
+ * @description Maximum number of API calls allowed per hour
14788
+ * @default 1000
14789
+ */
13730
14790
  max_quota: number
14791
+ /** @description List of scopes granted to the API Token */
13731
14792
  scopes: Array<
13732
14793
  | 'alerts'
13733
14794
  | 'alerts:list'
@@ -13743,6 +14804,8 @@ export interface operations {
13743
14804
  | 'dependencies'
13744
14805
  | 'dependencies:list'
13745
14806
  | 'dependencies:trend'
14807
+ | 'fixes'
14808
+ | 'fixes:list'
13746
14809
  | 'full-scans'
13747
14810
  | 'full-scans:list'
13748
14811
  | 'full-scans:create'
@@ -13789,31 +14852,51 @@ export interface operations {
13789
14852
  | 'security-policy:read'
13790
14853
  | 'socket-basics'
13791
14854
  | 'socket-basics:read'
14855
+ | 'telemetry-policy'
14856
+ | 'telemetry-policy:update'
13792
14857
  | 'threat-feed'
13793
14858
  | 'threat-feed:list'
13794
14859
  | 'triage'
13795
14860
  | 'triage:alerts-list'
13796
14861
  | 'triage:alerts-update'
14862
+ | 'uploaded-artifacts'
14863
+ | 'uploaded-artifacts:create'
14864
+ | 'uploaded-artifacts:list'
14865
+ | 'webhooks'
14866
+ | 'webhooks:create'
14867
+ | 'webhooks:list'
14868
+ | 'webhooks:update'
14869
+ | 'webhooks:delete'
14870
+ | '*'
13797
14871
  >
13798
- /** @default */
13799
- token: string
13800
14872
  /**
13801
14873
  * @description The visibility of the API Token. Warning: this field is deprecated and will be removed in the future.
13802
14874
  * @default organization
13803
14875
  * @enum {string}
13804
14876
  */
13805
14877
  visibility: 'admin' | 'organization'
14878
+ /** @description Committer information to associate with the API Token */
13806
14879
  committer: {
13807
- /** @default */
14880
+ /**
14881
+ * @description Email address of the committer
14882
+ * @default
14883
+ */
13808
14884
  email?: string
13809
14885
  /**
14886
+ * @description The source control provider for the committer
13810
14887
  * @default api
13811
14888
  * @enum {string}
13812
14889
  */
13813
14890
  provider?: 'api' | 'azure' | 'bitbucket' | 'github' | 'gitlab'
13814
- /** @default */
14891
+ /**
14892
+ * @description Login name on the provider platform
14893
+ * @default
14894
+ */
13815
14895
  providerLoginName?: string
13816
- /** @default */
14896
+ /**
14897
+ * @description User ID on the provider platform
14898
+ * @default
14899
+ */
13817
14900
  providerUserId?: string
13818
14901
  }
13819
14902
  /**
@@ -13821,6 +14904,27 @@ export interface operations {
13821
14904
  * @default api token
13822
14905
  */
13823
14906
  name?: string
14907
+ /**
14908
+ * Format: uuid
14909
+ * @description The stable group UUID to update (provide uuid, id, token, or hash. May provide uuid+hash together for validation)
14910
+ * @default
14911
+ */
14912
+ uuid?: string
14913
+ /**
14914
+ * @description The API token ID to update (provide uuid, id, token, or hash)
14915
+ * @default
14916
+ */
14917
+ id?: string
14918
+ /**
14919
+ * @description The API token to update (provide uuid, id, token, or hash)
14920
+ * @default
14921
+ */
14922
+ token?: string
14923
+ /**
14924
+ * @description The API token hash to update (provide uuid, id, token, or hash)
14925
+ * @default
14926
+ */
14927
+ hash?: string
13824
14928
  }
13825
14929
  }
13826
14930
  }
@@ -13829,8 +14933,11 @@ export interface operations {
13829
14933
  200: {
13830
14934
  content: {
13831
14935
  'application/json': {
13832
- /** @default */
13833
- token: string
14936
+ /**
14937
+ * @description SRI-format hash of the API token (e.g., sha512-base64hash)
14938
+ * @default
14939
+ */
14940
+ hash: string
13834
14941
  }
13835
14942
  }
13836
14943
  }
@@ -13855,22 +14962,49 @@ export interface operations {
13855
14962
  org_slug: string
13856
14963
  }
13857
14964
  }
13858
- /** @description The API Token to rotate */
14965
+ /** @description The API Token identifier to rotate. Provide uuid (recommended), token, or hash. May provide uuid+hash together for validation. */
13859
14966
  requestBody?: {
13860
14967
  content: {
13861
14968
  'application/json': {
14969
+ /**
14970
+ * Format: uuid
14971
+ * @description The stable group UUID of the API token to rotate
14972
+ * @default
14973
+ */
14974
+ uuid?: string
14975
+ /** @default */
14976
+ token?: string
13862
14977
  /** @default */
13863
- token: string
14978
+ hash?: string
13864
14979
  }
13865
14980
  }
13866
14981
  }
13867
14982
  responses: {
13868
- /** @description The replacement API Token */
14983
+ /** @description The replacement API Token with its stable UUID, new token value, and hash */
13869
14984
  200: {
13870
14985
  content: {
13871
14986
  'application/json': {
14987
+ /**
14988
+ * @description The database ID of the new API token
14989
+ * @default
14990
+ */
14991
+ id: string
14992
+ /**
14993
+ * Format: uuid
14994
+ * @description The stable group UUID (unchanged after rotation)
14995
+ * @default
14996
+ */
14997
+ group_uuid: string
14998
+ /**
14999
+ * Format: uuid
15000
+ * @description ID of the Socket user who created the API Token
15001
+ * @default
15002
+ */
15003
+ created_by: string | null
13872
15004
  /** @default */
13873
15005
  token: string
15006
+ /** @default */
15007
+ hash: string
13874
15008
  }
13875
15009
  }
13876
15010
  }
@@ -13895,12 +15029,20 @@ export interface operations {
13895
15029
  org_slug: string
13896
15030
  }
13897
15031
  }
13898
- /** @description The token to revoke. */
15032
+ /** @description The API token identifier to revoke. Provide uuid (recommended), token, or hash. May provide uuid+hash together for validation. */
13899
15033
  requestBody?: {
13900
15034
  content: {
13901
15035
  'application/json': {
15036
+ /**
15037
+ * Format: uuid
15038
+ * @description The stable group UUID of the API token to revoke
15039
+ * @default
15040
+ */
15041
+ uuid?: string
13902
15042
  /** @default */
13903
- token: string
15043
+ token?: string
15044
+ /** @default */
15045
+ hash?: string
13904
15046
  }
13905
15047
  }
13906
15048
  }
@@ -14012,6 +15154,7 @@ export interface operations {
14012
15154
  ecosystem?:
14013
15155
  | 'github'
14014
15156
  | 'cargo'
15157
+ | 'composer'
14015
15158
  | 'chrome'
14016
15159
  | 'golang'
14017
15160
  | 'huggingface'
@@ -14021,6 +15164,8 @@ export interface operations {
14021
15164
  | 'vscode'
14022
15165
  | 'pypi'
14023
15166
  | 'gem'
15167
+ | 'socket'
15168
+ | 'swift'
14024
15169
  }
14025
15170
  }
14026
15171
  responses: {
@@ -14034,6 +15179,8 @@ export interface operations {
14034
15179
  /** @default */
14035
15180
  updatedAt?: string
14036
15181
  /** @default */
15182
+ publishedAt?: string | null
15183
+ /** @default */
14037
15184
  description?: string
14038
15185
  /** @default 0 */
14039
15186
  id?: number
@@ -14052,6 +15199,11 @@ export interface operations {
14052
15199
  * @default false
14053
15200
  */
14054
15201
  needsHumanReview?: boolean
15202
+ /**
15203
+ * @description Unique threat instance identifier across artifacts
15204
+ * @default 0
15205
+ */
15206
+ threatInstanceId?: number
14055
15207
  }>
14056
15208
  /** @default */
14057
15209
  nextPage: string | null
@@ -14116,6 +15268,7 @@ export interface operations {
14116
15268
  ecosystem?:
14117
15269
  | 'github'
14118
15270
  | 'cargo'
15271
+ | 'composer'
14119
15272
  | 'chrome'
14120
15273
  | 'golang'
14121
15274
  | 'huggingface'
@@ -14125,6 +15278,8 @@ export interface operations {
14125
15278
  | 'vscode'
14126
15279
  | 'pypi'
14127
15280
  | 'gem'
15281
+ | 'socket'
15282
+ | 'swift'
14128
15283
  }
14129
15284
  path: {
14130
15285
  /** @description The slug of the organization */
@@ -14142,6 +15297,8 @@ export interface operations {
14142
15297
  /** @default */
14143
15298
  updatedAt?: string
14144
15299
  /** @default */
15300
+ publishedAt?: string | null
15301
+ /** @default */
14145
15302
  description?: string
14146
15303
  /** @default 0 */
14147
15304
  id?: number
@@ -14160,6 +15317,11 @@ export interface operations {
14160
15317
  * @default false
14161
15318
  */
14162
15319
  needsHumanReview?: boolean
15320
+ /**
15321
+ * @description Unique threat instance identifier across artifacts
15322
+ * @default 0
15323
+ */
15324
+ threatInstanceId?: number
14163
15325
  }>
14164
15326
  /** @default */
14165
15327
  nextPageCursor: string | null
@@ -14173,6 +15335,1300 @@ export interface operations {
14173
15335
  429: components['responses']['SocketTooManyRequestsResponse']
14174
15336
  }
14175
15337
  }
15338
+ /**
15339
+ * Get Packages by PURL (Org Scoped)
15340
+ * @description Batch retrieval of package metadata and alerts by PURL strings for a specific organization. Compatible with CycloneDX reports.
15341
+ *
15342
+ * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
15343
+ * CycloneDX SBOMs use the purl format to identify components.
15344
+ * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report.
15345
+ *
15346
+ * **Note:** This endpoint has a batch size limit (default: 1024 PURLs per request). Requests exceeding this limit will return a 400 Bad Request error.
15347
+ *
15348
+ * More information on purl and CycloneDX:
15349
+ *
15350
+ * - [`purl` Spec](https://github.com/package-url/purl-spec)
15351
+ * - [CycloneDX Spec](https://cyclonedx.org/specification/overview/#components)
15352
+ *
15353
+ * This endpoint returns the latest available alert data for artifacts in the batch (stale while revalidate).
15354
+ * Actively running analysis will be returned when available on subsequent runs.
15355
+ *
15356
+ * ## Query Parameters
15357
+ *
15358
+ * This endpoint supports all query parameters from `POST /v0/purl` including: `alerts`, `actions`, `compact`, `fixable`, `licenseattrib`, `licensedetails`, `purlErrors`, `cachedResultsOnly`, and `summary`.
15359
+ *
15360
+ * Additionally, you may provide a `labels` query parameter to apply a repository label's security policies. Pass the label slug as the value (e.g., `?labels=production`). Only one label is currently supported.
15361
+ *
15362
+ * ## Examples:
15363
+ *
15364
+ * ### Looking up an npm package:
15365
+ *
15366
+ * ```json
15367
+ * {
15368
+ * "components": [
15369
+ * {
15370
+ * "purl": "pkg:npm/express@4.19.2"
15371
+ * }
15372
+ * ]
15373
+ * }
15374
+ * ```
15375
+ *
15376
+ * ### Looking up a PyPi package:
15377
+ *
15378
+ * ```json
15379
+ * {
15380
+ * "components": [
15381
+ * {
15382
+ * "purl": "pkg:pypi/django@5.0.6"
15383
+ * }
15384
+ * ]
15385
+ * }
15386
+ * ```
15387
+ *
15388
+ * ### Looking up a Maven package:
15389
+ *
15390
+ * ```json
15391
+ * {
15392
+ * "components": [
15393
+ * {
15394
+ * "purl": "pkg:maven/log4j/log4j@1.2.17"
15395
+ * }
15396
+ * ]
15397
+ * }
15398
+ * ```
15399
+ *
15400
+ * ### Batch lookup
15401
+ *
15402
+ * ```json
15403
+ * {
15404
+ * "components": [
15405
+ * {
15406
+ * "purl": "pkg:npm/express@4.19.2"
15407
+ * },
15408
+ * {
15409
+ * "purl": "pkg:pypi/django@5.0.6"
15410
+ * },
15411
+ * {
15412
+ * "purl": "pkg:maven/log4j/log4j@1.2.17"
15413
+ * }
15414
+ * ]
15415
+ * }
15416
+ * ```
15417
+ *
15418
+ * ### With label and options (query parameters):
15419
+ *
15420
+ * ```
15421
+ * POST /v0/orgs/{org_slug}/purl?labels=production&alerts=true&compact=true
15422
+ * {
15423
+ * "components": [
15424
+ * {
15425
+ * "purl": "pkg:npm/express@4.19.2"
15426
+ * }
15427
+ * ]
15428
+ * }
15429
+ * ```
15430
+ *
15431
+ * This endpoint consumes 100 units of your quota.
15432
+ *
15433
+ * This endpoint requires the following org token scopes:
15434
+ * - packages:list
15435
+ */
15436
+ batchPackageFetchByOrg: {
15437
+ parameters: {
15438
+ query?: {
15439
+ /** @description Repository label slugs to apply policies. Only one label is supported currently; the parameter is an array to allow future support for multiple labels. */
15440
+ labels?: string[]
15441
+ /** @description Include alert metadata. */
15442
+ alerts?: boolean
15443
+ /** @description Include only alerts with comma separated actions defined by security policy. */
15444
+ actions?: Array<'error' | 'monitor' | 'warn' | 'ignore'>
15445
+ /** @description Compact metadata. When enabled, excludes metadata fields like author, scores, size, dependencies, and manifest files. Always includes: id, type, name, version, release, namespace, subpath, alerts, and alertPriorities. */
15446
+ compact?: boolean
15447
+ /** @description Include only fixable alerts. */
15448
+ fixable?: boolean
15449
+ /** @description Include license attribution data, including license text and author information. Maps attribution/license text to a list of data objects to which that attribution info applies. */
15450
+ licenseattrib?: boolean
15451
+ /** @description Include detailed license information, including location and match strength, for each license datum. */
15452
+ licensedetails?: boolean
15453
+ /** @description Return errors found with handling PURLs as error objects in the stream. */
15454
+ purlErrors?: boolean
15455
+ /** @description Return only cached results, do not attempt to scan new artifacts or rescan stale results. */
15456
+ cachedResultsOnly?: boolean
15457
+ /** @description Include a summary object at the end of the stream with counts of malformed, resolved, and not found PURLs. */
15458
+ summary?: boolean
15459
+ }
15460
+ path: {
15461
+ /** @description The slug of the organization */
15462
+ org_slug: string
15463
+ }
15464
+ }
15465
+ requestBody?: {
15466
+ content: {
15467
+ 'application/json': components['schemas']['SocketOrgBatchPURLFetch']
15468
+ }
15469
+ }
15470
+ responses: {
15471
+ /** @description Socket issue lists and scores for all packages, and optional metadata objects */
15472
+ 200: {
15473
+ content: {
15474
+ 'application/x-ndjson': components['schemas']['BatchPurlStreamSchema']
15475
+ }
15476
+ }
15477
+ 400: components['responses']['SocketBadRequest']
15478
+ 401: components['responses']['SocketUnauthorized']
15479
+ 403: components['responses']['SocketForbidden']
15480
+ 404: components['responses']['SocketNotFoundResponse']
15481
+ 429: components['responses']['SocketTooManyRequestsResponse']
15482
+ }
15483
+ }
15484
+ /**
15485
+ * Fetch fixes for vulnerabilities in a repository or scan
15486
+ * @description Fetches available fixes for vulnerabilities in a repository or scan.
15487
+ * Requires either repo_slug or full_scan_id as well as vulnerability_ids to be provided.
15488
+ * vulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities.
15489
+ *
15490
+ * ## Response Structure
15491
+ *
15492
+ * The response contains a `fixDetails` object where each key is a vulnerability ID (GHSA or CVE) and the value is a discriminated union based on the `type` field.
15493
+ *
15494
+ * ### Common Fields
15495
+ *
15496
+ * All response variants include:
15497
+ * - `type`: Discriminator field (one of: "fixFound", "partialFixFound", "noFixAvailable", "fixNotApplicable", "errorComputingFix")
15498
+ * - `value`: Object containing the variant-specific data
15499
+ *
15500
+ * The `value` object always contains:
15501
+ * - `ghsa`: string | null - The GHSA ID
15502
+ * - `cve`: string | null - The CVE ID (if available)
15503
+ * - `advisoryDetails`: object | null - Advisory details (only if include_details=true)
15504
+ *
15505
+ * ### Response Variants
15506
+ *
15507
+ * **fixFound**: A complete fix is available for all vulnerable packages
15508
+ * - `value.fixDetails.fixes`: Array of fix objects, each containing:
15509
+ * - `purl`: Package URL to upgrade
15510
+ * - `fixedVersion`: Version to upgrade to
15511
+ * - `manifestFiles`: Array of manifest files containing the package
15512
+ * - `updateType`: "patch" | "minor" | "major" | "unknown"
15513
+ * - `value.fixDetails.responsibleDirectDependencies`: (optional) Map of direct dependencies responsible for the vulnerability
15514
+ *
15515
+ * **partialFixFound**: Fixes available for some but not all vulnerable packages
15516
+ * - Same as fixFound, plus:
15517
+ * - `value.fixDetails.unfixablePurls`: Array of packages that cannot be fixed, each containing:
15518
+ * - `purl`: Package URL
15519
+ * - `manifestFiles`: Array of manifest files
15520
+ *
15521
+ * **noFixAvailable**: No fix exists for this vulnerability (no patched version published)
15522
+ *
15523
+ * **fixNotApplicable**: A fix exists but cannot be applied due to version constraints
15524
+ * - `value.vulnerableArtifacts`: Array of vulnerable packages with their manifest files
15525
+ *
15526
+ * **errorComputingFix**: An error occurred while computing fixes
15527
+ * - `value.message`: Error description
15528
+ *
15529
+ * ### Advisory Details (when include_details=true)
15530
+ *
15531
+ * - `title`: string | null
15532
+ * - `description`: string | null
15533
+ * - `cwes`: string[] - CWE identifiers
15534
+ * - `severity`: "LOW" | "MODERATE" | "HIGH" | "CRITICAL"
15535
+ * - `cvssVector`: string | null
15536
+ * - `publishedAt`: string (ISO date)
15537
+ * - `kev`: boolean - Whether it's a Known Exploited Vulnerability
15538
+ * - `epss`: number | null - Exploit Prediction Scoring System score
15539
+ * - `affectedPurls`: Array of affected packages with version ranges
15540
+ *
15541
+ * This endpoint consumes 10 units of your quota.
15542
+ *
15543
+ * This endpoint requires the following org token scopes:
15544
+ * - fixes:list
15545
+ */
15546
+ 'fetch-fixes': {
15547
+ parameters: {
15548
+ query: {
15549
+ /** @description The slug of the repository to fetch fixes for. Computes fixes based on the latest scan on the default branch */
15550
+ repo_slug?: string
15551
+ /** @description The ID of the scan to fetch fixes for */
15552
+ full_scan_id?: string
15553
+ /** @description Comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities */
15554
+ vulnerability_ids: string
15555
+ /** @description Whether to allow major version updates in fixes */
15556
+ allow_major_updates: boolean
15557
+ /** @description Minimum release age for fixes packages (e.g., "1h", "2d", "1w"). Higher values reduces risk of installing recently released untested package versions. */
15558
+ minimum_release_age?: string
15559
+ /** @description Whether to include advisory details in the response */
15560
+ include_details?: boolean
15561
+ /** @description Set to include the direct dependencies responsible for introducing the dependency or dependencies with the vulnerability in the response */
15562
+ include_responsible_direct_dependencies?: boolean
15563
+ }
15564
+ path: {
15565
+ /** @description The slug of the organization */
15566
+ org_slug: string
15567
+ }
15568
+ }
15569
+ responses: {
15570
+ /** @description Fix details for requested vulnerabilities */
15571
+ 200: {
15572
+ content: {
15573
+ 'application/json': {
15574
+ fixDetails: {
15575
+ [key: string]: Record<string, never>
15576
+ }
15577
+ }
15578
+ }
15579
+ }
15580
+ 400: components['responses']['SocketBadRequest']
15581
+ 401: components['responses']['SocketUnauthorized']
15582
+ 403: components['responses']['SocketForbidden']
15583
+ 404: components['responses']['SocketNotFoundResponse']
15584
+ 429: components['responses']['SocketTooManyRequestsResponse']
15585
+ }
15586
+ }
15587
+ /**
15588
+ * Get Organization Telemetry Config
15589
+ * @description Retrieve the telemetry config of an organization.
15590
+ *
15591
+ * This endpoint consumes 1 unit of your quota.
15592
+ *
15593
+ * This endpoint requires the following org token scopes:
15594
+ */
15595
+ getOrgTelemetryConfig: {
15596
+ parameters: {
15597
+ path: {
15598
+ /** @description The slug of the organization */
15599
+ org_slug: string
15600
+ }
15601
+ }
15602
+ responses: {
15603
+ /** @description Retrieved telemetry config details */
15604
+ 200: {
15605
+ content: {
15606
+ 'application/json': {
15607
+ /** @description Telemetry configuration */
15608
+ telemetry: {
15609
+ /**
15610
+ * @description Telemetry enabled
15611
+ * @default false
15612
+ */
15613
+ enabled: boolean
15614
+ }
15615
+ }
15616
+ }
15617
+ }
15618
+ 400: components['responses']['SocketBadRequest']
15619
+ 401: components['responses']['SocketUnauthorized']
15620
+ 403: components['responses']['SocketForbidden']
15621
+ 404: components['responses']['SocketNotFoundResponse']
15622
+ 429: components['responses']['SocketTooManyRequestsResponse']
15623
+ }
15624
+ }
15625
+ /**
15626
+ * Update Telemetry Config
15627
+ * @description Update the telemetry config of an organization.
15628
+ *
15629
+ * This endpoint consumes 1 unit of your quota.
15630
+ *
15631
+ * This endpoint requires the following org token scopes:
15632
+ * - telemetry-policy:update
15633
+ */
15634
+ updateOrgTelemetryConfig: {
15635
+ parameters: {
15636
+ path: {
15637
+ /** @description The slug of the organization */
15638
+ org_slug: string
15639
+ }
15640
+ }
15641
+ requestBody?: {
15642
+ content: {
15643
+ 'application/json': {
15644
+ /**
15645
+ * @description Telemetry enabled
15646
+ * @default false
15647
+ */
15648
+ enabled?: boolean
15649
+ }
15650
+ }
15651
+ }
15652
+ responses: {
15653
+ /** @description Updated telemetry config details */
15654
+ 200: {
15655
+ content: {
15656
+ 'application/json': {
15657
+ /** @description Telemetry configuration */
15658
+ telemetry: {
15659
+ /**
15660
+ * @description Telemetry enabled
15661
+ * @default false
15662
+ */
15663
+ enabled: boolean
15664
+ }
15665
+ }
15666
+ }
15667
+ }
15668
+ 400: components['responses']['SocketBadRequest']
15669
+ 401: components['responses']['SocketUnauthorized']
15670
+ 403: components['responses']['SocketForbidden']
15671
+ 404: components['responses']['SocketNotFoundResponse']
15672
+ 429: components['responses']['SocketTooManyRequestsResponse']
15673
+ }
15674
+ }
15675
+ /**
15676
+ * List all webhooks
15677
+ * @description List all webhooks in the specified organization.
15678
+ *
15679
+ * This endpoint consumes 1 unit of your quota.
15680
+ *
15681
+ * This endpoint requires the following org token scopes:
15682
+ * - webhooks:list
15683
+ */
15684
+ getOrgWebhooksList: {
15685
+ parameters: {
15686
+ query?: {
15687
+ sort?: string
15688
+ direction?: string
15689
+ per_page?: number
15690
+ page?: number
15691
+ }
15692
+ path: {
15693
+ /** @description The slug of the organization */
15694
+ org_slug: string
15695
+ }
15696
+ }
15697
+ responses: {
15698
+ /** @description List of webhooks */
15699
+ 200: {
15700
+ content: {
15701
+ 'application/json': {
15702
+ results: Array<{
15703
+ /**
15704
+ * @description The ID of the webhook
15705
+ * @default
15706
+ */
15707
+ id: string
15708
+ /**
15709
+ * @description The creation date of the webhook
15710
+ * @default
15711
+ */
15712
+ created_at: string
15713
+ /**
15714
+ * @description The last update date of the webhook
15715
+ * @default
15716
+ */
15717
+ updated_at: string
15718
+ /**
15719
+ * @description The name of the webhook
15720
+ * @default
15721
+ */
15722
+ name: string
15723
+ /**
15724
+ * @description The description of the webhook
15725
+ * @default
15726
+ */
15727
+ description: string | null
15728
+ /**
15729
+ * @description The URL where webhook events will be sent
15730
+ * @default
15731
+ */
15732
+ url: string
15733
+ /**
15734
+ * @description The signing key used to sign webhook payloads
15735
+ * @default
15736
+ */
15737
+ secret: string | null
15738
+ /** @description Array of event names */
15739
+ events: string[]
15740
+ /**
15741
+ * @description Custom headers to include in webhook requests
15742
+ * @default null
15743
+ */
15744
+ headers: Record<string, unknown> | null
15745
+ filters: {
15746
+ /** @description Array of repository IDs */
15747
+ repositoryIds: string[] | null
15748
+ } | null
15749
+ }>
15750
+ /** @default 0 */
15751
+ nextPage: number | null
15752
+ }
15753
+ }
15754
+ }
15755
+ 400: components['responses']['SocketBadRequest']
15756
+ 401: components['responses']['SocketUnauthorized']
15757
+ 403: components['responses']['SocketForbidden']
15758
+ 404: components['responses']['SocketNotFoundResponse']
15759
+ 429: components['responses']['SocketTooManyRequestsResponse']
15760
+ }
15761
+ }
15762
+ /**
15763
+ * Create a webhook
15764
+ * @description Create a new webhook. Returns the created webhook details.
15765
+ *
15766
+ * This endpoint consumes 1 unit of your quota.
15767
+ *
15768
+ * This endpoint requires the following org token scopes:
15769
+ * - webhooks:create
15770
+ */
15771
+ createOrgWebhook: {
15772
+ parameters: {
15773
+ path: {
15774
+ /** @description The slug of the organization */
15775
+ org_slug: string
15776
+ }
15777
+ }
15778
+ requestBody?: {
15779
+ content: {
15780
+ 'application/json': {
15781
+ /**
15782
+ * @description The name of the webhook
15783
+ * @default
15784
+ */
15785
+ name: string
15786
+ /**
15787
+ * @description The URL where webhook events will be sent
15788
+ * @default
15789
+ */
15790
+ url: string
15791
+ /**
15792
+ * @description The signing key used to sign webhook payloads
15793
+ * @default
15794
+ */
15795
+ secret: string
15796
+ /** @description Array of event names */
15797
+ events: string[]
15798
+ /**
15799
+ * @description The description of the webhook
15800
+ * @default
15801
+ */
15802
+ description?: string | null
15803
+ /**
15804
+ * @description Custom headers to include in webhook requests
15805
+ * @default null
15806
+ */
15807
+ headers?: Record<string, unknown> | null
15808
+ filters?: {
15809
+ /** @description Array of repository IDs */
15810
+ repositoryIds: string[] | null
15811
+ } | null
15812
+ }
15813
+ }
15814
+ }
15815
+ responses: {
15816
+ /** @description The created webhook */
15817
+ 201: {
15818
+ content: {
15819
+ 'application/json': {
15820
+ /**
15821
+ * @description The ID of the webhook
15822
+ * @default
15823
+ */
15824
+ id: string
15825
+ /**
15826
+ * @description The creation date of the webhook
15827
+ * @default
15828
+ */
15829
+ created_at: string
15830
+ /**
15831
+ * @description The last update date of the webhook
15832
+ * @default
15833
+ */
15834
+ updated_at: string
15835
+ /**
15836
+ * @description The name of the webhook
15837
+ * @default
15838
+ */
15839
+ name: string
15840
+ /**
15841
+ * @description The description of the webhook
15842
+ * @default
15843
+ */
15844
+ description: string | null
15845
+ /**
15846
+ * @description The URL where webhook events will be sent
15847
+ * @default
15848
+ */
15849
+ url: string
15850
+ /**
15851
+ * @description The signing key used to sign webhook payloads
15852
+ * @default
15853
+ */
15854
+ secret: string | null
15855
+ /** @description Array of event names */
15856
+ events: string[]
15857
+ /**
15858
+ * @description Custom headers to include in webhook requests
15859
+ * @default null
15860
+ */
15861
+ headers: Record<string, unknown> | null
15862
+ filters: {
15863
+ /** @description Array of repository IDs */
15864
+ repositoryIds: string[] | null
15865
+ } | null
15866
+ }
15867
+ }
15868
+ }
15869
+ 400: components['responses']['SocketBadRequest']
15870
+ 401: components['responses']['SocketUnauthorized']
15871
+ 403: components['responses']['SocketForbidden']
15872
+ 404: components['responses']['SocketNotFoundResponse']
15873
+ 429: components['responses']['SocketTooManyRequestsResponse']
15874
+ }
15875
+ }
15876
+ /**
15877
+ * Get webhook
15878
+ * @description Get a webhook for the specified organization.
15879
+ *
15880
+ * This endpoint consumes 1 unit of your quota.
15881
+ *
15882
+ * This endpoint requires the following org token scopes:
15883
+ * - webhooks:list
15884
+ */
15885
+ getOrgWebhook: {
15886
+ parameters: {
15887
+ path: {
15888
+ /** @description The slug of the organization */
15889
+ org_slug: string
15890
+ /** @description The ID of the webhook */
15891
+ webhook_id: string
15892
+ }
15893
+ }
15894
+ responses: {
15895
+ /** @description Webhook details */
15896
+ 200: {
15897
+ content: {
15898
+ 'application/json': {
15899
+ /**
15900
+ * @description The ID of the webhook
15901
+ * @default
15902
+ */
15903
+ id: string
15904
+ /**
15905
+ * @description The creation date of the webhook
15906
+ * @default
15907
+ */
15908
+ created_at: string
15909
+ /**
15910
+ * @description The last update date of the webhook
15911
+ * @default
15912
+ */
15913
+ updated_at: string
15914
+ /**
15915
+ * @description The name of the webhook
15916
+ * @default
15917
+ */
15918
+ name: string
15919
+ /**
15920
+ * @description The description of the webhook
15921
+ * @default
15922
+ */
15923
+ description: string | null
15924
+ /**
15925
+ * @description The URL where webhook events will be sent
15926
+ * @default
15927
+ */
15928
+ url: string
15929
+ /**
15930
+ * @description The signing key used to sign webhook payloads
15931
+ * @default
15932
+ */
15933
+ secret: string | null
15934
+ /** @description Array of event names */
15935
+ events: string[]
15936
+ /**
15937
+ * @description Custom headers to include in webhook requests
15938
+ * @default null
15939
+ */
15940
+ headers: Record<string, unknown> | null
15941
+ filters: {
15942
+ /** @description Array of repository IDs */
15943
+ repositoryIds: string[] | null
15944
+ } | null
15945
+ }
15946
+ }
15947
+ }
15948
+ 400: components['responses']['SocketBadRequest']
15949
+ 401: components['responses']['SocketUnauthorized']
15950
+ 403: components['responses']['SocketForbidden']
15951
+ 404: components['responses']['SocketNotFoundResponse']
15952
+ 429: components['responses']['SocketTooManyRequestsResponse']
15953
+ }
15954
+ }
15955
+ /**
15956
+ * Update webhook
15957
+ * @description Update details of an existing webhook.
15958
+ *
15959
+ * This endpoint consumes 1 unit of your quota.
15960
+ *
15961
+ * This endpoint requires the following org token scopes:
15962
+ * - webhooks:update
15963
+ */
15964
+ updateOrgWebhook: {
15965
+ parameters: {
15966
+ path: {
15967
+ /** @description The slug of the organization */
15968
+ org_slug: string
15969
+ /** @description The ID of the webhook */
15970
+ webhook_id: string
15971
+ }
15972
+ }
15973
+ requestBody?: {
15974
+ content: {
15975
+ 'application/json': {
15976
+ /**
15977
+ * @description The name of the webhook
15978
+ * @default
15979
+ */
15980
+ name?: string
15981
+ /**
15982
+ * @description The description of the webhook
15983
+ * @default
15984
+ */
15985
+ description?: string | null
15986
+ /**
15987
+ * @description The URL where webhook events will be sent
15988
+ * @default
15989
+ */
15990
+ url?: string
15991
+ /**
15992
+ * @description The signing key used to sign webhook payloads
15993
+ * @default
15994
+ */
15995
+ secret?: string | null
15996
+ /** @description Array of event names */
15997
+ events?: string[]
15998
+ /**
15999
+ * @description Custom headers to include in webhook requests
16000
+ * @default null
16001
+ */
16002
+ headers?: Record<string, unknown> | null
16003
+ filters?: {
16004
+ /** @description Array of repository IDs */
16005
+ repositoryIds: string[] | null
16006
+ } | null
16007
+ }
16008
+ }
16009
+ }
16010
+ responses: {
16011
+ /** @description Updated webhook details */
16012
+ 200: {
16013
+ content: {
16014
+ 'application/json': {
16015
+ /**
16016
+ * @description The ID of the webhook
16017
+ * @default
16018
+ */
16019
+ id: string
16020
+ /**
16021
+ * @description The creation date of the webhook
16022
+ * @default
16023
+ */
16024
+ created_at: string
16025
+ /**
16026
+ * @description The last update date of the webhook
16027
+ * @default
16028
+ */
16029
+ updated_at: string
16030
+ /**
16031
+ * @description The name of the webhook
16032
+ * @default
16033
+ */
16034
+ name: string
16035
+ /**
16036
+ * @description The description of the webhook
16037
+ * @default
16038
+ */
16039
+ description: string | null
16040
+ /**
16041
+ * @description The URL where webhook events will be sent
16042
+ * @default
16043
+ */
16044
+ url: string
16045
+ /**
16046
+ * @description The signing key used to sign webhook payloads
16047
+ * @default
16048
+ */
16049
+ secret: string | null
16050
+ /** @description Array of event names */
16051
+ events: string[]
16052
+ /**
16053
+ * @description Custom headers to include in webhook requests
16054
+ * @default null
16055
+ */
16056
+ headers: Record<string, unknown> | null
16057
+ filters: {
16058
+ /** @description Array of repository IDs */
16059
+ repositoryIds: string[] | null
16060
+ } | null
16061
+ }
16062
+ }
16063
+ }
16064
+ 400: components['responses']['SocketBadRequest']
16065
+ 401: components['responses']['SocketUnauthorized']
16066
+ 403: components['responses']['SocketForbidden']
16067
+ 404: components['responses']['SocketNotFoundResponse']
16068
+ 429: components['responses']['SocketTooManyRequestsResponse']
16069
+ }
16070
+ }
16071
+ /**
16072
+ * Delete webhook
16073
+ * @description Delete a webhook. This will stop all future webhook deliveries to the webhook URL.
16074
+ *
16075
+ * This endpoint consumes 1 unit of your quota.
16076
+ *
16077
+ * This endpoint requires the following org token scopes:
16078
+ * - webhooks:delete
16079
+ */
16080
+ deleteOrgWebhook: {
16081
+ parameters: {
16082
+ path: {
16083
+ /** @description The slug of the organization */
16084
+ org_slug: string
16085
+ /** @description The ID of the webhook */
16086
+ webhook_id: string
16087
+ }
16088
+ }
16089
+ responses: {
16090
+ /** @description Success */
16091
+ 200: {
16092
+ content: {
16093
+ 'application/json': {
16094
+ /** @default ok */
16095
+ status: string
16096
+ }
16097
+ }
16098
+ }
16099
+ 400: components['responses']['SocketBadRequest']
16100
+ 401: components['responses']['SocketUnauthorized']
16101
+ 403: components['responses']['SocketForbidden']
16102
+ 404: components['responses']['SocketNotFoundResponse']
16103
+ 429: components['responses']['SocketTooManyRequestsResponse']
16104
+ }
16105
+ }
16106
+ /**
16107
+ * List latest alerts (Beta)
16108
+ * @description List latest alerts.
16109
+ *
16110
+ * This endpoint consumes 10 units of your quota.
16111
+ *
16112
+ * This endpoint requires the following org token scopes:
16113
+ * - alerts:list
16114
+ */
16115
+ alertsList: {
16116
+ parameters: {
16117
+ query?: {
16118
+ /** @description Specify the maximum number of results to return per page (intermediate pages may have fewer than this limit and callers should always check "endCursor" in response body to know if there are more pages) */
16119
+ per_page?: number
16120
+ /** @description The pagination cursor that was returned as the "endCursor" property in previous request */
16121
+ startAfterCursor?: string
16122
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
16123
+ 'filters.alertAction'?: string
16124
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
16125
+ 'filters.alertAction.notIn'?: string
16126
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included */
16127
+ 'filters.alertActionSourceType'?: string
16128
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
16129
+ 'filters.alertActionSourceType.notIn'?: string
16130
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
16131
+ 'filters.alertCategory'?: string
16132
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
16133
+ 'filters.alertCategory.notIn'?: string
16134
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16135
+ 'filters.alertClearedAt.eq'?: string
16136
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16137
+ 'filters.alertClearedAt.lt'?: string
16138
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16139
+ 'filters.alertClearedAt.lte'?: string
16140
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16141
+ 'filters.alertClearedAt.gt'?: string
16142
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16143
+ 'filters.alertClearedAt.gte'?: string
16144
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16145
+ 'filters.alertCreatedAt.eq'?: string
16146
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16147
+ 'filters.alertCreatedAt.lt'?: string
16148
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16149
+ 'filters.alertCreatedAt.lte'?: string
16150
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16151
+ 'filters.alertCreatedAt.gt'?: string
16152
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16153
+ 'filters.alertCreatedAt.gte'?: string
16154
+ /** @description CVE ID */
16155
+ 'filters.alertCveId'?: string
16156
+ /** @description CVE ID */
16157
+ 'filters.alertCveId.notIn'?: string
16158
+ /** @description CVE title */
16159
+ 'filters.alertCveTitle'?: string
16160
+ /** @description CVE title */
16161
+ 'filters.alertCveTitle.notIn'?: string
16162
+ /** @description CWE ID */
16163
+ 'filters.alertCweId'?: string
16164
+ /** @description CWE ID */
16165
+ 'filters.alertCweId.notIn'?: string
16166
+ /** @description CWE name */
16167
+ 'filters.alertCweName'?: string
16168
+ /** @description CWE name */
16169
+ 'filters.alertCweName.notIn'?: string
16170
+ /** @description Alert EPSS ("low", "medium", "high", "critical") */
16171
+ 'filters.alertEPSS'?: string
16172
+ /** @description Alert EPSS ("low", "medium", "high", "critical") */
16173
+ 'filters.alertEPSS.notIn'?: string
16174
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
16175
+ 'filters.alertFixType'?: string
16176
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
16177
+ 'filters.alertFixType.notIn'?: string
16178
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
16179
+ 'filters.alertKEV'?: boolean
16180
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
16181
+ 'filters.alertKEV.notIn'?: boolean
16182
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
16183
+ 'filters.alertPriority'?: string
16184
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
16185
+ 'filters.alertPriority.notIn'?: string
16186
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
16187
+ 'filters.alertReachabilityAnalysisType'?: string
16188
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
16189
+ 'filters.alertReachabilityAnalysisType.notIn'?: string
16190
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
16191
+ 'filters.alertReachabilityType'?: string
16192
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
16193
+ 'filters.alertReachabilityType.notIn'?: string
16194
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
16195
+ 'filters.alertSeverity'?: string
16196
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
16197
+ 'filters.alertSeverity.notIn'?: string
16198
+ /** @description A single alert status ("open" or "cleared") */
16199
+ 'filters.alertStatus'?: string
16200
+ /** @description A single alert status ("open" or "cleared") */
16201
+ 'filters.alertStatus.notIn'?: string
16202
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
16203
+ 'filters.alertType'?: string
16204
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
16205
+ 'filters.alertType.notIn'?: string
16206
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16207
+ 'filters.alertUpdatedAt.eq'?: string
16208
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16209
+ 'filters.alertUpdatedAt.lt'?: string
16210
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16211
+ 'filters.alertUpdatedAt.lte'?: string
16212
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16213
+ 'filters.alertUpdatedAt.gt'?: string
16214
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16215
+ 'filters.alertUpdatedAt.gte'?: string
16216
+ /** @description Name of artifact */
16217
+ 'filters.artifactName'?: string
16218
+ /** @description Name of artifact */
16219
+ 'filters.artifactName.notIn'?: string
16220
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
16221
+ 'filters.artifactType'?: string
16222
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
16223
+ 'filters.artifactType.notIn'?: string
16224
+ /** @description Dead/reachable dependency filter flag */
16225
+ 'filters.dependencyDead'?: boolean
16226
+ /** @description Dead/reachable dependency filter flag */
16227
+ 'filters.dependencyDead.notIn'?: boolean
16228
+ /** @description Development/production dependency filter flag */
16229
+ 'filters.dependencyDev'?: boolean
16230
+ /** @description Development/production dependency filter flag */
16231
+ 'filters.dependencyDev.notIn'?: boolean
16232
+ /** @description Direct/transitive dependency filter flag */
16233
+ 'filters.dependencyDirect'?: boolean
16234
+ /** @description Direct/transitive dependency filter flag */
16235
+ 'filters.dependencyDirect.notIn'?: boolean
16236
+ /** @description Comma-separated list of repo full names that should be included */
16237
+ 'filters.repoFullName'?: string
16238
+ /** @description Comma-separated list of repo full names that should be excluded */
16239
+ 'filters.repoFullName.notIn'?: string
16240
+ /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
16241
+ 'filters.repoLabels'?: string
16242
+ /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
16243
+ 'filters.repoLabels.notIn'?: string
16244
+ /** @description Comma-separated list of repo slugs that should be included */
16245
+ 'filters.repoSlug'?: string
16246
+ /** @description Comma-separated list of repo slugs that should be excluded */
16247
+ 'filters.repoSlug.notIn'?: string
16248
+ }
16249
+ path: {
16250
+ /** @description The slug of the organization */
16251
+ org_slug: string
16252
+ }
16253
+ }
16254
+ responses: {
16255
+ /** @description The paginated array of alert items for the organization and related metadata. */
16256
+ 200: {
16257
+ content: {
16258
+ 'application/json': {
16259
+ /** @default */
16260
+ endCursor: string | null
16261
+ items: Array<{
16262
+ /** @default */
16263
+ key: string
16264
+ /** @default */
16265
+ type: string
16266
+ /** @default */
16267
+ category: string
16268
+ fix: {
16269
+ /** @default */
16270
+ type: string
16271
+ /** @default */
16272
+ description: string | null
16273
+ } | null
16274
+ vulnerability: {
16275
+ /** @default */
16276
+ cveId: string | null
16277
+ /** @default */
16278
+ cveTitle: string | null
16279
+ /** @default */
16280
+ cveDescription: string | null
16281
+ /** @default 0 */
16282
+ cvssScore: number
16283
+ cweIds: string[] | null
16284
+ cweNames: string[] | null
16285
+ ghsaIds: string[] | null
16286
+ /** @default 0 */
16287
+ epssScore: number
16288
+ /** @default 0 */
16289
+ epssPercentile: number
16290
+ /** @default false */
16291
+ isKev: boolean
16292
+ } | null
16293
+ /** @default */
16294
+ id: string
16295
+ /** @default 0 */
16296
+ version: number
16297
+ /**
16298
+ * @default open
16299
+ * @enum {string}
16300
+ */
16301
+ status: 'open' | 'cleared'
16302
+ /** @default */
16303
+ createdAt: string
16304
+ /** @default */
16305
+ updatedAt: string
16306
+ /** @default */
16307
+ clearedAt: string | null
16308
+ /** @default */
16309
+ dashboardUrl: string
16310
+ /** @default */
16311
+ title: string
16312
+ /**
16313
+ * @default low
16314
+ * @enum {string}
16315
+ */
16316
+ severity: 'low' | 'medium' | 'high' | 'critical'
16317
+ locations: {
16318
+ /** @default */
16319
+ action: string
16320
+ /** @default */
16321
+ actionSourceType: string
16322
+ reachability: {
16323
+ /** @default */
16324
+ type: string
16325
+ /** @default */
16326
+ analysisType: string | null
16327
+ }
16328
+ licenseViolation: {
16329
+ violationData: {
16330
+ /** @default */
16331
+ purl: string | null
16332
+ /** @default */
16333
+ spdxAtomOrExtraData: string
16334
+ }[]
16335
+ } | null
16336
+ prioritization: {
16337
+ /** @default 0 */
16338
+ overallScore: number
16339
+ /** @default 0 */
16340
+ fixableScore: number
16341
+ /** @default 0 */
16342
+ reachableScore: number
16343
+ /** @default 0 */
16344
+ severityScore: number
16345
+ }
16346
+ repository: {
16347
+ /** @default */
16348
+ fullName: string | null
16349
+ /** @default */
16350
+ id: string | null
16351
+ /** @default */
16352
+ slug: string | null
16353
+ /** @default */
16354
+ workspace: string | null
16355
+ labels: string[]
16356
+ labelIds: string[]
16357
+ } | null
16358
+ branch: {
16359
+ /** @default */
16360
+ name: string
16361
+ /** @default */
16362
+ type: string | null
16363
+ } | null
16364
+ patch: {
16365
+ /** @default */
16366
+ uuid: string | null
16367
+ /**
16368
+ * @default patch_unavailable
16369
+ * @enum {string}
16370
+ */
16371
+ status:
16372
+ | 'patch_unavailable'
16373
+ | 'patch_available'
16374
+ | 'patch_applied'
16375
+ /** @default false */
16376
+ deprecated: boolean
16377
+ }
16378
+ dependency: {
16379
+ /** @default false */
16380
+ direct: boolean
16381
+ /** @default false */
16382
+ dev: boolean
16383
+ /** @default false */
16384
+ dead: boolean
16385
+ manifestFiles: components['schemas']['SocketManifestReference'][]
16386
+ }
16387
+ artifact: {
16388
+ /** @default */
16389
+ type: string
16390
+ /** @default */
16391
+ namespace: string | null
16392
+ /** @default */
16393
+ name: string
16394
+ /** @default */
16395
+ id: string
16396
+ /** @default */
16397
+ version: string
16398
+ /** @default */
16399
+ author: string | null
16400
+ /** @default */
16401
+ license: string | null
16402
+ scores: components['schemas']['SocketScore']
16403
+ /** @default */
16404
+ artifactId: string | null
16405
+ }
16406
+ }[]
16407
+ }>
16408
+ meta: {
16409
+ /** @default */
16410
+ organizationId: string
16411
+ /** @default 0 */
16412
+ queryStartTimestamp: number
16413
+ filters: {
16414
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
16415
+ alertAction?: string[]
16416
+ /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
16417
+ 'alertAction.notIn'?: string[]
16418
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included */
16419
+ alertActionSourceType?: string[]
16420
+ /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
16421
+ 'alertActionSourceType.notIn'?: string[]
16422
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
16423
+ alertCategory?: string[]
16424
+ /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
16425
+ 'alertCategory.notIn'?: string[]
16426
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16427
+ 'alertClearedAt.eq'?: string[]
16428
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16429
+ 'alertClearedAt.lt'?: string[]
16430
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16431
+ 'alertClearedAt.lte'?: string[]
16432
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16433
+ 'alertClearedAt.gt'?: string[]
16434
+ /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16435
+ 'alertClearedAt.gte'?: string[]
16436
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16437
+ 'alertCreatedAt.eq'?: string[]
16438
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16439
+ 'alertCreatedAt.lt'?: string[]
16440
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16441
+ 'alertCreatedAt.lte'?: string[]
16442
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16443
+ 'alertCreatedAt.gt'?: string[]
16444
+ /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16445
+ 'alertCreatedAt.gte'?: string[]
16446
+ /** @description CVE ID */
16447
+ alertCveId?: string[]
16448
+ /** @description CVE ID */
16449
+ 'alertCveId.notIn'?: string[]
16450
+ /** @description CVE title */
16451
+ alertCveTitle?: string[]
16452
+ /** @description CVE title */
16453
+ 'alertCveTitle.notIn'?: string[]
16454
+ /** @description CWE ID */
16455
+ alertCweId?: string[]
16456
+ /** @description CWE ID */
16457
+ 'alertCweId.notIn'?: string[]
16458
+ /** @description CWE name */
16459
+ alertCweName?: string[]
16460
+ /** @description CWE name */
16461
+ 'alertCweName.notIn'?: string[]
16462
+ /** @description Alert EPSS ("low", "medium", "high", "critical") */
16463
+ alertEPSS?: string[]
16464
+ /** @description Alert EPSS ("low", "medium", "high", "critical") */
16465
+ 'alertEPSS.notIn'?: string[]
16466
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */
16467
+ alertFixType?: string[]
16468
+ /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */
16469
+ 'alertFixType.notIn'?: string[]
16470
+ /** @description Alert KEV (Known Exploited Vulnerability) filter flag */
16471
+ alertKEV?: boolean[]
16472
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
16473
+ alertPriority?: string[]
16474
+ /** @description Alert priority ("low", "medium", "high", or "critical") */
16475
+ 'alertPriority.notIn'?: string[]
16476
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
16477
+ alertReachabilityAnalysisType?: string[]
16478
+ /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
16479
+ 'alertReachabilityAnalysisType.notIn'?: string[]
16480
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
16481
+ alertReachabilityType?: string[]
16482
+ /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
16483
+ 'alertReachabilityType.notIn'?: string[]
16484
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */
16485
+ alertSeverity?: string[]
16486
+ /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */
16487
+ 'alertSeverity.notIn'?: string[]
16488
+ /** @description A single alert status ("open" or "cleared") */
16489
+ alertStatus?: string[]
16490
+ /** @description A single alert status ("open" or "cleared") */
16491
+ 'alertStatus.notIn'?: string[]
16492
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */
16493
+ alertType?: string[]
16494
+ /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */
16495
+ 'alertType.notIn'?: string[]
16496
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16497
+ 'alertUpdatedAt.eq'?: string[]
16498
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16499
+ 'alertUpdatedAt.lt'?: string[]
16500
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16501
+ 'alertUpdatedAt.lte'?: string[]
16502
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16503
+ 'alertUpdatedAt.gt'?: string[]
16504
+ /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
16505
+ 'alertUpdatedAt.gte'?: string[]
16506
+ /** @description Name of artifact */
16507
+ artifactName?: string[]
16508
+ /** @description Name of artifact */
16509
+ 'artifactName.notIn'?: string[]
16510
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
16511
+ artifactType?: string[]
16512
+ /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
16513
+ 'artifactType.notIn'?: string[]
16514
+ /** @description Dead/reachable dependency filter flag */
16515
+ dependencyDead?: boolean[]
16516
+ /** @description Development/production dependency filter flag */
16517
+ dependencyDev?: boolean[]
16518
+ /** @description Direct/transitive dependency filter flag */
16519
+ dependencyDirect?: boolean[]
16520
+ /** @description Comma-separated list of repo full names that should be included */
16521
+ repoFullName?: string[]
16522
+ /** @description Comma-separated list of repo full names that should be excluded */
16523
+ 'repoFullName.notIn'?: string[]
16524
+ /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */
16525
+ repoLabels?: string[]
16526
+ /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */
16527
+ 'repoLabels.notIn'?: string[]
16528
+ /** @description Comma-separated list of repo slugs that should be included */
16529
+ repoSlug?: string[]
16530
+ /** @description Comma-separated list of repo slugs that should be excluded */
16531
+ 'repoSlug.notIn'?: string[]
16532
+ }
16533
+ }
16534
+ }
16535
+ }
16536
+ }
16537
+ 400: components['responses']['SocketBadRequest']
16538
+ 401: components['responses']['SocketUnauthorized']
16539
+ 403: components['responses']['SocketForbidden']
16540
+ 429: components['responses']['SocketTooManyRequestsResponse']
16541
+ }
16542
+ }
16543
+ /**
16544
+ * List full scans associated with alert (Beta)
16545
+ * @description List full scans associated with alert.
16546
+ *
16547
+ * This endpoint consumes 10 units of your quota.
16548
+ *
16549
+ * This endpoint requires the following org token scopes:
16550
+ * - alerts:list
16551
+ */
16552
+ alertFullScans: {
16553
+ parameters: {
16554
+ query: {
16555
+ /** @description Specify the maximum number of items to return per page (intermediate pages may have fewer than this limit and callers should always check "endCursor" in response body to know if there are more pages) */
16556
+ per_page?: number
16557
+ /** @description The pagination cursor that was returned as the "endCursor" property in previous request */
16558
+ startAfterCursor?: string
16559
+ /** @description One or more alert keys for which to find associated full scans */
16560
+ alertKey: string
16561
+ /** @description The number of days of data to fetch as an offset from current date (e.g. "-7d" for past 7 days) */
16562
+ range?: string
16563
+ }
16564
+ path: {
16565
+ /** @description The slug of the organization */
16566
+ org_slug: string
16567
+ }
16568
+ }
16569
+ responses: {
16570
+ /** @description The paginated array of full scans associated with alert for the organization and related metadata. */
16571
+ 200: {
16572
+ content: {
16573
+ 'application/json': {
16574
+ /** @default */
16575
+ endCursor: string | null
16576
+ items: Array<{
16577
+ /**
16578
+ * @description ID of full scan
16579
+ * @default
16580
+ */
16581
+ fullScanId: string
16582
+ /** @default */
16583
+ branchName: string | null
16584
+ /**
16585
+ * @description Type of branch that was scanned
16586
+ * @default
16587
+ * @enum {string}
16588
+ */
16589
+ branchType:
16590
+ | 'default'
16591
+ | 'non-default'
16592
+ | 'tracked'
16593
+ | 'untracked'
16594
+ | ''
16595
+ /**
16596
+ * @description Full name of repo which contains repo workspace and repo slug
16597
+ * @default
16598
+ */
16599
+ repoFullName: string | null
16600
+ /**
16601
+ * @description ISO date when SBOM was created
16602
+ * @default
16603
+ */
16604
+ sbomCreatedAt: string
16605
+ /**
16606
+ * @description ISO date when SBOM was scanned
16607
+ * @default
16608
+ */
16609
+ scannedAt: string
16610
+ alertKeys: string[]
16611
+ }>
16612
+ meta: {
16613
+ /** @default */
16614
+ organizationId: string
16615
+ alertKeys: string[]
16616
+ /** @default 0 */
16617
+ queryStartTimestamp: number
16618
+ /** @default */
16619
+ startDateInclusive: string
16620
+ /** @default */
16621
+ endDateInclusive: string
16622
+ }
16623
+ }
16624
+ }
16625
+ }
16626
+ 400: components['responses']['SocketBadRequest']
16627
+ 401: components['responses']['SocketUnauthorized']
16628
+ 403: components['responses']['SocketForbidden']
16629
+ 429: components['responses']['SocketTooManyRequestsResponse']
16630
+ }
16631
+ }
14176
16632
  /**
14177
16633
  * License Policy (Beta)
14178
16634
  * @description Compare the license data found for a list of packages (given as PURL strings) with the contents of a configurable license policy,