@socketsecurity/sdk 3.2.0 → 3.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +22 -0
- package/README.md +1 -1
- package/dist/constants.d.ts +1 -1
- package/dist/http-client.d.ts +21 -21
- package/dist/index.d.ts +1 -1
- package/dist/index.js +1339 -1098
- package/dist/promise-queue.d.ts +9 -9
- package/dist/socket-sdk-class.d.ts +528 -380
- package/dist/testing.d.ts +9 -9
- package/dist/types-strict.d.ts +180 -144
- package/dist/types.d.ts +14 -14
- package/dist/utils.d.ts +42 -42
- package/package.json +6 -4
- package/types/api.d.ts +1042 -409
package/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,28 @@ All notable changes to this project will be documented in this file.
|
|
|
4
4
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
|
|
6
6
|
|
|
7
|
+
## [3.3.0](https://github.com/SocketDev/socket-sdk-js/releases/tag/v3.3.0) - 2026-01-25
|
|
8
|
+
|
|
9
|
+
### Added
|
|
10
|
+
|
|
11
|
+
- New SDK convenience methods for OpenAPI v3.3.0 endpoints:
|
|
12
|
+
- `batchOrgPackageFetch(orgSlug, components, options)` - Organization-scoped PURL batch lookup with security policy label support
|
|
13
|
+
- `exportOpenVEX(orgSlug, id, options)` - Export vulnerability exploitability data as OpenVEX v0.2.0 documents (includes patch data and reachability analysis)
|
|
14
|
+
- `getOrgAlertFullScans(orgSlug, options)` - List full scans associated with specific alerts
|
|
15
|
+
- `rescanFullScan(orgSlug, fullScanId, options)` - Rescan existing full scans with shallow (policy reapplication) or deep (dependency resolution rerun) modes
|
|
16
|
+
- Repository endpoints now support optional `workspace` parameter for workspace-scoped operations:
|
|
17
|
+
- `createRepository(orgSlug, params, { workspace })`
|
|
18
|
+
- `deleteRepository(orgSlug, repoSlug, { workspace })`
|
|
19
|
+
- `getRepository(orgSlug, repoSlug, { workspace })`
|
|
20
|
+
- `updateRepository(orgSlug, repoSlug, params, { workspace })`
|
|
21
|
+
|
|
22
|
+
### Changed
|
|
23
|
+
|
|
24
|
+
- Updated `@socketsecurity/lib` to v5.5.3
|
|
25
|
+
- TypeScript: Auto-generated strict types from OpenAPI schema for improved type safety
|
|
26
|
+
- TypeScript: All optional properties now explicitly include `| undefined` for better null checking
|
|
27
|
+
- Synced OpenAPI type definitions with latest API specification
|
|
28
|
+
|
|
7
29
|
## [3.2.0](https://github.com/SocketDev/socket-sdk-js/releases/tag/v3.2.0) - 2025-12-08
|
|
8
30
|
|
|
9
31
|
### Added
|
package/README.md
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
[](https://socket.dev/npm/package/@socketsecurity/sdk)
|
|
4
4
|
[](https://github.com/SocketDev/socket-sdk-js/actions/workflows/ci.yml)
|
|
5
|
-
|
|
6
6
|
|
|
7
7
|
[](https://twitter.com/SocketSecurity)
|
|
8
8
|
[](https://bsky.app/profile/socket.dev)
|
package/dist/constants.d.ts
CHANGED
|
@@ -13,4 +13,4 @@ export declare const MAX_RESPONSE_SIZE: number;
|
|
|
13
13
|
export declare const MAX_STREAM_SIZE: number;
|
|
14
14
|
export declare const SOCKET_PUBLIC_BLOB_STORE_URL = "https://socketusercontent.com";
|
|
15
15
|
export declare const httpAgentNames: Set<string>;
|
|
16
|
-
export declare const publicPolicy: Map<"ambiguousClassifier" | "badEncoding" | "badSemver" | "badSemverDependency" | "bidi" | "binScriptConfusion" | "chromeContentScript" | "chromeHostPermission" | "chromePermission" | "chromeWildcardHostPermission" | "chronoAnomaly" | "compromisedSSHKey" | "copyleftLicense" | "criticalCVE" | "cve" | "debugAccess" | "deprecated" | "deprecatedException" | "deprecatedLicense" | "didYouMean" | "dynamicRequire" | "emptyPackage" | "envVars" | "explicitlyUnlicensedItem" | "extraneousDependency" | "fileDependency" | "filesystemAccess" | "floatingDependency" | "generic" | "ghaArgToEnv" | "ghaArgToOutput" | "ghaArgToSink" | "ghaContextToEnv" | "ghaContextToOutput" | "ghaContextToSink" | "ghaEnvToSink" | "gitDependency" | "gitHubDependency" | "gptAnomaly" | "gptDidYouMean" | "gptMalware" | "gptSecurity" | "hasNativeCode" | "highEntropyStrings" | "homoglyphs" | "httpDependency" | "installScripts" | "invalidPackageJSON" | "invisibleChars" | "licenseChange" | "licenseException" | "licenseSpdxDisj" | "longStrings" | "majorRefactor" | "malware" | "manifestConfusion" | "mediumCVE" | "mildCVE" | "minifiedFile" | "miscLicenseIssues" | "missingAuthor" | "missingDependency" | "missingLicense" | "missingTarball" | "mixedLicense" | "modifiedException" | "modifiedLicense" | "networkAccess" | "newAuthor" | "noAuthorData" | "noBugTracker" | "noLicenseFound" | "noREADME" | "noRepository" | "noTests" | "noV1" | "noWebsite" | "nonOSILicense" | "nonSPDXLicense" | "nonpermissiveLicense" | "notice" | "obfuscatedFile" | "obfuscatedRequire" | "peerDependency" | "potentialVulnerability" | "semverAnomaly" | "shellAccess" | "shellScriptOverride" | "shrinkwrap" | "socketUpgradeAvailable" | "suspiciousStarActivity" | "suspiciousString" | "telemetry" | "trivialPackage" | "troll" | "typeModuleCompatibility" | "uncaughtOptionalDependency" | "unclearLicense" | "unidentifiedLicense" | "unmaintained" | "unpopularPackage" | "unpublished" | "unresolvedRequire" | "unsafeCopyright" | "unstableOwnership" | "unusedDependency" | "urlStrings" | "usesEval" | "vsxActivationWildcard" | "vsxDebuggerContribution" | "vsxExtensionDependency" | "vsxExtensionPack" | "vsxProposedApiUsage" | "vsxUntrustedWorkspaceSupported" | "vsxVirtualWorkspaceSupported" | "vsxWebviewContribution" | "vsxWorkspaceContainsActivation" | "zeroWidth", ALERT_ACTION>;
|
|
16
|
+
export declare const publicPolicy: Map<"ambiguousClassifier" | "badEncoding" | "badSemver" | "badSemverDependency" | "bidi" | "binScriptConfusion" | "chromeContentScript" | "chromeHostPermission" | "chromePermission" | "chromeWildcardHostPermission" | "chronoAnomaly" | "compromisedSSHKey" | "copyleftLicense" | "criticalCVE" | "cve" | "debugAccess" | "deprecated" | "deprecatedException" | "deprecatedLicense" | "didYouMean" | "dynamicRequire" | "emptyPackage" | "envVars" | "explicitlyUnlicensedItem" | "extraneousDependency" | "fileDependency" | "filesystemAccess" | "floatingDependency" | "generic" | "ghaArgToEnv" | "ghaArgToOutput" | "ghaArgToSink" | "ghaContextToEnv" | "ghaContextToOutput" | "ghaContextToSink" | "ghaEnvToSink" | "gitDependency" | "gitHubDependency" | "gptAnomaly" | "gptDidYouMean" | "gptMalware" | "gptSecurity" | "hasNativeCode" | "highEntropyStrings" | "homoglyphs" | "httpDependency" | "installScripts" | "invalidPackageJSON" | "invisibleChars" | "licenseChange" | "licenseException" | "licenseSpdxDisj" | "longStrings" | "majorRefactor" | "malware" | "manifestConfusion" | "mediumCVE" | "mildCVE" | "minifiedFile" | "miscLicenseIssues" | "missingAuthor" | "missingDependency" | "missingLicense" | "missingTarball" | "mixedLicense" | "modifiedException" | "modifiedLicense" | "networkAccess" | "newAuthor" | "noAuthorData" | "noBugTracker" | "noLicenseFound" | "noREADME" | "noRepository" | "noTests" | "noV1" | "noWebsite" | "nonOSILicense" | "nonSPDXLicense" | "nonpermissiveLicense" | "notice" | "obfuscatedFile" | "obfuscatedRequire" | "peerDependency" | "potentialVulnerability" | "recentlyPublished" | "semverAnomaly" | "shellAccess" | "shellScriptOverride" | "shrinkwrap" | "socketUpgradeAvailable" | "suspiciousStarActivity" | "suspiciousString" | "telemetry" | "tooManyFiles" | "trivialPackage" | "troll" | "typeModuleCompatibility" | "uncaughtOptionalDependency" | "unclearLicense" | "unidentifiedLicense" | "unmaintained" | "unpopularPackage" | "unpublished" | "unresolvedRequire" | "unsafeCopyright" | "unstableOwnership" | "unusedDependency" | "urlStrings" | "usesEval" | "vsxActivationWildcard" | "vsxDebuggerContribution" | "vsxExtensionDependency" | "vsxExtensionPack" | "vsxProposedApiUsage" | "vsxUntrustedWorkspaceSupported" | "vsxVirtualWorkspaceSupported" | "vsxWebviewContribution" | "vsxWorkspaceContainsActivation" | "zeroWidth", ALERT_ACTION>;
|
package/dist/http-client.d.ts
CHANGED
|
@@ -76,26 +76,13 @@ export declare function getResponse(req: ClientRequest): Promise<IncomingMessage
|
|
|
76
76
|
*/
|
|
77
77
|
export declare function getResponseJson(response: IncomingMessage, method?: string | undefined): Promise<JsonValue | undefined>;
|
|
78
78
|
/**
|
|
79
|
-
*
|
|
80
|
-
*
|
|
81
|
-
*/
|
|
82
|
-
export declare function isResponseOk(response: IncomingMessage): boolean;
|
|
83
|
-
/**
|
|
84
|
-
* Transform artifact data based on authentication status.
|
|
85
|
-
* Filters and compacts response data for public/free-tier users.
|
|
86
|
-
*/
|
|
87
|
-
export declare function reshapeArtifactForPublicPolicy<T extends Record<string, unknown>>(data: T, isAuthenticated: boolean, actions?: string | undefined): T;
|
|
88
|
-
/**
|
|
89
|
-
* Retry helper for HTTP requests with exponential backoff.
|
|
90
|
-
* Wraps any async HTTP function and retries on failure.
|
|
79
|
+
* Create DELETE request with automatic retry logic.
|
|
80
|
+
* Retries on network errors and 5xx responses.
|
|
91
81
|
*
|
|
92
|
-
* @param fn - Async function to retry
|
|
93
82
|
* @param retries - Number of retry attempts (default: 0, retries disabled)
|
|
94
83
|
* @param retryDelay - Initial delay in ms (default: 100)
|
|
95
|
-
* @returns Result of the function call
|
|
96
|
-
* @throws {Error} Last error if all retries exhausted
|
|
97
84
|
*/
|
|
98
|
-
export declare function
|
|
85
|
+
export declare function createDeleteRequestWithRetry(baseUrl: string, urlPath: string, options?: RequestOptionsWithHooks | undefined, retries?: number, retryDelay?: number): Promise<IncomingMessage>;
|
|
99
86
|
/**
|
|
100
87
|
* Create GET request with automatic retry logic.
|
|
101
88
|
* Retries on network errors and 5xx responses.
|
|
@@ -105,18 +92,31 @@ export declare function withRetry<T>(fn: () => Promise<T>, retries?: number, ret
|
|
|
105
92
|
*/
|
|
106
93
|
export declare function createGetRequestWithRetry(baseUrl: string, urlPath: string, options?: RequestOptionsWithHooks | undefined, retries?: number, retryDelay?: number): Promise<IncomingMessage>;
|
|
107
94
|
/**
|
|
108
|
-
* Create
|
|
95
|
+
* Create request with JSON payload and automatic retry logic.
|
|
109
96
|
* Retries on network errors and 5xx responses.
|
|
110
97
|
*
|
|
111
98
|
* @param retries - Number of retry attempts (default: 0, retries disabled)
|
|
112
99
|
* @param retryDelay - Initial delay in ms (default: 100)
|
|
113
100
|
*/
|
|
114
|
-
export declare function
|
|
101
|
+
export declare function createRequestWithJsonAndRetry(method: SendMethod, baseUrl: string, urlPath: string, json: unknown, options?: RequestOptionsWithHooks | undefined, retries?: number, retryDelay?: number): Promise<IncomingMessage>;
|
|
115
102
|
/**
|
|
116
|
-
*
|
|
117
|
-
*
|
|
103
|
+
* Check if HTTP response has a successful status code (2xx range).
|
|
104
|
+
* Returns true for status codes between 200-299, false otherwise.
|
|
105
|
+
*/
|
|
106
|
+
export declare function isResponseOk(response: IncomingMessage): boolean;
|
|
107
|
+
/**
|
|
108
|
+
* Transform artifact data based on authentication status.
|
|
109
|
+
* Filters and compacts response data for public/free-tier users.
|
|
110
|
+
*/
|
|
111
|
+
export declare function reshapeArtifactForPublicPolicy<T extends Record<string, unknown>>(data: T, isAuthenticated: boolean, actions?: string | undefined): T;
|
|
112
|
+
/**
|
|
113
|
+
* Retry helper for HTTP requests with exponential backoff.
|
|
114
|
+
* Wraps any async HTTP function and retries on failure.
|
|
118
115
|
*
|
|
116
|
+
* @param fn - Async function to retry
|
|
119
117
|
* @param retries - Number of retry attempts (default: 0, retries disabled)
|
|
120
118
|
* @param retryDelay - Initial delay in ms (default: 100)
|
|
119
|
+
* @returns Result of the function call
|
|
120
|
+
* @throws {Error} Last error if all retries exhausted
|
|
121
121
|
*/
|
|
122
|
-
export declare function
|
|
122
|
+
export declare function withRetry<T>(fn: () => Promise<T>, retries?: number, retryDelay?: number): Promise<T>;
|
package/dist/index.d.ts
CHANGED
|
@@ -9,7 +9,7 @@ export { createDeleteRequest, createGetRequest, createRequestWithJson, getErrorR
|
|
|
9
9
|
export { calculateTotalQuotaCost, getAllMethodRequirements, getMethodRequirements, getMethodsByPermissions, getMethodsByQuotaCost, getQuotaCost, getQuotaUsageSummary, getRequiredPermissions, hasQuotaForMethods, } from './quota-utils';
|
|
10
10
|
export { SocketSdk } from './socket-sdk-class';
|
|
11
11
|
export type { ALERT_ACTION, ALERT_TYPE, Agent, ArtifactPatches, BatchPackageFetchResultType, BatchPackageStreamOptions, CompactSocketArtifact, CompactSocketArtifactAlert, CreateDependenciesSnapshotOptions, CreateOrgFullScanOptions, CreateScanFromFilepathsOptions, CustomResponseType, Entitlement, EntitlementsResponse, FileValidationCallback, FileValidationResult, GetOptions, GotOptions, HeadersRecord, PatchFile, PatchRecord, PatchViewResponse, TelemetryConfig, PostOrgTelemetryPayload, PostOrgTelemetryResponse, QueryParams, RequestInfo, RequestOptions, RequestOptionsWithHooks, ResponseInfo, SecurityAlert, SendMethod, SendOptions, SocketArtifact, SocketArtifactAlert, SocketArtifactWithExtras, SocketId, SocketMetricSchema, SocketSdkArrayElement, SocketSdkData, SocketSdkErrorResult, SocketSdkGenericResult, SocketSdkOperations, SocketSdkOptions, SocketSdkResult, SocketSdkSuccessResult, StreamOrgFullScanOptions, UploadManifestFilesError, UploadManifestFilesOptions, UploadManifestFilesResponse, UploadManifestFilesReturnType, Vulnerability, } from './types';
|
|
12
|
-
export type { CreateFullScanOptions, DeleteRepositoryLabelResult, DeleteResult, FullScanItem, FullScanListData, FullScanListResult, FullScanResult, ListFullScansOptions, ListRepositoriesOptions, OrganizationItem, OrganizationsResult, RepositoriesListData, RepositoriesListResult, RepositoryItem, RepositoryLabelItem, RepositoryLabelResult, RepositoryLabelsListData, RepositoryLabelsListResult, RepositoryResult, StreamFullScanOptions, StrictErrorResult, StrictResult, } from './types-strict';
|
|
12
|
+
export type { CreateFullScanOptions, DeleteRepositoryLabelResult, DeleteResult, FullScanItem, FullScanListData, FullScanListResult, FullScanResult, GetRepositoryOptions, ListFullScansOptions, ListRepositoriesOptions, OrganizationItem, OrganizationsResult, RepositoriesListData, RepositoriesListResult, RepositoryItem, RepositoryLabelItem, RepositoryLabelResult, RepositoryLabelsListData, RepositoryLabelsListResult, RepositoryResult, StreamFullScanOptions, StrictErrorResult, StrictResult, } from './types-strict';
|
|
13
13
|
export { createUserAgentFromPkgJson } from './user-agent';
|
|
14
14
|
export { calculateWordSetSimilarity, filterRedundantCause, normalizeBaseUrl, promiseWithResolvers, queryToSearchParams, resolveAbsPaths, resolveBasePath, shouldOmitReason, };
|
|
15
15
|
export { DEFAULT_USER_AGENT, httpAgentNames, publicPolicy };
|