@socketsecurity/sdk 3.2.0 → 3.3.1

package/types/api.d.ts

@@ -7,7 +7,10 @@ export interface paths {
   '/purl': {
     /**
      * Get Packages by PURL
-     * @description Batch retrieval of package metadata and alerts by PURL strings. Compatible witch CycloneDX reports.
+     * @deprecated
+     * @description **This endpoint is deprecated.** Deprecated since 2026-01-05.
+     *
+     * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
      *
      * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
      * CycloneDX SBOMs use the purl format to identify components.
@@ -135,7 +138,7 @@ export interface paths {
      *
      * To get a list of supported filetypes that can be uploaded in a full-scan, see the [Get supported file types](/reference/getsupportedfiles) endpoint.
      *
-     * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
+     * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
      *
      * **Query Parameters:**
      * - `scan_type` (optional): The type of scan to perform. Defaults to 'socket'. Must be 32 characters or less. Used for categorizing multiple SBOM heads per repository branch.
@@ -233,7 +236,7 @@ export interface paths {
      *
      * Each uploaded archive is extracted server-side and any supported manifest files (like package.json, package-lock.json, pnpm-lock.yaml, etc.) are ingested for the scan. If you upload multiple archives in a single request, the manifests from every archive are merged into one full scan. The response includes any files that were ignored.
      *
-     * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 67 MB.
+     * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 268 MB.
      *
      * This endpoint consumes 1 unit of your quota.
      *
@@ -242,6 +245,68 @@ export interface paths {
      */
     post: operations['CreateOrgFullScanArchive']
   }
+  '/orgs/{org_slug}/full-scans/{full_scan_id}/rescan': {
+    /**
+     * Rescan full scan
+     * @description Create a new full scan by rescanning an existing scan. A "shallow" rescan reapplies the latest policies to the previously cached dependency resolution results. A "deep" rescan reruns dependency resolution and applies the latest policies to the results.
+     *
+     * This endpoint consumes 1 unit of your quota.
+     *
+     * This endpoint requires the following org token scopes:
+     * - full-scans:create
+     */
+    post: operations['rescanOrgFullScan']
+  }
+  '/orgs/{org_slug}/full-scans/{full_scan_id}/format/csv': {
+    /**
+     * Export CSV of alerts for full scan
+     * @description Export a CSV file containing all alerts from a full scan.
+     *
+     * The CSV includes details about each alert and the affected packages.
+     * You can optionally filter using the request body "filters" array. Supported filter IDs include:
+     * - alert.action (error|warn|monitor|ignore)
+     * - alert.type
+     * - alert.category
+     * - alert.severity (low|medium|middle|high|critical or 0-3)
+     * - artifact.type (purl type, e.g. npm, pypi)
+     * - dependency.type (direct|transitive)
+     * - dependency.scope (dev|normal)
+     * - dependency.usage (used|unused)
+     * - manifest.file
+     *
+     * This endpoint consumes 1 unit of your quota.
+     *
+     * This endpoint requires the following org token scopes:
+     * - full-scans:list
+     */
+    post: operations['getOrgFullScanCsv']
+  }
+  '/orgs/{org_slug}/full-scans/{full_scan_id}/format/pdf': {
+    /**
+     * Generate PDF report for full scan
+     * @description Generate a PDF report for all alerts in a full scan.
+     *
+     * This endpoint streams a PDF document containing all alerts found in the full scan,
+     * with optional filtering and grouping options.
+     *
+     * Supported request body filter IDs include:
+     * - alert.action (error|warn|monitor|ignore)
+     * - alert.type
+     * - alert.category
+     * - alert.severity (low|medium|middle|high|critical or 0-3)
+     * - artifact.type (purl type, e.g. npm, pypi)
+     * - dependency.type (direct|transitive)
+     * - dependency.scope (dev|normal)
+     * - dependency.usage (used|unused)
+     * - manifest.file
+     *
+     * This endpoint consumes 1 unit of your quota.
+     *
+     * This endpoint requires the following org token scopes:
+     * - full-scans:list
+     */
+    post: operations['getOrgFullScanPdf']
+  }
   '/orgs/{org_slug}/export/cdx/{id}': {
     /**
      * Export CycloneDX SBOM (Beta)
@@ -268,6 +333,31 @@ export interface paths {
      */
     get: operations['exportCDX']
   }
+  '/orgs/{org_slug}/export/openvex/{id}': {
+    /**
+     * Export OpenVEX Document (Beta)
+     * @description Export vulnerability exploitability data as an OpenVEX v0.2.0 document.
+     *
+     * OpenVEX (Vulnerability Exploitability eXchange) documents communicate the
+     * exploitability status of vulnerabilities in software products. This export
+     * includes:
+     *
+     * - **Patch data**: Vulnerabilities fixed by applied Socket patches are marked as "fixed"
+     * - **Reachability analysis**: Code reachability determines if vulnerable code is exploitable:
+     * - Unreachable code → "not_affected" with justification
+     * - Reachable code → "affected"
+     * - Unknown/pending → "under_investigation"
+     *
+     * Each statement in the document represents a single artifact-vulnerability pair
+     * for granular reachability information.
+     *
+     * This endpoint consumes 1 unit of your quota.
+     *
+     * This endpoint requires the following org token scopes:
+     * - report:read
+     */
+    get: operations['exportOpenVEX']
+  }
   '/orgs/{org_slug}/export/spdx/{id}': {
     /**
      * Export SPDX SBOM (Beta)
@@ -347,7 +437,7 @@ export interface paths {
      * Returns metadata about the diff scan. Once the diff scan is created, fetch the diff scan from
      * the [api_url](/reference/getDiffScanById) URL to get the contents of the diff.
      *
-     * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
+     * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
      *
      * This endpoint consumes 1 unit of your quota.
      *
@@ -386,7 +476,7 @@ export interface paths {
     get: operations['getOrgTriage']
     /**
      * Update Org Alert Triage
-     * @description Update triage actions on organizaton alerts.
+     * @description Update triage actions on organization alerts.
      *
      * This endpoint consumes 1 unit of your quota.
      *
@@ -395,6 +485,18 @@ export interface paths {
      */
     post: operations['updateOrgAlertTriage']
   }
+  '/orgs/{org_slug}/triage/alerts/{uuid}': {
+    /**
+     * Delete Org Alert Triage
+     * @description Delete a specific triage rule by UUID.
+     *
+     * This endpoint consumes 1 unit of your quota.
+     *
+     * This endpoint requires the following org token scopes:
+     * - triage:alerts-update
+     */
+    delete: operations['deleteOrgAlertTriage']
+  }
   '/orgs/{org_slug}/repos': {
     /**
      * List repositories
@@ -931,6 +1033,107 @@ export interface paths {
      */
     get: operations['getOrgThreatFeedItems']
   }
+  '/orgs/{org_slug}/purl': {
+    /**
+     * Get Packages by PURL (Org Scoped)
+     * @description Batch retrieval of package metadata and alerts by PURL strings for a specific organization. Compatible with CycloneDX reports.
+     *
+     * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
+     * CycloneDX SBOMs use the purl format to identify components.
+     * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report.
+     *
+     * **Note:** This endpoint has a batch size limit (default: 1024 PURLs per request). Requests exceeding this limit will return a 400 Bad Request error.
+     *
+     * More information on purl and CycloneDX:
+     *
+     * - [`purl` Spec](https://github.com/package-url/purl-spec)
+     * - [CycloneDX Spec](https://cyclonedx.org/specification/overview/#components)
+     *
+     * This endpoint returns the latest available alert data for artifacts in the batch (stale while revalidate).
+     * Actively running analysis will be returned when available on subsequent runs.
+     *
+     * ## Query Parameters
+     *
+     * This endpoint supports all query parameters from `POST /v0/purl` including: `alerts`, `actions`, `compact`, `fixable`, `licenseattrib`, `licensedetails`, `purlErrors`, `cachedResultsOnly`, and `summary`.
+     *
+     * Additionally, you may provide a `labels` query parameter to apply a repository label's security policies. Pass the label slug as the value (e.g., `?labels=production`). Only one label is currently supported.
+     *
+     * ## Examples:
+     *
+     * ### Looking up an npm package:
+     *
+     * ```json
+     * {
+     *   "components": [
+     *     {
+     *       "purl": "pkg:npm/express@4.19.2"
+     *     }
+     *   ]
+     * }
+     * ```
+     *
+     * ### Looking up a PyPi package:
+     *
+     * ```json
+     * {
+     *   "components": [
+     *     {
+     *       "purl": "pkg:pypi/django@5.0.6"
+     *     }
+     *   ]
+     * }
+     * ```
+     *
+     * ### Looking up a Maven package:
+     *
+     * ```json
+     * {
+     *   "components": [
+     *     {
+     *       "purl": "pkg:maven/log4j/log4j@1.2.17"
+     *     }
+     *   ]
+     * }
+     * ```
+     *
+     * ### Batch lookup
+     *
+     * ```json
+     * {
+     *   "components": [
+     *     {
+     *       "purl": "pkg:npm/express@4.19.2"
+     *     },
+     *     {
+     *       "purl": "pkg:pypi/django@5.0.6"
+     *     },
+     *     {
+     *       "purl": "pkg:maven/log4j/log4j@1.2.17"
+     *     }
+     *   ]
+     * }
+     * ```
+     *
+     * ### With label and options (query parameters):
+     *
+     * ```
+     * POST /v0/orgs/{org_slug}/purl?labels=production&alerts=true&compact=true
+     * {
+     *   "components": [
+     *     {
+     *       "purl": "pkg:npm/express@4.19.2"
+     *     }
+     *   ]
+     * }
+     * ```
+     *
+     * This endpoint consumes 100 units of your quota.
+     *
+     * This endpoint requires the following org token scopes:
+     * - packages:list
+     */
+    post: operations['batchPackageFetchByOrg']
+  }
   '/orgs/{org_slug}/fixes': {
     /**
      * Fetch fixes for vulnerabilities in a repository or scan
@@ -938,6 +1141,57 @@ export interface paths {
      * Requires either repo_slug or full_scan_id as well as vulnerability_ids to be provided.
      * vulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities.
      *
+     * ## Response Structure
+     *
+     * The response contains a `fixDetails` object where each key is a vulnerability ID (GHSA or CVE) and the value is a discriminated union based on the `type` field.
+     *
+     * ### Common Fields
+     *
+     * All response variants include:
+     * - `type`: Discriminator field (one of: "fixFound", "partialFixFound", "noFixAvailable", "fixNotApplicable", "errorComputingFix")
+     * - `value`: Object containing the variant-specific data
+     *
+     * The `value` object always contains:
+     * - `ghsa`: string | null - The GHSA ID
+     * - `cve`: string | null - The CVE ID (if available)
+     * - `advisoryDetails`: object | null - Advisory details (only if include_details=true)
+     *
+     * ### Response Variants
+     *
+     * **fixFound**: A complete fix is available for all vulnerable packages
+     * - `value.fixDetails.fixes`: Array of fix objects, each containing:
+     *   - `purl`: Package URL to upgrade
+     *   - `fixedVersion`: Version to upgrade to
+     *   - `manifestFiles`: Array of manifest files containing the package
+     *   - `updateType`: "patch" | "minor" | "major" | "unknown"
+     * - `value.fixDetails.responsibleDirectDependencies`: (optional) Map of direct dependencies responsible for the vulnerability
+     *
+     * **partialFixFound**: Fixes available for some but not all vulnerable packages
+     * - Same as fixFound, plus:
+     * - `value.fixDetails.unfixablePurls`: Array of packages that cannot be fixed, each containing:
+     *   - `purl`: Package URL
+     *   - `manifestFiles`: Array of manifest files
+     *
+     * **noFixAvailable**: No fix exists for this vulnerability (no patched version published)
+     *
+     * **fixNotApplicable**: A fix exists but cannot be applied due to version constraints
+     * - `value.vulnerableArtifacts`: Array of vulnerable packages with their manifest files
+     *
+     * **errorComputingFix**: An error occurred while computing fixes
+     * - `value.message`: Error description
+     *
+     * ### Advisory Details (when include_details=true)
+     *
+     * - `title`: string | null
+     * - `description`: string | null
+     * - `cwes`: string[] - CWE identifiers
+     * - `severity`: "LOW" | "MODERATE" | "HIGH" | "CRITICAL"
+     * - `cvssVector`: string | null
+     * - `publishedAt`: string (ISO date)
+     * - `kev`: boolean - Whether it's a Known Exploited Vulnerability
+     * - `epss`: number | null - Exploit Prediction Scoring System score
+     * - `affectedPurls`: Array of affected packages with version ranges
+     *
      * This endpoint consumes 10 units of your quota.
      *
      * This endpoint requires the following org token scopes:
@@ -1032,6 +1286,18 @@ export interface paths {
      */
     get: operations['alertsList']
   }
+  '/orgs/{org_slug}/alert-full-scan-search': {
+    /**
+     * List full scans associated with alert (Beta)
+     * @description List full scans associated with alert.
+     *
+     * This endpoint consumes 10 units of your quota.
+     *
+     * This endpoint requires the following org token scopes:
+     * - alerts:list
+     */
+    get: operations['alertFullScans']
+  }
   '/license-policy': {
     /**
      * License Policy (Beta)
@@ -1638,7 +1904,7 @@ export interface components {
           _type: 'summary'
           value: components['schemas']['PurlSummarySchema']
         }
-    SocketBatchPURLFetch: {
+    SocketOrgBatchPURLFetch: {
       components: Array<components['schemas']['SocketBatchPURLRequest']>
     }
     SocketArtifact: components['schemas']['SocketPURL'] &
@@ -1745,10 +2011,10 @@ export interface components {
         dependsOn?: string[]
       }>
       vulnerabilities?: Array<{
-        /** @default */
-        ref: string
         /** @default */
         id: string
+        /** @default */
+        ref?: string
         source?: {
           /** @default */
           name?: string
@@ -1815,6 +2081,25 @@ export interface components {
         }
       }>
     }
+    OpenVEXDocumentSchema: {
+      /** @default https://openvex.dev/ns/v0.2.0 */
+      '@context': string
+      /** @default */
+      '@id': string
+      /** @default Socket Security */
+      author: string
+      /** @default */
+      timestamp: string
+      /** @default 1 */
+      version: number
+      statements: Array<components['schemas']['OpenVEXStatementSchema']>
+      /** @default VEX Generator */
+      role?: string
+      /** @default */
+      last_updated?: string
+      /** @default Socket Security VEX Generator */
+      tooling?: string
+    }
     SPDXManifestSchema: {
       /** @default SPDX-2.3 */
       spdxVersion: string
@@ -1917,6 +2202,11 @@ export interface components {
        * @default false
        */
       unsafe: boolean
+      /**
+       * @description Package contains remote URL(s) in the source code
+       * @default false
+       */
+      url: boolean
     }
     Qualifiers: unknown
     SocketScore: {
@@ -2324,13 +2614,11 @@ export interface components {
       alertKeysToReachabilityTypes?: {
         [key: string]: string[]
       }
-      /** @description Mapping of alert keys to arrays of reachability summaries. Each summary contains a reachability type and a hash pointing to detailed analysis data (call stacks, file locations, confidence scores). Used for efficient storage and retrieval of comprehensive reachability analysis results without duplicating large analysis payloads. */
+      /** @description Mapping of alert keys to arrays of reachability summaries. Each summary contains a reachability type indicating the result of reachability analysis for the corresponding vulnerability alert. */
       alertKeysToReachabilitySummaries?: {
         [key: string]: Array<{
           /** @default */
           type: string
-          /** @default */
-          hash: string
         }>
       }
     }
@@ -2429,6 +2717,32 @@ export interface components {
       }>
       components?: Array<components['schemas']['CDXComponentSchema']>
     }
+    OpenVEXStatementSchema: {
+      vulnerability: components['schemas']['OpenVEXVulnerabilitySchema']
+      products: Array<components['schemas']['OpenVEXProductSchema']>
+      /** @default affected */
+      status: string
+      /** @default */
+      '@id'?: string
+      /** @default 0 */
+      version?: number
+      /** @default */
+      timestamp?: string
+      /** @default */
+      last_updated?: string
+      /** @default */
+      supplier?: string
+      /** @default */
+      status_notes?: string
+      /** @default */
+      justification?: string
+      /** @default */
+      impact_statement?: string
+      /** @default */
+      action_statement?: string
+      /** @default */
+      action_statement_timestamp?: string
+    }
     LicenseAllowListElabbed: {
       strings: string[]
       classes: string[]
@@ -3045,6 +3359,19 @@ export interface components {
             usage?: components['schemas']['SocketUsageRef']
           }
         }
+      | {
+          /** @enum {string} */
+          type?: 'tooManyFiles'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default 0 */
+              fileCount: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
       | {
           /** @enum {string} */
           type?: 'generic'
@@ -3172,6 +3499,21 @@ export interface components {
             usage?: components['schemas']['SocketUsageRef']
           }
         }
+      | {
+          /** @enum {string} */
+          type?: 'recentlyPublished'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default */
+              publishedAt: string
+              /** @default */
+              checkedAt: string
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
       | {
           /** @enum {string} */
           type?: 'licenseSpdxDisj'
@@ -3889,76 +4231,280 @@ export interface components {
         }
       | {
           /** @enum {string} */
-          type?: 'socketUpgradeAvailable'
+          type?: 'skillAutonomyAbuse'
           value?: components['schemas']['SocketIssueBasics'] & {
             /** @default */
             description: string
             props: {
-              categories: string[]
-              /** @default false */
-              deprecated: boolean
-              interop: string[]
               /** @default */
-              replacementPURL: string
-              /** @default */
-              version: string
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
             }
             usage?: components['schemas']['SocketUsageRef']
           }
         }
       | {
           /** @enum {string} */
-          type?: 'longStrings'
+          type?: 'skillCommandInjection'
           value?: components['schemas']['SocketIssueBasics'] & {
             /** @default */
             description: string
-            props: Record<string, never>
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
             usage?: components['schemas']['SocketUsageRef']
           }
         }
       | {
           /** @enum {string} */
-          type?: 'highEntropyStrings'
+          type?: 'skillDataExfiltration'
           value?: components['schemas']['SocketIssueBasics'] & {
             /** @default */
             description: string
-            props: Record<string, never>
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
             usage?: components['schemas']['SocketUsageRef']
           }
         }
       | {
           /** @enum {string} */
-          type?: 'urlStrings'
+          type?: 'skillDiscoveryAbuse'
           value?: components['schemas']['SocketIssueBasics'] & {
             /** @default */
             description: string
             props: {
-              urls: string[]
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
             }
             usage?: components['schemas']['SocketUsageRef']
           }
         }
       | {
           /** @enum {string} */
-          type?: 'usesEval'
+          type?: 'skillHardcodedSecrets'
           value?: components['schemas']['SocketIssueBasics'] & {
             /** @default */
             description: string
             props: {
-              /** @default eval */
-              evalType: string
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
             }
             usage?: components['schemas']['SocketUsageRef']
           }
         }
       | {
           /** @enum {string} */
-          type?: 'dynamicRequire'
+          type?: 'skillObfuscation'
           value?: components['schemas']['SocketIssueBasics'] & {
             /** @default */
             description: string
-            props: Record<string, never>
-            usage?: components['schemas']['SocketUsageRef']
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'skillPromptInjection'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'skillResourceAbuse'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'skillSupplyChain'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'skillToolAbuse'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'skillToolChaining'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'skillTransitiveTrust'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default */
+              notes: string
+              /** @default 0 */
+              confidence: number
+              /** @default 0 */
+              severity: number
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'socketUpgradeAvailable'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              categories: string[]
+              /** @default false */
+              deprecated: boolean
+              interop: string[]
+              /** @default */
+              replacementPURL: string
+              /** @default */
+              version: string
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'longStrings'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: Record<string, never>
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'highEntropyStrings'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: Record<string, never>
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'urlStrings'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              urls: string[]
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'usesEval'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: {
+              /** @default eval */
+              evalType: string
+            }
+            usage?: components['schemas']['SocketUsageRef']
+          }
+        }
+      | {
+          /** @enum {string} */
+          type?: 'dynamicRequire'
+          value?: components['schemas']['SocketIssueBasics'] & {
+            /** @default */
+            description: string
+            props: Record<string, never>
+            usage?: components['schemas']['SocketUsageRef']
           }
         }
       | {
@@ -4383,6 +4929,7 @@ export interface components {
       | 'cocoapods'
       | 'cargo'
       | 'chrome'
+      | 'clawhub'
       | 'composer'
       | 'conan'
       | 'conda'
@@ -4405,6 +4952,7 @@ export interface components {
       | 'pub'
       | 'pypi'
       | 'rpm'
+      | 'socket'
       | 'swid'
       | 'swift'
       | 'vscode'
@@ -4453,6 +5001,22 @@ export interface components {
       /** @description Reachability analysis results for each vulnerability */
       results: Array<components['schemas']['ReachabilityResultItem']>
     }
+    OpenVEXVulnerabilitySchema: {
+      /** @default */
+      name: string
+      /** @default */
+      '@id'?: string
+      /** @default */
+      description?: string
+      aliases?: string[]
+    }
+    OpenVEXProductSchema: {
+      /** @default */
+      '@id': string
+      identifiers?: components['schemas']['OpenVEXIdentifiersSchema']
+      hashes?: components['schemas']['OpenVEXHashesSchema']
+      subcomponents?: Array<components['schemas']['OpenVEXComponentSchema']>
+    }
     SocketIssueBasics: {
       severity: components['schemas']['SocketIssueSeverity']
       category: components['schemas']['SocketCategory']
@@ -4508,6 +5072,46 @@ export interface components {
        */
       subprojectPath?: string
     }
+    OpenVEXIdentifiersSchema: {
+      /** @default */
+      purl?: string
+      /** @default */
+      cpe23?: string
+      /** @default */
+      cpe22?: string
+    }
+    OpenVEXHashesSchema: {
+      /** @default */
+      md5?: string
+      /** @default */
+      sha1?: string
+      /** @default */
+      'sha-256'?: string
+      /** @default */
+      'sha-384'?: string
+      /** @default */
+      'sha-512'?: string
+      /** @default */
+      'sha3-224'?: string
+      /** @default */
+      'sha3-256'?: string
+      /** @default */
+      'sha3-384'?: string
+      /** @default */
+      'sha3-512'?: string
+      /** @default */
+      'blake2s-256'?: string
+      /** @default */
+      'blake2b-256'?: string
+      /** @default */
+      'blake2b-512'?: string
+    }
+    OpenVEXComponentSchema: {
+      /** @default */
+      '@id'?: string
+      identifiers?: components['schemas']['OpenVEXIdentifiersSchema']
+      hashes?: components['schemas']['OpenVEXHashesSchema']
+    }
     SocketRefList: Array<components['schemas']['SocketRef']>
     SocketRefFile: {
       /** @default */
@@ -4777,6 +5381,19 @@ export interface components {
         }
       }
     }
+    /** @description Resource already exists */
+    SocketConflict: {
+      content: {
+        'application/json': {
+          error: {
+            /** @default */
+            message: string
+            /** @default null */
+            details: Record<string, unknown> | null
+          }
+        }
+      }
+    }
     /** @description Gone */
     SocketGone: {
       content: {
@@ -4804,7 +5421,10 @@ export type external = Record<string, never>
 export interface operations {
   /**
    * Get Packages by PURL
-   * @description Batch retrieval of package metadata and alerts by PURL strings. Compatible witch CycloneDX reports.
+   * @deprecated
+   * @description **This endpoint is deprecated.** Deprecated since 2026-01-05.
+   *
+   * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
    *
    * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
    * CycloneDX SBOMs use the purl format to identify components.
@@ -4888,7 +5508,7 @@ export interface operations {
         alerts?: boolean
         /** @description Include only alerts with comma separated actions defined by security policy. */
         actions?: Array<'error' | 'monitor' | 'warn' | 'ignore'>
-        /** @description Compact metadata. */
+        /** @description Compact metadata. When enabled, excludes metadata fields like author, scores, size, dependencies, and manifest files. Always includes: id, type, name, version, release, namespace, subpath, alerts, and alertPriorities. */
         compact?: boolean
         /** @description Include only fixable alerts. */
         fixable?: boolean
@@ -4906,7 +5526,7 @@ export interface operations {
     }
     requestBody?: {
       content: {
-        'application/json': components['schemas']['SocketBatchPURLFetch']
+        'application/json': components['schemas']['SocketOrgBatchPURLFetch']
       }
     }
     responses: {
@@ -5074,6 +5694,8 @@ export interface operations {
         pull_request?: string
         /** @description A commit hash to filter full-scans by. */
         commit_hash?: string
+        /** @description A scan type to filter full-scans by (e.g. socket, socket_tier1, socket_basics). */
+        scan_type?: string
       }
       path: {
         /** @description The slug of the organization */
@@ -5129,6 +5751,8 @@ export interface operations {
               integration_commit_url?: string | null
               /** @default */
               integration_pull_request_url?: string | null
+              /** @default */
+              scan_type?: string | null
               /**
                * @description The current processing status of the SBOM
                * @default pending
@@ -5156,7 +5780,7 @@ export interface operations {
    *
    * To get a list of supported filetypes that can be uploaded in a full-scan, see the [Get supported file types](/reference/getsupportedfiles) endpoint.
    *
-   * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
+   * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
    *
    * **Query Parameters:**
    * - `scan_type` (optional): The type of scan to perform. Defaults to 'socket'. Must be 32 characters or less. Used for categorizing multiple SBOM heads per repository branch.
@@ -5262,6 +5886,8 @@ export interface operations {
             integration_commit_url?: string | null
             /** @default */
             integration_pull_request_url?: string | null
+            /** @default */
+            scan_type?: string | null
             /**
              * @description The current processing status of the SBOM
              * @default pending
@@ -5300,6 +5926,8 @@ export interface operations {
           | Array<'component' | 'formula'>
         /** @description Include license details in the response. This can increase the response size significantly. */
         include_license_details: boolean
+        /** @description Return cached immutable scan results. When enabled and results are cached, returns the pre-computed scan. When results are not yet cached, returns 202 Accepted and enqueues a background job. */
+        cached?: boolean
       }
       path: {
         /** @description The slug of the organization */
@@ -5315,6 +5943,17 @@ export interface operations {
           'application/x-ndjson': components['schemas']['SocketArtifact']
         }
       }
+      /** @description Scan is being processed. Poll again later to retrieve results. */
+      202: {
+        content: {
+          'application/json': {
+            /** @default processing */
+            status: string
+            /** @default */
+            id: string
+          }
+        }
+      }
       400: components['responses']['SocketBadRequest']
       401: components['responses']['SocketUnauthorized']
       403: components['responses']['SocketForbidden']
@@ -5423,6 +6062,8 @@ export interface operations {
             integration_commit_url?: string | null
             /** @default */
             integration_pull_request_url?: string | null
+            /** @default */
+            scan_type?: string | null
             /**
              * @description The current processing status of the SBOM
              * @default pending
@@ -5702,7 +6343,7 @@ export interface operations {
    *
    * Each uploaded archive is extracted server-side and any supported manifest files (like package.json, package-lock.json, pnpm-lock.yaml, etc.) are ingested for the scan. If you upload multiple archives in a single request, the manifests from every archive are merged into one full scan. The response includes any files that were ignored.
    *
-   * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 67 MB.
+   * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 268 MB.
    *
    * This endpoint consumes 1 unit of your quota.
    *
@@ -5805,6 +6446,8 @@ export interface operations {
             integration_commit_url?: string | null
             /** @default */
             integration_pull_request_url?: string | null
+            /** @default */
+            scan_type?: string | null
             /**
              * @description The current processing status of the SBOM
              * @default pending
@@ -5823,34 +6466,207 @@ export interface operations {
     }
   }
   /**
-   * Export CycloneDX SBOM (Beta)
-   * @description Export a Socket SBOM as a CycloneDX SBOM
-   *
-   * Supported ecosystems:
-   *
-   * - crates
-   * - go
-   * - maven
-   * - npm
-   * - nuget
-   * - pypi
-   * - rubygems
-   * - spdx
-   * - cdx
-   *
-   * Unsupported ecosystems are filtered from the export.
+   * Rescan full scan
+   * @description Create a new full scan by rescanning an existing scan. A "shallow" rescan reapplies the latest policies to the previously cached dependency resolution results. A "deep" rescan reruns dependency resolution and applies the latest policies to the results.
    *
    * This endpoint consumes 1 unit of your quota.
    *
    * This endpoint requires the following org token scopes:
-   * - report:read
+   * - full-scans:create
    */
-  exportCDX: {
+  rescanOrgFullScan: {
     parameters: {
       query?: {
-        /**
-         * @description The person(s) who created the BOM.
-         * Set this value if you're intending the modify the BOM and claim authorship.
+        /** @description The rescan mode: "shallow" (default) re-applies policies to cached data, "deep" re-fetches the SBOM stream. */
+        mode?: 'shallow' | 'deep'
+      }
+      path: {
+        /** @description The slug of the organization */
+        org_slug: string
+        /** @description The ID of the full scan to rescan */
+        full_scan_id: string
+      }
+    }
+    responses: {
+      /** @description Rescan initiated successfully */
+      201: {
+        content: {
+          'application/json': {
+            /** @default The ID of the newly created full scan */
+            id: string
+            /** @default The status of the new scan */
+            status: string
+          }
+        }
+      }
+      400: components['responses']['SocketBadRequest']
+      401: components['responses']['SocketUnauthorized']
+      403: components['responses']['SocketForbidden']
+      404: components['responses']['SocketNotFoundResponse']
+      429: components['responses']['SocketTooManyRequestsResponse']
+    }
+  }
+  /**
+   * Export CSV of alerts for full scan
+   * @description Export a CSV file containing all alerts from a full scan.
+   *
+   * The CSV includes details about each alert and the affected packages.
+   * You can optionally filter using the request body "filters" array. Supported filter IDs include:
+   * - alert.action (error|warn|monitor|ignore)
+   * - alert.type
+   * - alert.category
+   * - alert.severity (low|medium|middle|high|critical or 0-3)
+   * - artifact.type (purl type, e.g. npm, pypi)
+   * - dependency.type (direct|transitive)
+   * - dependency.scope (dev|normal)
+   * - dependency.usage (used|unused)
+   * - manifest.file
+   *
+   * This endpoint consumes 1 unit of your quota.
+   *
+   * This endpoint requires the following org token scopes:
+   * - full-scans:list
+   */
+  getOrgFullScanCsv: {
+    parameters: {
+      query: {
+        /** @description Control which alert priority fields to include in the response. Set to "true" to include all fields, "false" to exclude all fields, or specify individual fields like "components,formula" to include only those fields. */
+        include_alert_priority_details?:
+          | boolean
+          | Array<'component' | 'formula'>
+        /** @description Include license details in the response. */
+        include_license_details: boolean
+      }
+      path: {
+        /** @description The slug of the organization */
+        org_slug: string
+        /** @description The ID of the full scan */
+        full_scan_id: string
+      }
+    }
+    requestBody?: {
+      content: {
+        'application/json': {
+          filters?: Array<{
+            /** @default */
+            id: string
+            value: string[]
+          }>
+        }
+      }
+    }
+    responses: {
+      /** @description CSV export of alerts */
+      200: {
+        content: {
+          'text/csv': unknown
+        }
+      }
+      400: components['responses']['SocketBadRequest']
+      401: components['responses']['SocketUnauthorized']
+      403: components['responses']['SocketForbidden']
+      404: components['responses']['SocketNotFoundResponse']
+      429: components['responses']['SocketTooManyRequestsResponse']
+    }
+  }
+  /**
+   * Generate PDF report for full scan
+   * @description Generate a PDF report for all alerts in a full scan.
+   *
+   * This endpoint streams a PDF document containing all alerts found in the full scan,
+   * with optional filtering and grouping options.
+   *
+   * Supported request body filter IDs include:
+   * - alert.action (error|warn|monitor|ignore)
+   * - alert.type
+   * - alert.category
+   * - alert.severity (low|medium|middle|high|critical or 0-3)
+   * - artifact.type (purl type, e.g. npm, pypi)
+   * - dependency.type (direct|transitive)
+   * - dependency.scope (dev|normal)
+   * - dependency.usage (used|unused)
+   * - manifest.file
+   *
+   * This endpoint consumes 1 unit of your quota.
+   *
+   * This endpoint requires the following org token scopes:
+   * - full-scans:list
+   */
+  getOrgFullScanPdf: {
+    parameters: {
+      query: {
+        /** @description Control which alert priority fields to include in the response. Set to "true" to include all fields, "false" to exclude all fields, or specify individual fields like "components,formula" to include only those fields. */
+        include_alert_priority_details?:
+          | boolean
+          | Array<'component' | 'formula'>
+        /** @description Include license details in the response. */
+        include_license_details: boolean
+      }
+      path: {
+        /** @description The slug of the organization */
+        org_slug: string
+        /** @description The ID of the full scan */
+        full_scan_id: string
+      }
+    }
+    requestBody?: {
+      content: {
+        'application/json': {
+          filters?: Array<{
+            /** @default */
+            id: string
+            value: string[]
+          }>
+          /** @default */
+          groupBy?: string
+          /** @default */
+          additionalInformation?: string
+        }
+      }
+    }
+    responses: {
+      /** @description PDF report of alerts */
+      200: {
+        content: {
+          'application/pdf': unknown
+        }
+      }
+      400: components['responses']['SocketBadRequest']
+      401: components['responses']['SocketUnauthorized']
+      403: components['responses']['SocketForbidden']
+      404: components['responses']['SocketNotFoundResponse']
+      429: components['responses']['SocketTooManyRequestsResponse']
+    }
+  }
+  /**
+   * Export CycloneDX SBOM (Beta)
+   * @description Export a Socket SBOM as a CycloneDX SBOM
+   *
+   * Supported ecosystems:
+   *
+   * - crates
+   * - go
+   * - maven
+   * - npm
+   * - nuget
+   * - pypi
+   * - rubygems
+   * - spdx
+   * - cdx
+   *
+   * Unsupported ecosystems are filtered from the export.
+   *
+   * This endpoint consumes 1 unit of your quota.
+   *
+   * This endpoint requires the following org token scopes:
+   * - report:read
+   */
+  exportCDX: {
+    parameters: {
+      query?: {
+        /**
+         * @description The person(s) who created the BOM.
+         * Set this value if you're intending the modify the BOM and claim authorship.
          */
         author?: string
         /** @description Dependency track project group */
@@ -5884,6 +6700,58 @@ export interface operations {
       429: components['responses']['SocketTooManyRequestsResponse']
     }
   }
+  /**
+   * Export OpenVEX Document (Beta)
+   * @description Export vulnerability exploitability data as an OpenVEX v0.2.0 document.
+   *
+   * OpenVEX (Vulnerability Exploitability eXchange) documents communicate the
+   * exploitability status of vulnerabilities in software products. This export
+   * includes:
+   *
+   * - **Patch data**: Vulnerabilities fixed by applied Socket patches are marked as "fixed"
+   * - **Reachability analysis**: Code reachability determines if vulnerable code is exploitable:
+   * - Unreachable code → "not_affected" with justification
+   * - Reachable code → "affected"
+   * - Unknown/pending → "under_investigation"
+   *
+   * Each statement in the document represents a single artifact-vulnerability pair
+   * for granular reachability information.
+   *
+   * This endpoint consumes 1 unit of your quota.
+   *
+   * This endpoint requires the following org token scopes:
+   * - report:read
+   */
+  exportOpenVEX: {
+    parameters: {
+      query?: {
+        /** @description The author of the VEX document. Should be an individual or organization. */
+        author?: string
+        /** @description The role of the document author (e.g., "VEX Generator", "Security Team"). */
+        role?: string
+        /** @description Custom IRI for the VEX document. If not provided, a default IRI will be generated. */
+        document_id?: string
+      }
+      path: {
+        /** @description The slug of the organization */
+        org_slug: string
+        /** @description The full scan OR sbom report ID */
+        id: string
+      }
+    }
+    responses: {
+      /** @description OpenVEX v0.2.0 document */
+      200: {
+        content: {
+          'application/json': components['schemas']['OpenVEXDocumentSchema']
+        }
+      }
+      400: components['responses']['SocketBadRequest']
+      401: components['responses']['SocketUnauthorized']
+      403: components['responses']['SocketForbidden']
+      429: components['responses']['SocketTooManyRequestsResponse']
+    }
+  }
   /**
    * Export SPDX SBOM (Beta)
    * @description Export a Socket SBOM as a SPDX SBOM
@@ -6039,6 +6907,8 @@ export interface operations {
         omit_license_details?: boolean
         /** @description Omit unchanged artifacts from the response. When set to true, the unchanged field will be set to null. */
         omit_unchanged?: boolean
+        /** @description Return cached immutable scan results. When enabled and results are cached, returns the pre-computed scan. When results are not yet cached, returns 202 Accepted and enqueues a background job. Note: When cached=true, the omit_license_details parameter is ignored as cached results always includes license details. */
+        cached?: boolean
       }
       path: {
         /** @description The slug of the organization */
@@ -6144,6 +7014,17 @@ export interface operations {
           }
         }
       }
+      /** @description Scan is being processed. Poll again later to retrieve results. */
+      202: {
+        content: {
+          'application/json': {
+            /** @default processing */
+            status: string
+            /** @default */
+            id: string
+          }
+        }
+      }
       400: components['responses']['SocketBadRequest']
       401: components['responses']['SocketUnauthorized']
       403: components['responses']['SocketForbidden']
@@ -6315,7 +7196,7 @@ export interface operations {
    * Returns metadata about the diff scan. Once the diff scan is created, fetch the diff scan from
    * the [api_url](/reference/getDiffScanById) URL to get the contents of the diff.
    *
-   * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 67 MB.
+   * The maximum number of files you can upload at a time is 5000 and each file can be no bigger than 268 MB.
    *
    * This endpoint consumes 1 unit of your quota.
    *
@@ -6463,6 +7344,7 @@ export interface operations {
       401: components['responses']['SocketUnauthorized']
       403: components['responses']['SocketForbidden']
       404: components['responses']['SocketNotFoundResponse']
+      409: components['responses']['SocketConflict']
       429: components['responses']['SocketTooManyRequestsResponse']
     }
   }
@@ -6589,6 +7471,7 @@ export interface operations {
       401: components['responses']['SocketUnauthorized']
       403: components['responses']['SocketForbidden']
       404: components['responses']['SocketNotFoundResponse']
+      409: components['responses']['SocketConflict']
       429: components['responses']['SocketTooManyRequestsResponse']
     }
   }
@@ -6620,11 +7503,58 @@ export interface operations {
         content: {
           'application/json': {
             results: Array<{
+              /**
+               * @description The uuid of the triage action
+               * @default
+               */
+              uuid?: string | null
+              /**
+               * @description The package type associated with the triage state
+               * @default
+               */
+              package_type?: string | null
+              /**
+               * @description The package namespace associated with the triage state
+               * @default
+               */
+              package_namespace?: string | null
+              /**
+               * @description The package name associated with the triage state
+               * @default
+               */
+              package_name?: string | null
+              /**
+               * @description The package version associated with the triage state, it can contain a * suffix for wildcard matching
+               * @default
+               */
+              package_version?: string | null
               /**
                * @description The alert_key associated with the triage state
                * @default
                */
-              alert_key?: string
+              alert_key?: string | null
+              /**
+               * @description The alert type (e.g., criticalCVE, highCVE) associated with the triage state
+               * @default
+               */
+              alert_type?: string | null
+              /**
+               * @description Whether a fix must be available, unavailable, or * for any
+               * @default *
+               * @enum {string|null}
+               */
+              fix_available?: 'available' | 'unavailable' | '*' | null
+              /**
+               * @description Whether a patch must be available, unavailable, or * for any
+               * @default *
+               * @enum {string|null}
+               */
+              patch_available?: 'available' | 'unavailable' | '*' | null
+              /**
+               * @description CVSS score comparison (e.g., >=7.5, >5.0, ==8.0)
+               * @default
+               */
+              cvss_score_cmp?: string | null
               /**
                * @description The creation date of the triage action
                * @default
@@ -6651,6 +7581,23 @@ export interface operations {
                * @enum {string}
                */
               state?: 'block' | 'ignore' | 'inherit' | 'monitor' | 'warn'
+              /**
+               * @description CVE or GHSA ID associated with the triage state
+               * @default
+               */
+              cve_or_ghsa_id?: string | null
+              /**
+               * @description The reachability of the alert, can be reachable, unreachable, other, or * for any
+               * @default *
+               * @enum {string|null}
+               */
+              reachability?: 'reachable' | 'unreachable' | 'other' | '*' | null
+              /**
+               * @description Whether the alert has a CISA KEV (Known Exploited Vulnerability), can be exist, none, or * for any
+               * @default *
+               * @enum {string|null}
+               */
+              kevs?: 'exist' | 'none' | '*' | null
             }>
             /** @default 0 */
             nextPage: number | null
@@ -6666,7 +7613,7 @@ export interface operations {
   }
   /**
    * Update Org Alert Triage
-   * @description Update triage actions on organizaton alerts.
+   * @description Update triage actions on organization alerts.
    *
    * This endpoint consumes 1 unit of your quota.
    *
@@ -6675,6 +7622,10 @@ export interface operations {
    */
   updateOrgAlertTriage: {
     parameters: {
+      query?: {
+        /** @description Set to true to force broad triage updates, these are triages lacking a specific alertKey or granular artifact information which may have limited introspection to see what they apply to. */
+        force?: string
+      }
       path: {
         /** @description The slug of the organization */
         org_slug: string
@@ -6685,7 +7636,43 @@ export interface operations {
         'application/json': {
           alertTriage: Array<{
             /** @default */
-            alertKey?: string
+            uuid?: string | null
+            /** @default */
+            packageType?: string | null
+            /** @default */
+            packageNamespace?: string | null
+            /** @default */
+            packageName?: string | null
+            /** @default */
+            packageVersion?: string | null
+            /** @default */
+            alertKey?: string | null
+            /** @default */
+            alertType?: string | null
+            /**
+             * @description Whether a fix is available, unavailable, or * for any
+             * @enum {string}
+             */
+            fixAvailable?: 'available' | 'unavailable' | '*'
+            /**
+             * @description Whether a patch is available, unavailable, or * for any
+             * @enum {string}
+             */
+            patchAvailable?: 'available' | 'unavailable' | '*'
+            /**
+             * @description Whether the alert has a CISA KEV, can be exist, none, or * for any
+             * @enum {string}
+             */
+            kevs?: 'exist' | 'none' | '*'
+            /** @default */
+            cveOrGhsaId?: string | null
+            /**
+             * @description The reachability of the alert, can be reachable, unreachable, other, or * for any
+             * @enum {string}
+             */
+            reachability?: 'reachable' | 'unreachable' | 'other' | '*'
+            /** @default */
+            cvssScoreCmp?: string | null
             /** @default */
             note?: string
             /**
@@ -6699,7 +7686,7 @@ export interface operations {
     }
     responses: {
       /** @description Updated Alert Triage */
-      202: {
+      200: {
         content: {
           'application/json': {
             /** @default */
@@ -6715,35 +7702,70 @@ export interface operations {
     }
   }
   /**
-   * List repositories
-   * @description Lists repositories for the specified organization.
+   * Delete Org Alert Triage
+   * @description Delete a specific triage rule by UUID.
    *
    * This endpoint consumes 1 unit of your quota.
    *
    * This endpoint requires the following org token scopes:
-   * - repo:list
+   * - triage:alerts-update
    */
-  getOrgRepoList: {
+  deleteOrgAlertTriage: {
     parameters: {
-      query?: {
-        sort?: string
-        direction?: string
-        per_page?: number
-        page?: number
-        /** @description Include archived repositories in the results */
-        include_archived?: boolean
-      }
       path: {
         /** @description The slug of the organization */
         org_slug: string
+        /** @description The UUID of the alert triage entry to delete */
+        uuid: string
       }
     }
     responses: {
-      /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */
+      /** @description Deleted Alert Triage */
       200: {
         content: {
           'application/json': {
-            results: Array<{
+            /** @default */
+            result: string
+          }
+        }
+      }
+      400: components['responses']['SocketBadRequest']
+      401: components['responses']['SocketUnauthorized']
+      403: components['responses']['SocketForbidden']
+      404: components['responses']['SocketNotFoundResponse']
+      429: components['responses']['SocketTooManyRequestsResponse']
+    }
+  }
+  /**
+   * List repositories
+   * @description Lists repositories for the specified organization.
+   *
+   * This endpoint consumes 1 unit of your quota.
+   *
+   * This endpoint requires the following org token scopes:
+   * - repo:list
+   */
+  getOrgRepoList: {
+    parameters: {
+      query?: {
+        sort?: string
+        direction?: string
+        per_page?: number
+        page?: number
+        /** @description Include archived repositories in the results */
+        include_archived?: boolean
+      }
+      path: {
+        /** @description The slug of the organization */
+        org_slug: string
+      }
+    }
+    responses: {
+      /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */
+      200: {
+        content: {
+          'application/json': {
+            results: Array<{
               /**
                * @description The ID of the repository
                * @default
@@ -7870,6 +8892,13 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              tooManyFiles?: {
+                /**
+                 * @description The action to take for tooManyFiles issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               generic?: {
                 /**
                  * @description The action to take for generic issues.
@@ -7926,6 +8955,13 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              recentlyPublished?: {
+                /**
+                 * @description The action to take for recentlyPublished issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               licenseSpdxDisj?: {
                 /**
                  * @description The action to take for licenseSpdxDisj issues.
@@ -8297,6 +9333,90 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              skillAutonomyAbuse?: {
+                /**
+                 * @description The action to take for skillAutonomyAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillCommandInjection?: {
+                /**
+                 * @description The action to take for skillCommandInjection issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillDataExfiltration?: {
+                /**
+                 * @description The action to take for skillDataExfiltration issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillDiscoveryAbuse?: {
+                /**
+                 * @description The action to take for skillDiscoveryAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillHardcodedSecrets?: {
+                /**
+                 * @description The action to take for skillHardcodedSecrets issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillObfuscation?: {
+                /**
+                 * @description The action to take for skillObfuscation issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillPromptInjection?: {
+                /**
+                 * @description The action to take for skillPromptInjection issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillResourceAbuse?: {
+                /**
+                 * @description The action to take for skillResourceAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillSupplyChain?: {
+                /**
+                 * @description The action to take for skillSupplyChain issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillToolAbuse?: {
+                /**
+                 * @description The action to take for skillToolAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillToolChaining?: {
+                /**
+                 * @description The action to take for skillToolChaining issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillTransitiveTrust?: {
+                /**
+                 * @description The action to take for skillTransitiveTrust issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               socketUpgradeAvailable?: {
                 /**
                  * @description The action to take for socketUpgradeAvailable issues.
@@ -8749,6 +9869,13 @@ export interface operations {
                */
               action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
             }
+            tooManyFiles?: {
+              /**
+               * @description The action to take for tooManyFiles issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
             generic?: {
               /**
                * @description The action to take for generic issues.
@@ -8805,6 +9932,13 @@ export interface operations {
                */
               action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
             }
+            recentlyPublished?: {
+              /**
+               * @description The action to take for recentlyPublished issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
             licenseSpdxDisj?: {
               /**
                * @description The action to take for licenseSpdxDisj issues.
@@ -9176,6 +10310,90 @@ export interface operations {
                */
               action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
             }
+            skillAutonomyAbuse?: {
+              /**
+               * @description The action to take for skillAutonomyAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillCommandInjection?: {
+              /**
+               * @description The action to take for skillCommandInjection issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillDataExfiltration?: {
+              /**
+               * @description The action to take for skillDataExfiltration issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillDiscoveryAbuse?: {
+              /**
+               * @description The action to take for skillDiscoveryAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillHardcodedSecrets?: {
+              /**
+               * @description The action to take for skillHardcodedSecrets issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillObfuscation?: {
+              /**
+               * @description The action to take for skillObfuscation issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillPromptInjection?: {
+              /**
+               * @description The action to take for skillPromptInjection issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillResourceAbuse?: {
+              /**
+               * @description The action to take for skillResourceAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillSupplyChain?: {
+              /**
+               * @description The action to take for skillSupplyChain issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillToolAbuse?: {
+              /**
+               * @description The action to take for skillToolAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillToolChaining?: {
+              /**
+               * @description The action to take for skillToolChaining issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillTransitiveTrust?: {
+              /**
+               * @description The action to take for skillTransitiveTrust issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
             socketUpgradeAvailable?: {
               /**
                * @description The action to take for socketUpgradeAvailable issues.
@@ -9782,6 +11000,13 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              tooManyFiles?: {
+                /**
+                 * @description The action to take for tooManyFiles issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               generic?: {
                 /**
                  * @description The action to take for generic issues.
@@ -9838,6 +11063,13 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              recentlyPublished?: {
+                /**
+                 * @description The action to take for recentlyPublished issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               licenseSpdxDisj?: {
                 /**
                  * @description The action to take for licenseSpdxDisj issues.
@@ -10209,6 +11441,90 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              skillAutonomyAbuse?: {
+                /**
+                 * @description The action to take for skillAutonomyAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillCommandInjection?: {
+                /**
+                 * @description The action to take for skillCommandInjection issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillDataExfiltration?: {
+                /**
+                 * @description The action to take for skillDataExfiltration issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillDiscoveryAbuse?: {
+                /**
+                 * @description The action to take for skillDiscoveryAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillHardcodedSecrets?: {
+                /**
+                 * @description The action to take for skillHardcodedSecrets issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillObfuscation?: {
+                /**
+                 * @description The action to take for skillObfuscation issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillPromptInjection?: {
+                /**
+                 * @description The action to take for skillPromptInjection issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillResourceAbuse?: {
+                /**
+                 * @description The action to take for skillResourceAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillSupplyChain?: {
+                /**
+                 * @description The action to take for skillSupplyChain issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillToolAbuse?: {
+                /**
+                 * @description The action to take for skillToolAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillToolChaining?: {
+                /**
+                 * @description The action to take for skillToolChaining issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillTransitiveTrust?: {
+                /**
+                 * @description The action to take for skillTransitiveTrust issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               socketUpgradeAvailable?: {
                 /**
                  * @description The action to take for socketUpgradeAvailable issues.
@@ -10654,14 +11970,21 @@ export interface operations {
                */
               action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
             }
-            generic?: {
+            tooManyFiles?: {
               /**
-               * @description The action to take for generic issues.
+               * @description The action to take for tooManyFiles issues.
                * @enum {string}
                */
               action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
             }
-            ghaArgToSink?: {
+            generic?: {
+              /**
+               * @description The action to take for generic issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            ghaArgToSink?: {
               /**
                * @description The action to take for ghaArgToSink issues.
                * @enum {string}
@@ -10710,6 +12033,13 @@ export interface operations {
                */
               action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
             }
+            recentlyPublished?: {
+              /**
+               * @description The action to take for recentlyPublished issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
             licenseSpdxDisj?: {
               /**
                * @description The action to take for licenseSpdxDisj issues.
@@ -11081,6 +12411,90 @@ export interface operations {
                */
               action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
             }
+            skillAutonomyAbuse?: {
+              /**
+               * @description The action to take for skillAutonomyAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillCommandInjection?: {
+              /**
+               * @description The action to take for skillCommandInjection issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillDataExfiltration?: {
+              /**
+               * @description The action to take for skillDataExfiltration issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillDiscoveryAbuse?: {
+              /**
+               * @description The action to take for skillDiscoveryAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillHardcodedSecrets?: {
+              /**
+               * @description The action to take for skillHardcodedSecrets issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillObfuscation?: {
+              /**
+               * @description The action to take for skillObfuscation issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillPromptInjection?: {
+              /**
+               * @description The action to take for skillPromptInjection issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillResourceAbuse?: {
+              /**
+               * @description The action to take for skillResourceAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillSupplyChain?: {
+              /**
+               * @description The action to take for skillSupplyChain issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillToolAbuse?: {
+              /**
+               * @description The action to take for skillToolAbuse issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillToolChaining?: {
+              /**
+               * @description The action to take for skillToolChaining issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
+            skillTransitiveTrust?: {
+              /**
+               * @description The action to take for skillTransitiveTrust issues.
+               * @enum {string}
+               */
+              action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+            }
             socketUpgradeAvailable?: {
               /**
                * @description The action to take for socketUpgradeAvailable issues.
@@ -11495,6 +12909,13 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              tooManyFiles?: {
+                /**
+                 * @description The action to take for tooManyFiles issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               generic?: {
                 /**
                  * @description The action to take for generic issues.
@@ -11551,6 +12972,13 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              recentlyPublished?: {
+                /**
+                 * @description The action to take for recentlyPublished issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               licenseSpdxDisj?: {
                 /**
                  * @description The action to take for licenseSpdxDisj issues.
@@ -11922,6 +13350,90 @@ export interface operations {
                  */
                 action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
               }
+              skillAutonomyAbuse?: {
+                /**
+                 * @description The action to take for skillAutonomyAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillCommandInjection?: {
+                /**
+                 * @description The action to take for skillCommandInjection issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillDataExfiltration?: {
+                /**
+                 * @description The action to take for skillDataExfiltration issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillDiscoveryAbuse?: {
+                /**
+                 * @description The action to take for skillDiscoveryAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillHardcodedSecrets?: {
+                /**
+                 * @description The action to take for skillHardcodedSecrets issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillObfuscation?: {
+                /**
+                 * @description The action to take for skillObfuscation issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillPromptInjection?: {
+                /**
+                 * @description The action to take for skillPromptInjection issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillResourceAbuse?: {
+                /**
+                 * @description The action to take for skillResourceAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillSupplyChain?: {
+                /**
+                 * @description The action to take for skillSupplyChain issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillToolAbuse?: {
+                /**
+                 * @description The action to take for skillToolAbuse issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillToolChaining?: {
+                /**
+                 * @description The action to take for skillToolChaining issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
+              skillTransitiveTrust?: {
+                /**
+                 * @description The action to take for skillTransitiveTrust issues.
+                 * @enum {string}
+                 */
+                action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
+              }
               socketUpgradeAvailable?: {
                 /**
                  * @description The action to take for socketUpgradeAvailable issues.
@@ -12919,6 +14431,14 @@ export interface operations {
         'filters.artifactType'?: string
         /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
         'filters.artifactType.notIn'?: string
+        /** @description Comma-separated list of branch names that should be included */
+        'filters.branch'?: string
+        /** @description Comma-separated list of branch names that should be excluded */
+        'filters.branch.notIn'?: string
+        /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
+        'filters.cvePatchStatus'?: string
+        /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
+        'filters.cvePatchStatus.notIn'?: string
         /** @description Dead/reachable dependency filter flag */
         'filters.dependencyDead'?: boolean
         /** @description Dead/reachable dependency filter flag */
@@ -13118,6 +14638,14 @@ export interface operations {
                 artifactType?: string[]
                 /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
                 'artifactType.notIn'?: string[]
+                /** @description Comma-separated list of branch names that should be included */
+                branch?: string[]
+                /** @description Comma-separated list of branch names that should be excluded */
+                'branch.notIn'?: string[]
+                /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
+                cvePatchStatus?: string[]
+                /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
+                'cvePatchStatus.notIn'?: string[]
                 /** @description Dead/reachable dependency filter flag */
                 dependencyDead?: boolean[]
                 /** @description Development/production dependency filter flag */
@@ -13163,7 +14691,7 @@ export interface operations {
         date?: string
         /** @description The number of days of data to fetch as an offset from input date */
         range?: string
-        /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,alertReachabilityAnalysisType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
+        /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,branch,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,cvePatchStatus,alertReachabilityAnalysisType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
         'aggregation.fields'?: string
         /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
         'filters.alertAction'?: string
@@ -13233,6 +14761,14 @@ export interface operations {
         'filters.artifactType'?: string
         /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
         'filters.artifactType.notIn'?: string
+        /** @description Comma-separated list of branch names that should be included */
+        'filters.branch'?: string
+        /** @description Comma-separated list of branch names that should be excluded */
+        'filters.branch.notIn'?: string
+        /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
+        'filters.cvePatchStatus'?: string
+        /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
+        'filters.cvePatchStatus.notIn'?: string
         /** @description Dead/reachable dependency filter flag */
         'filters.dependencyDead'?: boolean
         /** @description Dead/reachable dependency filter flag */
@@ -13348,6 +14884,14 @@ export interface operations {
                 artifactType?: string[]
                 /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
                 'artifactType.notIn'?: string[]
+                /** @description Comma-separated list of branch names that should be included */
+                branch?: string[]
+                /** @description Comma-separated list of branch names that should be excluded */
+                'branch.notIn'?: string[]
+                /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
+                cvePatchStatus?: string[]
+                /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
+                'cvePatchStatus.notIn'?: string[]
                 /** @description Dead/reachable dependency filter flag */
                 dependencyDead?: boolean[]
                 /** @description Development/production dependency filter flag */
@@ -13728,8 +15272,11 @@ export interface operations {
           | 'ChangeMemberRole'
           | 'ChangePlanSubscriptionSeats'
           | 'CreateApiToken'
+          | 'CreateArtifact'
           | 'CreateLabel'
           | 'CreateWebhook'
+          | 'DeleteAlertTriage'
+          | 'DeleteApiToken'
           | 'DeleteFullScan'
           | 'DeleteLabel'
           | 'DeleteLabelSetting'
@@ -13844,6 +15391,8 @@ export interface operations {
         per_page?: number
         /** @description The token specifying which page to return. */
         page?: number
+        /** @description Whether to include token values in response. Use "omit" to exclude tokens entirely. */
+        token_values?: 'include' | 'omit'
       }
       path: {
         /** @description The slug of the organization */
@@ -13892,6 +15441,17 @@ export interface operations {
                * @default
                */
               created_at: string
+              /**
+               * Format: uuid
+               * @description The stable group UUID that remains constant across token rotations
+               * @default
+               */
+              group_uuid: string
+              /**
+               * @description SRI-format hash of the token (e.g., sha512-base64hash). Null for tokens created before hash column was added.
+               * @default
+               */
+              hash: string | null
               /**
                * @description The ID of the API Token
                * @default
@@ -13979,22 +15539,28 @@ export interface operations {
                 | 'socket-basics:read'
                 | 'telemetry-policy'
                 | 'telemetry-policy:update'
+                | 'telemetry-events'
+                | 'telemetry-events:list'
                 | 'threat-feed'
                 | 'threat-feed:list'
                 | 'triage'
                 | 'triage:alerts-list'
                 | 'triage:alerts-update'
+                | 'uploaded-artifacts'
+                | 'uploaded-artifacts:create'
+                | 'uploaded-artifacts:list'
                 | 'webhooks'
                 | 'webhooks:create'
                 | 'webhooks:list'
                 | 'webhooks:update'
                 | 'webhooks:delete'
+                | '*'
               )[]
               /**
-               * @description The obfuscated token of the API Token
+               * @description The token of the API Token (redacted or omitted)
                * @default
                */
-              token: string
+              token: string | null
               /**
                * @description The visibility of the API Token. Warning: this field is deprecated and will be removed in the future.
                * @default organization
@@ -14103,16 +15669,22 @@ export interface operations {
             | 'socket-basics:read'
             | 'telemetry-policy'
             | 'telemetry-policy:update'
+            | 'telemetry-events'
+            | 'telemetry-events:list'
             | 'threat-feed'
             | 'threat-feed:list'
             | 'triage'
             | 'triage:alerts-list'
             | 'triage:alerts-update'
+            | 'uploaded-artifacts'
+            | 'uploaded-artifacts:create'
+            | 'uploaded-artifacts:list'
             | 'webhooks'
             | 'webhooks:create'
             | 'webhooks:list'
             | 'webhooks:update'
             | 'webhooks:delete'
+            | '*'
           >
           /**
            * @description The visibility of the API Token. Warning: this field is deprecated and will be removed in the future.
@@ -14171,18 +15743,26 @@ export interface operations {
       }
     }
     responses: {
-      /** @description The newly created api token. */
+      /** @description The newly created api token with its stable UUID and hash. */
       200: {
         content: {
           'application/json': {
             /**
              * Format: uuid
-             * @description ID of the Socket user who created the API Token, if available
+             * @description ID of the Socket user who created the API Token
              * @default
              */
             created_by: string | null
+            /**
+             * Format: uuid
+             * @description The stable group UUID that remains constant across token rotations
+             * @default
+             */
+            group_uuid: string
             /** @default */
             token: string
+            /** @default */
+            hash: string
           }
         }
       }
@@ -14282,22 +15862,23 @@ export interface operations {
             | 'socket-basics:read'
             | 'telemetry-policy'
             | 'telemetry-policy:update'
+            | 'telemetry-events'
+            | 'telemetry-events:list'
             | 'threat-feed'
             | 'threat-feed:list'
             | 'triage'
             | 'triage:alerts-list'
             | 'triage:alerts-update'
+            | 'uploaded-artifacts'
+            | 'uploaded-artifacts:create'
+            | 'uploaded-artifacts:list'
             | 'webhooks'
             | 'webhooks:create'
             | 'webhooks:list'
             | 'webhooks:update'
             | 'webhooks:delete'
+            | '*'
           >
-          /**
-           * @description The API token to update
-           * @default
-           */
-          token: string
           /**
            * @description The visibility of the API Token. Warning: this field is deprecated and will be removed in the future.
            * @default organization
@@ -14333,6 +15914,27 @@ export interface operations {
            * @default api token
            */
           name?: string
+          /**
+           * Format: uuid
+           * @description The stable group UUID to update (provide uuid, id, token, or hash. May provide uuid+hash together for validation)
+           * @default
+           */
+          uuid?: string
+          /**
+           * @description The API token ID to update (provide uuid, id, token, or hash)
+           * @default
+           */
+          id?: string
+          /**
+           * @description The API token to update (provide uuid, id, token, or hash)
+           * @default
+           */
+          token?: string
+          /**
+           * @description The API token hash to update (provide uuid, id, token, or hash)
+           * @default
+           */
+          hash?: string
         }
       }
     }
@@ -14341,8 +15943,11 @@ export interface operations {
       200: {
         content: {
           'application/json': {
-            /** @default */
-            token: string
+            /**
+             * @description SRI-format hash of the API token (e.g., sha512-base64hash)
+             * @default
+             */
+            hash: string
           }
         }
       }
@@ -14367,28 +15972,49 @@ export interface operations {
         org_slug: string
       }
     }
-    /** @description The API Token to rotate */
+    /** @description The API Token identifier to rotate. Provide uuid (recommended), token, or hash. May provide uuid+hash together for validation. */
     requestBody?: {
       content: {
         'application/json': {
+          /**
+           * Format: uuid
+           * @description The stable group UUID of the API token to rotate
+           * @default
+           */
+          uuid?: string
+          /** @default */
+          token?: string
           /** @default */
-          token: string
+          hash?: string
         }
       }
     }
     responses: {
-      /** @description The replacement API Token */
+      /** @description The replacement API Token with its stable UUID, new token value, and hash */
       200: {
         content: {
           'application/json': {
+            /**
+             * @description The database ID of the new API token
+             * @default
+             */
+            id: string
+            /**
+             * Format: uuid
+             * @description The stable group UUID (unchanged after rotation)
+             * @default
+             */
+            group_uuid: string
             /**
              * Format: uuid
-             * @description ID of the Socket user who initiated the rotation, if available
+             * @description ID of the Socket user who created the API Token
              * @default
              */
             created_by: string | null
             /** @default */
             token: string
+            /** @default */
+            hash: string
           }
         }
       }
@@ -14413,12 +16039,20 @@ export interface operations {
         org_slug: string
       }
     }
-    /** @description The token to revoke. */
+    /** @description The API token identifier to revoke. Provide uuid (recommended), token, or hash. May provide uuid+hash together for validation. */
     requestBody?: {
       content: {
         'application/json': {
+          /**
+           * Format: uuid
+           * @description The stable group UUID of the API token to revoke
+           * @default
+           */
+          uuid?: string
           /** @default */
-          token: string
+          token?: string
+          /** @default */
+          hash?: string
         }
       }
     }
@@ -14505,7 +16139,7 @@ export interface operations {
         discovery_period?: '1h' | '6h' | '1d' | '7d' | '30d' | '90d' | '365d'
         /** @description Ordering direction of the sort attribute */
         direction?: 'desc' | 'asc'
-        /** @description Filter what type of threats to return */
+        /** @description Filter by threat classification. Supported values: `mal` (malware, including possible malware), `vuln` (vulnerability), `typo` (typosquat, including possible typosquat), `anom` (anomaly), `spy` (telemetry), `obf` (obfuscated code), `dual` (dual-use tool), `joke` (protestware or joke package), `tp` (all confirmed true positives), `fp` (false positive), `u` (unreviewed), `c` (classified, i.e. anything except unreviewed). */
         filter?:
           | 'u'
           | 'c'
@@ -14517,7 +16151,6 @@ export interface operations {
           | 'joke'
           | 'spy'
           | 'typo'
-          | 'secret'
           | 'obf'
           | 'dual'
         /** @description Filter threats by package name */
@@ -14526,10 +16159,11 @@ export interface operations {
         version?: string
         /** @description Only return threats which have been human-reviewed */
         is_human_reviewed?: boolean
-        /** @description Filter threats by package ecosystem type */
+        /** @description Filter threats by package ecosystem. */
         ecosystem?:
           | 'github'
           | 'cargo'
+          | 'clawhub'
           | 'composer'
           | 'chrome'
           | 'golang'
@@ -14540,6 +16174,7 @@ export interface operations {
           | 'vscode'
           | 'pypi'
           | 'gem'
+          | 'swift'
       }
     }
     responses: {
@@ -14548,23 +16183,61 @@ export interface operations {
         content: {
           'application/json': {
             results: Array<{
-              /** @default */
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the threat in the package artifact was first discovered
+               * @default
+               */
               createdAt?: string
-              /** @default */
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the threat record for the package artifact was last updated (e.g., classification changed, package removed from registry, etc.)
+               * @default
+               */
               updatedAt?: string
-              /** @default */
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the package artifact was published to the respective registry
+               * @default
+               */
+              publishedAt?: string | null
+              /**
+               * @description Detailed description of the underlying threat
+               * @default
+               */
               description?: string
-              /** @default 0 */
+              /**
+               * @description Unique identifier of the threat feed entry
+               * @default 0
+               */
               id?: number
-              /** @default */
+              /**
+               * Format: uri
+               * @description URL to the threat details page on Socket
+               * @default
+               */
               locationHtmlUrl?: string
-              /** @default */
+              /**
+               * Format: uri
+               * @description URL to the affected package page on Socket
+               * @default
+               */
               packageHtmlUrl?: string
-              /** @default */
+              /**
+               * @description Package URL (PURL) of the affected package artifact
+               * @default
+               */
               purl?: string
-              /** @default */
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the package artifact was removed from the respective registry, or null if the package is still available on the registry
+               * @default
+               */
               removedAt?: string | null
-              /** @default */
+              /**
+               * @description Threat classification. Possible values: `malware` (known malware), `possible_malware` (AI-detected potential malware), `vulnerability` (potential vulnerability), `typosquat` (human-reviewed typosquat), `possible_typosquat` (AI-detected potential typosquat), `anomaly` (anomalous behavior), `telemetry` (telemetry), `obfuscated` (obfuscated code), `dual_use` (dual-use tool), `troll` (protestware or joke package), `unreviewed` (not yet reviewed), `false_positive` (confirmed false positive).
+               * @default
+               */
               threatType?: string
               /**
                * @description Whether the threat still is in need of human review by the threat research team
@@ -14595,105 +16268,290 @@ export interface operations {
    *
    * This endpoint requires an Enterprise Plan with Threat Feed add-on. [Contact](https://socket.dev/demo?utm_source=api-docs&utm_medium=referral&utm_campaign=tracking) our sales team for more details.
    *
-   * This endpoint consumes 1 unit of your quota.
+   * This endpoint consumes 1 unit of your quota.
+   *
+   * This endpoint requires the following org token scopes:
+   * - threat-feed:list
+   */
+  getOrgThreatFeedItems: {
+    parameters: {
+      query?: {
+        /** @description Number of threats per page */
+        per_page?: number
+        /** @description Page cursor token. Pass the returned nextPageCursor to this query string to fetch the next page of the threat feed. */
+        page_cursor?: string
+        /** @description Set the sort order for the threat feed items. Default is descending order by updated_at, which includes all new and updated threat feed items. */
+        sort?: 'id' | 'created_at' | 'updated_at'
+        /** @description A Unix timestamp in seconds that filters results to items only updated after the timestamp. */
+        updated_after?: string
+        /** @description A Unix timestamp in seconds that filters results to items only created after the date. */
+        created_after?: string
+        /** @description Order direction of the provided sort field. */
+        direction?: 'desc' | 'asc'
+        /** @description Filter by threat classification. Supported values: `mal` (malware, including possible malware), `vuln` (vulnerability), `typo` (typosquat, including possible typosquat), `anom` (anomaly), `spy` (telemetry), `obf` (obfuscated code), `dual` (dual-use tool), `joke` (protestware or joke package), `tp` (all confirmed true positives), `fp` (false positive), `u` (unreviewed), `c` (classified, i.e. anything except unreviewed). */
+        filter?:
+          | 'u'
+          | 'c'
+          | 'fp'
+          | 'tp'
+          | 'mal'
+          | 'vuln'
+          | 'anom'
+          | 'joke'
+          | 'spy'
+          | 'typo'
+          | 'obf'
+          | 'dual'
+        /** @description Filter threats by package name */
+        name?: string
+        /** @description Filter threats by package version. */
+        version?: string
+        /** @description Only return threats which have been human-reviewed */
+        is_human_reviewed?: boolean
+        /** @description Filter threats by package ecosystem. */
+        ecosystem?:
+          | 'github'
+          | 'cargo'
+          | 'clawhub'
+          | 'composer'
+          | 'chrome'
+          | 'golang'
+          | 'huggingface'
+          | 'maven'
+          | 'npm'
+          | 'nuget'
+          | 'vscode'
+          | 'pypi'
+          | 'gem'
+          | 'swift'
+      }
+      path: {
+        /** @description The slug of the organization */
+        org_slug: string
+      }
+    }
+    responses: {
+      /** @description The paginated list of items in the threat feed and the next page cursor. */
+      200: {
+        content: {
+          'application/json': {
+            results: Array<{
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the threat in the package artifact was first discovered
+               * @default
+               */
+              createdAt?: string
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the threat record for the package artifact was last updated (e.g., classification changed, package removed from registry, etc.)
+               * @default
+               */
+              updatedAt?: string
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the package artifact was published to the respective registry
+               * @default
+               */
+              publishedAt?: string | null
+              /**
+               * @description Detailed description of the underlying threat
+               * @default
+               */
+              description?: string
+              /**
+               * @description Unique identifier of the threat feed entry
+               * @default 0
+               */
+              id?: number
+              /**
+               * Format: uri
+               * @description URL to the threat details page on Socket
+               * @default
+               */
+              locationHtmlUrl?: string
+              /**
+               * Format: uri
+               * @description URL to the affected package page on Socket
+               * @default
+               */
+              packageHtmlUrl?: string
+              /**
+               * @description Package URL (PURL) of the affected package artifact
+               * @default
+               */
+              purl?: string
+              /**
+               * Format: date-time
+               * @description ISO 8601 timestamp of when the package artifact was removed from the respective registry, or null if the package is still available on the registry
+               * @default
+               */
+              removedAt?: string | null
+              /**
+               * @description Threat classification. Possible values: `malware` (known malware), `possible_malware` (AI-detected potential malware), `vulnerability` (potential vulnerability), `typosquat` (human-reviewed typosquat), `possible_typosquat` (AI-detected potential typosquat), `anomaly` (anomalous behavior), `telemetry` (telemetry), `obfuscated` (obfuscated code), `dual_use` (dual-use tool), `troll` (protestware or joke package), `unreviewed` (not yet reviewed), `false_positive` (confirmed false positive).
+               * @default
+               */
+              threatType?: string
+              /**
+               * @description Whether the threat still is in need of human review by the threat research team
+               * @default false
+               */
+              needsHumanReview?: boolean
+              /**
+               * @description Unique threat instance identifier across artifacts
+               * @default 0
+               */
+              threatInstanceId?: number
+            }>
+            /** @default */
+            nextPageCursor: string | null
+          }
+        }
+      }
+      400: components['responses']['SocketBadRequest']
+      401: components['responses']['SocketUnauthorized']
+      403: components['responses']['SocketForbidden']
+      404: components['responses']['SocketNotFoundResponse']
+      429: components['responses']['SocketTooManyRequestsResponse']
+    }
+  }
+  /**
+   * Get Packages by PURL (Org Scoped)
+   * @description Batch retrieval of package metadata and alerts by PURL strings for a specific organization. Compatible with CycloneDX reports.
+   *
+   * Package URLs (PURLs) are an ecosystem agnostic way to identify packages.
+   * CycloneDX SBOMs use the purl format to identify components.
+   * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report.
+   *
+   * **Note:** This endpoint has a batch size limit (default: 1024 PURLs per request). Requests exceeding this limit will return a 400 Bad Request error.
+   *
+   * More information on purl and CycloneDX:
+   *
+   * - [`purl` Spec](https://github.com/package-url/purl-spec)
+   * - [CycloneDX Spec](https://cyclonedx.org/specification/overview/#components)
+   *
+   * This endpoint returns the latest available alert data for artifacts in the batch (stale while revalidate).
+   * Actively running analysis will be returned when available on subsequent runs.
+   *
+   * ## Query Parameters
+   *
+   * This endpoint supports all query parameters from `POST /v0/purl` including: `alerts`, `actions`, `compact`, `fixable`, `licenseattrib`, `licensedetails`, `purlErrors`, `cachedResultsOnly`, and `summary`.
+   *
+   * Additionally, you may provide a `labels` query parameter to apply a repository label's security policies. Pass the label slug as the value (e.g., `?labels=production`). Only one label is currently supported.
+   *
+   * ## Examples:
+   *
+   * ### Looking up an npm package:
+   *
+   * ```json
+   * {
+   *   "components": [
+   *     {
+   *       "purl": "pkg:npm/express@4.19.2"
+   *     }
+   *   ]
+   * }
+   * ```
+   *
+   * ### Looking up a PyPi package:
+   *
+   * ```json
+   * {
+   *   "components": [
+   *     {
+   *       "purl": "pkg:pypi/django@5.0.6"
+   *     }
+   *   ]
+   * }
+   * ```
+   *
+   * ### Looking up a Maven package:
+   *
+   * ```json
+   * {
+   *   "components": [
+   *     {
+   *       "purl": "pkg:maven/log4j/log4j@1.2.17"
+   *     }
+   *   ]
+   * }
+   * ```
+   *
+   * ### Batch lookup
+   *
+   * ```json
+   * {
+   *   "components": [
+   *     {
+   *       "purl": "pkg:npm/express@4.19.2"
+   *     },
+   *     {
+   *       "purl": "pkg:pypi/django@5.0.6"
+   *     },
+   *     {
+   *       "purl": "pkg:maven/log4j/log4j@1.2.17"
+   *     }
+   *   ]
+   * }
+   * ```
+   *
+   * ### With label and options (query parameters):
+   *
+   * ```
+   * POST /v0/orgs/{org_slug}/purl?labels=production&alerts=true&compact=true
+   * {
+   *   "components": [
+   *     {
+   *       "purl": "pkg:npm/express@4.19.2"
+   *     }
+   *   ]
+   * }
+   * ```
+   *
+   * This endpoint consumes 100 units of your quota.
    *
    * This endpoint requires the following org token scopes:
-   * - threat-feed:list
+   * - packages:list
    */
-  getOrgThreatFeedItems: {
+  batchPackageFetchByOrg: {
     parameters: {
       query?: {
-        /** @description Number of threats per page */
-        per_page?: number
-        /** @description Page cursor token. Pass the returned nextPageCursor to this query string to fetch the next page of the threat feed. */
-        page_cursor?: string
-        /** @description Set the sort order for the threat feed items. Default is descending order by updated_at, which includes all new and updated threat feed items. */
-        sort?: 'id' | 'created_at' | 'updated_at'
-        /** @description A Unix timestamp in seconds that filters results to items only updated after the timestamp. */
-        updated_after?: string
-        /** @description A Unix timestamp in seconds that filters results to items only created after the date. */
-        created_after?: string
-        /** @description Order direction of the provided sort field. */
-        direction?: 'desc' | 'asc'
-        /** @description Filter what type of threats to return */
-        filter?:
-          | 'u'
-          | 'c'
-          | 'fp'
-          | 'tp'
-          | 'mal'
-          | 'vuln'
-          | 'anom'
-          | 'joke'
-          | 'spy'
-          | 'typo'
-          | 'secret'
-          | 'obf'
-          | 'dual'
-        /** @description Filter threats by package name */
-        name?: string
-        /** @description Filter threats by package version. */
-        version?: string
-        /** @description Only return threats which have been human-reviewed */
-        is_human_reviewed?: boolean
-        /** @description Filter threats by package ecosystem type */
-        ecosystem?:
-          | 'github'
-          | 'cargo'
-          | 'composer'
-          | 'chrome'
-          | 'golang'
-          | 'huggingface'
-          | 'maven'
-          | 'npm'
-          | 'nuget'
-          | 'vscode'
-          | 'pypi'
-          | 'gem'
+        /** @description Repository label slugs to apply policies. Only one label is supported currently; the parameter is an array to allow future support for multiple labels. */
+        labels?: string[]
+        /** @description Include alert metadata. */
+        alerts?: boolean
+        /** @description Include only alerts with comma separated actions defined by security policy. */
+        actions?: Array<'error' | 'monitor' | 'warn' | 'ignore'>
+        /** @description Compact metadata. When enabled, excludes metadata fields like author, scores, size, dependencies, and manifest files. Always includes: id, type, name, version, release, namespace, subpath, alerts, and alertPriorities. */
+        compact?: boolean
+        /** @description Include only fixable alerts. */
+        fixable?: boolean
+        /** @description Include license attribution data, including license text and author information. Maps attribution/license text to a list of data objects to which that attribution info applies. */
+        licenseattrib?: boolean
+        /** @description Include detailed license information, including location and match strength, for each license datum. */
+        licensedetails?: boolean
+        /** @description Return errors found with handling PURLs as error objects in the stream. */
+        purlErrors?: boolean
+        /** @description Return only cached results, do not attempt to scan new artifacts or rescan stale results. */
+        cachedResultsOnly?: boolean
+        /** @description Include a summary object at the end of the stream with counts of malformed, resolved, and not found PURLs. */
+        summary?: boolean
       }
       path: {
         /** @description The slug of the organization */
         org_slug: string
       }
     }
+    requestBody?: {
+      content: {
+        'application/json': components['schemas']['SocketOrgBatchPURLFetch']
+      }
+    }
     responses: {
-      /** @description The paginated list of items in the threat feed and the next page cursor. */
+      /** @description Socket issue lists and scores for all packages, and optional metadata objects */
       200: {
         content: {
-          'application/json': {
-            results: Array<{
-              /** @default */
-              createdAt?: string
-              /** @default */
-              updatedAt?: string
-              /** @default */
-              description?: string
-              /** @default 0 */
-              id?: number
-              /** @default */
-              locationHtmlUrl?: string
-              /** @default */
-              packageHtmlUrl?: string
-              /** @default */
-              purl?: string
-              /** @default */
-              removedAt?: string | null
-              /** @default */
-              threatType?: string
-              /**
-               * @description Whether the threat still is in need of human review by the threat research team
-               * @default false
-               */
-              needsHumanReview?: boolean
-              /**
-               * @description Unique threat instance identifier across artifacts
-               * @default 0
-               */
-              threatInstanceId?: number
-            }>
-            /** @default */
-            nextPageCursor: string | null
-          }
+          'application/x-ndjson': components['schemas']['BatchPurlStreamSchema']
         }
       }
       400: components['responses']['SocketBadRequest']
@@ -14709,6 +16567,57 @@ export interface operations {
    * Requires either repo_slug or full_scan_id as well as vulnerability_ids to be provided.
    * vulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities.
    *
+   * ## Response Structure
+   *
+   * The response contains a `fixDetails` object where each key is a vulnerability ID (GHSA or CVE) and the value is a discriminated union based on the `type` field.
+   *
+   * ### Common Fields
+   *
+   * All response variants include:
+   * - `type`: Discriminator field (one of: "fixFound", "partialFixFound", "noFixAvailable", "fixNotApplicable", "errorComputingFix")
+   * - `value`: Object containing the variant-specific data
+   *
+   * The `value` object always contains:
+   * - `ghsa`: string | null - The GHSA ID
+   * - `cve`: string | null - The CVE ID (if available)
+   * - `advisoryDetails`: object | null - Advisory details (only if include_details=true)
+   *
+   * ### Response Variants
+   *
+   * **fixFound**: A complete fix is available for all vulnerable packages
+   * - `value.fixDetails.fixes`: Array of fix objects, each containing:
+   *   - `purl`: Package URL to upgrade
+   *   - `fixedVersion`: Version to upgrade to
+   *   - `manifestFiles`: Array of manifest files containing the package
+   *   - `updateType`: "patch" | "minor" | "major" | "unknown"
+   * - `value.fixDetails.responsibleDirectDependencies`: (optional) Map of direct dependencies responsible for the vulnerability
+   *
+   * **partialFixFound**: Fixes available for some but not all vulnerable packages
+   * - Same as fixFound, plus:
+   * - `value.fixDetails.unfixablePurls`: Array of packages that cannot be fixed, each containing:
+   *   - `purl`: Package URL
+   *   - `manifestFiles`: Array of manifest files
+   *
+   * **noFixAvailable**: No fix exists for this vulnerability (no patched version published)
+   *
+   * **fixNotApplicable**: A fix exists but cannot be applied due to version constraints
+   * - `value.vulnerableArtifacts`: Array of vulnerable packages with their manifest files
+   *
+   * **errorComputingFix**: An error occurred while computing fixes
+   * - `value.message`: Error description
+   *
+   * ### Advisory Details (when include_details=true)
+   *
+   * - `title`: string | null
+   * - `description`: string | null
+   * - `cwes`: string[] - CWE identifiers
+   * - `severity`: "LOW" | "MODERATE" | "HIGH" | "CRITICAL"
+   * - `cvssVector`: string | null
+   * - `publishedAt`: string (ISO date)
+   * - `kev`: boolean - Whether it's a Known Exploited Vulnerability
+   * - `epss`: number | null - Exploit Prediction Scoring System score
+   * - `affectedPurls`: Array of affected packages with version ranges
+   *
    * This endpoint consumes 10 units of your quota.
    *
    * This endpoint requires the following org token scopes:
@@ -14742,385 +16651,8 @@ export interface operations {
       200: {
         content: {
           'application/json': {
-            /** @description Map of vulnerability IDs (GHSA or CVE) to their fix details. Each entry contains information about available fixes, partial fixes, or reasons why fixes are not available. */
             fixDetails: {
-              [key: string]:
-                | {
-                    /** @enum {string} */
-                    type: 'fixFound'
-                    value: {
-                      /**
-                       * @default fixFound
-                       * @enum {string}
-                       */
-                      type: 'fixFound'
-                      /** @default */
-                      ghsa: string
-                      /** @default */
-                      cve: string | null
-                      fixDetails: {
-                        fixes: Array<{
-                          /** @default The PURL (unique package identifier) of the package to upgrade */
-                          purl: string
-                          /** @default The version of the package to upgrade to */
-                          fixedVersion: string
-                          manifestFiles: string[]
-                          /**
-                           * @description The type of version update (patch, minor, major, or unknown if it cannot be determined)
-                           * @default unknown
-                           * @enum {string}
-                           */
-                          updateType: 'patch' | 'minor' | 'major' | 'unknown'
-                        }>
-                        /** @description The keys are the PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability. */
-                        responsibleDirectDependencies?: {
-                          [key: string]: {
-                            /**
-                             * Format: The current version of the package
-                             * @default
-                             */
-                            currentVersion: string
-                            nextAvailableVersion?: {
-                              /**
-                               * Format: The next available version of the package
-                               * @default
-                               */
-                              version: string
-                              /**
-                               * @description The type of version update (patch, minor, major, or unknown if it cannot be determined)
-                               * @default unknown
-                               * @enum {string}
-                               */
-                              updateType:
-                                | 'patch'
-                                | 'minor'
-                                | 'major'
-                                | 'unknown'
-                            } | null
-                            /** @description The version and update type of the package that is necessary to fix the vulnerability. If the value is null, it means the package does not have to be upgraded to fix the vulnerability */
-                            fixByUpgradingTo?: {
-                              /** @default */
-                              version: string
-                              /**
-                               * @description The type of version update (patch, minor, major, or unknown if it cannot be determined)
-                               * @default unknown
-                               * @enum {string}
-                               */
-                              updateType:
-                                | 'patch'
-                                | 'minor'
-                                | 'major'
-                                | 'unknown'
-                            } | null
-                          }
-                        } | null
-                      }
-                      advisoryDetails: {
-                        /** @default */
-                        title?: string | null
-                        /** @default */
-                        description?: string | null
-                        cwes?: string[]
-                        /**
-                         * @description Severity level of the vulnerability
-                         * @default LOW
-                         * @enum {string}
-                         */
-                        severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL'
-                        /** @default */
-                        cvssVector?: string | null
-                        /** @default */
-                        publishedAt?: string
-                        /**
-                         * @description Whether the vulnerability is a Known Exploited Vulnerability
-                         * @default false
-                         */
-                        kev?: boolean
-                        /**
-                         * @description Exploit Prediction Scoring System score
-                         * @default 0
-                         */
-                        epss?: number | null
-                        affectedPurls?: Array<{
-                          /**
-                           * Format: The PURL (unique package identifier) of the affected package
-                           * @default
-                           */
-                          purl: string
-                          /** @default The range of vulnerable versions */
-                          affectedRange: string
-                        }>
-                      } | null
-                    }
-                  }
-                | {
-                    /** @enum {string} */
-                    type: 'partialFixFound'
-                    value: {
-                      /**
-                       * @default partialFixFound
-                       * @enum {string}
-                       */
-                      type: 'partialFixFound'
-                      /** @default */
-                      ghsa: string
-                      /** @default */
-                      cve: string | null
-                      fixDetails: {
-                        fixes: Array<{
-                          /** @default The PURL (unique package identifier) of the package to upgrade */
-                          purl: string
-                          /** @default The version of the package to upgrade to */
-                          fixedVersion: string
-                          manifestFiles: string[]
-                          /**
-                           * @description The type of version update (patch, minor, major, or unknown if it cannot be determined)
-                           * @default unknown
-                           * @enum {string}
-                           */
-                          updateType: 'patch' | 'minor' | 'major' | 'unknown'
-                        }>
-                        unfixablePurls: Array<{
-                          /** @default The PURL (unique package identifier) of the package that cannot be upgraded */
-                          purl: string
-                          manifestFiles: string[]
-                        }>
-                        /** @description The keys are the PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability. */
-                        responsibleDirectDependencies?: {
-                          [key: string]: {
-                            /**
-                             * Format: The current version of the package
-                             * @default
-                             */
-                            currentVersion: string
-                            nextAvailableVersion?: {
-                              /**
-                               * Format: The next available version of the package
-                               * @default
-                               */
-                              version: string
-                              /**
-                               * @description The type of version update (patch, minor, major, or unknown if it cannot be determined)
-                               * @default unknown
-                               * @enum {string}
-                               */
-                              updateType:
-                                | 'patch'
-                                | 'minor'
-                                | 'major'
-                                | 'unknown'
-                            } | null
-                            /** @description The version and update type of the package that is necessary to fix the vulnerability. If the value is null, it means the package does not have to be upgraded to fix the vulnerability */
-                            fixByUpgradingTo?: {
-                              /** @default */
-                              version: string
-                              /**
-                               * @description The type of version update (patch, minor, major, or unknown if it cannot be determined)
-                               * @default unknown
-                               * @enum {string}
-                               */
-                              updateType:
-                                | 'patch'
-                                | 'minor'
-                                | 'major'
-                                | 'unknown'
-                            } | null
-                          }
-                        } | null
-                      }
-                      advisoryDetails: {
-                        /** @default */
-                        title?: string | null
-                        /** @default */
-                        description?: string | null
-                        cwes?: string[]
-                        /**
-                         * @description Severity level of the vulnerability
-                         * @default LOW
-                         * @enum {string}
-                         */
-                        severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL'
-                        /** @default */
-                        cvssVector?: string | null
-                        /** @default */
-                        publishedAt?: string
-                        /**
-                         * @description Whether the vulnerability is a Known Exploited Vulnerability
-                         * @default false
-                         */
-                        kev?: boolean
-                        /**
-                         * @description Exploit Prediction Scoring System score
-                         * @default 0
-                         */
-                        epss?: number | null
-                        affectedPurls?: Array<{
-                          /**
-                           * Format: The PURL (unique package identifier) of the affected package
-                           * @default
-                           */
-                          purl: string
-                          /** @default The range of vulnerable versions */
-                          affectedRange: string
-                        }>
-                      } | null
-                    }
-                  }
-                | {
-                    /** @enum {string} */
-                    type: 'errorComputingFix'
-                    value: {
-                      /**
-                       * @default errorComputingFix
-                       * @enum {string}
-                       */
-                      type: 'errorComputingFix'
-                      /** @default */
-                      ghsa: string | null
-                      /** @default */
-                      cve: string | null
-                      /** @default */
-                      message: string
-                      advisoryDetails: {
-                        /** @default */
-                        title?: string | null
-                        /** @default */
-                        description?: string | null
-                        cwes?: string[]
-                        /**
-                         * @description Severity level of the vulnerability
-                         * @default LOW
-                         * @enum {string}
-                         */
-                        severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL'
-                        /** @default */
-                        cvssVector?: string | null
-                        /** @default */
-                        publishedAt?: string
-                        /**
-                         * @description Whether the vulnerability is a Known Exploited Vulnerability
-                         * @default false
-                         */
-                        kev?: boolean
-                        /**
-                         * @description Exploit Prediction Scoring System score
-                         * @default 0
-                         */
-                        epss?: number | null
-                        affectedPurls?: Array<{
-                          /**
-                           * Format: The PURL (unique package identifier) of the affected package
-                           * @default
-                           */
-                          purl: string
-                          /** @default The range of vulnerable versions */
-                          affectedRange: string
-                        }>
-                      } | null
-                    }
-                  }
-                | {
-                    /** @enum {string} */
-                    type: 'noFixAvailable'
-                    value: {
-                      /**
-                       * @default noFixAvailable
-                       * @enum {string}
-                       */
-                      type: 'noFixAvailable'
-                      /** @default */
-                      ghsa: string
-                      /** @default */
-                      cve: string | null
-                      advisoryDetails: {
-                        /** @default */
-                        title?: string | null
-                        /** @default */
-                        description?: string | null
-                        cwes?: string[]
-                        /**
-                         * @description Severity level of the vulnerability
-                         * @default LOW
-                         * @enum {string}
-                         */
-                        severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL'
-                        /** @default */
-                        cvssVector?: string | null
-                        /** @default */
-                        publishedAt?: string
-                        /**
-                         * @description Whether the vulnerability is a Known Exploited Vulnerability
-                         * @default false
-                         */
-                        kev?: boolean
-                        /**
-                         * @description Exploit Prediction Scoring System score
-                         * @default 0
-                         */
-                        epss?: number | null
-                        affectedPurls?: Array<{
-                          /**
-                           * Format: The PURL (unique package identifier) of the affected package
-                           * @default
-                           */
-                          purl: string
-                          /** @default The range of vulnerable versions */
-                          affectedRange: string
-                        }>
-                      } | null
-                    }
-                  }
-                | {
-                    /** @enum {string} */
-                    type: 'fixNotApplicable'
-                    value: {
-                      /**
-                       * @default fixNotApplicable
-                       * @enum {string}
-                       */
-                      type: 'fixNotApplicable'
-                      /** @default */
-                      ghsa: string
-                      /** @default */
-                      cve: string | null
-                      advisoryDetails: {
-                        /** @default */
-                        title?: string | null
-                        /** @default */
-                        description?: string | null
-                        cwes?: string[]
-                        /**
-                         * @description Severity level of the vulnerability
-                         * @default LOW
-                         * @enum {string}
-                         */
-                        severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL'
-                        /** @default */
-                        cvssVector?: string | null
-                        /** @default */
-                        publishedAt?: string
-                        /**
-                         * @description Whether the vulnerability is a Known Exploited Vulnerability
-                         * @default false
-                         */
-                        kev?: boolean
-                        /**
-                         * @description Exploit Prediction Scoring System score
-                         * @default 0
-                         */
-                        epss?: number | null
-                        affectedPurls?: Array<{
-                          /**
-                           * Format: The PURL (unique package identifier) of the affected package
-                           * @default
-                           */
-                          purl: string
-                          /** @default The range of vulnerable versions */
-                          affectedRange: string
-                        }>
-                      } | null
-                    }
-                  }
+              [key: string]: Record<string, never>
             }
           }
         }
@@ -15671,10 +17203,34 @@ export interface operations {
         'filters.alertAction'?: string
         /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
         'filters.alertAction.notIn'?: string
+        /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included */
+        'filters.alertActionSourceType'?: string
+        /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
+        'filters.alertActionSourceType.notIn'?: string
         /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
         'filters.alertCategory'?: string
         /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
         'filters.alertCategory.notIn'?: string
+        /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertClearedAt.eq'?: string
+        /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertClearedAt.lt'?: string
+        /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertClearedAt.lte'?: string
+        /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertClearedAt.gt'?: string
+        /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertClearedAt.gte'?: string
+        /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertCreatedAt.eq'?: string
+        /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertCreatedAt.lt'?: string
+        /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertCreatedAt.lte'?: string
+        /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertCreatedAt.gt'?: string
+        /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+        'filters.alertCreatedAt.gte'?: string
         /** @description CVE ID */
         'filters.alertCveId'?: string
         /** @description CVE ID */
@@ -15707,6 +17263,10 @@ export interface operations {
         'filters.alertPriority'?: string
         /** @description Alert priority ("low", "medium", "high", or "critical") */
         'filters.alertPriority.notIn'?: string
+        /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
+        'filters.alertReachabilityAnalysisType'?: string
+        /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
+        'filters.alertReachabilityAnalysisType.notIn'?: string
         /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
         'filters.alertReachabilityType'?: string
         /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
@@ -15733,6 +17293,34 @@ export interface operations {
         'filters.alertUpdatedAt.gt'?: string
         /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
         'filters.alertUpdatedAt.gte'?: string
+        /** @description Name of artifact */
+        'filters.artifactName'?: string
+        /** @description Name of artifact */
+        'filters.artifactName.notIn'?: string
+        /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
+        'filters.artifactType'?: string
+        /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
+        'filters.artifactType.notIn'?: string
+        /** @description Comma-separated list of branch names that should be included */
+        'filters.branch'?: string
+        /** @description Comma-separated list of branch names that should be excluded */
+        'filters.branch.notIn'?: string
+        /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
+        'filters.cvePatchStatus'?: string
+        /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
+        'filters.cvePatchStatus.notIn'?: string
+        /** @description Dead/reachable dependency filter flag */
+        'filters.dependencyDead'?: boolean
+        /** @description Dead/reachable dependency filter flag */
+        'filters.dependencyDead.notIn'?: boolean
+        /** @description Development/production dependency filter flag */
+        'filters.dependencyDev'?: boolean
+        /** @description Development/production dependency filter flag */
+        'filters.dependencyDev.notIn'?: boolean
+        /** @description Direct/transitive dependency filter flag */
+        'filters.dependencyDirect'?: boolean
+        /** @description Direct/transitive dependency filter flag */
+        'filters.dependencyDirect.notIn'?: boolean
         /** @description Comma-separated list of repo full names that should be included */
         'filters.repoFullName'?: string
         /** @description Comma-separated list of repo full names that should be excluded */
@@ -15752,7 +17340,7 @@ export interface operations {
       }
     }
     responses: {
-      /** @description The paginated array of API tokens for the organization, and related metadata. */
+      /** @description The paginated array of alert items for the organization and related metadata. */
       200: {
         content: {
           'application/json': {
@@ -15765,6 +17353,8 @@ export interface operations {
               type: string
               /** @default */
               category: string
+              /** @default */
+              description: string | null
               fix: {
                 /** @default */
                 type: string
@@ -15780,6 +17370,8 @@ export interface operations {
                 cveDescription: string | null
                 /** @default 0 */
                 cvssScore: number
+                /** @default */
+                cvssVectorString: string | null
                 cweIds: string[] | null
                 cweNames: string[] | null
                 ghsaIds: string[] | null
@@ -15789,6 +17381,10 @@ export interface operations {
                 epssPercentile: number
                 /** @default false */
                 isKev: boolean
+                /** @default */
+                firstPatchedVersionIdentifier: string | null
+                /** @default */
+                url: string | null
               } | null
               /** @default */
               id: string
@@ -15807,6 +17403,8 @@ export interface operations {
               clearedAt: string | null
               /** @default */
               dashboardUrl: string
+              /** @default */
+              title: string
               /**
                * @default low
                * @enum {string}
@@ -15900,6 +17498,43 @@ export interface operations {
                   scores: components['schemas']['SocketScore']
                   /** @default */
                   artifactId: string | null
+                  capabilities: {
+                    /**
+                     * @description Package can read or modify environment variables
+                     * @default false
+                     */
+                    env: boolean
+                    /**
+                     * @description Package uses dynamic code evaluation (eval, Function constructor, etc.)
+                     * @default false
+                     */
+                    eval: boolean
+                    /**
+                     * @description Package can read or write to the file system
+                     * @default false
+                     */
+                    fs: boolean
+                    /**
+                     * @description Package can make network requests or create servers
+                     * @default false
+                     */
+                    net: boolean
+                    /**
+                     * @description Package can execute shell commands or spawn processes
+                     * @default false
+                     */
+                    shell: boolean
+                    /**
+                     * @description Package uses unsafe or dangerous operations that could compromise security
+                     * @default false
+                     */
+                    unsafe: boolean
+                    /**
+                     * @description Package contains remote URL(s) in the source code
+                     * @default false
+                     */
+                    url: boolean
+                  } | null
                 }
               }[]
             }>
@@ -15913,10 +17548,34 @@ export interface operations {
                 alertAction?: string[]
                 /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */
                 'alertAction.notIn'?: string[]
+                /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be included */
+                alertActionSourceType?: string[]
+                /** @description Comma-separated list of alert action source types ("fallback", "injected-alert", "org-policy", "reachability", "repo-label-policy", "socket-yml", or "triage") that should be excluded */
+                'alertActionSourceType.notIn'?: string[]
                 /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */
                 alertCategory?: string[]
                 /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */
                 'alertCategory.notIn'?: string[]
+                /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertClearedAt.eq'?: string[]
+                /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertClearedAt.lt'?: string[]
+                /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertClearedAt.lte'?: string[]
+                /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertClearedAt.gt'?: string[]
+                /** @description Alert cleared at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertClearedAt.gte'?: string[]
+                /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertCreatedAt.eq'?: string[]
+                /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertCreatedAt.lt'?: string[]
+                /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertCreatedAt.lte'?: string[]
+                /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertCreatedAt.gt'?: string[]
+                /** @description Alert created at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
+                'alertCreatedAt.gte'?: string[]
                 /** @description CVE ID */
                 alertCveId?: string[]
                 /** @description CVE ID */
@@ -15947,6 +17606,10 @@ export interface operations {
                 alertPriority?: string[]
                 /** @description Alert priority ("low", "medium", "high", or "critical") */
                 'alertPriority.notIn'?: string[]
+                /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be included */
+                alertReachabilityAnalysisType?: string[]
+                /** @description Comma-separated list of alert CVE reachability analysis types ("full-scan" or "precomputed") that should be excluded */
+                'alertReachabilityAnalysisType.notIn'?: string[]
                 /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */
                 alertReachabilityType?: string[]
                 /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */
@@ -15973,6 +17636,28 @@ export interface operations {
                 'alertUpdatedAt.gt'?: string[]
                 /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */
                 'alertUpdatedAt.gte'?: string[]
+                /** @description Name of artifact */
+                artifactName?: string[]
+                /** @description Name of artifact */
+                'artifactName.notIn'?: string[]
+                /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be included */
+                artifactType?: string[]
+                /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
+                'artifactType.notIn'?: string[]
+                /** @description Comma-separated list of branch names that should be included */
+                branch?: string[]
+                /** @description Comma-separated list of branch names that should be excluded */
+                'branch.notIn'?: string[]
+                /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
+                cvePatchStatus?: string[]
+                /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
+                'cvePatchStatus.notIn'?: string[]
+                /** @description Dead/reachable dependency filter flag */
+                dependencyDead?: boolean[]
+                /** @description Development/production dependency filter flag */
+                dependencyDev?: boolean[]
+                /** @description Direct/transitive dependency filter flag */
+                dependencyDirect?: boolean[]
                 /** @description Comma-separated list of repo full names that should be included */
                 repoFullName?: string[]
                 /** @description Comma-separated list of repo full names that should be excluded */
@@ -15996,6 +17681,95 @@ export interface operations {
       429: components['responses']['SocketTooManyRequestsResponse']
     }
   }
+  /**
+   * List full scans associated with alert (Beta)
+   * @description List full scans associated with alert.
+   *
+   * This endpoint consumes 10 units of your quota.
+   *
+   * This endpoint requires the following org token scopes:
+   * - alerts:list
+   */
+  alertFullScans: {
+    parameters: {
+      query: {
+        /** @description Specify the maximum number of items to return per page (intermediate pages may have fewer than this limit and callers should always check "endCursor" in response body to know if there are more pages) */
+        per_page?: number
+        /** @description The pagination cursor that was returned as the "endCursor" property in previous request */
+        startAfterCursor?: string
+        /** @description One or more alert keys for which to find associated full scans */
+        alertKey: string
+        /** @description The number of days of data to fetch as an offset from current date (e.g. "-7d" for past 7 days) */
+        range?: string
+      }
+      path: {
+        /** @description The slug of the organization */
+        org_slug: string
+      }
+    }
+    responses: {
+      /** @description The paginated array of full scans associated with alert for the organization and related metadata. */
+      200: {
+        content: {
+          'application/json': {
+            /** @default */
+            endCursor: string | null
+            items: Array<{
+              /**
+               * @description ID of full scan
+               * @default
+               */
+              fullScanId: string
+              /** @default */
+              branchName: string | null
+              /**
+               * @description Type of branch that was scanned
+               * @default
+               * @enum {string}
+               */
+              branchType:
+                | 'default'
+                | 'non-default'
+                | 'tracked'
+                | 'untracked'
+                | ''
+              /**
+               * @description Full name of repo which contains repo workspace and repo slug
+               * @default
+               */
+              repoFullName: string | null
+              /**
+               * @description ISO date when SBOM was created
+               * @default
+               */
+              sbomCreatedAt: string
+              /**
+               * @description ISO date when SBOM was scanned
+               * @default
+               */
+              scannedAt: string
+              alertKeys: string[]
+            }>
+            meta: {
+              /** @default */
+              organizationId: string
+              alertKeys: string[]
+              /** @default 0 */
+              queryStartTimestamp: number
+              /** @default */
+              startDateInclusive: string
+              /** @default */
+              endDateInclusive: string
+            }
+          }
+        }
+      }
+      400: components['responses']['SocketBadRequest']
+      401: components['responses']['SocketUnauthorized']
+      403: components['responses']['SocketForbidden']
+      429: components['responses']['SocketTooManyRequestsResponse']
+    }
+  }
   /**
    * License Policy (Beta)
    * @description Compare the license data found for a list of packages (given as PURL strings) with the contents of a configurable license policy,
@@ -16484,12 +18258,16 @@ export interface operations {
    */
   getQuota: {
     responses: {
-      /** @description Quota amount */
+      /** @description Quota information */
       200: {
         content: {
           'application/json': {
             /** @default 0 */
             quota: number
+            /** @default 0 */
+            maxQuota: number
+            /** @default */
+            nextWindowRefresh: string | null
           }
         }
       }