@socketsecurity/sdk 3.3.0 → 3.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/CHANGELOG.md +10 -2
  2. package/README.md +2 -15
  3. package/data/api-method-quota-and-permissions.json +20 -0
  4. package/dist/constants.d.ts +1 -1
  5. package/dist/http-client.d.ts +3 -2
  6. package/dist/index.d.ts +1 -1
  7. package/dist/index.js +310 -142
  8. package/dist/socket-sdk-class.d.ts +130 -25
  9. package/dist/types-strict.d.ts +47 -2
  10. package/dist/types.d.ts +6 -5
  11. package/package.json +6 -7
  12. package/types/api.d.ts +1250 -105
package/types/api.d.ts CHANGED
@@ -8,7 +8,7 @@ export interface paths {
8
8
  /**
9
9
  * Get Packages by PURL
10
10
  * @deprecated
11
- * @description **This endpoint is deprecated.** Deprecated since 2026-01-05. It will be removed on 2026-07-30.
11
+ * @description **This endpoint is deprecated.** Deprecated since 2026-01-05.
12
12
  *
13
13
  * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
14
14
  *
@@ -257,6 +257,56 @@ export interface paths {
257
257
  */
258
258
  post: operations['rescanOrgFullScan']
259
259
  }
260
+ '/orgs/{org_slug}/full-scans/{full_scan_id}/format/csv': {
261
+ /**
262
+ * Export CSV of alerts for full scan
263
+ * @description Export a CSV file containing all alerts from a full scan.
264
+ *
265
+ * The CSV includes details about each alert and the affected packages.
266
+ * You can optionally filter using the request body "filters" array. Supported filter IDs include:
267
+ * - alert.action (error|warn|monitor|ignore)
268
+ * - alert.type
269
+ * - alert.category
270
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
271
+ * - artifact.type (purl type, e.g. npm, pypi)
272
+ * - dependency.type (direct|transitive)
273
+ * - dependency.scope (dev|normal)
274
+ * - dependency.usage (used|unused)
275
+ * - manifest.file
276
+ *
277
+ * This endpoint consumes 1 unit of your quota.
278
+ *
279
+ * This endpoint requires the following org token scopes:
280
+ * - full-scans:list
281
+ */
282
+ post: operations['getOrgFullScanCsv']
283
+ }
284
+ '/orgs/{org_slug}/full-scans/{full_scan_id}/format/pdf': {
285
+ /**
286
+ * Generate PDF report for full scan
287
+ * @description Generate a PDF report for all alerts in a full scan.
288
+ *
289
+ * This endpoint streams a PDF document containing all alerts found in the full scan,
290
+ * with optional filtering and grouping options.
291
+ *
292
+ * Supported request body filter IDs include:
293
+ * - alert.action (error|warn|monitor|ignore)
294
+ * - alert.type
295
+ * - alert.category
296
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
297
+ * - artifact.type (purl type, e.g. npm, pypi)
298
+ * - dependency.type (direct|transitive)
299
+ * - dependency.scope (dev|normal)
300
+ * - dependency.usage (used|unused)
301
+ * - manifest.file
302
+ *
303
+ * This endpoint consumes 1 unit of your quota.
304
+ *
305
+ * This endpoint requires the following org token scopes:
306
+ * - full-scans:list
307
+ */
308
+ post: operations['getOrgFullScanPdf']
309
+ }
260
310
  '/orgs/{org_slug}/export/cdx/{id}': {
261
311
  /**
262
312
  * Export CycloneDX SBOM (Beta)
@@ -426,7 +476,7 @@ export interface paths {
426
476
  get: operations['getOrgTriage']
427
477
  /**
428
478
  * Update Org Alert Triage
429
- * @description Update triage actions on organizaton alerts.
479
+ * @description Update triage actions on organization alerts.
430
480
  *
431
481
  * This endpoint consumes 1 unit of your quota.
432
482
  *
@@ -435,6 +485,18 @@ export interface paths {
435
485
  */
436
486
  post: operations['updateOrgAlertTriage']
437
487
  }
488
+ '/orgs/{org_slug}/triage/alerts/{uuid}': {
489
+ /**
490
+ * Delete Org Alert Triage
491
+ * @description Delete a specific triage rule by UUID.
492
+ *
493
+ * This endpoint consumes 1 unit of your quota.
494
+ *
495
+ * This endpoint requires the following org token scopes:
496
+ * - triage:alerts-update
497
+ */
498
+ delete: operations['deleteOrgAlertTriage']
499
+ }
438
500
  '/orgs/{org_slug}/repos': {
439
501
  /**
440
502
  * List repositories
@@ -1949,10 +2011,10 @@ export interface components {
1949
2011
  dependsOn?: string[]
1950
2012
  }>
1951
2013
  vulnerabilities?: Array<{
1952
- /** @default */
1953
- ref: string
1954
2014
  /** @default */
1955
2015
  id: string
2016
+ /** @default */
2017
+ ref?: string
1956
2018
  source?: {
1957
2019
  /** @default */
1958
2020
  name?: string
@@ -2140,6 +2202,11 @@ export interface components {
2140
2202
  * @default false
2141
2203
  */
2142
2204
  unsafe: boolean
2205
+ /**
2206
+ * @description Package contains remote URL(s) in the source code
2207
+ * @default false
2208
+ */
2209
+ url: boolean
2143
2210
  }
2144
2211
  Qualifiers: unknown
2145
2212
  SocketScore: {
@@ -2547,13 +2614,11 @@ export interface components {
2547
2614
  alertKeysToReachabilityTypes?: {
2548
2615
  [key: string]: string[]
2549
2616
  }
2550
- /** @description Mapping of alert keys to arrays of reachability summaries. Each summary contains a reachability type and a hash pointing to detailed analysis data (call stacks, file locations, confidence scores). Used for efficient storage and retrieval of comprehensive reachability analysis results without duplicating large analysis payloads. */
2617
+ /** @description Mapping of alert keys to arrays of reachability summaries. Each summary contains a reachability type indicating the result of reachability analysis for the corresponding vulnerability alert. */
2551
2618
  alertKeysToReachabilitySummaries?: {
2552
2619
  [key: string]: Array<{
2553
2620
  /** @default */
2554
2621
  type: string
2555
- /** @default */
2556
- hash: string
2557
2622
  }>
2558
2623
  }
2559
2624
  }
@@ -4164,6 +4229,210 @@ export interface components {
4164
4229
  usage?: components['schemas']['SocketUsageRef']
4165
4230
  }
4166
4231
  }
4232
+ | {
4233
+ /** @enum {string} */
4234
+ type?: 'skillAutonomyAbuse'
4235
+ value?: components['schemas']['SocketIssueBasics'] & {
4236
+ /** @default */
4237
+ description: string
4238
+ props: {
4239
+ /** @default */
4240
+ notes: string
4241
+ /** @default 0 */
4242
+ confidence: number
4243
+ /** @default 0 */
4244
+ severity: number
4245
+ }
4246
+ usage?: components['schemas']['SocketUsageRef']
4247
+ }
4248
+ }
4249
+ | {
4250
+ /** @enum {string} */
4251
+ type?: 'skillCommandInjection'
4252
+ value?: components['schemas']['SocketIssueBasics'] & {
4253
+ /** @default */
4254
+ description: string
4255
+ props: {
4256
+ /** @default */
4257
+ notes: string
4258
+ /** @default 0 */
4259
+ confidence: number
4260
+ /** @default 0 */
4261
+ severity: number
4262
+ }
4263
+ usage?: components['schemas']['SocketUsageRef']
4264
+ }
4265
+ }
4266
+ | {
4267
+ /** @enum {string} */
4268
+ type?: 'skillDataExfiltration'
4269
+ value?: components['schemas']['SocketIssueBasics'] & {
4270
+ /** @default */
4271
+ description: string
4272
+ props: {
4273
+ /** @default */
4274
+ notes: string
4275
+ /** @default 0 */
4276
+ confidence: number
4277
+ /** @default 0 */
4278
+ severity: number
4279
+ }
4280
+ usage?: components['schemas']['SocketUsageRef']
4281
+ }
4282
+ }
4283
+ | {
4284
+ /** @enum {string} */
4285
+ type?: 'skillDiscoveryAbuse'
4286
+ value?: components['schemas']['SocketIssueBasics'] & {
4287
+ /** @default */
4288
+ description: string
4289
+ props: {
4290
+ /** @default */
4291
+ notes: string
4292
+ /** @default 0 */
4293
+ confidence: number
4294
+ /** @default 0 */
4295
+ severity: number
4296
+ }
4297
+ usage?: components['schemas']['SocketUsageRef']
4298
+ }
4299
+ }
4300
+ | {
4301
+ /** @enum {string} */
4302
+ type?: 'skillHardcodedSecrets'
4303
+ value?: components['schemas']['SocketIssueBasics'] & {
4304
+ /** @default */
4305
+ description: string
4306
+ props: {
4307
+ /** @default */
4308
+ notes: string
4309
+ /** @default 0 */
4310
+ confidence: number
4311
+ /** @default 0 */
4312
+ severity: number
4313
+ }
4314
+ usage?: components['schemas']['SocketUsageRef']
4315
+ }
4316
+ }
4317
+ | {
4318
+ /** @enum {string} */
4319
+ type?: 'skillObfuscation'
4320
+ value?: components['schemas']['SocketIssueBasics'] & {
4321
+ /** @default */
4322
+ description: string
4323
+ props: {
4324
+ /** @default */
4325
+ notes: string
4326
+ /** @default 0 */
4327
+ confidence: number
4328
+ /** @default 0 */
4329
+ severity: number
4330
+ }
4331
+ usage?: components['schemas']['SocketUsageRef']
4332
+ }
4333
+ }
4334
+ | {
4335
+ /** @enum {string} */
4336
+ type?: 'skillPromptInjection'
4337
+ value?: components['schemas']['SocketIssueBasics'] & {
4338
+ /** @default */
4339
+ description: string
4340
+ props: {
4341
+ /** @default */
4342
+ notes: string
4343
+ /** @default 0 */
4344
+ confidence: number
4345
+ /** @default 0 */
4346
+ severity: number
4347
+ }
4348
+ usage?: components['schemas']['SocketUsageRef']
4349
+ }
4350
+ }
4351
+ | {
4352
+ /** @enum {string} */
4353
+ type?: 'skillResourceAbuse'
4354
+ value?: components['schemas']['SocketIssueBasics'] & {
4355
+ /** @default */
4356
+ description: string
4357
+ props: {
4358
+ /** @default */
4359
+ notes: string
4360
+ /** @default 0 */
4361
+ confidence: number
4362
+ /** @default 0 */
4363
+ severity: number
4364
+ }
4365
+ usage?: components['schemas']['SocketUsageRef']
4366
+ }
4367
+ }
4368
+ | {
4369
+ /** @enum {string} */
4370
+ type?: 'skillSupplyChain'
4371
+ value?: components['schemas']['SocketIssueBasics'] & {
4372
+ /** @default */
4373
+ description: string
4374
+ props: {
4375
+ /** @default */
4376
+ notes: string
4377
+ /** @default 0 */
4378
+ confidence: number
4379
+ /** @default 0 */
4380
+ severity: number
4381
+ }
4382
+ usage?: components['schemas']['SocketUsageRef']
4383
+ }
4384
+ }
4385
+ | {
4386
+ /** @enum {string} */
4387
+ type?: 'skillToolAbuse'
4388
+ value?: components['schemas']['SocketIssueBasics'] & {
4389
+ /** @default */
4390
+ description: string
4391
+ props: {
4392
+ /** @default */
4393
+ notes: string
4394
+ /** @default 0 */
4395
+ confidence: number
4396
+ /** @default 0 */
4397
+ severity: number
4398
+ }
4399
+ usage?: components['schemas']['SocketUsageRef']
4400
+ }
4401
+ }
4402
+ | {
4403
+ /** @enum {string} */
4404
+ type?: 'skillToolChaining'
4405
+ value?: components['schemas']['SocketIssueBasics'] & {
4406
+ /** @default */
4407
+ description: string
4408
+ props: {
4409
+ /** @default */
4410
+ notes: string
4411
+ /** @default 0 */
4412
+ confidence: number
4413
+ /** @default 0 */
4414
+ severity: number
4415
+ }
4416
+ usage?: components['schemas']['SocketUsageRef']
4417
+ }
4418
+ }
4419
+ | {
4420
+ /** @enum {string} */
4421
+ type?: 'skillTransitiveTrust'
4422
+ value?: components['schemas']['SocketIssueBasics'] & {
4423
+ /** @default */
4424
+ description: string
4425
+ props: {
4426
+ /** @default */
4427
+ notes: string
4428
+ /** @default 0 */
4429
+ confidence: number
4430
+ /** @default 0 */
4431
+ severity: number
4432
+ }
4433
+ usage?: components['schemas']['SocketUsageRef']
4434
+ }
4435
+ }
4167
4436
  | {
4168
4437
  /** @enum {string} */
4169
4438
  type?: 'socketUpgradeAvailable'
@@ -4660,6 +4929,7 @@ export interface components {
4660
4929
  | 'cocoapods'
4661
4930
  | 'cargo'
4662
4931
  | 'chrome'
4932
+ | 'clawhub'
4663
4933
  | 'composer'
4664
4934
  | 'conan'
4665
4935
  | 'conda'
@@ -5152,7 +5422,7 @@ export interface operations {
5152
5422
  /**
5153
5423
  * Get Packages by PURL
5154
5424
  * @deprecated
5155
- * @description **This endpoint is deprecated.** Deprecated since 2026-01-05. It will be removed on 2026-07-30.
5425
+ * @description **This endpoint is deprecated.** Deprecated since 2026-01-05.
5156
5426
  *
5157
5427
  * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
5158
5428
  *
@@ -5424,6 +5694,8 @@ export interface operations {
5424
5694
  pull_request?: string
5425
5695
  /** @description A commit hash to filter full-scans by. */
5426
5696
  commit_hash?: string
5697
+ /** @description A scan type to filter full-scans by (e.g. socket, socket_tier1, socket_basics). */
5698
+ scan_type?: string
5427
5699
  }
5428
5700
  path: {
5429
5701
  /** @description The slug of the organization */
@@ -5479,6 +5751,8 @@ export interface operations {
5479
5751
  integration_commit_url?: string | null
5480
5752
  /** @default */
5481
5753
  integration_pull_request_url?: string | null
5754
+ /** @default */
5755
+ scan_type?: string | null
5482
5756
  /**
5483
5757
  * @description The current processing status of the SBOM
5484
5758
  * @default pending
@@ -5612,6 +5886,8 @@ export interface operations {
5612
5886
  integration_commit_url?: string | null
5613
5887
  /** @default */
5614
5888
  integration_pull_request_url?: string | null
5889
+ /** @default */
5890
+ scan_type?: string | null
5615
5891
  /**
5616
5892
  * @description The current processing status of the SBOM
5617
5893
  * @default pending
@@ -5786,6 +6062,8 @@ export interface operations {
5786
6062
  integration_commit_url?: string | null
5787
6063
  /** @default */
5788
6064
  integration_pull_request_url?: string | null
6065
+ /** @default */
6066
+ scan_type?: string | null
5789
6067
  /**
5790
6068
  * @description The current processing status of the SBOM
5791
6069
  * @default pending
@@ -6168,6 +6446,8 @@ export interface operations {
6168
6446
  integration_commit_url?: string | null
6169
6447
  /** @default */
6170
6448
  integration_pull_request_url?: string | null
6449
+ /** @default */
6450
+ scan_type?: string | null
6171
6451
  /**
6172
6452
  * @description The current processing status of the SBOM
6173
6453
  * @default pending
@@ -6227,39 +6507,171 @@ export interface operations {
6227
6507
  }
6228
6508
  }
6229
6509
  /**
6230
- * Export CycloneDX SBOM (Beta)
6231
- * @description Export a Socket SBOM as a CycloneDX SBOM
6232
- *
6233
- * Supported ecosystems:
6234
- *
6235
- * - crates
6236
- * - go
6237
- * - maven
6238
- * - npm
6239
- * - nuget
6240
- * - pypi
6241
- * - rubygems
6242
- * - spdx
6243
- * - cdx
6244
- *
6245
- * Unsupported ecosystems are filtered from the export.
6510
+ * Export CSV of alerts for full scan
6511
+ * @description Export a CSV file containing all alerts from a full scan.
6512
+ *
6513
+ * The CSV includes details about each alert and the affected packages.
6514
+ * You can optionally filter using the request body "filters" array. Supported filter IDs include:
6515
+ * - alert.action (error|warn|monitor|ignore)
6516
+ * - alert.type
6517
+ * - alert.category
6518
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
6519
+ * - artifact.type (purl type, e.g. npm, pypi)
6520
+ * - dependency.type (direct|transitive)
6521
+ * - dependency.scope (dev|normal)
6522
+ * - dependency.usage (used|unused)
6523
+ * - manifest.file
6246
6524
  *
6247
6525
  * This endpoint consumes 1 unit of your quota.
6248
6526
  *
6249
6527
  * This endpoint requires the following org token scopes:
6250
- * - report:read
6528
+ * - full-scans:list
6251
6529
  */
6252
- exportCDX: {
6530
+ getOrgFullScanCsv: {
6253
6531
  parameters: {
6254
- query?: {
6255
- /**
6256
- * @description The person(s) who created the BOM.
6257
- * Set this value if you're intending the modify the BOM and claim authorship.
6258
- */
6259
- author?: string
6260
- /** @description Dependency track project group */
6261
- project_group?: string
6262
- /** @description Dependency track project name. Default use the directory name */
6532
+ query: {
6533
+ /** @description Control which alert priority fields to include in the response. Set to "true" to include all fields, "false" to exclude all fields, or specify individual fields like "components,formula" to include only those fields. */
6534
+ include_alert_priority_details?:
6535
+ | boolean
6536
+ | Array<'component' | 'formula'>
6537
+ /** @description Include license details in the response. */
6538
+ include_license_details: boolean
6539
+ }
6540
+ path: {
6541
+ /** @description The slug of the organization */
6542
+ org_slug: string
6543
+ /** @description The ID of the full scan */
6544
+ full_scan_id: string
6545
+ }
6546
+ }
6547
+ requestBody?: {
6548
+ content: {
6549
+ 'application/json': {
6550
+ filters?: Array<{
6551
+ /** @default */
6552
+ id: string
6553
+ value: string[]
6554
+ }>
6555
+ }
6556
+ }
6557
+ }
6558
+ responses: {
6559
+ /** @description CSV export of alerts */
6560
+ 200: {
6561
+ content: {
6562
+ 'text/csv': unknown
6563
+ }
6564
+ }
6565
+ 400: components['responses']['SocketBadRequest']
6566
+ 401: components['responses']['SocketUnauthorized']
6567
+ 403: components['responses']['SocketForbidden']
6568
+ 404: components['responses']['SocketNotFoundResponse']
6569
+ 429: components['responses']['SocketTooManyRequestsResponse']
6570
+ }
6571
+ }
6572
+ /**
6573
+ * Generate PDF report for full scan
6574
+ * @description Generate a PDF report for all alerts in a full scan.
6575
+ *
6576
+ * This endpoint streams a PDF document containing all alerts found in the full scan,
6577
+ * with optional filtering and grouping options.
6578
+ *
6579
+ * Supported request body filter IDs include:
6580
+ * - alert.action (error|warn|monitor|ignore)
6581
+ * - alert.type
6582
+ * - alert.category
6583
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
6584
+ * - artifact.type (purl type, e.g. npm, pypi)
6585
+ * - dependency.type (direct|transitive)
6586
+ * - dependency.scope (dev|normal)
6587
+ * - dependency.usage (used|unused)
6588
+ * - manifest.file
6589
+ *
6590
+ * This endpoint consumes 1 unit of your quota.
6591
+ *
6592
+ * This endpoint requires the following org token scopes:
6593
+ * - full-scans:list
6594
+ */
6595
+ getOrgFullScanPdf: {
6596
+ parameters: {
6597
+ query: {
6598
+ /** @description Control which alert priority fields to include in the response. Set to "true" to include all fields, "false" to exclude all fields, or specify individual fields like "components,formula" to include only those fields. */
6599
+ include_alert_priority_details?:
6600
+ | boolean
6601
+ | Array<'component' | 'formula'>
6602
+ /** @description Include license details in the response. */
6603
+ include_license_details: boolean
6604
+ }
6605
+ path: {
6606
+ /** @description The slug of the organization */
6607
+ org_slug: string
6608
+ /** @description The ID of the full scan */
6609
+ full_scan_id: string
6610
+ }
6611
+ }
6612
+ requestBody?: {
6613
+ content: {
6614
+ 'application/json': {
6615
+ filters?: Array<{
6616
+ /** @default */
6617
+ id: string
6618
+ value: string[]
6619
+ }>
6620
+ /** @default */
6621
+ groupBy?: string
6622
+ /** @default */
6623
+ additionalInformation?: string
6624
+ }
6625
+ }
6626
+ }
6627
+ responses: {
6628
+ /** @description PDF report of alerts */
6629
+ 200: {
6630
+ content: {
6631
+ 'application/pdf': unknown
6632
+ }
6633
+ }
6634
+ 400: components['responses']['SocketBadRequest']
6635
+ 401: components['responses']['SocketUnauthorized']
6636
+ 403: components['responses']['SocketForbidden']
6637
+ 404: components['responses']['SocketNotFoundResponse']
6638
+ 429: components['responses']['SocketTooManyRequestsResponse']
6639
+ }
6640
+ }
6641
+ /**
6642
+ * Export CycloneDX SBOM (Beta)
6643
+ * @description Export a Socket SBOM as a CycloneDX SBOM
6644
+ *
6645
+ * Supported ecosystems:
6646
+ *
6647
+ * - crates
6648
+ * - go
6649
+ * - maven
6650
+ * - npm
6651
+ * - nuget
6652
+ * - pypi
6653
+ * - rubygems
6654
+ * - spdx
6655
+ * - cdx
6656
+ *
6657
+ * Unsupported ecosystems are filtered from the export.
6658
+ *
6659
+ * This endpoint consumes 1 unit of your quota.
6660
+ *
6661
+ * This endpoint requires the following org token scopes:
6662
+ * - report:read
6663
+ */
6664
+ exportCDX: {
6665
+ parameters: {
6666
+ query?: {
6667
+ /**
6668
+ * @description The person(s) who created the BOM.
6669
+ * Set this value if you're intending the modify the BOM and claim authorship.
6670
+ */
6671
+ author?: string
6672
+ /** @description Dependency track project group */
6673
+ project_group?: string
6674
+ /** @description Dependency track project name. Default use the directory name */
6263
6675
  project_name?: string
6264
6676
  /** @description Dependency track project version */
6265
6677
  project_version?: string
@@ -7091,11 +7503,58 @@ export interface operations {
7091
7503
  content: {
7092
7504
  'application/json': {
7093
7505
  results: Array<{
7506
+ /**
7507
+ * @description The uuid of the triage action
7508
+ * @default
7509
+ */
7510
+ uuid?: string | null
7511
+ /**
7512
+ * @description The package type associated with the triage state
7513
+ * @default
7514
+ */
7515
+ package_type?: string | null
7516
+ /**
7517
+ * @description The package namespace associated with the triage state
7518
+ * @default
7519
+ */
7520
+ package_namespace?: string | null
7521
+ /**
7522
+ * @description The package name associated with the triage state
7523
+ * @default
7524
+ */
7525
+ package_name?: string | null
7526
+ /**
7527
+ * @description The package version associated with the triage state, it can contain a * suffix for wildcard matching
7528
+ * @default
7529
+ */
7530
+ package_version?: string | null
7094
7531
  /**
7095
7532
  * @description The alert_key associated with the triage state
7096
7533
  * @default
7097
7534
  */
7098
- alert_key?: string
7535
+ alert_key?: string | null
7536
+ /**
7537
+ * @description The alert type (e.g., criticalCVE, highCVE) associated with the triage state
7538
+ * @default
7539
+ */
7540
+ alert_type?: string | null
7541
+ /**
7542
+ * @description Whether a fix must be available, unavailable, or * for any
7543
+ * @default *
7544
+ * @enum {string|null}
7545
+ */
7546
+ fix_available?: 'available' | 'unavailable' | '*' | null
7547
+ /**
7548
+ * @description Whether a patch must be available, unavailable, or * for any
7549
+ * @default *
7550
+ * @enum {string|null}
7551
+ */
7552
+ patch_available?: 'available' | 'unavailable' | '*' | null
7553
+ /**
7554
+ * @description CVSS score comparison (e.g., >=7.5, >5.0, ==8.0)
7555
+ * @default
7556
+ */
7557
+ cvss_score_cmp?: string | null
7099
7558
  /**
7100
7559
  * @description The creation date of the triage action
7101
7560
  * @default
@@ -7122,6 +7581,23 @@ export interface operations {
7122
7581
  * @enum {string}
7123
7582
  */
7124
7583
  state?: 'block' | 'ignore' | 'inherit' | 'monitor' | 'warn'
7584
+ /**
7585
+ * @description CVE or GHSA ID associated with the triage state
7586
+ * @default
7587
+ */
7588
+ cve_or_ghsa_id?: string | null
7589
+ /**
7590
+ * @description The reachability of the alert, can be reachable, unreachable, other, or * for any
7591
+ * @default *
7592
+ * @enum {string|null}
7593
+ */
7594
+ reachability?: 'reachable' | 'unreachable' | 'other' | '*' | null
7595
+ /**
7596
+ * @description Whether the alert has a CISA KEV (Known Exploited Vulnerability), can be exist, none, or * for any
7597
+ * @default *
7598
+ * @enum {string|null}
7599
+ */
7600
+ kevs?: 'exist' | 'none' | '*' | null
7125
7601
  }>
7126
7602
  /** @default 0 */
7127
7603
  nextPage: number | null
@@ -7137,7 +7613,7 @@ export interface operations {
7137
7613
  }
7138
7614
  /**
7139
7615
  * Update Org Alert Triage
7140
- * @description Update triage actions on organizaton alerts.
7616
+ * @description Update triage actions on organization alerts.
7141
7617
  *
7142
7618
  * This endpoint consumes 1 unit of your quota.
7143
7619
  *
@@ -7146,6 +7622,10 @@ export interface operations {
7146
7622
  */
7147
7623
  updateOrgAlertTriage: {
7148
7624
  parameters: {
7625
+ query?: {
7626
+ /** @description Set to true to force broad triage updates, these are triages lacking a specific alertKey or granular artifact information which may have limited introspection to see what they apply to. */
7627
+ force?: string
7628
+ }
7149
7629
  path: {
7150
7630
  /** @description The slug of the organization */
7151
7631
  org_slug: string
@@ -7156,7 +7636,43 @@ export interface operations {
7156
7636
  'application/json': {
7157
7637
  alertTriage: Array<{
7158
7638
  /** @default */
7159
- alertKey?: string
7639
+ uuid?: string | null
7640
+ /** @default */
7641
+ packageType?: string | null
7642
+ /** @default */
7643
+ packageNamespace?: string | null
7644
+ /** @default */
7645
+ packageName?: string | null
7646
+ /** @default */
7647
+ packageVersion?: string | null
7648
+ /** @default */
7649
+ alertKey?: string | null
7650
+ /** @default */
7651
+ alertType?: string | null
7652
+ /**
7653
+ * @description Whether a fix is available, unavailable, or * for any
7654
+ * @enum {string}
7655
+ */
7656
+ fixAvailable?: 'available' | 'unavailable' | '*'
7657
+ /**
7658
+ * @description Whether a patch is available, unavailable, or * for any
7659
+ * @enum {string}
7660
+ */
7661
+ patchAvailable?: 'available' | 'unavailable' | '*'
7662
+ /**
7663
+ * @description Whether the alert has a CISA KEV, can be exist, none, or * for any
7664
+ * @enum {string}
7665
+ */
7666
+ kevs?: 'exist' | 'none' | '*'
7667
+ /** @default */
7668
+ cveOrGhsaId?: string | null
7669
+ /**
7670
+ * @description The reachability of the alert, can be reachable, unreachable, other, or * for any
7671
+ * @enum {string}
7672
+ */
7673
+ reachability?: 'reachable' | 'unreachable' | 'other' | '*'
7674
+ /** @default */
7675
+ cvssScoreCmp?: string | null
7160
7676
  /** @default */
7161
7677
  note?: string
7162
7678
  /**
@@ -7170,7 +7686,42 @@ export interface operations {
7170
7686
  }
7171
7687
  responses: {
7172
7688
  /** @description Updated Alert Triage */
7173
- 202: {
7689
+ 200: {
7690
+ content: {
7691
+ 'application/json': {
7692
+ /** @default */
7693
+ result: string
7694
+ }
7695
+ }
7696
+ }
7697
+ 400: components['responses']['SocketBadRequest']
7698
+ 401: components['responses']['SocketUnauthorized']
7699
+ 403: components['responses']['SocketForbidden']
7700
+ 404: components['responses']['SocketNotFoundResponse']
7701
+ 429: components['responses']['SocketTooManyRequestsResponse']
7702
+ }
7703
+ }
7704
+ /**
7705
+ * Delete Org Alert Triage
7706
+ * @description Delete a specific triage rule by UUID.
7707
+ *
7708
+ * This endpoint consumes 1 unit of your quota.
7709
+ *
7710
+ * This endpoint requires the following org token scopes:
7711
+ * - triage:alerts-update
7712
+ */
7713
+ deleteOrgAlertTriage: {
7714
+ parameters: {
7715
+ path: {
7716
+ /** @description The slug of the organization */
7717
+ org_slug: string
7718
+ /** @description The UUID of the alert triage entry to delete */
7719
+ uuid: string
7720
+ }
7721
+ }
7722
+ responses: {
7723
+ /** @description Deleted Alert Triage */
7724
+ 200: {
7174
7725
  content: {
7175
7726
  'application/json': {
7176
7727
  /** @default */
@@ -8782,6 +9333,90 @@ export interface operations {
8782
9333
  */
8783
9334
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
8784
9335
  }
9336
+ skillAutonomyAbuse?: {
9337
+ /**
9338
+ * @description The action to take for skillAutonomyAbuse issues.
9339
+ * @enum {string}
9340
+ */
9341
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9342
+ }
9343
+ skillCommandInjection?: {
9344
+ /**
9345
+ * @description The action to take for skillCommandInjection issues.
9346
+ * @enum {string}
9347
+ */
9348
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9349
+ }
9350
+ skillDataExfiltration?: {
9351
+ /**
9352
+ * @description The action to take for skillDataExfiltration issues.
9353
+ * @enum {string}
9354
+ */
9355
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9356
+ }
9357
+ skillDiscoveryAbuse?: {
9358
+ /**
9359
+ * @description The action to take for skillDiscoveryAbuse issues.
9360
+ * @enum {string}
9361
+ */
9362
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9363
+ }
9364
+ skillHardcodedSecrets?: {
9365
+ /**
9366
+ * @description The action to take for skillHardcodedSecrets issues.
9367
+ * @enum {string}
9368
+ */
9369
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9370
+ }
9371
+ skillObfuscation?: {
9372
+ /**
9373
+ * @description The action to take for skillObfuscation issues.
9374
+ * @enum {string}
9375
+ */
9376
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9377
+ }
9378
+ skillPromptInjection?: {
9379
+ /**
9380
+ * @description The action to take for skillPromptInjection issues.
9381
+ * @enum {string}
9382
+ */
9383
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9384
+ }
9385
+ skillResourceAbuse?: {
9386
+ /**
9387
+ * @description The action to take for skillResourceAbuse issues.
9388
+ * @enum {string}
9389
+ */
9390
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9391
+ }
9392
+ skillSupplyChain?: {
9393
+ /**
9394
+ * @description The action to take for skillSupplyChain issues.
9395
+ * @enum {string}
9396
+ */
9397
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9398
+ }
9399
+ skillToolAbuse?: {
9400
+ /**
9401
+ * @description The action to take for skillToolAbuse issues.
9402
+ * @enum {string}
9403
+ */
9404
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9405
+ }
9406
+ skillToolChaining?: {
9407
+ /**
9408
+ * @description The action to take for skillToolChaining issues.
9409
+ * @enum {string}
9410
+ */
9411
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9412
+ }
9413
+ skillTransitiveTrust?: {
9414
+ /**
9415
+ * @description The action to take for skillTransitiveTrust issues.
9416
+ * @enum {string}
9417
+ */
9418
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9419
+ }
8785
9420
  socketUpgradeAvailable?: {
8786
9421
  /**
8787
9422
  * @description The action to take for socketUpgradeAvailable issues.
@@ -9675,6 +10310,90 @@ export interface operations {
9675
10310
  */
9676
10311
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9677
10312
  }
10313
+ skillAutonomyAbuse?: {
10314
+ /**
10315
+ * @description The action to take for skillAutonomyAbuse issues.
10316
+ * @enum {string}
10317
+ */
10318
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10319
+ }
10320
+ skillCommandInjection?: {
10321
+ /**
10322
+ * @description The action to take for skillCommandInjection issues.
10323
+ * @enum {string}
10324
+ */
10325
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10326
+ }
10327
+ skillDataExfiltration?: {
10328
+ /**
10329
+ * @description The action to take for skillDataExfiltration issues.
10330
+ * @enum {string}
10331
+ */
10332
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10333
+ }
10334
+ skillDiscoveryAbuse?: {
10335
+ /**
10336
+ * @description The action to take for skillDiscoveryAbuse issues.
10337
+ * @enum {string}
10338
+ */
10339
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10340
+ }
10341
+ skillHardcodedSecrets?: {
10342
+ /**
10343
+ * @description The action to take for skillHardcodedSecrets issues.
10344
+ * @enum {string}
10345
+ */
10346
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10347
+ }
10348
+ skillObfuscation?: {
10349
+ /**
10350
+ * @description The action to take for skillObfuscation issues.
10351
+ * @enum {string}
10352
+ */
10353
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10354
+ }
10355
+ skillPromptInjection?: {
10356
+ /**
10357
+ * @description The action to take for skillPromptInjection issues.
10358
+ * @enum {string}
10359
+ */
10360
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10361
+ }
10362
+ skillResourceAbuse?: {
10363
+ /**
10364
+ * @description The action to take for skillResourceAbuse issues.
10365
+ * @enum {string}
10366
+ */
10367
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10368
+ }
10369
+ skillSupplyChain?: {
10370
+ /**
10371
+ * @description The action to take for skillSupplyChain issues.
10372
+ * @enum {string}
10373
+ */
10374
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10375
+ }
10376
+ skillToolAbuse?: {
10377
+ /**
10378
+ * @description The action to take for skillToolAbuse issues.
10379
+ * @enum {string}
10380
+ */
10381
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10382
+ }
10383
+ skillToolChaining?: {
10384
+ /**
10385
+ * @description The action to take for skillToolChaining issues.
10386
+ * @enum {string}
10387
+ */
10388
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10389
+ }
10390
+ skillTransitiveTrust?: {
10391
+ /**
10392
+ * @description The action to take for skillTransitiveTrust issues.
10393
+ * @enum {string}
10394
+ */
10395
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10396
+ }
9678
10397
  socketUpgradeAvailable?: {
9679
10398
  /**
9680
10399
  * @description The action to take for socketUpgradeAvailable issues.
@@ -10596,128 +11315,212 @@ export interface operations {
10596
11315
  */
10597
11316
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10598
11317
  }
10599
- floatingDependency?: {
11318
+ floatingDependency?: {
11319
+ /**
11320
+ * @description The action to take for floatingDependency issues.
11321
+ * @enum {string}
11322
+ */
11323
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11324
+ }
11325
+ manifestConfusion?: {
11326
+ /**
11327
+ * @description The action to take for manifestConfusion issues.
11328
+ * @enum {string}
11329
+ */
11330
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11331
+ }
11332
+ malware?: {
11333
+ /**
11334
+ * @description The action to take for malware issues.
11335
+ * @enum {string}
11336
+ */
11337
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11338
+ }
11339
+ telemetry?: {
11340
+ /**
11341
+ * @description The action to take for telemetry issues.
11342
+ * @enum {string}
11343
+ */
11344
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11345
+ }
11346
+ troll?: {
11347
+ /**
11348
+ * @description The action to take for troll issues.
11349
+ * @enum {string}
11350
+ */
11351
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11352
+ }
11353
+ deprecated?: {
11354
+ /**
11355
+ * @description The action to take for deprecated issues.
11356
+ * @enum {string}
11357
+ */
11358
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11359
+ }
11360
+ chronoAnomaly?: {
11361
+ /**
11362
+ * @description The action to take for chronoAnomaly issues.
11363
+ * @enum {string}
11364
+ */
11365
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11366
+ }
11367
+ compromisedSSHKey?: {
11368
+ /**
11369
+ * @description The action to take for compromisedSSHKey issues.
11370
+ * @enum {string}
11371
+ */
11372
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11373
+ }
11374
+ semverAnomaly?: {
11375
+ /**
11376
+ * @description The action to take for semverAnomaly issues.
11377
+ * @enum {string}
11378
+ */
11379
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11380
+ }
11381
+ newAuthor?: {
11382
+ /**
11383
+ * @description The action to take for newAuthor issues.
11384
+ * @enum {string}
11385
+ */
11386
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11387
+ }
11388
+ unstableOwnership?: {
11389
+ /**
11390
+ * @description The action to take for unstableOwnership issues.
11391
+ * @enum {string}
11392
+ */
11393
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11394
+ }
11395
+ missingAuthor?: {
11396
+ /**
11397
+ * @description The action to take for missingAuthor issues.
11398
+ * @enum {string}
11399
+ */
11400
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11401
+ }
11402
+ unmaintained?: {
10600
11403
  /**
10601
- * @description The action to take for floatingDependency issues.
11404
+ * @description The action to take for unmaintained issues.
10602
11405
  * @enum {string}
10603
11406
  */
10604
11407
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10605
11408
  }
10606
- manifestConfusion?: {
11409
+ unpublished?: {
10607
11410
  /**
10608
- * @description The action to take for manifestConfusion issues.
11411
+ * @description The action to take for unpublished issues.
10609
11412
  * @enum {string}
10610
11413
  */
10611
11414
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10612
11415
  }
10613
- malware?: {
11416
+ majorRefactor?: {
10614
11417
  /**
10615
- * @description The action to take for malware issues.
11418
+ * @description The action to take for majorRefactor issues.
10616
11419
  * @enum {string}
10617
11420
  */
10618
11421
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10619
11422
  }
10620
- telemetry?: {
11423
+ missingTarball?: {
10621
11424
  /**
10622
- * @description The action to take for telemetry issues.
11425
+ * @description The action to take for missingTarball issues.
10623
11426
  * @enum {string}
10624
11427
  */
10625
11428
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10626
11429
  }
10627
- troll?: {
11430
+ suspiciousStarActivity?: {
10628
11431
  /**
10629
- * @description The action to take for troll issues.
11432
+ * @description The action to take for suspiciousStarActivity issues.
10630
11433
  * @enum {string}
10631
11434
  */
10632
11435
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10633
11436
  }
10634
- deprecated?: {
11437
+ unpopularPackage?: {
10635
11438
  /**
10636
- * @description The action to take for deprecated issues.
11439
+ * @description The action to take for unpopularPackage issues.
10637
11440
  * @enum {string}
10638
11441
  */
10639
11442
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10640
11443
  }
10641
- chronoAnomaly?: {
11444
+ skillAutonomyAbuse?: {
10642
11445
  /**
10643
- * @description The action to take for chronoAnomaly issues.
11446
+ * @description The action to take for skillAutonomyAbuse issues.
10644
11447
  * @enum {string}
10645
11448
  */
10646
11449
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10647
11450
  }
10648
- compromisedSSHKey?: {
11451
+ skillCommandInjection?: {
10649
11452
  /**
10650
- * @description The action to take for compromisedSSHKey issues.
11453
+ * @description The action to take for skillCommandInjection issues.
10651
11454
  * @enum {string}
10652
11455
  */
10653
11456
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10654
11457
  }
10655
- semverAnomaly?: {
11458
+ skillDataExfiltration?: {
10656
11459
  /**
10657
- * @description The action to take for semverAnomaly issues.
11460
+ * @description The action to take for skillDataExfiltration issues.
10658
11461
  * @enum {string}
10659
11462
  */
10660
11463
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10661
11464
  }
10662
- newAuthor?: {
11465
+ skillDiscoveryAbuse?: {
10663
11466
  /**
10664
- * @description The action to take for newAuthor issues.
11467
+ * @description The action to take for skillDiscoveryAbuse issues.
10665
11468
  * @enum {string}
10666
11469
  */
10667
11470
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10668
11471
  }
10669
- unstableOwnership?: {
11472
+ skillHardcodedSecrets?: {
10670
11473
  /**
10671
- * @description The action to take for unstableOwnership issues.
11474
+ * @description The action to take for skillHardcodedSecrets issues.
10672
11475
  * @enum {string}
10673
11476
  */
10674
11477
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10675
11478
  }
10676
- missingAuthor?: {
11479
+ skillObfuscation?: {
10677
11480
  /**
10678
- * @description The action to take for missingAuthor issues.
11481
+ * @description The action to take for skillObfuscation issues.
10679
11482
  * @enum {string}
10680
11483
  */
10681
11484
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10682
11485
  }
10683
- unmaintained?: {
11486
+ skillPromptInjection?: {
10684
11487
  /**
10685
- * @description The action to take for unmaintained issues.
11488
+ * @description The action to take for skillPromptInjection issues.
10686
11489
  * @enum {string}
10687
11490
  */
10688
11491
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10689
11492
  }
10690
- unpublished?: {
11493
+ skillResourceAbuse?: {
10691
11494
  /**
10692
- * @description The action to take for unpublished issues.
11495
+ * @description The action to take for skillResourceAbuse issues.
10693
11496
  * @enum {string}
10694
11497
  */
10695
11498
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10696
11499
  }
10697
- majorRefactor?: {
11500
+ skillSupplyChain?: {
10698
11501
  /**
10699
- * @description The action to take for majorRefactor issues.
11502
+ * @description The action to take for skillSupplyChain issues.
10700
11503
  * @enum {string}
10701
11504
  */
10702
11505
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10703
11506
  }
10704
- missingTarball?: {
11507
+ skillToolAbuse?: {
10705
11508
  /**
10706
- * @description The action to take for missingTarball issues.
11509
+ * @description The action to take for skillToolAbuse issues.
10707
11510
  * @enum {string}
10708
11511
  */
10709
11512
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10710
11513
  }
10711
- suspiciousStarActivity?: {
11514
+ skillToolChaining?: {
10712
11515
  /**
10713
- * @description The action to take for suspiciousStarActivity issues.
11516
+ * @description The action to take for skillToolChaining issues.
10714
11517
  * @enum {string}
10715
11518
  */
10716
11519
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10717
11520
  }
10718
- unpopularPackage?: {
11521
+ skillTransitiveTrust?: {
10719
11522
  /**
10720
- * @description The action to take for unpopularPackage issues.
11523
+ * @description The action to take for skillTransitiveTrust issues.
10721
11524
  * @enum {string}
10722
11525
  */
10723
11526
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
@@ -11608,6 +12411,90 @@ export interface operations {
11608
12411
  */
11609
12412
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11610
12413
  }
12414
+ skillAutonomyAbuse?: {
12415
+ /**
12416
+ * @description The action to take for skillAutonomyAbuse issues.
12417
+ * @enum {string}
12418
+ */
12419
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12420
+ }
12421
+ skillCommandInjection?: {
12422
+ /**
12423
+ * @description The action to take for skillCommandInjection issues.
12424
+ * @enum {string}
12425
+ */
12426
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12427
+ }
12428
+ skillDataExfiltration?: {
12429
+ /**
12430
+ * @description The action to take for skillDataExfiltration issues.
12431
+ * @enum {string}
12432
+ */
12433
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12434
+ }
12435
+ skillDiscoveryAbuse?: {
12436
+ /**
12437
+ * @description The action to take for skillDiscoveryAbuse issues.
12438
+ * @enum {string}
12439
+ */
12440
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12441
+ }
12442
+ skillHardcodedSecrets?: {
12443
+ /**
12444
+ * @description The action to take for skillHardcodedSecrets issues.
12445
+ * @enum {string}
12446
+ */
12447
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12448
+ }
12449
+ skillObfuscation?: {
12450
+ /**
12451
+ * @description The action to take for skillObfuscation issues.
12452
+ * @enum {string}
12453
+ */
12454
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12455
+ }
12456
+ skillPromptInjection?: {
12457
+ /**
12458
+ * @description The action to take for skillPromptInjection issues.
12459
+ * @enum {string}
12460
+ */
12461
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12462
+ }
12463
+ skillResourceAbuse?: {
12464
+ /**
12465
+ * @description The action to take for skillResourceAbuse issues.
12466
+ * @enum {string}
12467
+ */
12468
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12469
+ }
12470
+ skillSupplyChain?: {
12471
+ /**
12472
+ * @description The action to take for skillSupplyChain issues.
12473
+ * @enum {string}
12474
+ */
12475
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12476
+ }
12477
+ skillToolAbuse?: {
12478
+ /**
12479
+ * @description The action to take for skillToolAbuse issues.
12480
+ * @enum {string}
12481
+ */
12482
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12483
+ }
12484
+ skillToolChaining?: {
12485
+ /**
12486
+ * @description The action to take for skillToolChaining issues.
12487
+ * @enum {string}
12488
+ */
12489
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12490
+ }
12491
+ skillTransitiveTrust?: {
12492
+ /**
12493
+ * @description The action to take for skillTransitiveTrust issues.
12494
+ * @enum {string}
12495
+ */
12496
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12497
+ }
11611
12498
  socketUpgradeAvailable?: {
11612
12499
  /**
11613
12500
  * @description The action to take for socketUpgradeAvailable issues.
@@ -12463,6 +13350,90 @@ export interface operations {
12463
13350
  */
12464
13351
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12465
13352
  }
13353
+ skillAutonomyAbuse?: {
13354
+ /**
13355
+ * @description The action to take for skillAutonomyAbuse issues.
13356
+ * @enum {string}
13357
+ */
13358
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13359
+ }
13360
+ skillCommandInjection?: {
13361
+ /**
13362
+ * @description The action to take for skillCommandInjection issues.
13363
+ * @enum {string}
13364
+ */
13365
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13366
+ }
13367
+ skillDataExfiltration?: {
13368
+ /**
13369
+ * @description The action to take for skillDataExfiltration issues.
13370
+ * @enum {string}
13371
+ */
13372
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13373
+ }
13374
+ skillDiscoveryAbuse?: {
13375
+ /**
13376
+ * @description The action to take for skillDiscoveryAbuse issues.
13377
+ * @enum {string}
13378
+ */
13379
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13380
+ }
13381
+ skillHardcodedSecrets?: {
13382
+ /**
13383
+ * @description The action to take for skillHardcodedSecrets issues.
13384
+ * @enum {string}
13385
+ */
13386
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13387
+ }
13388
+ skillObfuscation?: {
13389
+ /**
13390
+ * @description The action to take for skillObfuscation issues.
13391
+ * @enum {string}
13392
+ */
13393
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13394
+ }
13395
+ skillPromptInjection?: {
13396
+ /**
13397
+ * @description The action to take for skillPromptInjection issues.
13398
+ * @enum {string}
13399
+ */
13400
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13401
+ }
13402
+ skillResourceAbuse?: {
13403
+ /**
13404
+ * @description The action to take for skillResourceAbuse issues.
13405
+ * @enum {string}
13406
+ */
13407
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13408
+ }
13409
+ skillSupplyChain?: {
13410
+ /**
13411
+ * @description The action to take for skillSupplyChain issues.
13412
+ * @enum {string}
13413
+ */
13414
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13415
+ }
13416
+ skillToolAbuse?: {
13417
+ /**
13418
+ * @description The action to take for skillToolAbuse issues.
13419
+ * @enum {string}
13420
+ */
13421
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13422
+ }
13423
+ skillToolChaining?: {
13424
+ /**
13425
+ * @description The action to take for skillToolChaining issues.
13426
+ * @enum {string}
13427
+ */
13428
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13429
+ }
13430
+ skillTransitiveTrust?: {
13431
+ /**
13432
+ * @description The action to take for skillTransitiveTrust issues.
13433
+ * @enum {string}
13434
+ */
13435
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13436
+ }
12466
13437
  socketUpgradeAvailable?: {
12467
13438
  /**
12468
13439
  * @description The action to take for socketUpgradeAvailable issues.
@@ -13460,6 +14431,14 @@ export interface operations {
13460
14431
  'filters.artifactType'?: string
13461
14432
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13462
14433
  'filters.artifactType.notIn'?: string
14434
+ /** @description Comma-separated list of branch names that should be included */
14435
+ 'filters.branch'?: string
14436
+ /** @description Comma-separated list of branch names that should be excluded */
14437
+ 'filters.branch.notIn'?: string
14438
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14439
+ 'filters.cvePatchStatus'?: string
14440
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14441
+ 'filters.cvePatchStatus.notIn'?: string
13463
14442
  /** @description Dead/reachable dependency filter flag */
13464
14443
  'filters.dependencyDead'?: boolean
13465
14444
  /** @description Dead/reachable dependency filter flag */
@@ -13659,6 +14638,14 @@ export interface operations {
13659
14638
  artifactType?: string[]
13660
14639
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13661
14640
  'artifactType.notIn'?: string[]
14641
+ /** @description Comma-separated list of branch names that should be included */
14642
+ branch?: string[]
14643
+ /** @description Comma-separated list of branch names that should be excluded */
14644
+ 'branch.notIn'?: string[]
14645
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14646
+ cvePatchStatus?: string[]
14647
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14648
+ 'cvePatchStatus.notIn'?: string[]
13662
14649
  /** @description Dead/reachable dependency filter flag */
13663
14650
  dependencyDead?: boolean[]
13664
14651
  /** @description Development/production dependency filter flag */
@@ -13704,7 +14691,7 @@ export interface operations {
13704
14691
  date?: string
13705
14692
  /** @description The number of days of data to fetch as an offset from input date */
13706
14693
  range?: string
13707
- /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,alertReachabilityAnalysisType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
14694
+ /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,branch,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,cvePatchStatus,alertReachabilityAnalysisType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
13708
14695
  'aggregation.fields'?: string
13709
14696
  /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
13710
14697
  'filters.alertAction'?: string
@@ -13774,6 +14761,14 @@ export interface operations {
13774
14761
  'filters.artifactType'?: string
13775
14762
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13776
14763
  'filters.artifactType.notIn'?: string
14764
+ /** @description Comma-separated list of branch names that should be included */
14765
+ 'filters.branch'?: string
14766
+ /** @description Comma-separated list of branch names that should be excluded */
14767
+ 'filters.branch.notIn'?: string
14768
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14769
+ 'filters.cvePatchStatus'?: string
14770
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14771
+ 'filters.cvePatchStatus.notIn'?: string
13777
14772
  /** @description Dead/reachable dependency filter flag */
13778
14773
  'filters.dependencyDead'?: boolean
13779
14774
  /** @description Dead/reachable dependency filter flag */
@@ -13889,6 +14884,14 @@ export interface operations {
13889
14884
  artifactType?: string[]
13890
14885
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13891
14886
  'artifactType.notIn'?: string[]
14887
+ /** @description Comma-separated list of branch names that should be included */
14888
+ branch?: string[]
14889
+ /** @description Comma-separated list of branch names that should be excluded */
14890
+ 'branch.notIn'?: string[]
14891
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14892
+ cvePatchStatus?: string[]
14893
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14894
+ 'cvePatchStatus.notIn'?: string[]
13892
14895
  /** @description Dead/reachable dependency filter flag */
13893
14896
  dependencyDead?: boolean[]
13894
14897
  /** @description Development/production dependency filter flag */
@@ -14272,6 +15275,7 @@ export interface operations {
14272
15275
  | 'CreateArtifact'
14273
15276
  | 'CreateLabel'
14274
15277
  | 'CreateWebhook'
15278
+ | 'DeleteAlertTriage'
14275
15279
  | 'DeleteApiToken'
14276
15280
  | 'DeleteFullScan'
14277
15281
  | 'DeleteLabel'
@@ -14535,6 +15539,8 @@ export interface operations {
14535
15539
  | 'socket-basics:read'
14536
15540
  | 'telemetry-policy'
14537
15541
  | 'telemetry-policy:update'
15542
+ | 'telemetry-events'
15543
+ | 'telemetry-events:list'
14538
15544
  | 'threat-feed'
14539
15545
  | 'threat-feed:list'
14540
15546
  | 'triage'
@@ -14663,6 +15669,8 @@ export interface operations {
14663
15669
  | 'socket-basics:read'
14664
15670
  | 'telemetry-policy'
14665
15671
  | 'telemetry-policy:update'
15672
+ | 'telemetry-events'
15673
+ | 'telemetry-events:list'
14666
15674
  | 'threat-feed'
14667
15675
  | 'threat-feed:list'
14668
15676
  | 'triage'
@@ -14854,6 +15862,8 @@ export interface operations {
14854
15862
  | 'socket-basics:read'
14855
15863
  | 'telemetry-policy'
14856
15864
  | 'telemetry-policy:update'
15865
+ | 'telemetry-events'
15866
+ | 'telemetry-events:list'
14857
15867
  | 'threat-feed'
14858
15868
  | 'threat-feed:list'
14859
15869
  | 'triage'
@@ -15129,7 +16139,7 @@ export interface operations {
15129
16139
  discovery_period?: '1h' | '6h' | '1d' | '7d' | '30d' | '90d' | '365d'
15130
16140
  /** @description Ordering direction of the sort attribute */
15131
16141
  direction?: 'desc' | 'asc'
15132
- /** @description Filter what type of threats to return */
16142
+ /** @description Filter by threat classification. Supported values: `mal` (malware, including possible malware), `vuln` (vulnerability), `typo` (typosquat, including possible typosquat), `anom` (anomaly), `spy` (telemetry), `obf` (obfuscated code), `dual` (dual-use tool), `joke` (protestware or joke package), `tp` (all confirmed true positives), `fp` (false positive), `u` (unreviewed), `c` (classified, i.e. anything except unreviewed). */
15133
16143
  filter?:
15134
16144
  | 'u'
15135
16145
  | 'c'
@@ -15141,7 +16151,6 @@ export interface operations {
15141
16151
  | 'joke'
15142
16152
  | 'spy'
15143
16153
  | 'typo'
15144
- | 'secret'
15145
16154
  | 'obf'
15146
16155
  | 'dual'
15147
16156
  /** @description Filter threats by package name */
@@ -15150,10 +16159,11 @@ export interface operations {
15150
16159
  version?: string
15151
16160
  /** @description Only return threats which have been human-reviewed */
15152
16161
  is_human_reviewed?: boolean
15153
- /** @description Filter threats by package ecosystem type */
16162
+ /** @description Filter threats by package ecosystem. */
15154
16163
  ecosystem?:
15155
16164
  | 'github'
15156
16165
  | 'cargo'
16166
+ | 'clawhub'
15157
16167
  | 'composer'
15158
16168
  | 'chrome'
15159
16169
  | 'golang'
@@ -15164,7 +16174,6 @@ export interface operations {
15164
16174
  | 'vscode'
15165
16175
  | 'pypi'
15166
16176
  | 'gem'
15167
- | 'socket'
15168
16177
  | 'swift'
15169
16178
  }
15170
16179
  }
@@ -15174,25 +16183,61 @@ export interface operations {
15174
16183
  content: {
15175
16184
  'application/json': {
15176
16185
  results: Array<{
15177
- /** @default */
16186
+ /**
16187
+ * Format: date-time
16188
+ * @description ISO 8601 timestamp of when the threat in the package artifact was first discovered
16189
+ * @default
16190
+ */
15178
16191
  createdAt?: string
15179
- /** @default */
16192
+ /**
16193
+ * Format: date-time
16194
+ * @description ISO 8601 timestamp of when the threat record for the package artifact was last updated (e.g., classification changed, package removed from registry, etc.)
16195
+ * @default
16196
+ */
15180
16197
  updatedAt?: string
15181
- /** @default */
16198
+ /**
16199
+ * Format: date-time
16200
+ * @description ISO 8601 timestamp of when the package artifact was published to the respective registry
16201
+ * @default
16202
+ */
15182
16203
  publishedAt?: string | null
15183
- /** @default */
16204
+ /**
16205
+ * @description Detailed description of the underlying threat
16206
+ * @default
16207
+ */
15184
16208
  description?: string
15185
- /** @default 0 */
16209
+ /**
16210
+ * @description Unique identifier of the threat feed entry
16211
+ * @default 0
16212
+ */
15186
16213
  id?: number
15187
- /** @default */
16214
+ /**
16215
+ * Format: uri
16216
+ * @description URL to the threat details page on Socket
16217
+ * @default
16218
+ */
15188
16219
  locationHtmlUrl?: string
15189
- /** @default */
16220
+ /**
16221
+ * Format: uri
16222
+ * @description URL to the affected package page on Socket
16223
+ * @default
16224
+ */
15190
16225
  packageHtmlUrl?: string
15191
- /** @default */
16226
+ /**
16227
+ * @description Package URL (PURL) of the affected package artifact
16228
+ * @default
16229
+ */
15192
16230
  purl?: string
15193
- /** @default */
16231
+ /**
16232
+ * Format: date-time
16233
+ * @description ISO 8601 timestamp of when the package artifact was removed from the respective registry, or null if the package is still available on the registry
16234
+ * @default
16235
+ */
15194
16236
  removedAt?: string | null
15195
- /** @default */
16237
+ /**
16238
+ * @description Threat classification. Possible values: `malware` (known malware), `possible_malware` (AI-detected potential malware), `vulnerability` (potential vulnerability), `typosquat` (human-reviewed typosquat), `possible_typosquat` (AI-detected potential typosquat), `anomaly` (anomalous behavior), `telemetry` (telemetry), `obfuscated` (obfuscated code), `dual_use` (dual-use tool), `troll` (protestware or joke package), `unreviewed` (not yet reviewed), `false_positive` (confirmed false positive).
16239
+ * @default
16240
+ */
15196
16241
  threatType?: string
15197
16242
  /**
15198
16243
  * @description Whether the threat still is in need of human review by the threat research team
@@ -15243,7 +16288,7 @@ export interface operations {
15243
16288
  created_after?: string
15244
16289
  /** @description Order direction of the provided sort field. */
15245
16290
  direction?: 'desc' | 'asc'
15246
- /** @description Filter what type of threats to return */
16291
+ /** @description Filter by threat classification. Supported values: `mal` (malware, including possible malware), `vuln` (vulnerability), `typo` (typosquat, including possible typosquat), `anom` (anomaly), `spy` (telemetry), `obf` (obfuscated code), `dual` (dual-use tool), `joke` (protestware or joke package), `tp` (all confirmed true positives), `fp` (false positive), `u` (unreviewed), `c` (classified, i.e. anything except unreviewed). */
15247
16292
  filter?:
15248
16293
  | 'u'
15249
16294
  | 'c'
@@ -15255,7 +16300,6 @@ export interface operations {
15255
16300
  | 'joke'
15256
16301
  | 'spy'
15257
16302
  | 'typo'
15258
- | 'secret'
15259
16303
  | 'obf'
15260
16304
  | 'dual'
15261
16305
  /** @description Filter threats by package name */
@@ -15264,10 +16308,11 @@ export interface operations {
15264
16308
  version?: string
15265
16309
  /** @description Only return threats which have been human-reviewed */
15266
16310
  is_human_reviewed?: boolean
15267
- /** @description Filter threats by package ecosystem type */
16311
+ /** @description Filter threats by package ecosystem. */
15268
16312
  ecosystem?:
15269
16313
  | 'github'
15270
16314
  | 'cargo'
16315
+ | 'clawhub'
15271
16316
  | 'composer'
15272
16317
  | 'chrome'
15273
16318
  | 'golang'
@@ -15278,7 +16323,6 @@ export interface operations {
15278
16323
  | 'vscode'
15279
16324
  | 'pypi'
15280
16325
  | 'gem'
15281
- | 'socket'
15282
16326
  | 'swift'
15283
16327
  }
15284
16328
  path: {
@@ -15292,25 +16336,61 @@ export interface operations {
15292
16336
  content: {
15293
16337
  'application/json': {
15294
16338
  results: Array<{
15295
- /** @default */
16339
+ /**
16340
+ * Format: date-time
16341
+ * @description ISO 8601 timestamp of when the threat in the package artifact was first discovered
16342
+ * @default
16343
+ */
15296
16344
  createdAt?: string
15297
- /** @default */
16345
+ /**
16346
+ * Format: date-time
16347
+ * @description ISO 8601 timestamp of when the threat record for the package artifact was last updated (e.g., classification changed, package removed from registry, etc.)
16348
+ * @default
16349
+ */
15298
16350
  updatedAt?: string
15299
- /** @default */
16351
+ /**
16352
+ * Format: date-time
16353
+ * @description ISO 8601 timestamp of when the package artifact was published to the respective registry
16354
+ * @default
16355
+ */
15300
16356
  publishedAt?: string | null
15301
- /** @default */
16357
+ /**
16358
+ * @description Detailed description of the underlying threat
16359
+ * @default
16360
+ */
15302
16361
  description?: string
15303
- /** @default 0 */
16362
+ /**
16363
+ * @description Unique identifier of the threat feed entry
16364
+ * @default 0
16365
+ */
15304
16366
  id?: number
15305
- /** @default */
16367
+ /**
16368
+ * Format: uri
16369
+ * @description URL to the threat details page on Socket
16370
+ * @default
16371
+ */
15306
16372
  locationHtmlUrl?: string
15307
- /** @default */
16373
+ /**
16374
+ * Format: uri
16375
+ * @description URL to the affected package page on Socket
16376
+ * @default
16377
+ */
15308
16378
  packageHtmlUrl?: string
15309
- /** @default */
16379
+ /**
16380
+ * @description Package URL (PURL) of the affected package artifact
16381
+ * @default
16382
+ */
15310
16383
  purl?: string
15311
- /** @default */
16384
+ /**
16385
+ * Format: date-time
16386
+ * @description ISO 8601 timestamp of when the package artifact was removed from the respective registry, or null if the package is still available on the registry
16387
+ * @default
16388
+ */
15312
16389
  removedAt?: string | null
15313
- /** @default */
16390
+ /**
16391
+ * @description Threat classification. Possible values: `malware` (known malware), `possible_malware` (AI-detected potential malware), `vulnerability` (potential vulnerability), `typosquat` (human-reviewed typosquat), `possible_typosquat` (AI-detected potential typosquat), `anomaly` (anomalous behavior), `telemetry` (telemetry), `obfuscated` (obfuscated code), `dual_use` (dual-use tool), `troll` (protestware or joke package), `unreviewed` (not yet reviewed), `false_positive` (confirmed false positive).
16392
+ * @default
16393
+ */
15314
16394
  threatType?: string
15315
16395
  /**
15316
16396
  * @description Whether the threat still is in need of human review by the threat research team
@@ -16221,6 +17301,14 @@ export interface operations {
16221
17301
  'filters.artifactType'?: string
16222
17302
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
16223
17303
  'filters.artifactType.notIn'?: string
17304
+ /** @description Comma-separated list of branch names that should be included */
17305
+ 'filters.branch'?: string
17306
+ /** @description Comma-separated list of branch names that should be excluded */
17307
+ 'filters.branch.notIn'?: string
17308
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
17309
+ 'filters.cvePatchStatus'?: string
17310
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
17311
+ 'filters.cvePatchStatus.notIn'?: string
16224
17312
  /** @description Dead/reachable dependency filter flag */
16225
17313
  'filters.dependencyDead'?: boolean
16226
17314
  /** @description Dead/reachable dependency filter flag */
@@ -16265,6 +17353,8 @@ export interface operations {
16265
17353
  type: string
16266
17354
  /** @default */
16267
17355
  category: string
17356
+ /** @default */
17357
+ description: string | null
16268
17358
  fix: {
16269
17359
  /** @default */
16270
17360
  type: string
@@ -16280,6 +17370,8 @@ export interface operations {
16280
17370
  cveDescription: string | null
16281
17371
  /** @default 0 */
16282
17372
  cvssScore: number
17373
+ /** @default */
17374
+ cvssVectorString: string | null
16283
17375
  cweIds: string[] | null
16284
17376
  cweNames: string[] | null
16285
17377
  ghsaIds: string[] | null
@@ -16289,6 +17381,10 @@ export interface operations {
16289
17381
  epssPercentile: number
16290
17382
  /** @default false */
16291
17383
  isKev: boolean
17384
+ /** @default */
17385
+ firstPatchedVersionIdentifier: string | null
17386
+ /** @default */
17387
+ url: string | null
16292
17388
  } | null
16293
17389
  /** @default */
16294
17390
  id: string
@@ -16402,6 +17498,43 @@ export interface operations {
16402
17498
  scores: components['schemas']['SocketScore']
16403
17499
  /** @default */
16404
17500
  artifactId: string | null
17501
+ capabilities: {
17502
+ /**
17503
+ * @description Package can read or modify environment variables
17504
+ * @default false
17505
+ */
17506
+ env: boolean
17507
+ /**
17508
+ * @description Package uses dynamic code evaluation (eval, Function constructor, etc.)
17509
+ * @default false
17510
+ */
17511
+ eval: boolean
17512
+ /**
17513
+ * @description Package can read or write to the file system
17514
+ * @default false
17515
+ */
17516
+ fs: boolean
17517
+ /**
17518
+ * @description Package can make network requests or create servers
17519
+ * @default false
17520
+ */
17521
+ net: boolean
17522
+ /**
17523
+ * @description Package can execute shell commands or spawn processes
17524
+ * @default false
17525
+ */
17526
+ shell: boolean
17527
+ /**
17528
+ * @description Package uses unsafe or dangerous operations that could compromise security
17529
+ * @default false
17530
+ */
17531
+ unsafe: boolean
17532
+ /**
17533
+ * @description Package contains remote URL(s) in the source code
17534
+ * @default false
17535
+ */
17536
+ url: boolean
17537
+ } | null
16405
17538
  }
16406
17539
  }[]
16407
17540
  }>
@@ -16511,6 +17644,14 @@ export interface operations {
16511
17644
  artifactType?: string[]
16512
17645
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
16513
17646
  'artifactType.notIn'?: string[]
17647
+ /** @description Comma-separated list of branch names that should be included */
17648
+ branch?: string[]
17649
+ /** @description Comma-separated list of branch names that should be excluded */
17650
+ 'branch.notIn'?: string[]
17651
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
17652
+ cvePatchStatus?: string[]
17653
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
17654
+ 'cvePatchStatus.notIn'?: string[]
16514
17655
  /** @description Dead/reachable dependency filter flag */
16515
17656
  dependencyDead?: boolean[]
16516
17657
  /** @description Development/production dependency filter flag */
@@ -17117,12 +18258,16 @@ export interface operations {
17117
18258
  */
17118
18259
  getQuota: {
17119
18260
  responses: {
17120
- /** @description Quota amount */
18261
+ /** @description Quota information */
17121
18262
  200: {
17122
18263
  content: {
17123
18264
  'application/json': {
17124
18265
  /** @default 0 */
17125
18266
  quota: number
18267
+ /** @default 0 */
18268
+ maxQuota: number
18269
+ /** @default */
18270
+ nextWindowRefresh: string | null
17126
18271
  }
17127
18272
  }
17128
18273
  }