@socketsecurity/sdk 3.3.0 → 3.4.0

package/dist/index.js

@@ -71,20 +71,26 @@ module.exports = __toCommonJS(index_exports);
 // package.json
 var package_default = {
   name: "@socketsecurity/sdk",
-  version: "3.3.0",
-  packageManager: "pnpm@10.28.1",
-  license: "MIT",
+  version: "3.4.0",
   description: "SDK for the Socket API client",
+  homepage: "https://github.com/SocketDev/socket-sdk-js",
+  license: "MIT",
   author: {
     name: "Socket Inc",
     email: "eng@socket.dev",
     url: "https://socket.dev"
   },
-  homepage: "https://github.com/SocketDev/socket-sdk-js",
   repository: {
     type: "git",
     url: "git://github.com/SocketDev/socket-sdk-js.git"
   },
+  files: [
+    "CHANGELOG.md",
+    "data/*.json",
+    "dist/*.d.ts",
+    "dist/*.js",
+    "types/*.d.ts"
+  ],
   main: "./dist/index.js",
   types: "./dist/index.d.ts",
   exports: {
@@ -113,6 +119,8 @@ var package_default = {
     clean: "node scripts/clean.mjs",
     cover: "node scripts/cover.mjs",
     fix: "node scripts/lint.mjs --fix",
+    format: "oxfmt .",
+    "format:check": "oxfmt --check .",
     "generate-sdk": "node scripts/generate-sdk.mjs",
     lint: "node scripts/lint.mjs",
     precommit: "pnpm run check --lint --staged",
@@ -120,7 +128,7 @@ var package_default = {
     "ci:validate": "node scripts/ci-validate.mjs",
     prepublishOnly: "echo 'ERROR: Use GitHub Actions workflow for publishing' && exit 1",
     publish: "node scripts/publish.mjs",
-    "publish:ci": "node scripts/publish.mjs --skip-git --skip-build --tag ${DIST_TAG:-latest}",
+    "publish:ci": "node scripts/publish.mjs --tag ${DIST_TAG:-latest}",
     claude: "node scripts/claude.mjs",
     test: "node scripts/test.mjs",
     type: "tsgo --noEmit -p .config/tsconfig.check.json",
@@ -128,7 +136,7 @@ var package_default = {
   },
   dependencies: {
     "@socketregistry/packageurl-js": "1.3.5",
-    "@socketsecurity/lib": "5.5.3",
+    "@socketsecurity/lib": "5.8.0",
     "form-data": "4.0.5"
   },
   devDependencies: {
@@ -136,40 +144,46 @@ var package_default = {
     "@babel/parser": "7.26.3",
     "@babel/traverse": "7.26.4",
     "@babel/types": "7.26.3",
-    "@biomejs/biome": "2.2.4",
-    "@dotenvx/dotenvx": "^1.51.4",
-    "@eslint/compat": "1.3.2",
-    "@eslint/js": "9.35.0",
+    "@dotenvx/dotenvx": "1.54.1",
+    "@oxlint/migrate": "1.52.0",
+    "@sveltejs/acorn-typescript": "1.0.8",
     "@types/babel__traverse": "7.28.0",
     "@types/node": "24.9.2",
     "@typescript/native-preview": "7.0.0-dev.20250926.1",
     "@vitest/coverage-v8": "4.0.3",
-    "@sveltejs/acorn-typescript": "1.0.8",
     acorn: "8.15.0",
     del: "8.0.1",
     "dev-null-cli": "2.0.0",
     esbuild: "0.25.11",
-    eslint: "9.35.0",
-    "eslint-import-resolver-typescript": "4.4.4",
-    "eslint-plugin-import-x": "4.16.1",
-    "eslint-plugin-jsdoc": "57.0.8",
-    "eslint-plugin-n": "17.23.1",
-    "eslint-plugin-sort-destructure-keys": "2.0.0",
-    "eslint-plugin-unicorn": "56.0.1",
     "fast-glob": "3.3.3",
-    globals: "16.4.0",
     "http2-wrapper": "2.2.1",
     husky: "9.1.7",
     "magic-string": "0.30.14",
     nock: "14.0.10",
     "openapi-typescript": "6.7.6",
+    oxfmt: "0.37.0",
+    oxlint: "1.52.0",
     semver: "7.7.2",
     taze: "19.9.2",
     "type-coverage": "2.29.7",
-    "typescript-eslint": "8.44.1",
-    vitest: "4.0.3",
-    "yoctocolors-cjs": "2.1.3"
+    vitest: "4.0.3"
   },
+  typeCoverage: {
+    atLeast: 99,
+    cache: true,
+    "ignore-files": "test/*",
+    "ignore-non-null-assertion": true,
+    "ignore-type-assertion": true,
+    ignoreAsAssertion: true,
+    ignoreCatch: true,
+    ignoreEmptyType: true,
+    strict: true
+  },
+  engines: {
+    node: ">=18",
+    pnpm: ">=10.25.0"
+  },
+  packageManager: "pnpm@10.32.1",
   pnpm: {
     ignoredBuiltDependencies: [
       "esbuild",
@@ -178,28 +192,6 @@ var package_default = {
     overrides: {
       vite: "7.1.12"
     }
-  },
-  engines: {
-    node: ">=18",
-    pnpm: ">=10.25.0"
-  },
-  files: [
-    "CHANGELOG.md",
-    "data/*.json",
-    "dist/*.d.ts",
-    "dist/*.js",
-    "types/*.d.ts"
-  ],
-  typeCoverage: {
-    cache: true,
-    atLeast: 99,
-    ignoreAsAssertion: true,
-    ignoreCatch: true,
-    ignoreEmptyType: true,
-    "ignore-non-null-assertion": true,
-    "ignore-type-assertion": true,
-    "ignore-files": "test/*",
-    strict: true
   }
 };
 
@@ -468,11 +460,12 @@ function sanitizeHeaders(headers) {
 // src/http-client.ts
 var ResponseError = class _ResponseError extends Error {
   response;
+  url;
   /**
    * Create a new ResponseError from an HTTP response.
    * Automatically formats error message with status code and message.
    */
-  constructor(response, message = "") {
+  constructor(response, message = "", url) {
     const statusCode = response.statusCode ?? "unknown";
     const statusMessage = response.statusMessage ?? "No status message";
     super(
@@ -481,6 +474,7 @@ var ResponseError = class _ResponseError extends Error {
     );
     this.name = "ResponseError";
     this.response = response;
+    this.url = url;
     Error.captureStackTrace(this, _ResponseError);
   }
 };
@@ -627,10 +621,10 @@ async function getErrorResponseBody(response) {
     response.setEncoding("utf8");
     response.on("data", (chunk) => {
       const chunkBytes = Buffer.byteLength(chunk, "utf8");
-      totalBytes += chunkBytes;
-      if (totalBytes > MAX_RESPONSE_SIZE) {
+      if (totalBytes + chunkBytes > MAX_RESPONSE_SIZE) {
         response.destroy();
-        const sizeMB = (totalBytes / (1024 * 1024)).toFixed(2);
+        const projectedSize = totalBytes + chunkBytes;
+        const sizeMB = (projectedSize / (1024 * 1024)).toFixed(2);
         const maxMB = (MAX_RESPONSE_SIZE / (1024 * 1024)).toFixed(2);
         const message = [
           `Response exceeds maximum size limit (${sizeMB}MB > ${maxMB}MB)`,
@@ -642,6 +636,7 @@ async function getErrorResponseBody(response) {
         reject(new Error(message));
         return;
       }
+      totalBytes += chunkBytes;
       body += chunk;
     });
     response.on("end", () => resolve(body));
@@ -731,13 +726,14 @@ async function getResponse(req) {
     });
   });
 }
-async function getResponseJson(response, method) {
+async function getResponseJson(response, method, url) {
   const stopTimer = (0, import_performance.perfTimer)("http:parse-json");
   try {
     if (!isResponseOk(response)) {
       throw new ResponseError(
         response,
-        method ? `${method} Request failed` : void 0
+        method ? `${method} Request failed` : void 0,
+        url
       );
     }
     const responseBody = await getErrorResponseBody(response);
@@ -809,7 +805,7 @@ function isResponseOk(response) {
 }
 function reshapeArtifactForPublicPolicy(data, isAuthenticated, actions) {
   if (!isAuthenticated) {
-    const allowedActions = actions ? actions.split(",") : void 0;
+    const allowedActions = actions?.trim() ? actions.split(",") : void 0;
     const reshapeArtifact = (artifact) => ({
       name: artifact.name,
       version: artifact.version,
@@ -923,7 +919,7 @@ async function createUploadRequest(baseUrl, urlPath, form, options) {
       timeout: opts.timeout
     });
     req.flushHeaders();
-    getResponse(req).then(
+    void getResponse(req).then(
       (response) => {
         hooks?.onResponse?.({
           method,
@@ -947,7 +943,6 @@ async function createUploadRequest(baseUrl, urlPath, form, options) {
     );
     form.pipe(req);
     form.on("error", fail);
-    req.on("error", fail);
   });
 }
 
@@ -1124,7 +1119,7 @@ var SocketSdk = class {
       userAgent
     } = { __proto__: null, ...options };
     if (timeout !== void 0) {
-      if (typeof timeout !== "number" || timeout < MIN_HTTP_TIMEOUT || timeout > MAX_HTTP_TIMEOUT) {
+      if (typeof timeout !== "number" || Number.isNaN(timeout) || timeout < MIN_HTTP_TIMEOUT || timeout > MAX_HTTP_TIMEOUT) {
         throw new TypeError(
           `"timeout" must be a number between ${MIN_HTTP_TIMEOUT} and ${MAX_HTTP_TIMEOUT} milliseconds`
         );
@@ -1187,22 +1182,26 @@ var SocketSdk = class {
       signal: abortSignal
     });
     const isPublicToken = this.#apiToken === import_socket2.SOCKET_PUBLIC_API_TOKEN;
-    for await (const line of rli) {
-      const trimmed = line.trim();
-      const artifact = trimmed ? (0, import_parse2.jsonParse)(line, { throws: false }) : (
-        /* c8 ignore next - Empty line handling in batch streaming response parsing. */
-        null
-      );
-      if ((0, import_objects.isObjectObject)(artifact)) {
-        yield this.#handleApiSuccess(
-          /* c8 ignore next 7 - Public token artifact reshaping branch for policy compliance. */
-          isPublicToken ? reshapeArtifactForPublicPolicy(
-            artifact,
-            false,
-            queryParams?.["actions"]
-          ) : artifact
+    try {
+      for await (const line of rli) {
+        const trimmed = line.trim();
+        const artifact = trimmed ? (0, import_parse2.jsonParse)(line, { throws: false }) : (
+          /* c8 ignore next - Empty line handling in batch streaming response parsing. */
+          null
         );
+        if ((0, import_objects.isObjectObject)(artifact)) {
+          yield this.#handleApiSuccess(
+            /* c8 ignore next 7 - Public token artifact reshaping branch for policy compliance. */
+            isPublicToken ? reshapeArtifactForPublicPolicy(
+              artifact,
+              false,
+              queryParams?.["actions"]
+            ) : artifact
+          );
+        }
       }
+    } finally {
+      rli.close();
     }
   }
   /**
@@ -1210,13 +1209,14 @@ var SocketSdk = class {
    * Internal method for handling PURL batch API calls with retry logic.
    */
   async #createBatchPurlRequest(componentsObj, queryParams) {
-    const req = getHttpModule(this.#baseUrl).request(`${this.#baseUrl}purl?${queryToSearchParams(queryParams)}`, {
+    const url = `${this.#baseUrl}purl?${queryToSearchParams(queryParams)}`;
+    const req = getHttpModule(this.#baseUrl).request(url, {
       method: "POST",
       ...this.#reqOptions
     }).end(JSON.stringify(componentsObj));
     const response = await getResponse(req);
     if (!isResponseOk(response)) {
-      throw new ResponseError(response);
+      throw new ResponseError(response, "", url);
     }
     return response;
   }
@@ -1450,7 +1450,8 @@ var SocketSdk = class {
       error: errorMessage,
       /* c8 ignore next - fallback for missing status code in edge cases. */
       status: statusCode ?? 0,
-      success: false
+      success: false,
+      url: error.url
     };
   }
   /**
@@ -1543,18 +1544,16 @@ var SocketSdk = class {
    * @throws {Error} When server returns 5xx status codes
    */
   async batchOrgPackageFetch(orgSlug, componentsObj, queryParams) {
+    const url = `${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/purl?${queryToSearchParams(queryParams)}`;
     let res;
     try {
-      const req = getHttpModule(this.#baseUrl).request(
-        `${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/purl?${queryToSearchParams(queryParams)}`,
-        {
-          method: "POST",
-          ...this.#reqOptions
-        }
-      ).end(JSON.stringify(componentsObj));
+      const req = getHttpModule(this.#baseUrl).request(url, {
+        method: "POST",
+        ...this.#reqOptions
+      }).end(JSON.stringify(componentsObj));
       res = await getResponse(req);
       if (!isResponseOk(res)) {
-        throw new ResponseError(res);
+        throw new ResponseError(res, "", url);
       }
     } catch (e) {
       return await this.#handleApiError(e);
@@ -1568,15 +1567,19 @@ var SocketSdk = class {
       signal: abortSignal
     });
     const results = [];
-    for await (const line of rli) {
-      const trimmed = line.trim();
-      const artifact = trimmed ? (0, import_parse2.jsonParse)(line, { throws: false }) : (
-        /* c8 ignore next - Empty line handling in batch parsing. */
-        null
-      );
-      if ((0, import_objects.isObjectObject)(artifact)) {
-        results.push(artifact);
+    try {
+      for await (const line of rli) {
+        const trimmed = line.trim();
+        const artifact = trimmed ? (0, import_parse2.jsonParse)(line, { throws: false }) : (
+          /* c8 ignore next - Empty line handling in batch parsing. */
+          null
+        );
+        if ((0, import_objects.isObjectObject)(artifact)) {
+          results.push(artifact);
+        }
       }
+    } finally {
+      rli.close();
     }
     const compact = (0, import_url.urlSearchParamAsBoolean)(
       (0, import_objects.getOwn)(queryParams, "compact")
@@ -1608,22 +1611,26 @@ var SocketSdk = class {
     });
     const isPublicToken = this.#apiToken === import_socket2.SOCKET_PUBLIC_API_TOKEN;
     const results = [];
-    for await (const line of rli) {
-      const trimmed = line.trim();
-      const artifact = trimmed ? (0, import_parse2.jsonParse)(line, { throws: false }) : (
-        /* c8 ignore next - Empty line handling in batch parsing. */
-        null
-      );
-      if ((0, import_objects.isObjectObject)(artifact)) {
-        results.push(
-          /* c8 ignore next 7 - Public token artifact reshaping for policy compliance. */
-          isPublicToken ? reshapeArtifactForPublicPolicy(
-            artifact,
-            false,
-            queryParams?.["actions"]
-          ) : artifact
+    try {
+      for await (const line of rli) {
+        const trimmed = line.trim();
+        const artifact = trimmed ? (0, import_parse2.jsonParse)(line, { throws: false }) : (
+          /* c8 ignore next - Empty line handling in batch parsing. */
+          null
         );
+        if ((0, import_objects.isObjectObject)(artifact)) {
+          results.push(
+            /* c8 ignore next 7 - Public token artifact reshaping for policy compliance. */
+            isPublicToken ? reshapeArtifactForPublicPolicy(
+              artifact,
+              false,
+              queryParams?.["actions"]
+            ) : artifact
+          );
+        }
       }
+    } finally {
+      rli.close();
     }
     const compact = (0, import_url.urlSearchParamAsBoolean)(
       (0, import_objects.getOwn)(queryParams, "compact")
@@ -1689,11 +1696,13 @@ var SocketSdk = class {
       const { generator, iteratorResult } = await Promise.race(
         running.map((entry) => entry.promise)
       );
-      const index2 = running.findIndex((entry) => entry.generator === generator);
-      if (index2 === -1) {
+      const runningIndex = running.findIndex(
+        (entry) => entry.generator === generator
+      );
+      if (runningIndex === -1) {
         continue;
       }
-      running.splice(index2, 1);
+      running.splice(runningIndex, 1);
       if (iteratorResult.value) {
         yield iteratorResult.value;
       }
@@ -1819,7 +1828,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/createorgfullscan
    * @apiEndpoint POST /orgs/{org_slug}/full-scans
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes full-scans:create
    * @throws {Error} When server returns 5xx status codes
    */
@@ -1918,16 +1927,43 @@ var SocketSdk = class {
    * Create a diff scan from two full scan IDs.
    * Compares two existing full scans to identify changes.
    *
+   * @param orgSlug - Organization identifier
+   * @param options - Diff scan creation options
+   * @param options.after - ID of the after/head full scan (newer)
+   * @param options.before - ID of the before/base full scan (older)
+   * @param options.description - Description of the diff scan
+   * @param options.external_href - External URL to associate with the diff scan
+   * @param options.merge - Set true for merged commits, false for open PR diffs
+   * @returns Diff scan details
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.createOrgDiffScanFromIds('my-org', {
+   *   before: 'scan-id-1',
+   *   after: 'scan-id-2',
+   *   description: 'Compare versions',
+   *   merge: false
+   * })
+   *
+   * if (result.success) {
+   *   console.log('Diff scan created:', result.data.diff_scan.id)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/createorgdiffscanfromids
+   * @apiEndpoint POST /orgs/{org_slug}/diff-scans/from-ids
+   * @quota 0 units
+   * @scopes diff-scans:create, full-scans:list
    * @throws {Error} When server returns 5xx status codes
    */
-  async createOrgDiffScanFromIds(orgSlug, queryParams) {
+  async createOrgDiffScanFromIds(orgSlug, options) {
     try {
       const data = await this.#executeWithRetry(
         async () => await getResponseJson(
           await createRequestWithJson(
             "POST",
             this.#baseUrl,
-            `orgs/${encodeURIComponent(orgSlug)}/diff-scans?${queryToSearchParams(queryParams)}`,
+            `orgs/${encodeURIComponent(orgSlug)}/diff-scans/from-ids?${queryToSearchParams(options)}`,
             {},
             { ...this.#reqOptions, hooks: this.#hooks }
           )
@@ -2001,15 +2037,22 @@ var SocketSdk = class {
    * Registers a repository for monitoring and security scanning.
    *
    * @param orgSlug - Organization identifier
-   * @param params - Repository configuration (name, description, homepage, etc.)
+   * @param repoSlug - Repository name/slug
+   * @param params - Additional repository configuration
+   * @param params.archived - Whether the repository is archived
+   * @param params.default_branch - Default branch of the repository
+   * @param params.description - Description of the repository
+   * @param params.homepage - Homepage URL of the repository
+   * @param params.visibility - Visibility setting ('public' or 'private')
+   * @param params.workspace - Workspace of the repository
    * @returns Created repository details
    *
    * @example
    * ```typescript
-   * const result = await sdk.createRepository('my-org', {
-   *   name: 'my-repo',
+   * const result = await sdk.createRepository('my-org', 'my-repo', {
    *   description: 'My project repository',
-   *   homepage: 'https://example.com'
+   *   homepage: 'https://example.com',
+   *   visibility: 'private'
    * })
    *
    * if (result.success) {
@@ -2019,11 +2062,11 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/createorgrepo
    * @apiEndpoint POST /orgs/{org_slug}/repos
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo:write
    * @throws {Error} When server returns 5xx status codes
    */
-  async createRepository(orgSlug, params) {
+  async createRepository(orgSlug, repoSlug, params) {
     try {
       const data = await this.#executeWithRetry(
         async () => await getResponseJson(
@@ -2031,7 +2074,7 @@ var SocketSdk = class {
             "POST",
             this.#baseUrl,
             `orgs/${encodeURIComponent(orgSlug)}/repos`,
-            params,
+            { ...params, name: repoSlug },
             { ...this.#reqOptions, hooks: this.#hooks }
           )
         )
@@ -2075,7 +2118,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/createorgrepolabel
    * @apiEndpoint POST /orgs/{org_slug}/repos/labels
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo-label:create
    * @throws {Error} When server returns 5xx status codes
    */
@@ -2130,7 +2173,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/deleteorgfullscan
    * @apiEndpoint DELETE /orgs/{org_slug}/full-scans/{full_scan_id}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes full-scans:delete
    * @throws {Error} When server returns 5xx status codes
    */
@@ -2232,7 +2275,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/deleteorgrepo
    * @apiEndpoint DELETE /orgs/{org_slug}/repos/{repo_slug}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo:write
    * @throws {Error} When server returns 5xx status codes
    */
@@ -2290,7 +2333,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/deleteorgrepolabel
    * @apiEndpoint DELETE /orgs/{org_slug}/repos/labels/{label_id}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo-label:delete
    * @throws {Error} When server returns 5xx status codes
    */
@@ -2349,35 +2392,33 @@ var SocketSdk = class {
      * ```
      */
   async downloadOrgFullScanFilesAsTar(orgSlug, fullScanId, outputPath) {
+    const url = `${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/files.tar`;
     try {
-      const req = getHttpModule(this.#baseUrl).request(
-        `${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(fullScanId)}/files.tar`,
-        {
-          method: "GET",
-          ...this.#reqOptions
-        }
-      ).end();
+      const req = getHttpModule(this.#baseUrl).request(url, {
+        method: "GET",
+        ...this.#reqOptions
+      }).end();
       const res = await getResponse(req);
       if (!isResponseOk(res)) {
-        throw new ResponseError(res);
+        throw new ResponseError(res, "", url);
       }
       const writeStream = (0, import_node_fs3.createWriteStream)(outputPath);
       let bytesWritten = 0;
       res.on("data", (chunk) => {
-        bytesWritten += chunk.length;
-        if (bytesWritten > MAX_STREAM_SIZE) {
-          res.destroy();
-          writeStream.destroy();
-          throw new Error(
+        if (bytesWritten + chunk.length > MAX_STREAM_SIZE) {
+          const error = new Error(
             `Response exceeds maximum stream size of ${MAX_STREAM_SIZE} bytes`
           );
+          res.destroy(error);
+          writeStream.destroy(error);
+          return;
         }
+        bytesWritten += chunk.length;
       });
       res.pipe(writeStream);
       writeStream.on("error", (error) => {
-        throw new Error(`Failed to write to file: ${outputPath}`, {
-          cause: error
-        });
+        res.destroy();
+        writeStream.destroy(error);
       });
       await import_node_events.default.once(writeStream, "finish");
       return this.#handleApiSuccess(res);
@@ -2440,8 +2481,23 @@ var SocketSdk = class {
           return;
         }
         let data = "";
+        let bytesRead = 0;
+        const MAX_PATCH_SIZE = 50 * 1024 * 1024;
         res.on("data", (chunk) => {
-          data += chunk;
+          if (bytesRead + chunk.length > MAX_PATCH_SIZE) {
+            const error = new Error(
+              [
+                `Patch file exceeds maximum size of ${MAX_PATCH_SIZE} bytes`,
+                `\u2192 Current size: ${bytesRead + chunk.length} bytes`,
+                "\u2192 This may indicate an incorrect hash or corrupted blob."
+              ].join("\n")
+            );
+            res.destroy(error);
+            reject(error);
+            return;
+          }
+          bytesRead += chunk.length;
+          data += chunk.toString("utf8");
         });
         res.on("end", () => {
           resolve(data);
@@ -2524,7 +2580,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/exportopenvex
    * @apiEndpoint GET /orgs/{org_slug}/export/openvex/{id}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes report:read
    * @throws {Error} When server returns 5xx status codes
    */
@@ -2579,6 +2635,7 @@ var SocketSdk = class {
       __proto__: null,
       ...options
     };
+    const url = `${this.#baseUrl}${urlPath}`;
     try {
       const response = await createGetRequest(this.#baseUrl, urlPath, {
         ...this.#reqOptions,
@@ -2586,17 +2643,18 @@ var SocketSdk = class {
       });
       if (!isResponseOk(response)) {
         if (throws) {
-          throw new ResponseError(response);
+          throw new ResponseError(response, "", url);
         }
         const errorResult = await this.#handleApiError(
-          new ResponseError(response)
+          new ResponseError(response, "", url)
         );
         return {
           cause: errorResult.cause,
           data: void 0,
           error: errorResult.error,
           status: errorResult.status,
-          success: false
+          success: false,
+          url: errorResult.url
         };
       }
       const data = await this.#handleQueryResponseData(
@@ -2697,6 +2755,48 @@ var SocketSdk = class {
       return await this.#handleApiError(e);
     }
   }
+  /**
+   * Get GitHub-flavored markdown comments for a diff scan.
+   * Returns dependency overview and alert comments suitable for pull requests.
+   *
+   * @param orgSlug - Organization identifier
+   * @param diffScanId - Diff scan identifier
+   * @param options - Optional query parameters
+   * @param options.github_installation_id - GitHub installation ID for settings
+   * @returns Diff scan metadata with formatted markdown comments
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.getDiffScanGfm('my-org', 'diff-scan-id')
+   *
+   * if (result.success) {
+   *   console.log(result.data.dependency_overview_comment)
+   *   console.log(result.data.dependency_alert_comment)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getdiffscangfm
+   * @apiEndpoint GET /orgs/{org_slug}/diff-scans/{diff_scan_id}/gfm
+   * @quota 0 units
+   * @scopes diff-scans:list
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getDiffScanGfm(orgSlug, diffScanId, options) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/diff-scans/${encodeURIComponent(diffScanId)}/gfm${options ? `?${queryToSearchParams(options)}` : ""}`,
+            { ...this.#reqOptions, hooks: this.#hooks }
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
   /**
    * Retrieve the enabled entitlements for an organization.
    *
@@ -2756,7 +2856,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorgfullscan
    * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes full-scans:list
    * @throws {Error} When server returns 5xx status codes
    */
@@ -2811,7 +2911,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorgfullscanmetadata
    * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}/metadata
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes full-scans:list
    * @throws {Error} When server returns 5xx status codes
    */
@@ -3198,7 +3298,7 @@ var SocketSdk = class {
      *
      * @see https://docs.socket.dev/reference/getorgrepo
      * @apiEndpoint GET /orgs/{org_slug}/repos/{repo_slug}
-     * @quota 1 unit
+     * @quota 0 units
      * @scopes repo:read
      * @throws {Error} When server returns 5xx status codes
      */
@@ -3260,7 +3360,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorgrepolabel
    * @apiEndpoint GET /orgs/{org_slug}/repos/labels/{label_id}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo-label:list
    * @throws {Error} When server returns 5xx status codes
    */
@@ -3315,10 +3415,57 @@ var SocketSdk = class {
       return await this.#handleApiError(e);
     }
   }
+  /**
+   * Get list of supported file types for full scan generation.
+   * Returns glob patterns for supported manifest files, lockfiles, and configuration formats.
+   *
+   * Files whose names match the patterns returned by this endpoint can be uploaded
+   * for report generation. Examples include `package.json`, `package-lock.json`, and `yarn.lock`.
+   *
+   * @param orgSlug - Organization identifier
+   * @returns Nested object with environment and file type patterns
+   *
+   * @example
+   * ```typescript
+   * const result = await sdk.getSupportedFiles('my-org')
+   *
+   * if (result.success) {
+   *   console.log('NPM patterns:', result.data.NPM)
+   *   console.log('PyPI patterns:', result.data.PyPI)
+   * }
+   * ```
+   *
+   * @see https://docs.socket.dev/reference/getsupportedfiles
+   * @apiEndpoint GET /orgs/{org_slug}/supported-files
+   * @quota 0 units
+   * @scopes No scopes required, but authentication is required
+   * @throws {Error} When server returns 5xx status codes
+   */
+  async getSupportedFiles(orgSlug) {
+    try {
+      const data = await this.#executeWithRetry(
+        async () => await getResponseJson(
+          await createGetRequest(
+            this.#baseUrl,
+            `orgs/${encodeURIComponent(orgSlug)}/supported-files`,
+            {
+              ...this.#reqOptions,
+              hooks: this.#hooks
+            }
+          )
+        )
+      );
+      return this.#handleApiSuccess(data);
+    } catch (e) {
+      return await this.#handleApiError(e);
+    }
+  }
   /**
    * Get list of file types and formats supported for scanning.
    * Returns supported manifest files, lockfiles, and configuration formats.
    *
+   * @deprecated Use getSupportedFiles() instead. This endpoint has been deprecated
+   * since 2023-01-15 and now uses the /report/supported endpoint.
    * @throws {Error} When server returns 5xx status codes
    */
   async getSupportedScanFiles() {
@@ -3363,7 +3510,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorgfullscanlist
    * @apiEndpoint GET /orgs/{org_slug}/full-scans
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes full-scans:list
    * @throws {Error} When server returns 5xx status codes
    */
@@ -3416,7 +3563,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorganizations
    * @apiEndpoint GET /organizations
-   * @quota 1 unit
+   * @quota 0 units
    * @throws {Error} When server returns 5xx status codes
    */
   async listOrganizations() {
@@ -3497,7 +3644,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorgrepolist
    * @apiEndpoint GET /orgs/{org_slug}/repos
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo:list
    * @throws {Error} When server returns 5xx status codes
    */
@@ -3553,7 +3700,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorgrepolabellist
    * @apiEndpoint GET /orgs/{org_slug}/repos/labels
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo-label:list
    * @throws {Error} When server returns 5xx status codes
    */
@@ -3769,7 +3916,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/rescanorgfullscan
    * @apiEndpoint POST /orgs/{org_slug}/full-scans/{full_scan_id}/rescan
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes full-scans:create
    * @throws {Error} When server returns 5xx status codes
    */
@@ -3903,7 +4050,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/getorgfullscan
    * @apiEndpoint GET /orgs/{org_slug}/full-scans/{full_scan_id}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes full-scans:list
    * @throws {Error} When server returns 5xx status codes
    */
@@ -3912,51 +4059,59 @@ var SocketSdk = class {
       __proto__: null,
       ...options
     };
+    const url = `${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(scanId)}`;
     try {
-      const req = getHttpModule(this.#baseUrl).request(
-        `${this.#baseUrl}orgs/${encodeURIComponent(orgSlug)}/full-scans/${encodeURIComponent(scanId)}`,
-        {
-          method: "GET",
-          ...this.#reqOptions
-        }
-      ).end();
+      const req = getHttpModule(this.#baseUrl).request(url, {
+        method: "GET",
+        ...this.#reqOptions
+      }).end();
       const res = await getResponse(req);
       if (!isResponseOk(res)) {
-        throw new ResponseError(res);
+        throw new ResponseError(res, "", url);
       }
       if (typeof output === "string") {
         const writeStream = (0, import_node_fs3.createWriteStream)(output);
         let bytesWritten = 0;
         res.on("data", (chunk) => {
-          bytesWritten += chunk.length;
-          if (bytesWritten > MAX_STREAM_SIZE) {
-            res.destroy();
-            writeStream.destroy();
-            throw new Error(
+          if (bytesWritten + chunk.length > MAX_STREAM_SIZE) {
+            const error = new Error(
               `Response exceeds maximum stream size of ${MAX_STREAM_SIZE} bytes`
             );
+            res.destroy(error);
+            writeStream.destroy(error);
+            return;
           }
+          bytesWritten += chunk.length;
         });
         res.pipe(writeStream);
         writeStream.on("error", (error) => {
-          throw new Error(`Failed to write to file: ${output}`, {
-            cause: error
-          });
+          res.destroy();
+          writeStream.destroy(error);
         });
+        await import_node_events.default.once(writeStream, "finish");
       } else if (output === true) {
         let bytesWritten = 0;
         res.on("data", (chunk) => {
-          bytesWritten += chunk.length;
-          if (bytesWritten > MAX_STREAM_SIZE) {
-            res.destroy();
-            throw new Error(
+          if (bytesWritten + chunk.length > MAX_STREAM_SIZE) {
+            const error = new Error(
               `Response exceeds maximum stream size of ${MAX_STREAM_SIZE} bytes`
             );
+            res.destroy(error);
+            return;
           }
+          bytesWritten += chunk.length;
         });
+        const stdoutErrorHandler = (_error) => {
+          res.destroy();
+          process.stdout.removeListener("error", stdoutErrorHandler);
+        };
+        process.stdout.on("error", stdoutErrorHandler);
         res.pipe(process.stdout);
-        process.stdout.on("error", (error) => {
-          throw new Error("Failed to write to stdout", { cause: error });
+        res.on("end", () => {
+          process.stdout.removeListener("error", stdoutErrorHandler);
+        });
+        res.on("error", () => {
+          process.stdout.removeListener("error", stdoutErrorHandler);
         });
       }
       return this.#handleApiSuccess(res);
@@ -3973,15 +4128,16 @@ var SocketSdk = class {
    * Note: This method returns a ReadableStream for processing large datasets.
    */
   async streamPatchesFromScan(orgSlug, scanId) {
+    const urlPath = `orgs/${encodeURIComponent(orgSlug)}/patches/scan?scan_id=${encodeURIComponent(scanId)}`;
+    const url = `${this.#baseUrl}${urlPath}`;
     const response = await this.#executeWithRetry(
-      async () => await createGetRequest(
-        this.#baseUrl,
-        `orgs/${encodeURIComponent(orgSlug)}/patches/scan?scan_id=${encodeURIComponent(scanId)}`,
-        { ...this.#reqOptions, hooks: this.#hooks }
-      )
+      async () => await createGetRequest(this.#baseUrl, urlPath, {
+        ...this.#reqOptions,
+        hooks: this.#hooks
+      })
     );
     if (!isResponseOk(response)) {
-      throw new ResponseError(response, "GET Request failed");
+      throw new ResponseError(response, "GET Request failed", url);
     }
     const rli = import_node_readline.default.createInterface({
       input: response,
@@ -4005,8 +4161,13 @@ var SocketSdk = class {
         } catch (error) {
           controller.error(error);
         } finally {
+          rli.close();
           controller.close();
         }
+      },
+      /* c8 ignore next 3 - Stream cancellation cleanup, difficult to test reliably. */
+      cancel() {
+        rli.close();
       }
     });
   }
@@ -4162,7 +4323,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/updateorgrepo
    * @apiEndpoint POST /orgs/{org_slug}/repos/{repo_slug}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo:write
    * @throws {Error} When server returns 5xx status codes
    */
@@ -4224,7 +4385,7 @@ var SocketSdk = class {
    *
    * @see https://docs.socket.dev/reference/updateorgrepolabel
    * @apiEndpoint PUT /orgs/{org_slug}/repos/labels/{label_id}
-   * @quota 1 unit
+   * @quota 0 units
    * @scopes repo-label:update
    * @throws {Error} When server returns 5xx status codes
    */