@socketsecurity/sdk 3.3.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/CHANGELOG.md +100 -4
  2. package/README.md +10 -23
  3. package/data/api-method-quota-and-permissions.json +20 -0
  4. package/dist/constants.d.ts +1 -1
  5. package/dist/http-client.d.ts +3 -2
  6. package/dist/index.d.ts +1 -1
  7. package/dist/index.js +340 -179
  8. package/dist/socket-sdk-class.d.ts +130 -25
  9. package/dist/types-strict.d.ts +48 -2
  10. package/dist/types.d.ts +6 -5
  11. package/package.json +36 -44
  12. package/types/api.d.ts +1257 -105
package/types/api.d.ts CHANGED
@@ -8,7 +8,7 @@ export interface paths {
8
8
  /**
9
9
  * Get Packages by PURL
10
10
  * @deprecated
11
- * @description **This endpoint is deprecated.** Deprecated since 2026-01-05. It will be removed on 2026-07-30.
11
+ * @description **This endpoint is deprecated.** Deprecated since 2026-01-05.
12
12
  *
13
13
  * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
14
14
  *
@@ -257,6 +257,56 @@ export interface paths {
257
257
  */
258
258
  post: operations['rescanOrgFullScan']
259
259
  }
260
+ '/orgs/{org_slug}/full-scans/{full_scan_id}/format/csv': {
261
+ /**
262
+ * Export CSV of alerts for full scan
263
+ * @description Export a CSV file containing all alerts from a full scan.
264
+ *
265
+ * The CSV includes details about each alert and the affected packages.
266
+ * You can optionally filter using the request body "filters" array. Supported filter IDs include:
267
+ * - alert.action (error|warn|monitor|ignore)
268
+ * - alert.type
269
+ * - alert.category
270
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
271
+ * - artifact.type (purl type, e.g. npm, pypi)
272
+ * - dependency.type (direct|transitive)
273
+ * - dependency.scope (dev|normal)
274
+ * - dependency.usage (used|unused)
275
+ * - manifest.file
276
+ *
277
+ * This endpoint consumes 1 unit of your quota.
278
+ *
279
+ * This endpoint requires the following org token scopes:
280
+ * - full-scans:list
281
+ */
282
+ post: operations['getOrgFullScanCsv']
283
+ }
284
+ '/orgs/{org_slug}/full-scans/{full_scan_id}/format/pdf': {
285
+ /**
286
+ * Generate PDF report for full scan
287
+ * @description Generate a PDF report for all alerts in a full scan.
288
+ *
289
+ * This endpoint streams a PDF document containing all alerts found in the full scan,
290
+ * with optional filtering and grouping options.
291
+ *
292
+ * Supported request body filter IDs include:
293
+ * - alert.action (error|warn|monitor|ignore)
294
+ * - alert.type
295
+ * - alert.category
296
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
297
+ * - artifact.type (purl type, e.g. npm, pypi)
298
+ * - dependency.type (direct|transitive)
299
+ * - dependency.scope (dev|normal)
300
+ * - dependency.usage (used|unused)
301
+ * - manifest.file
302
+ *
303
+ * This endpoint consumes 1 unit of your quota.
304
+ *
305
+ * This endpoint requires the following org token scopes:
306
+ * - full-scans:list
307
+ */
308
+ post: operations['getOrgFullScanPdf']
309
+ }
260
310
  '/orgs/{org_slug}/export/cdx/{id}': {
261
311
  /**
262
312
  * Export CycloneDX SBOM (Beta)
@@ -426,7 +476,7 @@ export interface paths {
426
476
  get: operations['getOrgTriage']
427
477
  /**
428
478
  * Update Org Alert Triage
429
- * @description Update triage actions on organizaton alerts.
479
+ * @description Update triage actions on organization alerts.
430
480
  *
431
481
  * This endpoint consumes 1 unit of your quota.
432
482
  *
@@ -435,6 +485,18 @@ export interface paths {
435
485
  */
436
486
  post: operations['updateOrgAlertTriage']
437
487
  }
488
+ '/orgs/{org_slug}/triage/alerts/{uuid}': {
489
+ /**
490
+ * Delete Org Alert Triage
491
+ * @description Delete a specific triage rule by UUID.
492
+ *
493
+ * This endpoint consumes 1 unit of your quota.
494
+ *
495
+ * This endpoint requires the following org token scopes:
496
+ * - triage:alerts-update
497
+ */
498
+ delete: operations['deleteOrgAlertTriage']
499
+ }
438
500
  '/orgs/{org_slug}/repos': {
439
501
  /**
440
502
  * List repositories
@@ -1949,10 +2011,10 @@ export interface components {
1949
2011
  dependsOn?: string[]
1950
2012
  }>
1951
2013
  vulnerabilities?: Array<{
1952
- /** @default */
1953
- ref: string
1954
2014
  /** @default */
1955
2015
  id: string
2016
+ /** @default */
2017
+ ref?: string
1956
2018
  source?: {
1957
2019
  /** @default */
1958
2020
  name?: string
@@ -2140,6 +2202,11 @@ export interface components {
2140
2202
  * @default false
2141
2203
  */
2142
2204
  unsafe: boolean
2205
+ /**
2206
+ * @description Package contains remote URL(s) in the source code
2207
+ * @default false
2208
+ */
2209
+ url: boolean
2143
2210
  }
2144
2211
  Qualifiers: unknown
2145
2212
  SocketScore: {
@@ -2547,13 +2614,11 @@ export interface components {
2547
2614
  alertKeysToReachabilityTypes?: {
2548
2615
  [key: string]: string[]
2549
2616
  }
2550
- /** @description Mapping of alert keys to arrays of reachability summaries. Each summary contains a reachability type and a hash pointing to detailed analysis data (call stacks, file locations, confidence scores). Used for efficient storage and retrieval of comprehensive reachability analysis results without duplicating large analysis payloads. */
2617
+ /** @description Mapping of alert keys to arrays of reachability summaries. Each summary contains a reachability type indicating the result of reachability analysis for the corresponding vulnerability alert. */
2551
2618
  alertKeysToReachabilitySummaries?: {
2552
2619
  [key: string]: Array<{
2553
2620
  /** @default */
2554
2621
  type: string
2555
- /** @default */
2556
- hash: string
2557
2622
  }>
2558
2623
  }
2559
2624
  }
@@ -4164,6 +4229,210 @@ export interface components {
4164
4229
  usage?: components['schemas']['SocketUsageRef']
4165
4230
  }
4166
4231
  }
4232
+ | {
4233
+ /** @enum {string} */
4234
+ type?: 'skillAutonomyAbuse'
4235
+ value?: components['schemas']['SocketIssueBasics'] & {
4236
+ /** @default */
4237
+ description: string
4238
+ props: {
4239
+ /** @default */
4240
+ notes: string
4241
+ /** @default 0 */
4242
+ confidence: number
4243
+ /** @default 0 */
4244
+ severity: number
4245
+ }
4246
+ usage?: components['schemas']['SocketUsageRef']
4247
+ }
4248
+ }
4249
+ | {
4250
+ /** @enum {string} */
4251
+ type?: 'skillCommandInjection'
4252
+ value?: components['schemas']['SocketIssueBasics'] & {
4253
+ /** @default */
4254
+ description: string
4255
+ props: {
4256
+ /** @default */
4257
+ notes: string
4258
+ /** @default 0 */
4259
+ confidence: number
4260
+ /** @default 0 */
4261
+ severity: number
4262
+ }
4263
+ usage?: components['schemas']['SocketUsageRef']
4264
+ }
4265
+ }
4266
+ | {
4267
+ /** @enum {string} */
4268
+ type?: 'skillDataExfiltration'
4269
+ value?: components['schemas']['SocketIssueBasics'] & {
4270
+ /** @default */
4271
+ description: string
4272
+ props: {
4273
+ /** @default */
4274
+ notes: string
4275
+ /** @default 0 */
4276
+ confidence: number
4277
+ /** @default 0 */
4278
+ severity: number
4279
+ }
4280
+ usage?: components['schemas']['SocketUsageRef']
4281
+ }
4282
+ }
4283
+ | {
4284
+ /** @enum {string} */
4285
+ type?: 'skillDiscoveryAbuse'
4286
+ value?: components['schemas']['SocketIssueBasics'] & {
4287
+ /** @default */
4288
+ description: string
4289
+ props: {
4290
+ /** @default */
4291
+ notes: string
4292
+ /** @default 0 */
4293
+ confidence: number
4294
+ /** @default 0 */
4295
+ severity: number
4296
+ }
4297
+ usage?: components['schemas']['SocketUsageRef']
4298
+ }
4299
+ }
4300
+ | {
4301
+ /** @enum {string} */
4302
+ type?: 'skillHardcodedSecrets'
4303
+ value?: components['schemas']['SocketIssueBasics'] & {
4304
+ /** @default */
4305
+ description: string
4306
+ props: {
4307
+ /** @default */
4308
+ notes: string
4309
+ /** @default 0 */
4310
+ confidence: number
4311
+ /** @default 0 */
4312
+ severity: number
4313
+ }
4314
+ usage?: components['schemas']['SocketUsageRef']
4315
+ }
4316
+ }
4317
+ | {
4318
+ /** @enum {string} */
4319
+ type?: 'skillObfuscation'
4320
+ value?: components['schemas']['SocketIssueBasics'] & {
4321
+ /** @default */
4322
+ description: string
4323
+ props: {
4324
+ /** @default */
4325
+ notes: string
4326
+ /** @default 0 */
4327
+ confidence: number
4328
+ /** @default 0 */
4329
+ severity: number
4330
+ }
4331
+ usage?: components['schemas']['SocketUsageRef']
4332
+ }
4333
+ }
4334
+ | {
4335
+ /** @enum {string} */
4336
+ type?: 'skillPromptInjection'
4337
+ value?: components['schemas']['SocketIssueBasics'] & {
4338
+ /** @default */
4339
+ description: string
4340
+ props: {
4341
+ /** @default */
4342
+ notes: string
4343
+ /** @default 0 */
4344
+ confidence: number
4345
+ /** @default 0 */
4346
+ severity: number
4347
+ }
4348
+ usage?: components['schemas']['SocketUsageRef']
4349
+ }
4350
+ }
4351
+ | {
4352
+ /** @enum {string} */
4353
+ type?: 'skillResourceAbuse'
4354
+ value?: components['schemas']['SocketIssueBasics'] & {
4355
+ /** @default */
4356
+ description: string
4357
+ props: {
4358
+ /** @default */
4359
+ notes: string
4360
+ /** @default 0 */
4361
+ confidence: number
4362
+ /** @default 0 */
4363
+ severity: number
4364
+ }
4365
+ usage?: components['schemas']['SocketUsageRef']
4366
+ }
4367
+ }
4368
+ | {
4369
+ /** @enum {string} */
4370
+ type?: 'skillSupplyChain'
4371
+ value?: components['schemas']['SocketIssueBasics'] & {
4372
+ /** @default */
4373
+ description: string
4374
+ props: {
4375
+ /** @default */
4376
+ notes: string
4377
+ /** @default 0 */
4378
+ confidence: number
4379
+ /** @default 0 */
4380
+ severity: number
4381
+ }
4382
+ usage?: components['schemas']['SocketUsageRef']
4383
+ }
4384
+ }
4385
+ | {
4386
+ /** @enum {string} */
4387
+ type?: 'skillToolAbuse'
4388
+ value?: components['schemas']['SocketIssueBasics'] & {
4389
+ /** @default */
4390
+ description: string
4391
+ props: {
4392
+ /** @default */
4393
+ notes: string
4394
+ /** @default 0 */
4395
+ confidence: number
4396
+ /** @default 0 */
4397
+ severity: number
4398
+ }
4399
+ usage?: components['schemas']['SocketUsageRef']
4400
+ }
4401
+ }
4402
+ | {
4403
+ /** @enum {string} */
4404
+ type?: 'skillToolChaining'
4405
+ value?: components['schemas']['SocketIssueBasics'] & {
4406
+ /** @default */
4407
+ description: string
4408
+ props: {
4409
+ /** @default */
4410
+ notes: string
4411
+ /** @default 0 */
4412
+ confidence: number
4413
+ /** @default 0 */
4414
+ severity: number
4415
+ }
4416
+ usage?: components['schemas']['SocketUsageRef']
4417
+ }
4418
+ }
4419
+ | {
4420
+ /** @enum {string} */
4421
+ type?: 'skillTransitiveTrust'
4422
+ value?: components['schemas']['SocketIssueBasics'] & {
4423
+ /** @default */
4424
+ description: string
4425
+ props: {
4426
+ /** @default */
4427
+ notes: string
4428
+ /** @default 0 */
4429
+ confidence: number
4430
+ /** @default 0 */
4431
+ severity: number
4432
+ }
4433
+ usage?: components['schemas']['SocketUsageRef']
4434
+ }
4435
+ }
4167
4436
  | {
4168
4437
  /** @enum {string} */
4169
4438
  type?: 'socketUpgradeAvailable'
@@ -4660,6 +4929,7 @@ export interface components {
4660
4929
  | 'cocoapods'
4661
4930
  | 'cargo'
4662
4931
  | 'chrome'
4932
+ | 'clawhub'
4663
4933
  | 'composer'
4664
4934
  | 'conan'
4665
4935
  | 'conda'
@@ -5152,7 +5422,7 @@ export interface operations {
5152
5422
  /**
5153
5423
  * Get Packages by PURL
5154
5424
  * @deprecated
5155
- * @description **This endpoint is deprecated.** Deprecated since 2026-01-05. It will be removed on 2026-07-30.
5425
+ * @description **This endpoint is deprecated.** Deprecated since 2026-01-05.
5156
5426
  *
5157
5427
  * Batch retrieval of package metadata and alerts by PURL strings. Compatible with CycloneDX reports.
5158
5428
  *
@@ -5424,6 +5694,8 @@ export interface operations {
5424
5694
  pull_request?: string
5425
5695
  /** @description A commit hash to filter full-scans by. */
5426
5696
  commit_hash?: string
5697
+ /** @description A scan type to filter full-scans by (e.g. socket, socket_tier1, socket_basics). */
5698
+ scan_type?: string
5427
5699
  }
5428
5700
  path: {
5429
5701
  /** @description The slug of the organization */
@@ -5479,6 +5751,8 @@ export interface operations {
5479
5751
  integration_commit_url?: string | null
5480
5752
  /** @default */
5481
5753
  integration_pull_request_url?: string | null
5754
+ /** @default */
5755
+ scan_type?: string | null
5482
5756
  /**
5483
5757
  * @description The current processing status of the SBOM
5484
5758
  * @default pending
@@ -5612,6 +5886,8 @@ export interface operations {
5612
5886
  integration_commit_url?: string | null
5613
5887
  /** @default */
5614
5888
  integration_pull_request_url?: string | null
5889
+ /** @default */
5890
+ scan_type?: string | null
5615
5891
  /**
5616
5892
  * @description The current processing status of the SBOM
5617
5893
  * @default pending
@@ -5786,6 +6062,8 @@ export interface operations {
5786
6062
  integration_commit_url?: string | null
5787
6063
  /** @default */
5788
6064
  integration_pull_request_url?: string | null
6065
+ /** @default */
6066
+ scan_type?: string | null
5789
6067
  /**
5790
6068
  * @description The current processing status of the SBOM
5791
6069
  * @default pending
@@ -6168,6 +6446,8 @@ export interface operations {
6168
6446
  integration_commit_url?: string | null
6169
6447
  /** @default */
6170
6448
  integration_pull_request_url?: string | null
6449
+ /** @default */
6450
+ scan_type?: string | null
6171
6451
  /**
6172
6452
  * @description The current processing status of the SBOM
6173
6453
  * @default pending
@@ -6227,39 +6507,171 @@ export interface operations {
6227
6507
  }
6228
6508
  }
6229
6509
  /**
6230
- * Export CycloneDX SBOM (Beta)
6231
- * @description Export a Socket SBOM as a CycloneDX SBOM
6232
- *
6233
- * Supported ecosystems:
6234
- *
6235
- * - crates
6236
- * - go
6237
- * - maven
6238
- * - npm
6239
- * - nuget
6240
- * - pypi
6241
- * - rubygems
6242
- * - spdx
6243
- * - cdx
6244
- *
6245
- * Unsupported ecosystems are filtered from the export.
6510
+ * Export CSV of alerts for full scan
6511
+ * @description Export a CSV file containing all alerts from a full scan.
6512
+ *
6513
+ * The CSV includes details about each alert and the affected packages.
6514
+ * You can optionally filter using the request body "filters" array. Supported filter IDs include:
6515
+ * - alert.action (error|warn|monitor|ignore)
6516
+ * - alert.type
6517
+ * - alert.category
6518
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
6519
+ * - artifact.type (purl type, e.g. npm, pypi)
6520
+ * - dependency.type (direct|transitive)
6521
+ * - dependency.scope (dev|normal)
6522
+ * - dependency.usage (used|unused)
6523
+ * - manifest.file
6246
6524
  *
6247
6525
  * This endpoint consumes 1 unit of your quota.
6248
6526
  *
6249
6527
  * This endpoint requires the following org token scopes:
6250
- * - report:read
6528
+ * - full-scans:list
6251
6529
  */
6252
- exportCDX: {
6530
+ getOrgFullScanCsv: {
6253
6531
  parameters: {
6254
- query?: {
6255
- /**
6256
- * @description The person(s) who created the BOM.
6257
- * Set this value if you're intending the modify the BOM and claim authorship.
6258
- */
6259
- author?: string
6260
- /** @description Dependency track project group */
6261
- project_group?: string
6262
- /** @description Dependency track project name. Default use the directory name */
6532
+ query: {
6533
+ /** @description Control which alert priority fields to include in the response. Set to "true" to include all fields, "false" to exclude all fields, or specify individual fields like "components,formula" to include only those fields. */
6534
+ include_alert_priority_details?:
6535
+ | boolean
6536
+ | Array<'component' | 'formula'>
6537
+ /** @description Include license details in the response. */
6538
+ include_license_details: boolean
6539
+ }
6540
+ path: {
6541
+ /** @description The slug of the organization */
6542
+ org_slug: string
6543
+ /** @description The ID of the full scan */
6544
+ full_scan_id: string
6545
+ }
6546
+ }
6547
+ requestBody?: {
6548
+ content: {
6549
+ 'application/json': {
6550
+ filters?: Array<{
6551
+ /** @default */
6552
+ id: string
6553
+ value: string[]
6554
+ }>
6555
+ }
6556
+ }
6557
+ }
6558
+ responses: {
6559
+ /** @description CSV export of alerts */
6560
+ 200: {
6561
+ content: {
6562
+ 'text/csv': unknown
6563
+ }
6564
+ }
6565
+ 400: components['responses']['SocketBadRequest']
6566
+ 401: components['responses']['SocketUnauthorized']
6567
+ 403: components['responses']['SocketForbidden']
6568
+ 404: components['responses']['SocketNotFoundResponse']
6569
+ 429: components['responses']['SocketTooManyRequestsResponse']
6570
+ }
6571
+ }
6572
+ /**
6573
+ * Generate PDF report for full scan
6574
+ * @description Generate a PDF report for all alerts in a full scan.
6575
+ *
6576
+ * This endpoint streams a PDF document containing all alerts found in the full scan,
6577
+ * with optional filtering and grouping options.
6578
+ *
6579
+ * Supported request body filter IDs include:
6580
+ * - alert.action (error|warn|monitor|ignore)
6581
+ * - alert.type
6582
+ * - alert.category
6583
+ * - alert.severity (low|medium|middle|high|critical or 0-3)
6584
+ * - artifact.type (purl type, e.g. npm, pypi)
6585
+ * - dependency.type (direct|transitive)
6586
+ * - dependency.scope (dev|normal)
6587
+ * - dependency.usage (used|unused)
6588
+ * - manifest.file
6589
+ *
6590
+ * This endpoint consumes 1 unit of your quota.
6591
+ *
6592
+ * This endpoint requires the following org token scopes:
6593
+ * - full-scans:list
6594
+ */
6595
+ getOrgFullScanPdf: {
6596
+ parameters: {
6597
+ query: {
6598
+ /** @description Control which alert priority fields to include in the response. Set to "true" to include all fields, "false" to exclude all fields, or specify individual fields like "components,formula" to include only those fields. */
6599
+ include_alert_priority_details?:
6600
+ | boolean
6601
+ | Array<'component' | 'formula'>
6602
+ /** @description Include license details in the response. */
6603
+ include_license_details: boolean
6604
+ }
6605
+ path: {
6606
+ /** @description The slug of the organization */
6607
+ org_slug: string
6608
+ /** @description The ID of the full scan */
6609
+ full_scan_id: string
6610
+ }
6611
+ }
6612
+ requestBody?: {
6613
+ content: {
6614
+ 'application/json': {
6615
+ filters?: Array<{
6616
+ /** @default */
6617
+ id: string
6618
+ value: string[]
6619
+ }>
6620
+ /** @default */
6621
+ groupBy?: string
6622
+ /** @default */
6623
+ additionalInformation?: string
6624
+ }
6625
+ }
6626
+ }
6627
+ responses: {
6628
+ /** @description PDF report of alerts */
6629
+ 200: {
6630
+ content: {
6631
+ 'application/pdf': unknown
6632
+ }
6633
+ }
6634
+ 400: components['responses']['SocketBadRequest']
6635
+ 401: components['responses']['SocketUnauthorized']
6636
+ 403: components['responses']['SocketForbidden']
6637
+ 404: components['responses']['SocketNotFoundResponse']
6638
+ 429: components['responses']['SocketTooManyRequestsResponse']
6639
+ }
6640
+ }
6641
+ /**
6642
+ * Export CycloneDX SBOM (Beta)
6643
+ * @description Export a Socket SBOM as a CycloneDX SBOM
6644
+ *
6645
+ * Supported ecosystems:
6646
+ *
6647
+ * - crates
6648
+ * - go
6649
+ * - maven
6650
+ * - npm
6651
+ * - nuget
6652
+ * - pypi
6653
+ * - rubygems
6654
+ * - spdx
6655
+ * - cdx
6656
+ *
6657
+ * Unsupported ecosystems are filtered from the export.
6658
+ *
6659
+ * This endpoint consumes 1 unit of your quota.
6660
+ *
6661
+ * This endpoint requires the following org token scopes:
6662
+ * - report:read
6663
+ */
6664
+ exportCDX: {
6665
+ parameters: {
6666
+ query?: {
6667
+ /**
6668
+ * @description The person(s) who created the BOM.
6669
+ * Set this value if you're intending the modify the BOM and claim authorship.
6670
+ */
6671
+ author?: string
6672
+ /** @description Dependency track project group */
6673
+ project_group?: string
6674
+ /** @description Dependency track project name. Default use the directory name */
6263
6675
  project_name?: string
6264
6676
  /** @description Dependency track project version */
6265
6677
  project_version?: string
@@ -7091,11 +7503,58 @@ export interface operations {
7091
7503
  content: {
7092
7504
  'application/json': {
7093
7505
  results: Array<{
7506
+ /**
7507
+ * @description The uuid of the triage action
7508
+ * @default
7509
+ */
7510
+ uuid?: string | null
7511
+ /**
7512
+ * @description The package type associated with the triage state
7513
+ * @default
7514
+ */
7515
+ package_type?: string | null
7516
+ /**
7517
+ * @description The package namespace associated with the triage state
7518
+ * @default
7519
+ */
7520
+ package_namespace?: string | null
7521
+ /**
7522
+ * @description The package name associated with the triage state
7523
+ * @default
7524
+ */
7525
+ package_name?: string | null
7526
+ /**
7527
+ * @description The package version associated with the triage state, it can contain a * suffix for wildcard matching
7528
+ * @default
7529
+ */
7530
+ package_version?: string | null
7094
7531
  /**
7095
7532
  * @description The alert_key associated with the triage state
7096
7533
  * @default
7097
7534
  */
7098
- alert_key?: string
7535
+ alert_key?: string | null
7536
+ /**
7537
+ * @description The alert type (e.g., criticalCVE, highCVE) associated with the triage state
7538
+ * @default
7539
+ */
7540
+ alert_type?: string | null
7541
+ /**
7542
+ * @description Whether a fix must be available, unavailable, or * for any
7543
+ * @default *
7544
+ * @enum {string|null}
7545
+ */
7546
+ fix_available?: 'available' | 'unavailable' | '*' | null
7547
+ /**
7548
+ * @description Whether a patch must be available, unavailable, or * for any
7549
+ * @default *
7550
+ * @enum {string|null}
7551
+ */
7552
+ patch_available?: 'available' | 'unavailable' | '*' | null
7553
+ /**
7554
+ * @description CVSS score comparison (e.g., >=7.5, >5.0, ==8.0)
7555
+ * @default
7556
+ */
7557
+ cvss_score_cmp?: string | null
7099
7558
  /**
7100
7559
  * @description The creation date of the triage action
7101
7560
  * @default
@@ -7122,6 +7581,23 @@ export interface operations {
7122
7581
  * @enum {string}
7123
7582
  */
7124
7583
  state?: 'block' | 'ignore' | 'inherit' | 'monitor' | 'warn'
7584
+ /**
7585
+ * @description CVE or GHSA ID associated with the triage state
7586
+ * @default
7587
+ */
7588
+ cve_or_ghsa_id?: string | null
7589
+ /**
7590
+ * @description The reachability of the alert, can be reachable, unreachable, other, or * for any
7591
+ * @default *
7592
+ * @enum {string|null}
7593
+ */
7594
+ reachability?: 'reachable' | 'unreachable' | 'other' | '*' | null
7595
+ /**
7596
+ * @description Whether the alert has a CISA KEV (Known Exploited Vulnerability), can be exist, none, or * for any
7597
+ * @default *
7598
+ * @enum {string|null}
7599
+ */
7600
+ kevs?: 'exist' | 'none' | '*' | null
7125
7601
  }>
7126
7602
  /** @default 0 */
7127
7603
  nextPage: number | null
@@ -7137,7 +7613,7 @@ export interface operations {
7137
7613
  }
7138
7614
  /**
7139
7615
  * Update Org Alert Triage
7140
- * @description Update triage actions on organizaton alerts.
7616
+ * @description Update triage actions on organization alerts.
7141
7617
  *
7142
7618
  * This endpoint consumes 1 unit of your quota.
7143
7619
  *
@@ -7146,6 +7622,10 @@ export interface operations {
7146
7622
  */
7147
7623
  updateOrgAlertTriage: {
7148
7624
  parameters: {
7625
+ query?: {
7626
+ /** @description Set to true to force broad triage updates, these are triages lacking a specific alertKey or granular artifact information which may have limited introspection to see what they apply to. */
7627
+ force?: string
7628
+ }
7149
7629
  path: {
7150
7630
  /** @description The slug of the organization */
7151
7631
  org_slug: string
@@ -7156,7 +7636,43 @@ export interface operations {
7156
7636
  'application/json': {
7157
7637
  alertTriage: Array<{
7158
7638
  /** @default */
7159
- alertKey?: string
7639
+ uuid?: string | null
7640
+ /** @default */
7641
+ packageType?: string | null
7642
+ /** @default */
7643
+ packageNamespace?: string | null
7644
+ /** @default */
7645
+ packageName?: string | null
7646
+ /** @default */
7647
+ packageVersion?: string | null
7648
+ /** @default */
7649
+ alertKey?: string | null
7650
+ /** @default */
7651
+ alertType?: string | null
7652
+ /**
7653
+ * @description Whether a fix is available, unavailable, or * for any
7654
+ * @enum {string}
7655
+ */
7656
+ fixAvailable?: 'available' | 'unavailable' | '*'
7657
+ /**
7658
+ * @description Whether a patch is available, unavailable, or * for any
7659
+ * @enum {string}
7660
+ */
7661
+ patchAvailable?: 'available' | 'unavailable' | '*'
7662
+ /**
7663
+ * @description Whether the alert has a CISA KEV, can be exist, none, or * for any
7664
+ * @enum {string}
7665
+ */
7666
+ kevs?: 'exist' | 'none' | '*'
7667
+ /** @default */
7668
+ cveOrGhsaId?: string | null
7669
+ /**
7670
+ * @description The reachability of the alert, can be reachable, unreachable, other, or * for any
7671
+ * @enum {string}
7672
+ */
7673
+ reachability?: 'reachable' | 'unreachable' | 'other' | '*'
7674
+ /** @default */
7675
+ cvssScoreCmp?: string | null
7160
7676
  /** @default */
7161
7677
  note?: string
7162
7678
  /**
@@ -7170,7 +7686,42 @@ export interface operations {
7170
7686
  }
7171
7687
  responses: {
7172
7688
  /** @description Updated Alert Triage */
7173
- 202: {
7689
+ 200: {
7690
+ content: {
7691
+ 'application/json': {
7692
+ /** @default */
7693
+ result: string
7694
+ }
7695
+ }
7696
+ }
7697
+ 400: components['responses']['SocketBadRequest']
7698
+ 401: components['responses']['SocketUnauthorized']
7699
+ 403: components['responses']['SocketForbidden']
7700
+ 404: components['responses']['SocketNotFoundResponse']
7701
+ 429: components['responses']['SocketTooManyRequestsResponse']
7702
+ }
7703
+ }
7704
+ /**
7705
+ * Delete Org Alert Triage
7706
+ * @description Delete a specific triage rule by UUID.
7707
+ *
7708
+ * This endpoint consumes 1 unit of your quota.
7709
+ *
7710
+ * This endpoint requires the following org token scopes:
7711
+ * - triage:alerts-update
7712
+ */
7713
+ deleteOrgAlertTriage: {
7714
+ parameters: {
7715
+ path: {
7716
+ /** @description The slug of the organization */
7717
+ org_slug: string
7718
+ /** @description The UUID of the alert triage entry to delete */
7719
+ uuid: string
7720
+ }
7721
+ }
7722
+ responses: {
7723
+ /** @description Deleted Alert Triage */
7724
+ 200: {
7174
7725
  content: {
7175
7726
  'application/json': {
7176
7727
  /** @default */
@@ -7203,6 +7754,8 @@ export interface operations {
7203
7754
  page?: number
7204
7755
  /** @description Include archived repositories in the results */
7205
7756
  include_archived?: boolean
7757
+ /** @description Filter repositories by workspace. When provided (including empty string), only repos in that workspace are returned. */
7758
+ workspace?: string
7206
7759
  }
7207
7760
  path: {
7208
7761
  /** @description The slug of the organization */
@@ -8782,6 +9335,90 @@ export interface operations {
8782
9335
  */
8783
9336
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
8784
9337
  }
9338
+ skillAutonomyAbuse?: {
9339
+ /**
9340
+ * @description The action to take for skillAutonomyAbuse issues.
9341
+ * @enum {string}
9342
+ */
9343
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9344
+ }
9345
+ skillCommandInjection?: {
9346
+ /**
9347
+ * @description The action to take for skillCommandInjection issues.
9348
+ * @enum {string}
9349
+ */
9350
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9351
+ }
9352
+ skillDataExfiltration?: {
9353
+ /**
9354
+ * @description The action to take for skillDataExfiltration issues.
9355
+ * @enum {string}
9356
+ */
9357
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9358
+ }
9359
+ skillDiscoveryAbuse?: {
9360
+ /**
9361
+ * @description The action to take for skillDiscoveryAbuse issues.
9362
+ * @enum {string}
9363
+ */
9364
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9365
+ }
9366
+ skillHardcodedSecrets?: {
9367
+ /**
9368
+ * @description The action to take for skillHardcodedSecrets issues.
9369
+ * @enum {string}
9370
+ */
9371
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9372
+ }
9373
+ skillObfuscation?: {
9374
+ /**
9375
+ * @description The action to take for skillObfuscation issues.
9376
+ * @enum {string}
9377
+ */
9378
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9379
+ }
9380
+ skillPromptInjection?: {
9381
+ /**
9382
+ * @description The action to take for skillPromptInjection issues.
9383
+ * @enum {string}
9384
+ */
9385
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9386
+ }
9387
+ skillResourceAbuse?: {
9388
+ /**
9389
+ * @description The action to take for skillResourceAbuse issues.
9390
+ * @enum {string}
9391
+ */
9392
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9393
+ }
9394
+ skillSupplyChain?: {
9395
+ /**
9396
+ * @description The action to take for skillSupplyChain issues.
9397
+ * @enum {string}
9398
+ */
9399
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9400
+ }
9401
+ skillToolAbuse?: {
9402
+ /**
9403
+ * @description The action to take for skillToolAbuse issues.
9404
+ * @enum {string}
9405
+ */
9406
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9407
+ }
9408
+ skillToolChaining?: {
9409
+ /**
9410
+ * @description The action to take for skillToolChaining issues.
9411
+ * @enum {string}
9412
+ */
9413
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9414
+ }
9415
+ skillTransitiveTrust?: {
9416
+ /**
9417
+ * @description The action to take for skillTransitiveTrust issues.
9418
+ * @enum {string}
9419
+ */
9420
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9421
+ }
8785
9422
  socketUpgradeAvailable?: {
8786
9423
  /**
8787
9424
  * @description The action to take for socketUpgradeAvailable issues.
@@ -9675,6 +10312,90 @@ export interface operations {
9675
10312
  */
9676
10313
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
9677
10314
  }
10315
+ skillAutonomyAbuse?: {
10316
+ /**
10317
+ * @description The action to take for skillAutonomyAbuse issues.
10318
+ * @enum {string}
10319
+ */
10320
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10321
+ }
10322
+ skillCommandInjection?: {
10323
+ /**
10324
+ * @description The action to take for skillCommandInjection issues.
10325
+ * @enum {string}
10326
+ */
10327
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10328
+ }
10329
+ skillDataExfiltration?: {
10330
+ /**
10331
+ * @description The action to take for skillDataExfiltration issues.
10332
+ * @enum {string}
10333
+ */
10334
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10335
+ }
10336
+ skillDiscoveryAbuse?: {
10337
+ /**
10338
+ * @description The action to take for skillDiscoveryAbuse issues.
10339
+ * @enum {string}
10340
+ */
10341
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10342
+ }
10343
+ skillHardcodedSecrets?: {
10344
+ /**
10345
+ * @description The action to take for skillHardcodedSecrets issues.
10346
+ * @enum {string}
10347
+ */
10348
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10349
+ }
10350
+ skillObfuscation?: {
10351
+ /**
10352
+ * @description The action to take for skillObfuscation issues.
10353
+ * @enum {string}
10354
+ */
10355
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10356
+ }
10357
+ skillPromptInjection?: {
10358
+ /**
10359
+ * @description The action to take for skillPromptInjection issues.
10360
+ * @enum {string}
10361
+ */
10362
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10363
+ }
10364
+ skillResourceAbuse?: {
10365
+ /**
10366
+ * @description The action to take for skillResourceAbuse issues.
10367
+ * @enum {string}
10368
+ */
10369
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10370
+ }
10371
+ skillSupplyChain?: {
10372
+ /**
10373
+ * @description The action to take for skillSupplyChain issues.
10374
+ * @enum {string}
10375
+ */
10376
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10377
+ }
10378
+ skillToolAbuse?: {
10379
+ /**
10380
+ * @description The action to take for skillToolAbuse issues.
10381
+ * @enum {string}
10382
+ */
10383
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10384
+ }
10385
+ skillToolChaining?: {
10386
+ /**
10387
+ * @description The action to take for skillToolChaining issues.
10388
+ * @enum {string}
10389
+ */
10390
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10391
+ }
10392
+ skillTransitiveTrust?: {
10393
+ /**
10394
+ * @description The action to take for skillTransitiveTrust issues.
10395
+ * @enum {string}
10396
+ */
10397
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10398
+ }
9678
10399
  socketUpgradeAvailable?: {
9679
10400
  /**
9680
10401
  * @description The action to take for socketUpgradeAvailable issues.
@@ -10596,128 +11317,212 @@ export interface operations {
10596
11317
  */
10597
11318
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10598
11319
  }
10599
- floatingDependency?: {
11320
+ floatingDependency?: {
11321
+ /**
11322
+ * @description The action to take for floatingDependency issues.
11323
+ * @enum {string}
11324
+ */
11325
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11326
+ }
11327
+ manifestConfusion?: {
11328
+ /**
11329
+ * @description The action to take for manifestConfusion issues.
11330
+ * @enum {string}
11331
+ */
11332
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11333
+ }
11334
+ malware?: {
11335
+ /**
11336
+ * @description The action to take for malware issues.
11337
+ * @enum {string}
11338
+ */
11339
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11340
+ }
11341
+ telemetry?: {
11342
+ /**
11343
+ * @description The action to take for telemetry issues.
11344
+ * @enum {string}
11345
+ */
11346
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11347
+ }
11348
+ troll?: {
11349
+ /**
11350
+ * @description The action to take for troll issues.
11351
+ * @enum {string}
11352
+ */
11353
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11354
+ }
11355
+ deprecated?: {
11356
+ /**
11357
+ * @description The action to take for deprecated issues.
11358
+ * @enum {string}
11359
+ */
11360
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11361
+ }
11362
+ chronoAnomaly?: {
11363
+ /**
11364
+ * @description The action to take for chronoAnomaly issues.
11365
+ * @enum {string}
11366
+ */
11367
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11368
+ }
11369
+ compromisedSSHKey?: {
11370
+ /**
11371
+ * @description The action to take for compromisedSSHKey issues.
11372
+ * @enum {string}
11373
+ */
11374
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11375
+ }
11376
+ semverAnomaly?: {
11377
+ /**
11378
+ * @description The action to take for semverAnomaly issues.
11379
+ * @enum {string}
11380
+ */
11381
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11382
+ }
11383
+ newAuthor?: {
11384
+ /**
11385
+ * @description The action to take for newAuthor issues.
11386
+ * @enum {string}
11387
+ */
11388
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11389
+ }
11390
+ unstableOwnership?: {
11391
+ /**
11392
+ * @description The action to take for unstableOwnership issues.
11393
+ * @enum {string}
11394
+ */
11395
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11396
+ }
11397
+ missingAuthor?: {
11398
+ /**
11399
+ * @description The action to take for missingAuthor issues.
11400
+ * @enum {string}
11401
+ */
11402
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11403
+ }
11404
+ unmaintained?: {
10600
11405
  /**
10601
- * @description The action to take for floatingDependency issues.
11406
+ * @description The action to take for unmaintained issues.
10602
11407
  * @enum {string}
10603
11408
  */
10604
11409
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10605
11410
  }
10606
- manifestConfusion?: {
11411
+ unpublished?: {
10607
11412
  /**
10608
- * @description The action to take for manifestConfusion issues.
11413
+ * @description The action to take for unpublished issues.
10609
11414
  * @enum {string}
10610
11415
  */
10611
11416
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10612
11417
  }
10613
- malware?: {
11418
+ majorRefactor?: {
10614
11419
  /**
10615
- * @description The action to take for malware issues.
11420
+ * @description The action to take for majorRefactor issues.
10616
11421
  * @enum {string}
10617
11422
  */
10618
11423
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10619
11424
  }
10620
- telemetry?: {
11425
+ missingTarball?: {
10621
11426
  /**
10622
- * @description The action to take for telemetry issues.
11427
+ * @description The action to take for missingTarball issues.
10623
11428
  * @enum {string}
10624
11429
  */
10625
11430
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10626
11431
  }
10627
- troll?: {
11432
+ suspiciousStarActivity?: {
10628
11433
  /**
10629
- * @description The action to take for troll issues.
11434
+ * @description The action to take for suspiciousStarActivity issues.
10630
11435
  * @enum {string}
10631
11436
  */
10632
11437
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10633
11438
  }
10634
- deprecated?: {
11439
+ unpopularPackage?: {
10635
11440
  /**
10636
- * @description The action to take for deprecated issues.
11441
+ * @description The action to take for unpopularPackage issues.
10637
11442
  * @enum {string}
10638
11443
  */
10639
11444
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10640
11445
  }
10641
- chronoAnomaly?: {
11446
+ skillAutonomyAbuse?: {
10642
11447
  /**
10643
- * @description The action to take for chronoAnomaly issues.
11448
+ * @description The action to take for skillAutonomyAbuse issues.
10644
11449
  * @enum {string}
10645
11450
  */
10646
11451
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10647
11452
  }
10648
- compromisedSSHKey?: {
11453
+ skillCommandInjection?: {
10649
11454
  /**
10650
- * @description The action to take for compromisedSSHKey issues.
11455
+ * @description The action to take for skillCommandInjection issues.
10651
11456
  * @enum {string}
10652
11457
  */
10653
11458
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10654
11459
  }
10655
- semverAnomaly?: {
11460
+ skillDataExfiltration?: {
10656
11461
  /**
10657
- * @description The action to take for semverAnomaly issues.
11462
+ * @description The action to take for skillDataExfiltration issues.
10658
11463
  * @enum {string}
10659
11464
  */
10660
11465
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10661
11466
  }
10662
- newAuthor?: {
11467
+ skillDiscoveryAbuse?: {
10663
11468
  /**
10664
- * @description The action to take for newAuthor issues.
11469
+ * @description The action to take for skillDiscoveryAbuse issues.
10665
11470
  * @enum {string}
10666
11471
  */
10667
11472
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10668
11473
  }
10669
- unstableOwnership?: {
11474
+ skillHardcodedSecrets?: {
10670
11475
  /**
10671
- * @description The action to take for unstableOwnership issues.
11476
+ * @description The action to take for skillHardcodedSecrets issues.
10672
11477
  * @enum {string}
10673
11478
  */
10674
11479
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10675
11480
  }
10676
- missingAuthor?: {
11481
+ skillObfuscation?: {
10677
11482
  /**
10678
- * @description The action to take for missingAuthor issues.
11483
+ * @description The action to take for skillObfuscation issues.
10679
11484
  * @enum {string}
10680
11485
  */
10681
11486
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10682
11487
  }
10683
- unmaintained?: {
11488
+ skillPromptInjection?: {
10684
11489
  /**
10685
- * @description The action to take for unmaintained issues.
11490
+ * @description The action to take for skillPromptInjection issues.
10686
11491
  * @enum {string}
10687
11492
  */
10688
11493
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10689
11494
  }
10690
- unpublished?: {
11495
+ skillResourceAbuse?: {
10691
11496
  /**
10692
- * @description The action to take for unpublished issues.
11497
+ * @description The action to take for skillResourceAbuse issues.
10693
11498
  * @enum {string}
10694
11499
  */
10695
11500
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10696
11501
  }
10697
- majorRefactor?: {
11502
+ skillSupplyChain?: {
10698
11503
  /**
10699
- * @description The action to take for majorRefactor issues.
11504
+ * @description The action to take for skillSupplyChain issues.
10700
11505
  * @enum {string}
10701
11506
  */
10702
11507
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10703
11508
  }
10704
- missingTarball?: {
11509
+ skillToolAbuse?: {
10705
11510
  /**
10706
- * @description The action to take for missingTarball issues.
11511
+ * @description The action to take for skillToolAbuse issues.
10707
11512
  * @enum {string}
10708
11513
  */
10709
11514
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10710
11515
  }
10711
- suspiciousStarActivity?: {
11516
+ skillToolChaining?: {
10712
11517
  /**
10713
- * @description The action to take for suspiciousStarActivity issues.
11518
+ * @description The action to take for skillToolChaining issues.
10714
11519
  * @enum {string}
10715
11520
  */
10716
11521
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
10717
11522
  }
10718
- unpopularPackage?: {
11523
+ skillTransitiveTrust?: {
10719
11524
  /**
10720
- * @description The action to take for unpopularPackage issues.
11525
+ * @description The action to take for skillTransitiveTrust issues.
10721
11526
  * @enum {string}
10722
11527
  */
10723
11528
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
@@ -11608,6 +12413,90 @@ export interface operations {
11608
12413
  */
11609
12414
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
11610
12415
  }
12416
+ skillAutonomyAbuse?: {
12417
+ /**
12418
+ * @description The action to take for skillAutonomyAbuse issues.
12419
+ * @enum {string}
12420
+ */
12421
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12422
+ }
12423
+ skillCommandInjection?: {
12424
+ /**
12425
+ * @description The action to take for skillCommandInjection issues.
12426
+ * @enum {string}
12427
+ */
12428
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12429
+ }
12430
+ skillDataExfiltration?: {
12431
+ /**
12432
+ * @description The action to take for skillDataExfiltration issues.
12433
+ * @enum {string}
12434
+ */
12435
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12436
+ }
12437
+ skillDiscoveryAbuse?: {
12438
+ /**
12439
+ * @description The action to take for skillDiscoveryAbuse issues.
12440
+ * @enum {string}
12441
+ */
12442
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12443
+ }
12444
+ skillHardcodedSecrets?: {
12445
+ /**
12446
+ * @description The action to take for skillHardcodedSecrets issues.
12447
+ * @enum {string}
12448
+ */
12449
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12450
+ }
12451
+ skillObfuscation?: {
12452
+ /**
12453
+ * @description The action to take for skillObfuscation issues.
12454
+ * @enum {string}
12455
+ */
12456
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12457
+ }
12458
+ skillPromptInjection?: {
12459
+ /**
12460
+ * @description The action to take for skillPromptInjection issues.
12461
+ * @enum {string}
12462
+ */
12463
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12464
+ }
12465
+ skillResourceAbuse?: {
12466
+ /**
12467
+ * @description The action to take for skillResourceAbuse issues.
12468
+ * @enum {string}
12469
+ */
12470
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12471
+ }
12472
+ skillSupplyChain?: {
12473
+ /**
12474
+ * @description The action to take for skillSupplyChain issues.
12475
+ * @enum {string}
12476
+ */
12477
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12478
+ }
12479
+ skillToolAbuse?: {
12480
+ /**
12481
+ * @description The action to take for skillToolAbuse issues.
12482
+ * @enum {string}
12483
+ */
12484
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12485
+ }
12486
+ skillToolChaining?: {
12487
+ /**
12488
+ * @description The action to take for skillToolChaining issues.
12489
+ * @enum {string}
12490
+ */
12491
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12492
+ }
12493
+ skillTransitiveTrust?: {
12494
+ /**
12495
+ * @description The action to take for skillTransitiveTrust issues.
12496
+ * @enum {string}
12497
+ */
12498
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12499
+ }
11611
12500
  socketUpgradeAvailable?: {
11612
12501
  /**
11613
12502
  * @description The action to take for socketUpgradeAvailable issues.
@@ -12463,6 +13352,90 @@ export interface operations {
12463
13352
  */
12464
13353
  action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
12465
13354
  }
13355
+ skillAutonomyAbuse?: {
13356
+ /**
13357
+ * @description The action to take for skillAutonomyAbuse issues.
13358
+ * @enum {string}
13359
+ */
13360
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13361
+ }
13362
+ skillCommandInjection?: {
13363
+ /**
13364
+ * @description The action to take for skillCommandInjection issues.
13365
+ * @enum {string}
13366
+ */
13367
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13368
+ }
13369
+ skillDataExfiltration?: {
13370
+ /**
13371
+ * @description The action to take for skillDataExfiltration issues.
13372
+ * @enum {string}
13373
+ */
13374
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13375
+ }
13376
+ skillDiscoveryAbuse?: {
13377
+ /**
13378
+ * @description The action to take for skillDiscoveryAbuse issues.
13379
+ * @enum {string}
13380
+ */
13381
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13382
+ }
13383
+ skillHardcodedSecrets?: {
13384
+ /**
13385
+ * @description The action to take for skillHardcodedSecrets issues.
13386
+ * @enum {string}
13387
+ */
13388
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13389
+ }
13390
+ skillObfuscation?: {
13391
+ /**
13392
+ * @description The action to take for skillObfuscation issues.
13393
+ * @enum {string}
13394
+ */
13395
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13396
+ }
13397
+ skillPromptInjection?: {
13398
+ /**
13399
+ * @description The action to take for skillPromptInjection issues.
13400
+ * @enum {string}
13401
+ */
13402
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13403
+ }
13404
+ skillResourceAbuse?: {
13405
+ /**
13406
+ * @description The action to take for skillResourceAbuse issues.
13407
+ * @enum {string}
13408
+ */
13409
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13410
+ }
13411
+ skillSupplyChain?: {
13412
+ /**
13413
+ * @description The action to take for skillSupplyChain issues.
13414
+ * @enum {string}
13415
+ */
13416
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13417
+ }
13418
+ skillToolAbuse?: {
13419
+ /**
13420
+ * @description The action to take for skillToolAbuse issues.
13421
+ * @enum {string}
13422
+ */
13423
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13424
+ }
13425
+ skillToolChaining?: {
13426
+ /**
13427
+ * @description The action to take for skillToolChaining issues.
13428
+ * @enum {string}
13429
+ */
13430
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13431
+ }
13432
+ skillTransitiveTrust?: {
13433
+ /**
13434
+ * @description The action to take for skillTransitiveTrust issues.
13435
+ * @enum {string}
13436
+ */
13437
+ action: 'defer' | 'error' | 'warn' | 'monitor' | 'ignore'
13438
+ }
12466
13439
  socketUpgradeAvailable?: {
12467
13440
  /**
12468
13441
  * @description The action to take for socketUpgradeAvailable issues.
@@ -13460,6 +14433,14 @@ export interface operations {
13460
14433
  'filters.artifactType'?: string
13461
14434
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13462
14435
  'filters.artifactType.notIn'?: string
14436
+ /** @description Comma-separated list of branch names that should be included */
14437
+ 'filters.branch'?: string
14438
+ /** @description Comma-separated list of branch names that should be excluded */
14439
+ 'filters.branch.notIn'?: string
14440
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14441
+ 'filters.cvePatchStatus'?: string
14442
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14443
+ 'filters.cvePatchStatus.notIn'?: string
13463
14444
  /** @description Dead/reachable dependency filter flag */
13464
14445
  'filters.dependencyDead'?: boolean
13465
14446
  /** @description Dead/reachable dependency filter flag */
@@ -13659,6 +14640,14 @@ export interface operations {
13659
14640
  artifactType?: string[]
13660
14641
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13661
14642
  'artifactType.notIn'?: string[]
14643
+ /** @description Comma-separated list of branch names that should be included */
14644
+ branch?: string[]
14645
+ /** @description Comma-separated list of branch names that should be excluded */
14646
+ 'branch.notIn'?: string[]
14647
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14648
+ cvePatchStatus?: string[]
14649
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14650
+ 'cvePatchStatus.notIn'?: string[]
13662
14651
  /** @description Dead/reachable dependency filter flag */
13663
14652
  dependencyDead?: boolean[]
13664
14653
  /** @description Development/production dependency filter flag */
@@ -13704,7 +14693,7 @@ export interface operations {
13704
14693
  date?: string
13705
14694
  /** @description The number of days of data to fetch as an offset from input date */
13706
14695
  range?: string
13707
- /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,alertReachabilityAnalysisType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
14696
+ /** @description Comma-separated list of fields that should be used for count aggregation (allowed: alertSeverity,repoSlug,repoFullName,branch,repoLabels,alertType,artifactType,alertAction,alertActionSourceType,alertFixType,alertCategory,alertCveId,alertCveTitle,alertCweId,alertCweName,alertReachabilityType,cvePatchStatus,alertReachabilityAnalysisType,alertPriority,alertKEV,alertEPSS,dependencyDirect,dependencyDev,dependencyDead) */
13708
14697
  'aggregation.fields'?: string
13709
14698
  /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */
13710
14699
  'filters.alertAction'?: string
@@ -13774,6 +14763,14 @@ export interface operations {
13774
14763
  'filters.artifactType'?: string
13775
14764
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13776
14765
  'filters.artifactType.notIn'?: string
14766
+ /** @description Comma-separated list of branch names that should be included */
14767
+ 'filters.branch'?: string
14768
+ /** @description Comma-separated list of branch names that should be excluded */
14769
+ 'filters.branch.notIn'?: string
14770
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14771
+ 'filters.cvePatchStatus'?: string
14772
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14773
+ 'filters.cvePatchStatus.notIn'?: string
13777
14774
  /** @description Dead/reachable dependency filter flag */
13778
14775
  'filters.dependencyDead'?: boolean
13779
14776
  /** @description Dead/reachable dependency filter flag */
@@ -13889,6 +14886,14 @@ export interface operations {
13889
14886
  artifactType?: string[]
13890
14887
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
13891
14888
  'artifactType.notIn'?: string[]
14889
+ /** @description Comma-separated list of branch names that should be included */
14890
+ branch?: string[]
14891
+ /** @description Comma-separated list of branch names that should be excluded */
14892
+ 'branch.notIn'?: string[]
14893
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
14894
+ cvePatchStatus?: string[]
14895
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
14896
+ 'cvePatchStatus.notIn'?: string[]
13892
14897
  /** @description Dead/reachable dependency filter flag */
13893
14898
  dependencyDead?: boolean[]
13894
14899
  /** @description Development/production dependency filter flag */
@@ -14271,11 +15276,15 @@ export interface operations {
14271
15276
  | 'CreateApiToken'
14272
15277
  | 'CreateArtifact'
14273
15278
  | 'CreateLabel'
15279
+ | 'CreateOauthRefreshToken'
15280
+ | 'CreateRepoAccessRule'
14274
15281
  | 'CreateWebhook'
15282
+ | 'DeleteAlertTriage'
14275
15283
  | 'DeleteApiToken'
14276
15284
  | 'DeleteFullScan'
14277
15285
  | 'DeleteLabel'
14278
15286
  | 'DeleteLabelSetting'
15287
+ | 'DeleteRepoAccessRule'
14279
15288
  | 'DeleteReport'
14280
15289
  | 'DeleteRepository'
14281
15290
  | 'DeleteWebhook'
@@ -14289,6 +15298,7 @@ export interface operations {
14289
15298
  | 'RemoveMember'
14290
15299
  | 'ResetInvitationLink'
14291
15300
  | 'ResetOrganizationSettingToDefault'
15301
+ | 'RotateOauthRefreshToken'
14292
15302
  | 'RevokeApiToken'
14293
15303
  | 'RotateApiToken'
14294
15304
  | 'SendInvitation'
@@ -14306,6 +15316,7 @@ export interface operations {
14306
15316
  | 'UpdateLabelSetting'
14307
15317
  | 'UpdateLicenseOverlay'
14308
15318
  | 'UpdateOrganizationSetting'
15319
+ | 'UpdateRepoAccessRule'
14309
15320
  | 'UpdateWebhook'
14310
15321
  | 'UpgradeOrganizationPlan'
14311
15322
  /** @description Number of events per page */
@@ -14535,6 +15546,8 @@ export interface operations {
14535
15546
  | 'socket-basics:read'
14536
15547
  | 'telemetry-policy'
14537
15548
  | 'telemetry-policy:update'
15549
+ | 'telemetry-events'
15550
+ | 'telemetry-events:list'
14538
15551
  | 'threat-feed'
14539
15552
  | 'threat-feed:list'
14540
15553
  | 'triage'
@@ -14663,6 +15676,8 @@ export interface operations {
14663
15676
  | 'socket-basics:read'
14664
15677
  | 'telemetry-policy'
14665
15678
  | 'telemetry-policy:update'
15679
+ | 'telemetry-events'
15680
+ | 'telemetry-events:list'
14666
15681
  | 'threat-feed'
14667
15682
  | 'threat-feed:list'
14668
15683
  | 'triage'
@@ -14854,6 +15869,8 @@ export interface operations {
14854
15869
  | 'socket-basics:read'
14855
15870
  | 'telemetry-policy'
14856
15871
  | 'telemetry-policy:update'
15872
+ | 'telemetry-events'
15873
+ | 'telemetry-events:list'
14857
15874
  | 'threat-feed'
14858
15875
  | 'threat-feed:list'
14859
15876
  | 'triage'
@@ -15129,7 +16146,7 @@ export interface operations {
15129
16146
  discovery_period?: '1h' | '6h' | '1d' | '7d' | '30d' | '90d' | '365d'
15130
16147
  /** @description Ordering direction of the sort attribute */
15131
16148
  direction?: 'desc' | 'asc'
15132
- /** @description Filter what type of threats to return */
16149
+ /** @description Filter by threat classification. Supported values: `mal` (malware, including possible malware), `vuln` (vulnerability), `typo` (typosquat, including possible typosquat), `anom` (anomaly), `spy` (telemetry), `obf` (obfuscated code), `dual` (dual-use tool), `joke` (protestware or joke package), `tp` (all confirmed true positives), `fp` (false positive), `u` (unreviewed), `c` (classified, i.e. anything except unreviewed). */
15133
16150
  filter?:
15134
16151
  | 'u'
15135
16152
  | 'c'
@@ -15141,7 +16158,6 @@ export interface operations {
15141
16158
  | 'joke'
15142
16159
  | 'spy'
15143
16160
  | 'typo'
15144
- | 'secret'
15145
16161
  | 'obf'
15146
16162
  | 'dual'
15147
16163
  /** @description Filter threats by package name */
@@ -15150,10 +16166,11 @@ export interface operations {
15150
16166
  version?: string
15151
16167
  /** @description Only return threats which have been human-reviewed */
15152
16168
  is_human_reviewed?: boolean
15153
- /** @description Filter threats by package ecosystem type */
16169
+ /** @description Filter threats by package ecosystem. */
15154
16170
  ecosystem?:
15155
16171
  | 'github'
15156
16172
  | 'cargo'
16173
+ | 'clawhub'
15157
16174
  | 'composer'
15158
16175
  | 'chrome'
15159
16176
  | 'golang'
@@ -15164,7 +16181,6 @@ export interface operations {
15164
16181
  | 'vscode'
15165
16182
  | 'pypi'
15166
16183
  | 'gem'
15167
- | 'socket'
15168
16184
  | 'swift'
15169
16185
  }
15170
16186
  }
@@ -15174,25 +16190,61 @@ export interface operations {
15174
16190
  content: {
15175
16191
  'application/json': {
15176
16192
  results: Array<{
15177
- /** @default */
16193
+ /**
16194
+ * Format: date-time
16195
+ * @description ISO 8601 timestamp of when the threat in the package artifact was first discovered
16196
+ * @default
16197
+ */
15178
16198
  createdAt?: string
15179
- /** @default */
16199
+ /**
16200
+ * Format: date-time
16201
+ * @description ISO 8601 timestamp of when the threat record for the package artifact was last updated (e.g., classification changed, package removed from registry, etc.)
16202
+ * @default
16203
+ */
15180
16204
  updatedAt?: string
15181
- /** @default */
16205
+ /**
16206
+ * Format: date-time
16207
+ * @description ISO 8601 timestamp of when the package artifact was published to the respective registry
16208
+ * @default
16209
+ */
15182
16210
  publishedAt?: string | null
15183
- /** @default */
16211
+ /**
16212
+ * @description Detailed description of the underlying threat
16213
+ * @default
16214
+ */
15184
16215
  description?: string
15185
- /** @default 0 */
16216
+ /**
16217
+ * @description Unique identifier of the threat feed entry
16218
+ * @default 0
16219
+ */
15186
16220
  id?: number
15187
- /** @default */
16221
+ /**
16222
+ * Format: uri
16223
+ * @description URL to the threat details page on Socket
16224
+ * @default
16225
+ */
15188
16226
  locationHtmlUrl?: string
15189
- /** @default */
16227
+ /**
16228
+ * Format: uri
16229
+ * @description URL to the affected package page on Socket
16230
+ * @default
16231
+ */
15190
16232
  packageHtmlUrl?: string
15191
- /** @default */
16233
+ /**
16234
+ * @description Package URL (PURL) of the affected package artifact
16235
+ * @default
16236
+ */
15192
16237
  purl?: string
15193
- /** @default */
16238
+ /**
16239
+ * Format: date-time
16240
+ * @description ISO 8601 timestamp of when the package artifact was removed from the respective registry, or null if the package is still available on the registry
16241
+ * @default
16242
+ */
15194
16243
  removedAt?: string | null
15195
- /** @default */
16244
+ /**
16245
+ * @description Threat classification. Possible values: `malware` (known malware), `possible_malware` (AI-detected potential malware), `vulnerability` (potential vulnerability), `typosquat` (human-reviewed typosquat), `possible_typosquat` (AI-detected potential typosquat), `anomaly` (anomalous behavior), `telemetry` (telemetry), `obfuscated` (obfuscated code), `dual_use` (dual-use tool), `troll` (protestware or joke package), `unreviewed` (not yet reviewed), `false_positive` (confirmed false positive).
16246
+ * @default
16247
+ */
15196
16248
  threatType?: string
15197
16249
  /**
15198
16250
  * @description Whether the threat still is in need of human review by the threat research team
@@ -15243,7 +16295,7 @@ export interface operations {
15243
16295
  created_after?: string
15244
16296
  /** @description Order direction of the provided sort field. */
15245
16297
  direction?: 'desc' | 'asc'
15246
- /** @description Filter what type of threats to return */
16298
+ /** @description Filter by threat classification. Supported values: `mal` (malware, including possible malware), `vuln` (vulnerability), `typo` (typosquat, including possible typosquat), `anom` (anomaly), `spy` (telemetry), `obf` (obfuscated code), `dual` (dual-use tool), `joke` (protestware or joke package), `tp` (all confirmed true positives), `fp` (false positive), `u` (unreviewed), `c` (classified, i.e. anything except unreviewed). */
15247
16299
  filter?:
15248
16300
  | 'u'
15249
16301
  | 'c'
@@ -15255,7 +16307,6 @@ export interface operations {
15255
16307
  | 'joke'
15256
16308
  | 'spy'
15257
16309
  | 'typo'
15258
- | 'secret'
15259
16310
  | 'obf'
15260
16311
  | 'dual'
15261
16312
  /** @description Filter threats by package name */
@@ -15264,10 +16315,11 @@ export interface operations {
15264
16315
  version?: string
15265
16316
  /** @description Only return threats which have been human-reviewed */
15266
16317
  is_human_reviewed?: boolean
15267
- /** @description Filter threats by package ecosystem type */
16318
+ /** @description Filter threats by package ecosystem. */
15268
16319
  ecosystem?:
15269
16320
  | 'github'
15270
16321
  | 'cargo'
16322
+ | 'clawhub'
15271
16323
  | 'composer'
15272
16324
  | 'chrome'
15273
16325
  | 'golang'
@@ -15278,7 +16330,6 @@ export interface operations {
15278
16330
  | 'vscode'
15279
16331
  | 'pypi'
15280
16332
  | 'gem'
15281
- | 'socket'
15282
16333
  | 'swift'
15283
16334
  }
15284
16335
  path: {
@@ -15292,25 +16343,61 @@ export interface operations {
15292
16343
  content: {
15293
16344
  'application/json': {
15294
16345
  results: Array<{
15295
- /** @default */
16346
+ /**
16347
+ * Format: date-time
16348
+ * @description ISO 8601 timestamp of when the threat in the package artifact was first discovered
16349
+ * @default
16350
+ */
15296
16351
  createdAt?: string
15297
- /** @default */
16352
+ /**
16353
+ * Format: date-time
16354
+ * @description ISO 8601 timestamp of when the threat record for the package artifact was last updated (e.g., classification changed, package removed from registry, etc.)
16355
+ * @default
16356
+ */
15298
16357
  updatedAt?: string
15299
- /** @default */
16358
+ /**
16359
+ * Format: date-time
16360
+ * @description ISO 8601 timestamp of when the package artifact was published to the respective registry
16361
+ * @default
16362
+ */
15300
16363
  publishedAt?: string | null
15301
- /** @default */
16364
+ /**
16365
+ * @description Detailed description of the underlying threat
16366
+ * @default
16367
+ */
15302
16368
  description?: string
15303
- /** @default 0 */
16369
+ /**
16370
+ * @description Unique identifier of the threat feed entry
16371
+ * @default 0
16372
+ */
15304
16373
  id?: number
15305
- /** @default */
16374
+ /**
16375
+ * Format: uri
16376
+ * @description URL to the threat details page on Socket
16377
+ * @default
16378
+ */
15306
16379
  locationHtmlUrl?: string
15307
- /** @default */
16380
+ /**
16381
+ * Format: uri
16382
+ * @description URL to the affected package page on Socket
16383
+ * @default
16384
+ */
15308
16385
  packageHtmlUrl?: string
15309
- /** @default */
16386
+ /**
16387
+ * @description Package URL (PURL) of the affected package artifact
16388
+ * @default
16389
+ */
15310
16390
  purl?: string
15311
- /** @default */
16391
+ /**
16392
+ * Format: date-time
16393
+ * @description ISO 8601 timestamp of when the package artifact was removed from the respective registry, or null if the package is still available on the registry
16394
+ * @default
16395
+ */
15312
16396
  removedAt?: string | null
15313
- /** @default */
16397
+ /**
16398
+ * @description Threat classification. Possible values: `malware` (known malware), `possible_malware` (AI-detected potential malware), `vulnerability` (potential vulnerability), `typosquat` (human-reviewed typosquat), `possible_typosquat` (AI-detected potential typosquat), `anomaly` (anomalous behavior), `telemetry` (telemetry), `obfuscated` (obfuscated code), `dual_use` (dual-use tool), `troll` (protestware or joke package), `unreviewed` (not yet reviewed), `false_positive` (confirmed false positive).
16399
+ * @default
16400
+ */
15314
16401
  threatType?: string
15315
16402
  /**
15316
16403
  * @description Whether the threat still is in need of human review by the threat research team
@@ -16221,6 +17308,14 @@ export interface operations {
16221
17308
  'filters.artifactType'?: string
16222
17309
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
16223
17310
  'filters.artifactType.notIn'?: string
17311
+ /** @description Comma-separated list of branch names that should be included */
17312
+ 'filters.branch'?: string
17313
+ /** @description Comma-separated list of branch names that should be excluded */
17314
+ 'filters.branch.notIn'?: string
17315
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
17316
+ 'filters.cvePatchStatus'?: string
17317
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
17318
+ 'filters.cvePatchStatus.notIn'?: string
16224
17319
  /** @description Dead/reachable dependency filter flag */
16225
17320
  'filters.dependencyDead'?: boolean
16226
17321
  /** @description Dead/reachable dependency filter flag */
@@ -16265,6 +17360,8 @@ export interface operations {
16265
17360
  type: string
16266
17361
  /** @default */
16267
17362
  category: string
17363
+ /** @default */
17364
+ description: string | null
16268
17365
  fix: {
16269
17366
  /** @default */
16270
17367
  type: string
@@ -16280,6 +17377,8 @@ export interface operations {
16280
17377
  cveDescription: string | null
16281
17378
  /** @default 0 */
16282
17379
  cvssScore: number
17380
+ /** @default */
17381
+ cvssVectorString: string | null
16283
17382
  cweIds: string[] | null
16284
17383
  cweNames: string[] | null
16285
17384
  ghsaIds: string[] | null
@@ -16289,6 +17388,10 @@ export interface operations {
16289
17388
  epssPercentile: number
16290
17389
  /** @default false */
16291
17390
  isKev: boolean
17391
+ /** @default */
17392
+ firstPatchedVersionIdentifier: string | null
17393
+ /** @default */
17394
+ url: string | null
16292
17395
  } | null
16293
17396
  /** @default */
16294
17397
  id: string
@@ -16402,6 +17505,43 @@ export interface operations {
16402
17505
  scores: components['schemas']['SocketScore']
16403
17506
  /** @default */
16404
17507
  artifactId: string | null
17508
+ capabilities: {
17509
+ /**
17510
+ * @description Package can read or modify environment variables
17511
+ * @default false
17512
+ */
17513
+ env: boolean
17514
+ /**
17515
+ * @description Package uses dynamic code evaluation (eval, Function constructor, etc.)
17516
+ * @default false
17517
+ */
17518
+ eval: boolean
17519
+ /**
17520
+ * @description Package can read or write to the file system
17521
+ * @default false
17522
+ */
17523
+ fs: boolean
17524
+ /**
17525
+ * @description Package can make network requests or create servers
17526
+ * @default false
17527
+ */
17528
+ net: boolean
17529
+ /**
17530
+ * @description Package can execute shell commands or spawn processes
17531
+ * @default false
17532
+ */
17533
+ shell: boolean
17534
+ /**
17535
+ * @description Package uses unsafe or dangerous operations that could compromise security
17536
+ * @default false
17537
+ */
17538
+ unsafe: boolean
17539
+ /**
17540
+ * @description Package contains remote URL(s) in the source code
17541
+ * @default false
17542
+ */
17543
+ url: boolean
17544
+ } | null
16405
17545
  }
16406
17546
  }[]
16407
17547
  }>
@@ -16511,6 +17651,14 @@ export interface operations {
16511
17651
  artifactType?: string[]
16512
17652
  /** @description Comma-separated list of artifact types (e.g. "npm", "pypi", "gem", "maven", "golang", etc.) that should be excluded */
16513
17653
  'artifactType.notIn'?: string[]
17654
+ /** @description Comma-separated list of branch names that should be included */
17655
+ branch?: string[]
17656
+ /** @description Comma-separated list of branch names that should be excluded */
17657
+ 'branch.notIn'?: string[]
17658
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be included */
17659
+ cvePatchStatus?: string[]
17660
+ /** @description Comma-separated list of patch statuses ("patch_unavailable", "patch_available", or "patch_applied") that should be excluded */
17661
+ 'cvePatchStatus.notIn'?: string[]
16514
17662
  /** @description Dead/reachable dependency filter flag */
16515
17663
  dependencyDead?: boolean[]
16516
17664
  /** @description Development/production dependency filter flag */
@@ -17117,12 +18265,16 @@ export interface operations {
17117
18265
  */
17118
18266
  getQuota: {
17119
18267
  responses: {
17120
- /** @description Quota amount */
18268
+ /** @description Quota information */
17121
18269
  200: {
17122
18270
  content: {
17123
18271
  'application/json': {
17124
18272
  /** @default 0 */
17125
18273
  quota: number
18274
+ /** @default 0 */
18275
+ maxQuota: number
18276
+ /** @default */
18277
+ nextWindowRefresh: string | null
17126
18278
  }
17127
18279
  }
17128
18280
  }