socketsecurity 2.0.3__tar.gz → 2.0.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. socketsecurity-2.0.4/PKG-INFO +169 -0
  2. socketsecurity-2.0.4/README.md +137 -0
  3. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/pyproject.toml +1 -1
  4. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/__init__.py +1 -1
  5. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/config.py +15 -4
  6. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/__init__.py +2 -2
  7. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/messages.py +7 -0
  8. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/socket_config.py +1 -1
  9. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/output.py +31 -14
  10. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/socketcli.py +10 -13
  11. socketsecurity-2.0.4/socketsecurity.egg-info/PKG-INFO +169 -0
  12. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity.egg-info/requires.txt +1 -1
  13. socketsecurity-2.0.3/PKG-INFO +0 -138
  14. socketsecurity-2.0.3/README.md +0 -106
  15. socketsecurity-2.0.3/socketsecurity.egg-info/PKG-INFO +0 -138
  16. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/LICENSE +0 -0
  17. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/setup.cfg +0 -0
  18. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/classes.py +0 -0
  19. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/cli_client.py +0 -0
  20. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/exceptions.py +0 -0
  21. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/git_interface.py +0 -0
  22. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/issues.py +0 -0
  23. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/licenses.py +0 -0
  24. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/logging.py +0 -0
  25. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/scm/__init__.py +0 -0
  26. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/scm/base.py +0 -0
  27. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/scm/client.py +0 -0
  28. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/scm/github.py +0 -0
  29. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/scm/gitlab.py +0 -0
  30. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/scm_comments.py +0 -0
  31. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/utils.py +0 -0
  32. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity.egg-info/SOURCES.txt +0 -0
  33. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity.egg-info/dependency_links.txt +0 -0
  34. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity.egg-info/entry_points.txt +0 -0
  35. {socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity.egg-info/top_level.txt +0 -0
socketsecurity-2.0.4/PKG-INFO ADDED
@@ -0,0 +1,169 @@
1
+ Metadata-Version: 2.2
2
+ Name: socketsecurity
3
+ Version: 2.0.4
4
+ Summary: Socket Security CLI for CI/CD
5
+ Author-email: Douglas Coburn <douglas@socket.dev>
6
+ Maintainer-email: Douglas Coburn <douglas@socket.dev>
7
+ Project-URL: Homepage, https://socket.dev
8
+ Keywords: socketsecurity,socket.dev,sca,oss,security
9
+ Classifier: Development Status :: 4 - Beta
10
+ Classifier: Intended Audience :: Developers
11
+ Classifier: Programming Language :: Python :: 3.11
12
+ Classifier: Programming Language :: Python :: 3.12
13
+ Requires-Python: >=3.9
14
+ Description-Content-Type: text/markdown
15
+ License-File: LICENSE
16
+ Requires-Dist: requests
17
+ Requires-Dist: mdutils
18
+ Requires-Dist: prettytable
19
+ Requires-Dist: GitPython
20
+ Requires-Dist: packaging
21
+ Requires-Dist: python-dotenv
22
+ Requires-Dist: socket-sdk-python>=2.0.5
23
+ Provides-Extra: test
24
+ Requires-Dist: pytest>=7.4.0; extra == "test"
25
+ Requires-Dist: pytest-cov>=4.1.0; extra == "test"
26
+ Requires-Dist: pytest-mock>=3.12.0; extra == "test"
27
+ Requires-Dist: pytest-asyncio>=0.23.0; extra == "test"
28
+ Requires-Dist: pytest-watch>=4.2.0; extra == "test"
29
+ Provides-Extra: dev
30
+ Requires-Dist: ruff>=0.3.0; extra == "dev"
31
+ Requires-Dist: pip-tools>=7.4.0; extra == "dev"
32
+
33
+ # Socket Security CLI
34
+
35
+ The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
36
+
37
+ ## Usage
38
+
39
+ ```` shell
40
+ socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github,gitlab}] [--owner OWNER] [--branch BRANCH]
41
+ [--committers [COMMITTERS ...]] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA]
42
+ [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--default-branch] [--pending-head]
43
+ [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue]
44
+ [--allow-unverified] [--ignore-commit-files] [--disable-blocking] [--scm SCM] [--timeout TIMEOUT]
45
+ ````
46
+
47
+ If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
48
+
49
+ ### Parameters
50
+
51
+ #### Authentication
52
+ | Parameter | Required | Default | Description |
53
+ |:-------------|:---------|:--------|:--------------------------------------------------------------------------------------|
54
+ | --api-token | False | | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) |
55
+
56
+ #### Repository
57
+ | Parameter | Required | Default | Description |
58
+ |:-------------|:---------|:--------|:-------------------------------------------------------------------------|
59
+ | --repo | False | | Repository name in owner/repo format |
60
+ | --integration| False | api | Integration type (api, github, gitlab) |
61
+ | --owner | False | | Name of the integration owner, defaults to the socket organization slug |
62
+ | --branch | False | "" | Branch name |
63
+ | --committers | False | | Committer(s) to filter by |
64
+
65
+ #### Pull Request and Commit
66
+ | Parameter | Required | Default | Description |
67
+ |:----------------|:---------|:--------|:-------------------|
68
+ | --pr-number | False | "0" | Pull request number|
69
+ | --commit-message| False | | Commit message |
70
+ | --commit-sha | False | "" | Commit SHA |
71
+
72
+ #### Path and File
73
+ | Parameter | Required | Default | Description |
74
+ |:-------------|:---------|:--------|:-------------------------------------------|
75
+ | --target-path| False | ./ | Target path for analysis |
76
+ | --sbom-file | False | | SBOM file path |
77
+ | --files | False | [] | Files to analyze (JSON array string) |
78
+
79
+ #### Branch and Scan Configuration
80
+ | Parameter | Required | Default | Description |
81
+ |:---------------|:---------|:--------|:----------------------------------------------------------|
82
+ | --default-branch| False | False | Make this branch the default branch |
83
+ | --pending-head | False | False | If true, the new scan will be set as the branch's head scan|
84
+
85
+ #### Output Configuration
86
+ | Parameter | Required | Default | Description |
87
+ |:----------------------|:---------|:--------|:---------------------------------------------------------------|
88
+ | --generate-license | False | False | Generate license information |
89
+ | --enable-debug | False | False | Enable debug logging |
90
+ | --enable-json | False | False | Output in JSON format |
91
+ | --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format|
92
+ | --disable-overview | False | False | Disable overview output |
93
+
94
+ #### Security Configuration
95
+ | Parameter | Required | Default | Description |
96
+ |:-----------------------|:---------|:--------|:-------------------------------|
97
+ | --allow-unverified | False | False | Allow unverified packages |
98
+ | --disable-security-issue| False | False | Disable security issue checks |
99
+
100
+ #### Advanced Configuration
101
+ | Parameter | Required | Default | Description |
102
+ |:-------------------|:---------|:--------|:-----------------------------------------------|
103
+ | --ignore-commit-files| False | False | Ignore commit files |
104
+ | --disable-blocking | False | False | Disable blocking mode |
105
+ | --scm | False | api | Source control management type |
106
+ | --timeout | False | | Timeout in seconds for API requests |
107
+
108
+ ## Development
109
+
110
+ This project uses `pyproject.toml` as the primary dependency specification.
111
+
112
+ ### Development Workflows
113
+
114
+ The following Make targets provide streamlined workflows for common development tasks:
115
+
116
+ #### Initial Setup (Choose One)
117
+
118
+ 1. Standard Setup (using PyPI packages):
119
+ ```bash
120
+ pyenv local 3.11 # Ensure correct Python version
121
+ make first-time-setup
122
+ ```
123
+
124
+ 2. Local Development Setup (for SDK development):
125
+ ```bash
126
+ pyenv local 3.11 # Ensure correct Python version
127
+ SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
128
+ ```
129
+ The default SDK path is `../socket-sdk-python` if not specified.
130
+
131
+ #### Ongoing Development Tasks
132
+
133
+ After changing dependencies in pyproject.toml:
134
+ ```bash
135
+ make update-deps
136
+ ```
137
+
138
+ After pulling changes:
139
+ ```bash
140
+ make sync-all
141
+ ```
142
+
143
+ ### Available Make targets:
144
+
145
+ High-level workflows:
146
+ - `make first-time-setup`: Complete setup using PyPI packages
147
+ - `make first-time-local-setup`: Complete setup for local SDK development
148
+ - `make update-deps`: Update requirements.txt files and sync dependencies
149
+ - `make sync-all`: Sync dependencies after pulling changes
150
+ - `make dev-setup`: Setup for local development (included in first-time-local-setup)
151
+
152
+ Implementation targets:
153
+ - `make init-tools`: Creates virtual environment and installs pip-tools
154
+ - `make local-dev`: Installs dependencies needed for local development
155
+ - `make compile-deps`: Generates requirements.txt files with locked versions
156
+ - `make setup`: Creates virtual environment and installs dependencies
157
+ - `make sync-deps`: Installs exact versions from requirements.txt
158
+ - `make clean`: Removes virtual environment and cache files
159
+ - `make test`: Runs pytest suite
160
+ - `make lint`: Runs ruff for code formatting and linting
161
+
162
+ ### Environment Variables
163
+
164
+ - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
165
+
166
+ ### Running tests:
167
+
168
+ #### Run all tests:
169
+ ```
socketsecurity-2.0.4/README.md ADDED
@@ -0,0 +1,137 @@
1
+ # Socket Security CLI
2
+
3
+ The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
4
+
5
+ ## Usage
6
+
7
+ ```` shell
8
+ socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github,gitlab}] [--owner OWNER] [--branch BRANCH]
9
+ [--committers [COMMITTERS ...]] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA]
10
+ [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--default-branch] [--pending-head]
11
+ [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue]
12
+ [--allow-unverified] [--ignore-commit-files] [--disable-blocking] [--scm SCM] [--timeout TIMEOUT]
13
+ ````
14
+
15
+ If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
16
+
17
+ ### Parameters
18
+
19
+ #### Authentication
20
+ | Parameter | Required | Default | Description |
21
+ |:-------------|:---------|:--------|:--------------------------------------------------------------------------------------|
22
+ | --api-token | False | | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) |
23
+
24
+ #### Repository
25
+ | Parameter | Required | Default | Description |
26
+ |:-------------|:---------|:--------|:-------------------------------------------------------------------------|
27
+ | --repo | False | | Repository name in owner/repo format |
28
+ | --integration| False | api | Integration type (api, github, gitlab) |
29
+ | --owner | False | | Name of the integration owner, defaults to the socket organization slug |
30
+ | --branch | False | "" | Branch name |
31
+ | --committers | False | | Committer(s) to filter by |
32
+
33
+ #### Pull Request and Commit
34
+ | Parameter | Required | Default | Description |
35
+ |:----------------|:---------|:--------|:-------------------|
36
+ | --pr-number | False | "0" | Pull request number|
37
+ | --commit-message| False | | Commit message |
38
+ | --commit-sha | False | "" | Commit SHA |
39
+
40
+ #### Path and File
41
+ | Parameter | Required | Default | Description |
42
+ |:-------------|:---------|:--------|:-------------------------------------------|
43
+ | --target-path| False | ./ | Target path for analysis |
44
+ | --sbom-file | False | | SBOM file path |
45
+ | --files | False | [] | Files to analyze (JSON array string) |
46
+
47
+ #### Branch and Scan Configuration
48
+ | Parameter | Required | Default | Description |
49
+ |:---------------|:---------|:--------|:----------------------------------------------------------|
50
+ | --default-branch| False | False | Make this branch the default branch |
51
+ | --pending-head | False | False | If true, the new scan will be set as the branch's head scan|
52
+
53
+ #### Output Configuration
54
+ | Parameter | Required | Default | Description |
55
+ |:----------------------|:---------|:--------|:---------------------------------------------------------------|
56
+ | --generate-license | False | False | Generate license information |
57
+ | --enable-debug | False | False | Enable debug logging |
58
+ | --enable-json | False | False | Output in JSON format |
59
+ | --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format|
60
+ | --disable-overview | False | False | Disable overview output |
61
+
62
+ #### Security Configuration
63
+ | Parameter | Required | Default | Description |
64
+ |:-----------------------|:---------|:--------|:-------------------------------|
65
+ | --allow-unverified | False | False | Allow unverified packages |
66
+ | --disable-security-issue| False | False | Disable security issue checks |
67
+
68
+ #### Advanced Configuration
69
+ | Parameter | Required | Default | Description |
70
+ |:-------------------|:---------|:--------|:-----------------------------------------------|
71
+ | --ignore-commit-files| False | False | Ignore commit files |
72
+ | --disable-blocking | False | False | Disable blocking mode |
73
+ | --scm | False | api | Source control management type |
74
+ | --timeout | False | | Timeout in seconds for API requests |
75
+
76
+ ## Development
77
+
78
+ This project uses `pyproject.toml` as the primary dependency specification.
79
+
80
+ ### Development Workflows
81
+
82
+ The following Make targets provide streamlined workflows for common development tasks:
83
+
84
+ #### Initial Setup (Choose One)
85
+
86
+ 1. Standard Setup (using PyPI packages):
87
+ ```bash
88
+ pyenv local 3.11 # Ensure correct Python version
89
+ make first-time-setup
90
+ ```
91
+
92
+ 2. Local Development Setup (for SDK development):
93
+ ```bash
94
+ pyenv local 3.11 # Ensure correct Python version
95
+ SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
96
+ ```
97
+ The default SDK path is `../socket-sdk-python` if not specified.
98
+
99
+ #### Ongoing Development Tasks
100
+
101
+ After changing dependencies in pyproject.toml:
102
+ ```bash
103
+ make update-deps
104
+ ```
105
+
106
+ After pulling changes:
107
+ ```bash
108
+ make sync-all
109
+ ```
110
+
111
+ ### Available Make targets:
112
+
113
+ High-level workflows:
114
+ - `make first-time-setup`: Complete setup using PyPI packages
115
+ - `make first-time-local-setup`: Complete setup for local SDK development
116
+ - `make update-deps`: Update requirements.txt files and sync dependencies
117
+ - `make sync-all`: Sync dependencies after pulling changes
118
+ - `make dev-setup`: Setup for local development (included in first-time-local-setup)
119
+
120
+ Implementation targets:
121
+ - `make init-tools`: Creates virtual environment and installs pip-tools
122
+ - `make local-dev`: Installs dependencies needed for local development
123
+ - `make compile-deps`: Generates requirements.txt files with locked versions
124
+ - `make setup`: Creates virtual environment and installs dependencies
125
+ - `make sync-deps`: Installs exact versions from requirements.txt
126
+ - `make clean`: Removes virtual environment and cache files
127
+ - `make test`: Runs pytest suite
128
+ - `make lint`: Runs ruff for code formatting and linting
129
+
130
+ ### Environment Variables
131
+
132
+ - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
133
+
134
+ ### Running tests:
135
+
136
+ #### Run all tests:
137
+ ```
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/pyproject.toml RENAMED
@@ -13,7 +13,7 @@ dependencies = [
13
13
  'GitPython',
14
14
  'packaging',
15
15
  'python-dotenv',
16
- 'socket-sdk-python>=2.0.4'
16
+ 'socket-sdk-python>=2.0.5'
17
17
  ]
18
18
  readme = "README.md"
19
19
  description = "Socket Security CLI for CI/CD"
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/__init__.py RENAMED
@@ -1,2 +1,2 @@
1
1
  __author__ = 'socket.dev'
2
- __version__ = '2.0.3'
2
+ __version__ = '2.0.4'
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/config.py RENAMED
@@ -23,6 +23,7 @@ class CliConfig:
23
23
  enable_debug: bool = False
24
24
  allow_unverified: bool = False
25
25
  enable_json: bool = False
26
+ enable_sarif: bool = False
26
27
  disable_overview: bool = False
27
28
  disable_security_issue: bool = False
28
29
  files: str = "[]"
@@ -31,7 +32,7 @@ class CliConfig:
31
32
  integration_type: IntegrationType = "api"
32
33
  integration_org_slug: Optional[str] = None
33
34
  pending_head: bool = False
34
- timeout: Optional[int] = None
35
+ timeout: Optional[int] = 1200
35
36
  @classmethod
36
37
  def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig':
37
38
  parser = create_argument_parser()
@@ -61,6 +62,7 @@ class CliConfig:
61
62
  'enable_debug': args.enable_debug,
62
63
  'allow_unverified': args.allow_unverified,
63
64
  'enable_json': args.enable_json,
65
+ 'enable_sarif': args.enable_sarif,
64
66
  'disable_overview': args.disable_overview,
65
67
  'disable_security_issue': args.disable_security_issue,
66
68
  'files': args.files,
@@ -215,6 +217,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
215
217
  config_group.add_argument(
216
218
  "--default_branch",
217
219
  dest="default_branch",
220
+ action="store_true",
218
221
  help=argparse.SUPPRESS
219
222
  )
220
223
  config_group.add_argument(
@@ -226,6 +229,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
226
229
  config_group.add_argument(
227
230
  "--pending_head",
228
231
  dest="pending_head",
232
+ action="store_true",
229
233
  help=argparse.SUPPRESS
230
234
  )
231
235
 
@@ -240,6 +244,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
240
244
  output_group.add_argument(
241
245
  "--generate_license",
242
246
  dest="generate_license",
247
+ action="store_true",
243
248
  help=argparse.SUPPRESS
244
249
  )
245
250
  output_group.add_argument(
@@ -251,6 +256,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
251
256
  output_group.add_argument(
252
257
  "--enable_debug",
253
258
  dest="enable_debug",
259
+ action="store_true",
254
260
  help=argparse.SUPPRESS
255
261
  )
256
262
  output_group.add_argument(
@@ -260,9 +266,10 @@ def create_argument_parser() -> argparse.ArgumentParser:
260
266
  help="Output in JSON format"
261
267
  )
262
268
  output_group.add_argument(
263
- "--enable_json",
264
- dest="enable_json",
265
- help=argparse.SUPPRESS
269
+ "--enable-sarif",
270
+ dest="enable_sarif",
271
+ action="store_true",
272
+ help="Enable SARIF output of results instead of table or JSON format"
266
273
  )
267
274
  output_group.add_argument(
268
275
  "--disable-overview",
@@ -273,6 +280,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
273
280
  output_group.add_argument(
274
281
  "--disable_overview",
275
282
  dest="disable_overview",
283
+ action="store_true",
276
284
  help=argparse.SUPPRESS
277
285
  )
278
286
 
@@ -292,6 +300,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
292
300
  security_group.add_argument(
293
301
  "--disable_security_issue",
294
302
  dest="disable_security_issue",
303
+ action="store_true",
295
304
  help=argparse.SUPPRESS
296
305
  )
297
306
 
@@ -306,6 +315,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
306
315
  advanced_group.add_argument(
307
316
  "--ignore_commit_files",
308
317
  dest="ignore_commit_files",
318
+ action="store_true",
309
319
  help=argparse.SUPPRESS
310
320
  )
311
321
  advanced_group.add_argument(
@@ -317,6 +327,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
317
327
  advanced_group.add_argument(
318
328
  "--disable_blocking",
319
329
  dest="disable_blocking",
330
+ action="store_true",
320
331
  help=argparse.SUPPRESS
321
332
  )
322
333
  advanced_group.add_argument(
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/__init__.py RENAMED
@@ -427,7 +427,7 @@ class Core:
427
427
 
428
428
  no_change: If True, return empty diff
429
429
  """
430
- print(f"starting create_new_diff with no_change: {no_change}")
430
+ log.debug(f"starting create_new_diff with no_change: {no_change}")
431
431
  if no_change:
432
432
  return Diff(id="no_diff_id")
433
433
 
@@ -435,7 +435,7 @@ class Core:
435
435
  files = self.find_files(path)
436
436
  files_for_sending = self.load_files_for_sending(files, path)
437
437
 
438
- print(f"files: {files} found at path {path}")
438
+ log.debug(f"files: {files} found at path {path}")
439
439
  if not files:
440
440
  return Diff(id="no_diff_id")
441
441
 
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/messages.py RENAMED
@@ -192,6 +192,13 @@ class Messages:
192
192
  Create SARIF-compliant output from the diff report, including dynamic URL generation
193
193
  based on manifest type and improved <br/> formatting for GitHub SARIF display.
194
194
  """
195
+ scan_failed = False
196
+ if len(diff.new_alerts) == 0:
197
+ for alert in diff.new_alerts:
198
+ alert: Issue
199
+ if alert.error:
200
+ scan_failed = True
201
+ break
195
202
  sarif_data = {
196
203
  "$schema": "https://json.schemastore.org/sarif-2.1.0.json",
197
204
  "version": "2.1.0",
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/core/socket_config.py RENAMED
@@ -9,7 +9,7 @@ from socketsecurity.core.issues import AllIssues
9
9
  class SocketConfig:
10
10
  api_key: str
11
11
  api_url: str = "https://api.socket.dev/v0"
12
- timeout: int = 30
12
+ timeout: int = 1200
13
13
  allow_unverified_ssl: bool = False
14
14
  org_id: Optional[str] = None
15
15
  org_slug: Optional[str] = None
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/output.py RENAMED
@@ -5,33 +5,39 @@ from pathlib import Path
5
5
  from typing import Any, Dict, Optional
6
6
  from .core.messages import Messages
7
7
  from .core.classes import Diff, Issue
8
+ from .config import CliConfig
8
9
 
9
10
 
10
11
  class OutputHandler:
11
- blocking_disabled: bool
12
+ config: CliConfig
12
13
  logger: logging.Logger
13
14
 
14
- def __init__(self, blocking_disabled: bool):
15
- self.blocking_disabled = blocking_disabled
15
+ def __init__(self, config: CliConfig):
16
+ self.config = config
16
17
  self.logger = logging.getLogger("socketcli")
17
18
 
18
- def handle_output(self, diff_report: Diff, sbom_file_name: Optional[str] = None, json_output: bool = False) -> int:
19
- """Main output handler that determines output format and returns exit code"""
20
- if json_output:
21
- self.output_console_json(diff_report, sbom_file_name)
19
+ def handle_output(self, diff_report: Diff) -> None:
20
+ """Main output handler that determines output format"""
21
+ if self.config.enable_json:
22
+ self.output_console_json(diff_report, self.config.sbom_file)
23
+ elif self.config.enable_sarif:
24
+ self.output_console_sarif(diff_report, self.config.sbom_file)
22
25
  else:
23
- self.output_console_comments(diff_report, sbom_file_name)
26
+ self.output_console_comments(diff_report, self.config.sbom_file)
24
27
 
25
- self.save_sbom_file(diff_report, sbom_file_name)
28
+ self.save_sbom_file(diff_report, self.config.sbom_file)
26
29
 
27
30
  def return_exit_code(self, diff_report: Diff) -> int:
28
- if not self.report_pass(diff_report) and not self.blocking_disabled:
31
+ if self.config.disable_blocking:
32
+ return 0
33
+
34
+ if not self.report_pass(diff_report):
29
35
  return 1
30
- elif len(diff_report.new_alerts) > 0 and not self.blocking_disabled:
36
+
37
+ if len(diff_report.new_alerts) > 0:
31
38
  # 5 means warning alerts but no blocking alerts
32
39
  return 5
33
- else:
34
- return 0
40
+ return 0
35
41
 
36
42
  def output_console_comments(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None:
37
43
  """Outputs formatted console comments"""
@@ -46,15 +52,26 @@ class OutputHandler:
46
52
  def output_console_json(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None:
47
53
  """Outputs JSON formatted results"""
48
54
  console_security_comment = Messages.create_security_comment_json(diff_report)
55
+ self.save_sbom_file(diff_report, sbom_file_name)
49
56
  self.logger.info(json.dumps(console_security_comment))
50
57
 
58
+ def output_console_sarif(self, diff_report: Diff, sbom_file_name: Optional[str] = None) -> None:
59
+ """
60
+ Generate SARIF output from the diff report and print to console.
61
+ """
62
+ if diff_report.id != "NO_DIFF_RAN":
63
+ # Generate the SARIF structure using Messages
64
+ console_security_comment = Messages.create_security_comment_sarif(diff_report)
65
+ self.save_sbom_file(diff_report, sbom_file_name)
66
+ # Print the SARIF output to the console in JSON format
67
+ print(json.dumps(console_security_comment, indent=2))
51
68
 
52
69
  def report_pass(self, diff_report: Diff) -> bool:
53
70
  """Determines if the report passes security checks"""
54
71
  if not diff_report.new_alerts:
55
72
  return True
56
73
 
57
- if self.blocking_disabled:
74
+ if self.config.disable_blocking:
58
75
  return True
59
76
 
60
77
  return not any(issue.error for issue in diff_report.new_alerts)
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity/socketcli.py RENAMED
@@ -45,11 +45,11 @@ def cli():
45
45
 
46
46
  def main_code():
47
47
  config = CliConfig.from_args()
48
- print(f"config: {config.to_dict()}")
49
- output_handler = OutputHandler(blocking_disabled=config.disable_blocking)
48
+ log.debug(f"config: {config.to_dict()}")
49
+ output_handler = OutputHandler(config)
50
50
 
51
51
  sdk = socketdev(token=config.api_token)
52
- print("sdk loaded")
52
+ log.debug("sdk loaded")
53
53
 
54
54
  if config.enable_debug:
55
55
  set_debug_mode(True)
@@ -64,13 +64,13 @@ def main_code():
64
64
  socket_config = SocketConfig(
65
65
  api_key=config.api_token,
66
66
  allow_unverified_ssl=config.allow_unverified,
67
- timeout=config.timeout if config.timeout is not None else 30 # Use CLI timeout if provided
67
+ timeout=config.timeout if config.timeout is not None else 1200 # Use CLI timeout if provided
68
68
  )
69
- print("loaded socket_config")
69
+ log.debug("loaded socket_config")
70
70
  client = CliClient(socket_config)
71
- print("loaded client")
71
+ log.debug("loaded client")
72
72
  core = Core(socket_config, sdk)
73
- print("loaded core")
73
+ log.debug("loaded core")
74
74
  # Load files - files defaults to "[]" in CliConfig
75
75
  try:
76
76
  files = json.loads(config.files) # Will always succeed with empty list by default
@@ -135,7 +135,7 @@ def main_code():
135
135
  should_skip_scan = False # Force scan if ignoring commit files
136
136
  elif files_to_check: # If we have any files to check
137
137
  should_skip_scan = not core.has_manifest_files(list(files_to_check))
138
- print(f"in elif, should_skip_scan: {should_skip_scan}")
138
+ log.debug(f"in elif, should_skip_scan: {should_skip_scan}")
139
139
 
140
140
  if should_skip_scan:
141
141
  log.debug("No manifest files found in changes, skipping scan")
@@ -240,14 +240,11 @@ def main_code():
240
240
  log.info("Starting non-PR/MR flow")
241
241
  diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan)
242
242
 
243
- output_handler.handle_output(diff, config.sbom_file, config.enable_json)
243
+ output_handler.handle_output(diff)
244
244
  else:
245
245
  log.info("API Mode")
246
246
  diff = core.create_new_diff(config.target_path, params, no_change=should_skip_scan)
247
- if config.enable_json:
248
- output_handler.output_console_json(diff, config.sbom_file)
249
- else:
250
- output_handler.output_console_comments(diff, config.sbom_file)
247
+ output_handler.handle_output(diff)
251
248
 
252
249
  # Handle license generation
253
250
  if diff is not None and config.generate_license:
socketsecurity-2.0.4/socketsecurity.egg-info/PKG-INFO ADDED
@@ -0,0 +1,169 @@
1
+ Metadata-Version: 2.2
2
+ Name: socketsecurity
3
+ Version: 2.0.4
4
+ Summary: Socket Security CLI for CI/CD
5
+ Author-email: Douglas Coburn <douglas@socket.dev>
6
+ Maintainer-email: Douglas Coburn <douglas@socket.dev>
7
+ Project-URL: Homepage, https://socket.dev
8
+ Keywords: socketsecurity,socket.dev,sca,oss,security
9
+ Classifier: Development Status :: 4 - Beta
10
+ Classifier: Intended Audience :: Developers
11
+ Classifier: Programming Language :: Python :: 3.11
12
+ Classifier: Programming Language :: Python :: 3.12
13
+ Requires-Python: >=3.9
14
+ Description-Content-Type: text/markdown
15
+ License-File: LICENSE
16
+ Requires-Dist: requests
17
+ Requires-Dist: mdutils
18
+ Requires-Dist: prettytable
19
+ Requires-Dist: GitPython
20
+ Requires-Dist: packaging
21
+ Requires-Dist: python-dotenv
22
+ Requires-Dist: socket-sdk-python>=2.0.5
23
+ Provides-Extra: test
24
+ Requires-Dist: pytest>=7.4.0; extra == "test"
25
+ Requires-Dist: pytest-cov>=4.1.0; extra == "test"
26
+ Requires-Dist: pytest-mock>=3.12.0; extra == "test"
27
+ Requires-Dist: pytest-asyncio>=0.23.0; extra == "test"
28
+ Requires-Dist: pytest-watch>=4.2.0; extra == "test"
29
+ Provides-Extra: dev
30
+ Requires-Dist: ruff>=0.3.0; extra == "dev"
31
+ Requires-Dist: pip-tools>=7.4.0; extra == "dev"
32
+
33
+ # Socket Security CLI
34
+
35
+ The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
36
+
37
+ ## Usage
38
+
39
+ ```` shell
40
+ socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--integration {api,github,gitlab}] [--owner OWNER] [--branch BRANCH]
41
+ [--committers [COMMITTERS ...]] [--pr-number PR_NUMBER] [--commit-message COMMIT_MESSAGE] [--commit-sha COMMIT_SHA]
42
+ [--target-path TARGET_PATH] [--sbom-file SBOM_FILE] [--files FILES] [--default-branch] [--pending-head]
43
+ [--generate-license] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview] [--disable-security-issue]
44
+ [--allow-unverified] [--ignore-commit-files] [--disable-blocking] [--scm SCM] [--timeout TIMEOUT]
45
+ ````
46
+
47
+ If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
48
+
49
+ ### Parameters
50
+
51
+ #### Authentication
52
+ | Parameter | Required | Default | Description |
53
+ |:-------------|:---------|:--------|:--------------------------------------------------------------------------------------|
54
+ | --api-token | False | | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) |
55
+
56
+ #### Repository
57
+ | Parameter | Required | Default | Description |
58
+ |:-------------|:---------|:--------|:-------------------------------------------------------------------------|
59
+ | --repo | False | | Repository name in owner/repo format |
60
+ | --integration| False | api | Integration type (api, github, gitlab) |
61
+ | --owner | False | | Name of the integration owner, defaults to the socket organization slug |
62
+ | --branch | False | "" | Branch name |
63
+ | --committers | False | | Committer(s) to filter by |
64
+
65
+ #### Pull Request and Commit
66
+ | Parameter | Required | Default | Description |
67
+ |:----------------|:---------|:--------|:-------------------|
68
+ | --pr-number | False | "0" | Pull request number|
69
+ | --commit-message| False | | Commit message |
70
+ | --commit-sha | False | "" | Commit SHA |
71
+
72
+ #### Path and File
73
+ | Parameter | Required | Default | Description |
74
+ |:-------------|:---------|:--------|:-------------------------------------------|
75
+ | --target-path| False | ./ | Target path for analysis |
76
+ | --sbom-file | False | | SBOM file path |
77
+ | --files | False | [] | Files to analyze (JSON array string) |
78
+
79
+ #### Branch and Scan Configuration
80
+ | Parameter | Required | Default | Description |
81
+ |:---------------|:---------|:--------|:----------------------------------------------------------|
82
+ | --default-branch| False | False | Make this branch the default branch |
83
+ | --pending-head | False | False | If true, the new scan will be set as the branch's head scan|
84
+
85
+ #### Output Configuration
86
+ | Parameter | Required | Default | Description |
87
+ |:----------------------|:---------|:--------|:---------------------------------------------------------------|
88
+ | --generate-license | False | False | Generate license information |
89
+ | --enable-debug | False | False | Enable debug logging |
90
+ | --enable-json | False | False | Output in JSON format |
91
+ | --enable-sarif | False | False | Enable SARIF output of results instead of table or JSON format|
92
+ | --disable-overview | False | False | Disable overview output |
93
+
94
+ #### Security Configuration
95
+ | Parameter | Required | Default | Description |
96
+ |:-----------------------|:---------|:--------|:-------------------------------|
97
+ | --allow-unverified | False | False | Allow unverified packages |
98
+ | --disable-security-issue| False | False | Disable security issue checks |
99
+
100
+ #### Advanced Configuration
101
+ | Parameter | Required | Default | Description |
102
+ |:-------------------|:---------|:--------|:-----------------------------------------------|
103
+ | --ignore-commit-files| False | False | Ignore commit files |
104
+ | --disable-blocking | False | False | Disable blocking mode |
105
+ | --scm | False | api | Source control management type |
106
+ | --timeout | False | | Timeout in seconds for API requests |
107
+
108
+ ## Development
109
+
110
+ This project uses `pyproject.toml` as the primary dependency specification.
111
+
112
+ ### Development Workflows
113
+
114
+ The following Make targets provide streamlined workflows for common development tasks:
115
+
116
+ #### Initial Setup (Choose One)
117
+
118
+ 1. Standard Setup (using PyPI packages):
119
+ ```bash
120
+ pyenv local 3.11 # Ensure correct Python version
121
+ make first-time-setup
122
+ ```
123
+
124
+ 2. Local Development Setup (for SDK development):
125
+ ```bash
126
+ pyenv local 3.11 # Ensure correct Python version
127
+ SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
128
+ ```
129
+ The default SDK path is `../socket-sdk-python` if not specified.
130
+
131
+ #### Ongoing Development Tasks
132
+
133
+ After changing dependencies in pyproject.toml:
134
+ ```bash
135
+ make update-deps
136
+ ```
137
+
138
+ After pulling changes:
139
+ ```bash
140
+ make sync-all
141
+ ```
142
+
143
+ ### Available Make targets:
144
+
145
+ High-level workflows:
146
+ - `make first-time-setup`: Complete setup using PyPI packages
147
+ - `make first-time-local-setup`: Complete setup for local SDK development
148
+ - `make update-deps`: Update requirements.txt files and sync dependencies
149
+ - `make sync-all`: Sync dependencies after pulling changes
150
+ - `make dev-setup`: Setup for local development (included in first-time-local-setup)
151
+
152
+ Implementation targets:
153
+ - `make init-tools`: Creates virtual environment and installs pip-tools
154
+ - `make local-dev`: Installs dependencies needed for local development
155
+ - `make compile-deps`: Generates requirements.txt files with locked versions
156
+ - `make setup`: Creates virtual environment and installs dependencies
157
+ - `make sync-deps`: Installs exact versions from requirements.txt
158
+ - `make clean`: Removes virtual environment and cache files
159
+ - `make test`: Runs pytest suite
160
+ - `make lint`: Runs ruff for code formatting and linting
161
+
162
+ ### Environment Variables
163
+
164
+ - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
165
+
166
+ ### Running tests:
167
+
168
+ #### Run all tests:
169
+ ```
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/socketsecurity.egg-info/requires.txt RENAMED
@@ -4,7 +4,7 @@ prettytable
4
4
  GitPython
5
5
  packaging
6
6
  python-dotenv
7
- socket-sdk-python>=2.0.4
7
+ socket-sdk-python>=2.0.5
8
8
 
9
9
  [dev]
10
10
  ruff>=0.3.0
socketsecurity-2.0.3/PKG-INFO DELETED
@@ -1,138 +0,0 @@
1
- Metadata-Version: 2.2
2
- Name: socketsecurity
3
- Version: 2.0.3
4
- Summary: Socket Security CLI for CI/CD
5
- Author-email: Douglas Coburn <douglas@socket.dev>
6
- Maintainer-email: Douglas Coburn <douglas@socket.dev>
7
- Project-URL: Homepage, https://socket.dev
8
- Keywords: socketsecurity,socket.dev,sca,oss,security
9
- Classifier: Development Status :: 4 - Beta
10
- Classifier: Intended Audience :: Developers
11
- Classifier: Programming Language :: Python :: 3.11
12
- Classifier: Programming Language :: Python :: 3.12
13
- Requires-Python: >=3.9
14
- Description-Content-Type: text/markdown
15
- License-File: LICENSE
16
- Requires-Dist: requests
17
- Requires-Dist: mdutils
18
- Requires-Dist: prettytable
19
- Requires-Dist: GitPython
20
- Requires-Dist: packaging
21
- Requires-Dist: python-dotenv
22
- Requires-Dist: socket-sdk-python>=2.0.4
23
- Provides-Extra: test
24
- Requires-Dist: pytest>=7.4.0; extra == "test"
25
- Requires-Dist: pytest-cov>=4.1.0; extra == "test"
26
- Requires-Dist: pytest-mock>=3.12.0; extra == "test"
27
- Requires-Dist: pytest-asyncio>=0.23.0; extra == "test"
28
- Requires-Dist: pytest-watch>=4.2.0; extra == "test"
29
- Provides-Extra: dev
30
- Requires-Dist: ruff>=0.3.0; extra == "dev"
31
- Requires-Dist: pip-tools>=7.4.0; extra == "dev"
32
-
33
- # Socket Security CLI
34
-
35
- The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
36
-
37
-
38
-
39
- ## Usage
40
-
41
- ```` shell
42
- socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr-number PR_NUMBER]
43
- [--commit-message COMMIT_MESSAGE] [--default-branch] [--target-path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE]
44
- [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview]
45
- [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout]
46
- ````
47
-
48
- If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
49
-
50
-
51
- | Parameter | Alternate Name | Required | Default | Description |
52
- |:-------------------------|:---------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
53
- | -h | --help | False | | Show the CLI help message |
54
- | --api-token | | False | | Provides the Socket API Token |
55
- | --repo | | True | | The string name in a git approved name for repositories. |
56
- | --branch | | False | | The string name in a git approved name for branches. |
57
- | --committer | | False | | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer |
58
- | --pr-number | | False | 0 | The integer for the PR or MR number |
59
- | --commit-message | | False | | The string for a commit message if there is one |
60
- | --default-branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies |
61
- | --target-path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files |
62
- | --scm | | False | api | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github` |
63
- | --generate-license | | False | False | If this flag is specified it will generate a json file with the license per package and license text in the current working directory |
64
- | --version | -v | False | | Prints the version and exits |
65
- | --enable-debug | | False | False | Enables debug messaging for the CLI |
66
- | --sbom-file | | False | False | Creates a JSON file with all dependencies and alerts |
67
- | --commit-sha | | False | | The commit hash for the commit |
68
- | --generate-license | | False | False | If enabled with `--sbom-file` will include license details |
69
- | --enable-json | | False | False | If enabled will change the console output format to JSON |
70
- | --enable-sarif | | False | False | If enabled will change the console output format to SARIF |
71
- | --disable-overview | | False | False | If enabled will disable Dependency Overview comments |
72
- | --disable-security-issue | | False | False | If enabled will disable Security Issue Comments |
73
- | --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. |
74
- | --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files |
75
- | --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 |
76
-
77
- ## Development
78
-
79
- This project uses `pyproject.toml` as the primary dependency specification.
80
-
81
- ### Development Workflows
82
-
83
- The following Make targets provide streamlined workflows for common development tasks:
84
-
85
- #### Initial Setup (Choose One)
86
-
87
- 1. Standard Setup (using PyPI packages):
88
- ```bash
89
- pyenv local 3.11 # Ensure correct Python version
90
- make first-time-setup
91
- ```
92
-
93
- 2. Local Development Setup (for SDK development):
94
- ```bash
95
- pyenv local 3.11 # Ensure correct Python version
96
- SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
97
- ```
98
- The default SDK path is `../socket-sdk-python` if not specified.
99
-
100
- #### Ongoing Development Tasks
101
-
102
- After changing dependencies in pyproject.toml:
103
- ```bash
104
- make update-deps
105
- ```
106
-
107
- After pulling changes:
108
- ```bash
109
- make sync-all
110
- ```
111
-
112
- ### Available Make targets:
113
-
114
- High-level workflows:
115
- - `make first-time-setup`: Complete setup using PyPI packages
116
- - `make first-time-local-setup`: Complete setup for local SDK development
117
- - `make update-deps`: Update requirements.txt files and sync dependencies
118
- - `make sync-all`: Sync dependencies after pulling changes
119
- - `make dev-setup`: Setup for local development (included in first-time-local-setup)
120
-
121
- Implementation targets:
122
- - `make init-tools`: Creates virtual environment and installs pip-tools
123
- - `make local-dev`: Installs dependencies needed for local development
124
- - `make compile-deps`: Generates requirements.txt files with locked versions
125
- - `make setup`: Creates virtual environment and installs dependencies
126
- - `make sync-deps`: Installs exact versions from requirements.txt
127
- - `make clean`: Removes virtual environment and cache files
128
- - `make test`: Runs pytest suite
129
- - `make lint`: Runs ruff for code formatting and linting
130
-
131
- ### Environment Variables
132
-
133
- - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
134
-
135
- ### Running tests:
136
-
137
- #### Run all tests:
138
- ```
socketsecurity-2.0.3/README.md DELETED
@@ -1,106 +0,0 @@
1
- # Socket Security CLI
2
-
3
- The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
4
-
5
-
6
-
7
- ## Usage
8
-
9
- ```` shell
10
- socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr-number PR_NUMBER]
11
- [--commit-message COMMIT_MESSAGE] [--default-branch] [--target-path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE]
12
- [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview]
13
- [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout]
14
- ````
15
-
16
- If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
17
-
18
-
19
- | Parameter | Alternate Name | Required | Default | Description |
20
- |:-------------------------|:---------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
21
- | -h | --help | False | | Show the CLI help message |
22
- | --api-token | | False | | Provides the Socket API Token |
23
- | --repo | | True | | The string name in a git approved name for repositories. |
24
- | --branch | | False | | The string name in a git approved name for branches. |
25
- | --committer | | False | | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer |
26
- | --pr-number | | False | 0 | The integer for the PR or MR number |
27
- | --commit-message | | False | | The string for a commit message if there is one |
28
- | --default-branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies |
29
- | --target-path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files |
30
- | --scm | | False | api | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github` |
31
- | --generate-license | | False | False | If this flag is specified it will generate a json file with the license per package and license text in the current working directory |
32
- | --version | -v | False | | Prints the version and exits |
33
- | --enable-debug | | False | False | Enables debug messaging for the CLI |
34
- | --sbom-file | | False | False | Creates a JSON file with all dependencies and alerts |
35
- | --commit-sha | | False | | The commit hash for the commit |
36
- | --generate-license | | False | False | If enabled with `--sbom-file` will include license details |
37
- | --enable-json | | False | False | If enabled will change the console output format to JSON |
38
- | --enable-sarif | | False | False | If enabled will change the console output format to SARIF |
39
- | --disable-overview | | False | False | If enabled will disable Dependency Overview comments |
40
- | --disable-security-issue | | False | False | If enabled will disable Security Issue Comments |
41
- | --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. |
42
- | --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files |
43
- | --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 |
44
-
45
- ## Development
46
-
47
- This project uses `pyproject.toml` as the primary dependency specification.
48
-
49
- ### Development Workflows
50
-
51
- The following Make targets provide streamlined workflows for common development tasks:
52
-
53
- #### Initial Setup (Choose One)
54
-
55
- 1. Standard Setup (using PyPI packages):
56
- ```bash
57
- pyenv local 3.11 # Ensure correct Python version
58
- make first-time-setup
59
- ```
60
-
61
- 2. Local Development Setup (for SDK development):
62
- ```bash
63
- pyenv local 3.11 # Ensure correct Python version
64
- SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
65
- ```
66
- The default SDK path is `../socket-sdk-python` if not specified.
67
-
68
- #### Ongoing Development Tasks
69
-
70
- After changing dependencies in pyproject.toml:
71
- ```bash
72
- make update-deps
73
- ```
74
-
75
- After pulling changes:
76
- ```bash
77
- make sync-all
78
- ```
79
-
80
- ### Available Make targets:
81
-
82
- High-level workflows:
83
- - `make first-time-setup`: Complete setup using PyPI packages
84
- - `make first-time-local-setup`: Complete setup for local SDK development
85
- - `make update-deps`: Update requirements.txt files and sync dependencies
86
- - `make sync-all`: Sync dependencies after pulling changes
87
- - `make dev-setup`: Setup for local development (included in first-time-local-setup)
88
-
89
- Implementation targets:
90
- - `make init-tools`: Creates virtual environment and installs pip-tools
91
- - `make local-dev`: Installs dependencies needed for local development
92
- - `make compile-deps`: Generates requirements.txt files with locked versions
93
- - `make setup`: Creates virtual environment and installs dependencies
94
- - `make sync-deps`: Installs exact versions from requirements.txt
95
- - `make clean`: Removes virtual environment and cache files
96
- - `make test`: Runs pytest suite
97
- - `make lint`: Runs ruff for code formatting and linting
98
-
99
- ### Environment Variables
100
-
101
- - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
102
-
103
- ### Running tests:
104
-
105
- #### Run all tests:
106
- ```
socketsecurity-2.0.3/socketsecurity.egg-info/PKG-INFO DELETED
@@ -1,138 +0,0 @@
1
- Metadata-Version: 2.2
2
- Name: socketsecurity
3
- Version: 2.0.3
4
- Summary: Socket Security CLI for CI/CD
5
- Author-email: Douglas Coburn <douglas@socket.dev>
6
- Maintainer-email: Douglas Coburn <douglas@socket.dev>
7
- Project-URL: Homepage, https://socket.dev
8
- Keywords: socketsecurity,socket.dev,sca,oss,security
9
- Classifier: Development Status :: 4 - Beta
10
- Classifier: Intended Audience :: Developers
11
- Classifier: Programming Language :: Python :: 3.11
12
- Classifier: Programming Language :: Python :: 3.12
13
- Requires-Python: >=3.9
14
- Description-Content-Type: text/markdown
15
- License-File: LICENSE
16
- Requires-Dist: requests
17
- Requires-Dist: mdutils
18
- Requires-Dist: prettytable
19
- Requires-Dist: GitPython
20
- Requires-Dist: packaging
21
- Requires-Dist: python-dotenv
22
- Requires-Dist: socket-sdk-python>=2.0.4
23
- Provides-Extra: test
24
- Requires-Dist: pytest>=7.4.0; extra == "test"
25
- Requires-Dist: pytest-cov>=4.1.0; extra == "test"
26
- Requires-Dist: pytest-mock>=3.12.0; extra == "test"
27
- Requires-Dist: pytest-asyncio>=0.23.0; extra == "test"
28
- Requires-Dist: pytest-watch>=4.2.0; extra == "test"
29
- Provides-Extra: dev
30
- Requires-Dist: ruff>=0.3.0; extra == "dev"
31
- Requires-Dist: pip-tools>=7.4.0; extra == "dev"
32
-
33
- # Socket Security CLI
34
-
35
- The Socket Security CLI was created to enable integrations with other tools like Github Actions, Gitlab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
36
-
37
-
38
-
39
- ## Usage
40
-
41
- ```` shell
42
- socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--branch BRANCH] [--committer COMMITTER] [--pr-number PR_NUMBER]
43
- [--commit-message COMMIT_MESSAGE] [--default-branch] [--target-path TARGET_PATH] [--scm {api,github,gitlab}] [--sbom-file SBOM_FILE]
44
- [--commit-sha COMMIT_SHA] [--generate-license GENERATE_LICENSE] [-v] [--enable-debug] [--enable-json] [--enable-sarif] [--disable-overview]
45
- [--disable-security-issue] [--files FILES] [--ignore-commit-files] [--timeout]
46
- ````
47
-
48
- If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
49
-
50
-
51
- | Parameter | Alternate Name | Required | Default | Description |
52
- |:-------------------------|:---------------|:---------|:--------|:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
53
- | -h | --help | False | | Show the CLI help message |
54
- | --api-token | | False | | Provides the Socket API Token |
55
- | --repo | | True | | The string name in a git approved name for repositories. |
56
- | --branch | | False | | The string name in a git approved name for branches. |
57
- | --committer | | False | | The string name of the person doing the commit or running the CLI. Can be specified multiple times to have more than one committer |
58
- | --pr-number | | False | 0 | The integer for the PR or MR number |
59
- | --commit-message | | False | | The string for a commit message if there is one |
60
- | --default-branch | | False | False | If the flag is specified this will signal that this is the default branch. This needs to be enabled for a report to update Org Alerts and Org Dependencies |
61
- | --target-path | | False | ./ | This is the path to where the manifest files are location. The tool will recursively search for all supported manifest files |
62
- | --scm | | False | api | This is the mode that the tool is to run in. For local runs `api` would be the mode. Other options are `gitlab` and `github` |
63
- | --generate-license | | False | False | If this flag is specified it will generate a json file with the license per package and license text in the current working directory |
64
- | --version | -v | False | | Prints the version and exits |
65
- | --enable-debug | | False | False | Enables debug messaging for the CLI |
66
- | --sbom-file | | False | False | Creates a JSON file with all dependencies and alerts |
67
- | --commit-sha | | False | | The commit hash for the commit |
68
- | --generate-license | | False | False | If enabled with `--sbom-file` will include license details |
69
- | --enable-json | | False | False | If enabled will change the console output format to JSON |
70
- | --enable-sarif | | False | False | If enabled will change the console output format to SARIF |
71
- | --disable-overview | | False | False | If enabled will disable Dependency Overview comments |
72
- | --disable-security-issue | | False | False | If enabled will disable Security Issue Comments |
73
- | --files | | False | | If provided in the format of `["file1", "file2"]` will be used to determine if there have been supported file changes. This is used if it isn't a git repo and you would like to only run if it supported files have changed. |
74
- | --ignore-commit-files | | False | False | If enabled then the CLI will ignore what files are changed in the commit and look for all manifest files |
75
- | --disable-blocking | | False | False | Disables failing checks and will only exit with an exit code of 0 |
76
-
77
- ## Development
78
-
79
- This project uses `pyproject.toml` as the primary dependency specification.
80
-
81
- ### Development Workflows
82
-
83
- The following Make targets provide streamlined workflows for common development tasks:
84
-
85
- #### Initial Setup (Choose One)
86
-
87
- 1. Standard Setup (using PyPI packages):
88
- ```bash
89
- pyenv local 3.11 # Ensure correct Python version
90
- make first-time-setup
91
- ```
92
-
93
- 2. Local Development Setup (for SDK development):
94
- ```bash
95
- pyenv local 3.11 # Ensure correct Python version
96
- SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
97
- ```
98
- The default SDK path is `../socket-sdk-python` if not specified.
99
-
100
- #### Ongoing Development Tasks
101
-
102
- After changing dependencies in pyproject.toml:
103
- ```bash
104
- make update-deps
105
- ```
106
-
107
- After pulling changes:
108
- ```bash
109
- make sync-all
110
- ```
111
-
112
- ### Available Make targets:
113
-
114
- High-level workflows:
115
- - `make first-time-setup`: Complete setup using PyPI packages
116
- - `make first-time-local-setup`: Complete setup for local SDK development
117
- - `make update-deps`: Update requirements.txt files and sync dependencies
118
- - `make sync-all`: Sync dependencies after pulling changes
119
- - `make dev-setup`: Setup for local development (included in first-time-local-setup)
120
-
121
- Implementation targets:
122
- - `make init-tools`: Creates virtual environment and installs pip-tools
123
- - `make local-dev`: Installs dependencies needed for local development
124
- - `make compile-deps`: Generates requirements.txt files with locked versions
125
- - `make setup`: Creates virtual environment and installs dependencies
126
- - `make sync-deps`: Installs exact versions from requirements.txt
127
- - `make clean`: Removes virtual environment and cache files
128
- - `make test`: Runs pytest suite
129
- - `make lint`: Runs ruff for code formatting and linting
130
-
131
- ### Environment Variables
132
-
133
- - `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
134
-
135
- ### Running tests:
136
-
137
- #### Run all tests:
138
- ```
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/LICENSE RENAMED
File without changes
{socketsecurity-2.0.3 → socketsecurity-2.0.4}/setup.cfg RENAMED
File without changes