PyPI - socketsecurity - Versions diffs - 2.2.23__tar.gz → 2.2.26__tar.gz - Mend

socketsecurity 2.2.23tar.gz → 2.2.26tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (86) hide show

socketsecurity-2.2.26/Dockerfile ADDED Viewed

@@ -0,0 +1,41 @@
+FROM python:3-alpine
+LABEL org.opencontainers.image.authors="socket.dev"
+ARG CLI_VERSION
+ARG SDK_VERSION
+ARG PIP_INDEX_URL=https://pypi.org/simple
+ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple
+ARG USE_LOCAL_INSTALL=false
+RUN apk update \
+    && apk add --no-cache git nodejs npm yarn curl \
+    && npm install @coana-tech/cli -g
+# Install uv
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /usr/local/bin/uv
+# Install CLI based on build mode
+RUN if [ "$USE_LOCAL_INSTALL" = "true" ]; then \
+        echo "Using local development install"; \
+    else \
+        for i in $(seq 1 10); do \
+            echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \
+            if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \
+                break; \
+            fi; \
+            echo "Install failed, waiting 30s before retry..."; \
+            sleep 30; \
+        done && \
+        if [ ! -z "$SDK_VERSION" ]; then \
+            pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \
+        fi; \
+    fi
+# Copy local source and install in editable mode if USE_LOCAL_INSTALL is true
+COPY . /app
+WORKDIR /app
+RUN if [ "$USE_LOCAL_INSTALL" = "true" ]; then \
+        pip install --upgrade -e .; \
+        pip install --upgrade socketdev; \
+    fi
+# ENTRYPOINT ["socketcli"]

{socketsecurity-2.2.23 → socketsecurity-2.2.26}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: socketsecurity
-Version: 2.2.23
+Version: 2.2.26
 Summary: Socket Security CLI for CI/CD
 Project-URL: Homepage, https://socket.dev
 Author-email: Douglas Coburn <douglas@socket.dev>
@@ -40,7 +40,7 @@ Requires-Dist: packaging
 Requires-Dist: prettytable
 Requires-Dist: python-dotenv
 Requires-Dist: requests
-Requires-Dist: socketdev<4.0.0,>=3.0.16
+Requires-Dist: socketdev<4.0.0,>=3.0.17
 Provides-Extra: dev
 Requires-Dist: hatch; extra == 'dev'
 Requires-Dist: pre-commit; extra == 'dev'

{socketsecurity-2.2.23 → socketsecurity-2.2.26}/pyproject.toml RENAMED Viewed

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 [project]
 name = "socketsecurity"
-version = "2.2.23"
+version = "2.2.26"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [
@@ -16,7 +16,7 @@ dependencies = [
     'GitPython',
     'packaging',
     'python-dotenv',
-    'socketdev>=3.0.16,<4.0.0',
+    'socketdev>=3.0.17,<4.0.0',
     "bs4>=0.0.2",
 ]
 readme = "README.md"

{socketsecurity-2.2.23 → socketsecurity-2.2.26}/scripts/build_container.sh RENAMED Viewed

@@ -24,9 +24,15 @@ verify_package() {
 echo $VERSION
 if [ -z $ENABLE_PYPI_BUILD ] || [ -z $STABLE_VERSION ]; then
-    echo "$0 pypi-build=enable stable=true"
-    echo "\tpypi-build: Build and publish a new version of the package to pypi. Options are prod or test"
-    echo "\tstable: Only build and publish a new version for the stable docker tag if it has been tested and going on the changelog"
+    echo "$0 pypi-build=<option> stable=<true|false|prod|test>"
+    echo "\tpypi-build: Options are prod, test, or local"
+    echo "\t  - prod: Build and publish to production PyPI, then build Docker images"
+    echo "\t  - test: Build and publish to test PyPI, then build Docker images"
+    echo "\t  - local: Build Docker images only using existing PyPI package (specify prod or test via stable parameter)"
+    echo "\tstable: true/false/prod/test - Also tag as stable; for local builds:"
+    echo "\t  - stable=prod: Use production PyPI package"
+    echo "\t  - stable=test: Use test PyPI package"
+    echo "\t  - stable=false: Use local development install (pip install -e .)"
     exit
 fi
@@ -97,3 +103,44 @@ if [ $STABLE_VERSION = "stable=true" ]; then
         && docker push socketdev/cli:stable
 fi
+if [ $ENABLE_PYPI_BUILD = "pypi-build=local" ]; then
+    echo "Building local version without publishing to PyPI"
+    # Determine PyPI source based on stable parameter
+    if [ $STABLE_VERSION = "stable=prod" ]; then
+        echo "Using production PyPI"
+        PIP_INDEX_URL="https://pypi.org/simple"
+        PIP_EXTRA_INDEX_URL="https://pypi.org/simple"
+        TAG_SUFFIX="local"
+        USE_LOCAL_INSTALL="false"
+    elif [ $STABLE_VERSION = "stable=test" ]; then
+        echo "Using test PyPI"
+        PIP_INDEX_URL="https://test.pypi.org/simple"
+        PIP_EXTRA_INDEX_URL="https://pypi.org/simple"
+        TAG_SUFFIX="local-test"
+        USE_LOCAL_INSTALL="false"
+    elif [ $STABLE_VERSION = "stable=false" ]; then
+        echo "Using local development install (pip install -e .)"
+        TAG_SUFFIX="local-dev"
+        USE_LOCAL_INSTALL="true"
+    else
+        echo "For local builds, use stable=prod, stable=test, or stable=false"
+        exit 1
+    fi
+    if [ $USE_LOCAL_INSTALL = "true" ]; then
+        docker build --no-cache \
+            --build-arg USE_LOCAL_INSTALL=true \
+            -t socketdev/cli:$VERSION-$TAG_SUFFIX \
+            -t socketdev/cli:$TAG_SUFFIX .
+    else
+        docker build --no-cache \
+            --build-arg CLI_VERSION=$VERSION \
+            --build-arg PIP_INDEX_URL=$PIP_INDEX_URL \
+            --build-arg PIP_EXTRA_INDEX_URL=$PIP_EXTRA_INDEX_URL \
+            -t socketdev/cli:$VERSION-$TAG_SUFFIX \
+            -t socketdev/cli:$TAG_SUFFIX .
+    fi
+    echo "Local build complete. Tagged as socketdev/cli:$VERSION-$TAG_SUFFIX and socketdev/cli:$TAG_SUFFIX"
+fi

{socketsecurity-2.2.23 → socketsecurity-2.2.26}/socketsecurity/__init__.py RENAMED Viewed

@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.23'
+__version__ = '2.2.26'
 USER_AGENT = f'SocketPythonCLI/{__version__}'

{socketsecurity-2.2.23 → socketsecurity-2.2.26}/socketsecurity/socketcli.py RENAMED Viewed

@@ -251,8 +251,7 @@ def main_code():
                     org_slug=org_slug,
                     file_paths=manifest_files,
                     workspace=config.repo or "default-workspace",
-                    base_path=None,
-                    base_paths=base_paths,
+                    base_paths=[config.target_path],
                     use_lazy_loading=False
                 )
                 log.info(f"Manifest upload successful, tar hash: {tar_hash}")

socketsecurity-2.2.23/Dockerfile DELETED Viewed

@@ -1,27 +0,0 @@
-FROM python:3-alpine
-LABEL org.opencontainers.image.authors="socket.dev"
-ARG CLI_VERSION
-ARG SDK_VERSION
-ARG PIP_INDEX_URL=https://pypi.org/simple
-ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple
-RUN apk update \
-    && apk add --no-cache git nodejs npm yarn curl \
-    && npm install @coana-tech/cli -g
-# Install uv
-RUN curl -LsSf https://astral.sh/uv/install.sh | sh
-ENV PATH="/root/.cargo/bin:${PATH}"
-# Install CLI with retries for TestPyPI propagation (10 attempts, 30s each = 5 minutes total)
-RUN for i in $(seq 1 10); do \
-        echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \
-        if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \
-            break; \
-        fi; \
-        echo "Install failed, waiting 30s before retry..."; \
-        sleep 30; \
-    done && \
-    if [ ! -z "$SDK_VERSION" ]; then \
-        pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \
-    fi