socketsecurity 2.2.2__tar.gz → 2.2.5__tar.gz

{socketsecurity-2.2.2 → socketsecurity-2.2.5}/Dockerfile

@@ -18,5 +18,5 @@ RUN for i in $(seq 1 10); do \
         sleep 30; \
     done && \
     if [ ! -z "$SDK_VERSION" ]; then \
-        pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socket-sdk-python==${SDK_VERSION}; \
+        pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \
     fi

socketsecurity-2.2.5/Makefile

@@ -0,0 +1,62 @@
+.PHONY: setup sync clean test lint update-lock local-dev first-time-setup dev-setup sync-all first-time-local-setup
+
+# Environment variable for local SDK path (optional)
+SOCKET_SDK_PATH ?= ../socketdev
+
+# Environment variable to control local development mode
+USE_LOCAL_SDK ?= false
+
+# === High-level workflow targets ===
+
+# First-time repo setup after cloning (using PyPI packages)
+first-time-setup: clean setup
+
+# First-time setup for local development (using local SDK)
+first-time-local-setup: 
+	$(MAKE) clean
+	$(MAKE) USE_LOCAL_SDK=true dev-setup
+
+# Update lock file after changing pyproject.toml
+update-lock:
+	uv lock
+
+# Setup for local development
+dev-setup: clean local-dev setup
+
+# Sync all dependencies after pulling changes
+sync-all: sync
+
+# === Implementation targets ===
+
+# Installs dependencies needed for local development
+# Currently: socketdev from test PyPI or local path
+local-dev:
+ifeq ($(USE_LOCAL_SDK),true)
+	uv add --editable $(SOCKET_SDK_PATH)
+endif
+
+# Creates virtual environment and installs dependencies from uv.lock
+setup: update-lock
+	uv sync --all-extras
+ifeq ($(USE_LOCAL_SDK),true)
+	uv add --editable $(SOCKET_SDK_PATH)
+endif
+
+# Installs exact versions from uv.lock into your virtual environment
+sync:
+	uv sync --all-extras
+ifeq ($(USE_LOCAL_SDK),true)
+	uv add --editable $(SOCKET_SDK_PATH)
+endif
+
+# Removes virtual environment and cache files
+clean:
+	rm -rf .venv
+	find . -type d -name "__pycache__" -exec rm -rf {} +
+
+test:
+	uv run pytest
+
+lint:
+	uv run ruff check .
+	uv run ruff format --check .

{socketsecurity-2.2.2 → socketsecurity-2.2.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: socketsecurity
-Version: 2.2.2
+Version: 2.2.5
 Summary: Socket Security CLI for CI/CD
 Project-URL: Homepage, https://socket.dev
 Author-email: Douglas Coburn <douglas@socket.dev>
@@ -39,13 +39,13 @@ Requires-Dist: packaging
 Requires-Dist: prettytable
 Requires-Dist: python-dotenv
 Requires-Dist: requests
-Requires-Dist: socket-sdk-python<3,>=2.1.8
+Requires-Dist: socketdev<4.0.0,>=3.0.0
 Provides-Extra: dev
 Requires-Dist: hatch; extra == 'dev'
-Requires-Dist: pip-tools>=7.4.0; extra == 'dev'
 Requires-Dist: pre-commit; extra == 'dev'
 Requires-Dist: ruff>=0.3.0; extra == 'dev'
 Requires-Dist: twine; extra == 'dev'
+Requires-Dist: uv>=0.1.0; extra == 'dev'
 Provides-Extra: test
 Requires-Dist: pytest-asyncio>=0.23.0; extra == 'test'
 Requires-Dist: pytest-cov>=4.1.0; extra == 'test'
@@ -427,9 +427,9 @@ make first-time-setup
 2. Local Development Setup (for SDK development):
 ```bash
 pyenv local 3.11  # Ensure correct Python version
-SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
+SOCKET_SDK_PATH=~/path/to/socketdev make first-time-local-setup
 ```
-The default SDK path is `../socket-sdk-python` if not specified.
+The default SDK path is `../socketdev` if not specified.
 
 #### Ongoing Development Tasks
 
@@ -448,25 +448,23 @@ make sync-all
 High-level workflows:
 - `make first-time-setup`: Complete setup using PyPI packages
 - `make first-time-local-setup`: Complete setup for local SDK development
-- `make update-deps`: Update requirements.txt files and sync dependencies
+- `make update-lock`: Update uv.lock file after changing pyproject.toml
 - `make sync-all`: Sync dependencies after pulling changes
 - `make dev-setup`: Setup for local development (included in first-time-local-setup)
 
 Implementation targets:
-- `make init-tools`: Creates virtual environment and installs pip-tools
 - `make local-dev`: Installs dependencies needed for local development
-- `make compile-deps`: Generates requirements.txt files with locked versions
-- `make setup`: Creates virtual environment and installs dependencies
-- `make sync-deps`: Installs exact versions from requirements.txt
+- `make setup`: Creates virtual environment and installs dependencies from uv.lock
+- `make sync`: Installs exact versions from uv.lock
 - `make clean`: Removes virtual environment and cache files
-- `make test`: Runs pytest suite
-- `make lint`: Runs ruff for code formatting and linting
+- `make test`: Runs pytest suite using uv run
+- `make lint`: Runs ruff for code formatting and linting using uv run
 
 ### Environment Variables
 
 #### Core Configuration
 - `SOCKET_SECURITY_API_KEY`: Socket Security API token (alternative to --api-token parameter)
-- `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
+- `SOCKET_SDK_PATH`: Path to local socketdev repository (default: ../socketdev)
 
 #### GitLab Integration
 - `GITLAB_TOKEN`: GitLab API token for GitLab integration (supports both Bearer and PRIVATE-TOKEN authentication)

{socketsecurity-2.2.2 → socketsecurity-2.2.5}/README.md

@@ -371,9 +371,9 @@ make first-time-setup
 2. Local Development Setup (for SDK development):
 ```bash
 pyenv local 3.11  # Ensure correct Python version
-SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
+SOCKET_SDK_PATH=~/path/to/socketdev make first-time-local-setup
 ```
-The default SDK path is `../socket-sdk-python` if not specified.
+The default SDK path is `../socketdev` if not specified.
 
 #### Ongoing Development Tasks
 
@@ -392,25 +392,23 @@ make sync-all
 High-level workflows:
 - `make first-time-setup`: Complete setup using PyPI packages
 - `make first-time-local-setup`: Complete setup for local SDK development
-- `make update-deps`: Update requirements.txt files and sync dependencies
+- `make update-lock`: Update uv.lock file after changing pyproject.toml
 - `make sync-all`: Sync dependencies after pulling changes
 - `make dev-setup`: Setup for local development (included in first-time-local-setup)
 
 Implementation targets:
-- `make init-tools`: Creates virtual environment and installs pip-tools
 - `make local-dev`: Installs dependencies needed for local development
-- `make compile-deps`: Generates requirements.txt files with locked versions
-- `make setup`: Creates virtual environment and installs dependencies
-- `make sync-deps`: Installs exact versions from requirements.txt
+- `make setup`: Creates virtual environment and installs dependencies from uv.lock
+- `make sync`: Installs exact versions from uv.lock
 - `make clean`: Removes virtual environment and cache files
-- `make test`: Runs pytest suite
-- `make lint`: Runs ruff for code formatting and linting
+- `make test`: Runs pytest suite using uv run
+- `make lint`: Runs ruff for code formatting and linting using uv run
 
 ### Environment Variables
 
 #### Core Configuration
 - `SOCKET_SECURITY_API_KEY`: Socket Security API token (alternative to --api-token parameter)
-- `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
+- `SOCKET_SDK_PATH`: Path to local socketdev repository (default: ../socketdev)
 
 #### GitLab Integration
 - `GITLAB_TOKEN`: GitLab API token for GitLab integration (supports both Bearer and PRIVATE-TOKEN authentication)

{socketsecurity-2.2.2 → socketsecurity-2.2.5}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.2.2"
+version = "2.2.5"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [
@@ -16,7 +16,7 @@ dependencies = [
     'GitPython',
     'packaging',
     'python-dotenv',
-    'socket-sdk-python>=2.1.8,<3'
+    'socketdev>=3.0.0,<4.0.0'
 ]
 readme = "README.md"
 description = "Socket Security CLI for CI/CD"
@@ -45,7 +45,7 @@ test = [
 dev = [
     "ruff>=0.3.0",
     "twine", # for building
-    "pip-tools>=7.4.0",  # for pip-compile
+    "uv>=0.1.0",  # for dependency management
     "pre-commit",
     "hatch"
 ]

{socketsecurity-2.2.2 → socketsecurity-2.2.5}/scripts/deploy-test-docker.sh

@@ -29,7 +29,7 @@ fi
 
 if [ -z "$SDK_VERSION" ]; then
     echo "No SDK version specified, checking TestPyPI for latest version..."
-    SDK_VERSION=$(get_latest_version "socket-sdk-python")
+    SDK_VERSION=$(get_latest_version "socketdev")
     echo "Latest SDK version on TestPyPI is: $SDK_VERSION"
 fi
 

{socketsecurity-2.2.2 → socketsecurity-2.2.5}/socketsecurity/__init__.py

@@ -1,2 +1,2 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.2'
+__version__ = '2.2.5'

{socketsecurity-2.2.2 → socketsecurity-2.2.5}/socketsecurity/core/messages.py

@@ -283,7 +283,7 @@ class Messages:
     @staticmethod
     def create_security_comment_json(diff: Diff) -> dict:
         scan_failed = False
-        if len(diff.new_alerts) == 0:
+        if len(diff.new_alerts) > 0:
             for alert in diff.new_alerts:
                 alert: Issue
                 if alert.error: