socketsecurity 2.2.40__tar.gz → 2.2.51__tar.gz

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: socketsecurity
-Version: 2.2.40
+Version: 2.2.51
 Summary: Socket Security CLI for CI/CD
 Project-URL: Homepage, https://socket.dev
 Author-email: Douglas Coburn <douglas@socket.dev>
@@ -40,7 +40,7 @@ Requires-Dist: packaging
 Requires-Dist: prettytable
 Requires-Dist: python-dotenv
 Requires-Dist: requests
-Requires-Dist: socketdev<4.0.0,>=3.0.21
+Requires-Dist: socketdev<4.0.0,>=3.0.22
 Provides-Extra: dev
 Requires-Dist: hatch; extra == 'dev'
 Requires-Dist: pre-commit; extra == 'dev'
@@ -57,7 +57,7 @@ Description-Content-Type: text/markdown
 
 # Socket Security CLI
 
-The Socket Security CLI was created to enable integrations with other tools like GitHub Actions, GitLab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
+The Socket Security CLI was created to enable integrations with other tools like GitHub Actions, GitLab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts with blocking actions it'll exit with a non-Zero exit code.
 
 ## Quick Start
 

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/README.md

@@ -1,6 +1,6 @@
 # Socket Security CLI
 
-The Socket Security CLI was created to enable integrations with other tools like GitHub Actions, GitLab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts against the Socket security policy it'll exit with a non-Zero exit code.
+The Socket Security CLI was created to enable integrations with other tools like GitHub Actions, GitLab, BitBucket, local use cases and more. The tool will get the head scan for the provided repo from Socket, create a new one, and then report any new alerts detected. If there are new alerts with blocking actions it'll exit with a non-Zero exit code.
 
 ## Quick Start
 

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.2.40"
+version = "2.2.51"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [
@@ -16,7 +16,7 @@ dependencies = [
     'GitPython',
     'packaging',
     'python-dotenv',
-    'socketdev>=3.0.21,<4.0.0',
+    'socketdev>=3.0.22,<4.0.0',
     "bs4>=0.0.2",
 ]
 readme = "README.md"
@@ -160,3 +160,9 @@ docstring-code-line-length = "dynamic"
 
 [tool.hatch.build.targets.wheel]
 include = ["socketsecurity", "LICENSE"]
+
+[dependency-groups]
+dev = [
+    "pre-commit>=4.3.0",
+]
+

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/socketsecurity/__init__.py

@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.40'
+__version__ = '2.2.51'
 USER_AGENT = f'SocketPythonCLI/{__version__}'

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/socketsecurity/config.py

@@ -77,6 +77,7 @@ class CliConfig:
     reach_concurrency: Optional[int] = None
     reach_additional_params: Optional[List[str]] = None
     only_facts_file: bool = False
+    reach_use_only_pregenerated_sboms: bool = False
     
     @classmethod
     def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig':
@@ -139,6 +140,7 @@ class CliConfig:
             'reach_concurrency': args.reach_concurrency,
             'reach_additional_params': args.reach_additional_params,
             'only_facts_file': args.only_facts_file,
+            'reach_use_only_pregenerated_sboms': args.reach_use_only_pregenerated_sboms,
             'version': __version__
         }
         try:
@@ -175,6 +177,11 @@ class CliConfig:
             logging.error("--only-facts-file requires --reach to be specified")
             exit(1)
 
+        # Validate that reach_use_only_pregenerated_sboms requires reach
+        if args.reach_use_only_pregenerated_sboms and not args.reach:
+            logging.error("--reach-use-only-pregenerated-sboms requires --reach to be specified")
+            exit(1)
+
         # Validate reach_concurrency is >= 1 if provided
         if args.reach_concurrency is not None and args.reach_concurrency < 1:
             logging.error("--reach-concurrency must be >= 1")
@@ -602,6 +609,12 @@ def create_argument_parser() -> argparse.ArgumentParser:
         action="store_true",
         help="Submit only the .socket.facts.json file when creating full scan (requires --reach)"
     )
+    reachability_group.add_argument(
+        "--reach-use-only-pregenerated-sboms",
+        dest="reach_use_only_pregenerated_sboms",
+        action="store_true",
+        help="When using this option, the scan is created based only on pre-generated CDX and SPDX files in your project. (requires --reach)"
+    )
 
     parser.add_argument(
         '--version',

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/socketsecurity/core/__init__.py

@@ -19,7 +19,6 @@ from socketdev.exceptions import APIFailure
 from socketdev.fullscans import FullScanParams, SocketArtifact
 from socketdev.org import Organization
 from socketdev.repos import RepositoryInfo
-from socketdev.settings import SecurityPolicyRule
 import copy
 from socketsecurity import __version__, USER_AGENT
 from socketsecurity.core.classes import (
@@ -82,8 +81,6 @@ class Core:
         self.config.full_scan_path = f"{base_path}/full-scans"
         self.config.repository_path = f"{base_path}/repos"
 
-        self.config.security_policy = self.get_security_policy()
-
     def get_org_id_slug(self) -> Tuple[str, str]:
         """Gets the Org ID and Org Slug for the API Token."""
         response = self.sdk.org.get(use_types=True)
@@ -112,16 +109,7 @@ class Core:
         """Converts artifacts dictionary to a list."""
         return list(artifacts_dict.values())
 
-    def get_security_policy(self) -> Dict[str, SecurityPolicyRule]:
-        """Gets the organization's security policy."""
-        response = self.sdk.settings.get(self.config.org_slug, use_types=True)
-
-        if not response.success:
-            log.error(f"Failed to get security policy: {response.status}")
-            log.error(response.message)
-            raise Exception(f"Failed to get security policy: {response.status}, message: {response.message}")
 
-        return response.securityPolicyRules
 
     def create_sbom_output(self, diff: Diff) -> dict:
         """Creates CycloneDX output for a given diff."""
@@ -293,12 +281,13 @@ class Core:
         except Exception as e:
             log.error(f"Failed to save manifest tar.gz to {output_path}: {e}")
 
-    def find_files(self, path: str) -> List[str]:
+    def find_files(self, path: str, ecosystems: Optional[List[str]] = None) -> List[str]:
         """
         Finds supported manifest files in the given path.
 
         Args:
             path: Path to search for manifest files.
+            ecosystems: Optional list of ecosystems to include. If None, all ecosystems are included.
 
         Returns:
             List of found manifest file paths.
@@ -311,6 +300,9 @@ class Core:
         patterns = self.get_supported_patterns()
 
         for ecosystem in patterns:
+            # If ecosystems filter is provided, only include specified ecosystems
+            if ecosystems is not None and ecosystem not in ecosystems:
+                continue
             if ecosystem in self.config.excluded_ecosystems:
                 continue
             log.debug(f'Scanning ecosystem: {ecosystem}')
@@ -355,6 +347,23 @@ class Core:
 
         return file_list
 
+    def find_sbom_files(self, path: str) -> List[str]:
+        """
+        Finds only pre-generated SBOM files (CDX and SPDX) in the given path.
+
+        This is used with --reach-use-only-pregenerated-sboms to find only
+        pre-computed CycloneDX and SPDX manifest files.
+
+        Args:
+            path: Path to search for SBOM files.
+
+        Returns:
+            List of found CDX and SPDX file paths.
+        """
+        log.debug("Starting Find SBOM Files (CDX and SPDX only)")
+        sbom_ecosystems = ['cdx', 'spdx']
+        return self.find_files(path, ecosystems=sbom_ecosystems)
+
     def get_supported_patterns(self) -> Dict:
         """
         Gets supported file patterns from the Socket API.
@@ -559,7 +568,8 @@ class Core:
             no_change: bool = False,
             save_files_list_path: Optional[str] = None,
             save_manifest_tar_path: Optional[str] = None,
-            base_paths: Optional[List[str]] = None
+            base_paths: Optional[List[str]] = None,
+            explicit_files: Optional[List[str]] = None
     ) -> Diff:
         """Create a new full scan and return with html_report_url.
 
@@ -570,6 +580,7 @@ class Core:
             save_files_list_path: Optional path to save submitted files list for debugging
             save_manifest_tar_path: Optional path to save manifest files tar.gz archive
             base_paths: List of base paths for the scan (optional)
+            explicit_files: Optional list of explicit files to use instead of discovering files
 
         Returns:
             Dict with full scan data including html_report_url
@@ -583,11 +594,15 @@ class Core:
         if no_change:
             return diff
 
-        # Find manifest files from all paths
-        all_files = []
-        for path in paths:
-            files = self.find_files(path)
-            all_files.extend(files)
+        # Use explicit files if provided, otherwise find manifest files from all paths
+        if explicit_files is not None:
+            all_files = explicit_files
+            log.debug(f"Using {len(all_files)} explicit files instead of discovering files")
+        else:
+            all_files = []
+            for path in paths:
+                files = self.find_files(path)
+                all_files.extend(files)
         
         # Save submitted files list if requested
         if save_files_list_path and all_files:
@@ -955,7 +970,8 @@ class Core:
             no_change: bool = False,
             save_files_list_path: Optional[str] = None,
             save_manifest_tar_path: Optional[str] = None,
-            base_paths: Optional[List[str]] = None
+            base_paths: Optional[List[str]] = None,
+            explicit_files: Optional[List[str]] = None
     ) -> Diff:
         """Create a new diff using the Socket SDK.
 
@@ -966,16 +982,21 @@ class Core:
             save_files_list_path: Optional path to save submitted files list for debugging
             save_manifest_tar_path: Optional path to save manifest files tar.gz archive
             base_paths: List of base paths for the scan (optional)
+            explicit_files: Optional list of explicit files to use instead of discovering files
         """
         log.debug(f"starting create_new_diff with no_change: {no_change}")
         if no_change:
             return Diff(id="NO_DIFF_RAN", diff_url="", report_url="")
 
-        # Find manifest files from all paths
-        all_files = []
-        for path in paths:
-            files = self.find_files(path)
-            all_files.extend(files)
+        # Use explicit files if provided, otherwise find manifest files from all paths
+        if explicit_files is not None:
+            all_files = explicit_files
+            log.debug(f"Using {len(all_files)} explicit files instead of discovering files")
+        else:
+            all_files = []
+            for path in paths:
+                files = self.find_files(path)
+                all_files.extend(files)
         
         # Save submitted files list if requested
         if save_files_list_path and all_files:
@@ -1317,8 +1338,9 @@ class Core:
                 url=package.url
             )
 
-            if alert.type in self.config.security_policy:
-                action = self.config.security_policy[alert.type]['action']
+            # Use action from API (from security policy, label policy, triage, etc.)
+            if 'action' in alert_item and alert_item['action']:
+                action = alert_item['action']
                 setattr(issue_alert, action, True)
 
             if issue_alert.key not in alerts_collection:

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/socketsecurity/core/messages.py

@@ -416,7 +416,7 @@ class Messages:
 > **❗️ Caution**  
 > **Review the following alerts detected in dependencies.**  
 >  
-> According to your organization's Security Policy, you **must** resolve all **"Block"** alerts before proceeding. It's recommended to resolve **"Warn"** alerts too.  
+> According to your organization's policies, you **must** resolve all **"Block"** alerts before proceeding. It's recommended to resolve **"Warn"** alerts too.  
 > Learn more about [Socket for GitHub](https://socket.dev?utm_medium=gh).
 
 <!-- start-socket-updated-alerts-table -->
@@ -622,7 +622,7 @@ class Messages:
     @staticmethod
     def create_security_alert_table(diff: Diff, md: MdUtils) -> tuple[MdUtils, list, dict]:
         """
-        Creates the detected issues table based on the Security Policy
+        Creates the detected issues table based on alert actions from the API
         :param diff: Diff - Diff report with the detected issues
         :param md: MdUtils - Main markdown variable
         :return:
@@ -794,7 +794,7 @@ class Messages:
     @staticmethod
     def create_console_security_alert_table(diff: Diff) -> PrettyTable:
         """
-        Creates the detected issues table based on the Security Policy
+        Creates the detected issues table based on alert actions from the API
         :param diff: Diff - Diff report with the detected issues
         :return:
         """

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/socketsecurity/core/socket_config.py

@@ -25,7 +25,6 @@ class SocketConfig:
     org_slug: Optional[str] = None
     full_scan_path: Optional[str] = None
     repository_path: Optional[str] = None
-    security_policy: Dict = None
     repo_visibility: Optional[str] = 'private'
     all_issues: Optional['AllIssues'] = None
     excluded_dirs: Set[str] = field(default_factory=lambda: default_exclude_dirs)
@@ -42,10 +41,6 @@ class SocketConfig:
 
         self._validate_api_url(self.api_url)
 
-        # Initialize empty dict for security policy if None
-        if self.security_policy is None:
-            self.security_policy = {}
-
         # Initialize AllIssues if None
         if self.all_issues is None:
             self.all_issues = AllIssues()
@@ -70,6 +65,3 @@ class SocketConfig:
         self.full_scan_path = f"{base_path}/full-scans"
         self.repository_path = f"{base_path}/repos"
 
-    def update_security_policy(self, policy: Dict) -> None:
-        """Update security policy"""
-        self.security_policy = policy

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/socketsecurity/core/tools/reachability.py

@@ -101,10 +101,11 @@ class ReachabilityAnalyzer:
         additional_params: Optional[List[str]] = None,
         allow_unverified: bool = False,
         enable_debug: bool = False,
+        use_only_pregenerated_sboms: bool = False,
     ) -> Dict[str, Any]:
         """
         Run reachability analysis.
-        
+
         Args:
             org_slug: Socket organization slug
             target_directory: Directory to analyze
@@ -125,7 +126,8 @@ class ReachabilityAnalyzer:
             additional_params: Additional parameters to pass to coana CLI
             allow_unverified: Disable SSL certificate verification (sets NODE_TLS_REJECT_UNAUTHORIZED=0)
             enable_debug: Enable debug mode (passes -d flag to coana CLI)
-            
+            use_only_pregenerated_sboms: Use only pre-generated CDX and SPDX files for the scan
+
         Returns:
             Dict containing scan_id and report_path
         """
@@ -179,7 +181,10 @@ class ReachabilityAnalyzer:
         
         if enable_debug:
             cmd.append("-d")
-        
+
+        if use_only_pregenerated_sboms:
+            cmd.append("--use-only-pregenerated-sboms")
+
         # Add any additional parameters provided by the user
         if additional_params:
             cmd.extend(additional_params)

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/socketsecurity/socketcli.py

@@ -167,6 +167,8 @@ def main_code():
     
     # Variable to track if we need to override files with facts file
     facts_file_to_submit = None
+    # Variable to track SBOM files to submit when using --reach-use-only-pregenerated-sboms
+    sbom_files_to_submit = None
     
     # Git setup
     is_repo = False
@@ -230,12 +232,14 @@ def main_code():
     # Run reachability analysis if enabled
     if config.reach:
         from socketsecurity.core.tools.reachability import ReachabilityAnalyzer
-        
+
         log.info("Starting reachability analysis...")
-        
+
         # Find manifest files in scan paths (excluding .socket.facts.json to avoid circular dependency)
         log.info("Finding manifest files for reachability analysis...")
         manifest_files = []
+
+        # Always find all manifest files for the tar hash upload
         for scan_path in scan_paths:
             scan_manifests = core.find_files(scan_path)
             # Filter out .socket.facts.json files from manifest upload
@@ -289,7 +293,8 @@ def main_code():
                     concurrency=config.reach_concurrency,
                     additional_params=config.reach_additional_params,
                     allow_unverified=config.allow_unverified,
-                    enable_debug=config.enable_debug
+                    enable_debug=config.enable_debug,
+                    use_only_pregenerated_sboms=config.reach_use_only_pregenerated_sboms
                 )
                 
                 log.info(f"Reachability analysis completed successfully")
@@ -301,6 +306,17 @@ def main_code():
                 if config.only_facts_file:
                     facts_file_to_submit = os.path.abspath(output_path)
                     log.info(f"Only-facts-file mode: will submit only {facts_file_to_submit}")
+
+                # If reach-use-only-pregenerated-sboms mode, submit CDX, SPDX, and facts file
+                if config.reach_use_only_pregenerated_sboms:
+                    # Find only CDX and SPDX files for the final scan submission
+                    sbom_files_to_submit = []
+                    for scan_path in scan_paths:
+                        sbom_files_to_submit.extend(core.find_sbom_files(scan_path))
+                    # Use relative path for facts file
+                    if os.path.exists(output_path):
+                        sbom_files_to_submit.append(output_path)
+                    log.info(f"Pre-generated SBOMs mode: will submit {len(sbom_files_to_submit)} files (CDX, SPDX, and facts file)")
                 
             except Exception as e:
                 log.error(f"Reachability analysis failed: {str(e)}")
@@ -331,6 +347,12 @@ def main_code():
         files_explicitly_specified = True
         log.debug(f"Overriding files to only submit facts file: {facts_file_to_submit}")
 
+    # Override files if reach-use-only-pregenerated-sboms mode is active
+    if sbom_files_to_submit:
+        specified_files = sbom_files_to_submit
+        files_explicitly_specified = True
+        log.debug(f"Overriding files to submit only SBOM files (CDX, SPDX, and facts): {sbom_files_to_submit}")
+
     # Determine files to check based on the new logic
     files_to_check = []
     force_api_mode = False
@@ -452,7 +474,7 @@ def main_code():
         log.info("Push initiated flow")
         if scm.check_event_type() == "diff":
             log.info("Starting comment logic for PR/MR event")
-            diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths)
+            diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths, explicit_files=sbom_files_to_submit)
             comments = scm.get_comments_for_pr()
             log.debug("Removing comment alerts")
             
@@ -505,14 +527,14 @@ def main_code():
             )
         else:
             log.info("Starting non-PR/MR flow")
-            diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths)
+            diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths, explicit_files=sbom_files_to_submit)
 
         output_handler.handle_output(diff)
-    
+
     elif config.enable_diff and not force_api_mode:
         # New logic: --enable-diff forces diff mode even with --integration api (no SCM)
         log.info("Diff mode enabled without SCM integration")
-        diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths)
+        diff = core.create_new_diff(scan_paths, params, no_change=should_skip_scan, save_files_list_path=config.save_submitted_files_list, save_manifest_tar_path=config.save_manifest_tar, base_paths=base_paths, explicit_files=sbom_files_to_submit)
         output_handler.handle_output(diff)
     
     elif config.enable_diff and force_api_mode:
@@ -530,12 +552,13 @@ def main_code():
             no_change=should_skip_scan,
             save_files_list_path=config.save_submitted_files_list,
             save_manifest_tar_path=config.save_manifest_tar,
-            base_paths=base_paths
+            base_paths=base_paths,
+            explicit_files=sbom_files_to_submit
         )
         log.info(f"Full scan created with ID: {diff.id}")
         log.info(f"Full scan report URL: {diff.report_url}")
         output_handler.handle_output(diff)
-    
+
     else:
         if force_api_mode:
             log.info("No Manifest files changed, creating Socket Report")
@@ -550,7 +573,8 @@ def main_code():
                 no_change=should_skip_scan,
                 save_files_list_path=config.save_submitted_files_list,
                 save_manifest_tar_path=config.save_manifest_tar,
-                base_paths=base_paths
+                base_paths=base_paths,
+                explicit_files=sbom_files_to_submit
             )
             log.info(f"Full scan created with ID: {diff.id}")
             log.info(f"Full scan report URL: {diff.report_url}")
@@ -561,7 +585,8 @@ def main_code():
                 no_change=should_skip_scan,
                 save_files_list_path=config.save_submitted_files_list,
                 save_manifest_tar_path=config.save_manifest_tar,
-                base_paths=base_paths
+                base_paths=base_paths,
+                explicit_files=sbom_files_to_submit
             )
             output_handler.handle_output(diff)
 

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/tests/core/conftest.py

@@ -10,7 +10,6 @@ from socketdev.fullscans import (
     StreamDiffResponse,
 )
 from socketdev.repos import GetRepoResponse
-from socketdev.settings import OrgSecurityPolicyResponse
 
 
 @pytest.fixture
@@ -88,14 +87,7 @@ def stream_diff_response(data_dir, load_json):
     })
 
 
-@pytest.fixture
-def security_policy(data_dir, load_json):
-    json_data = load_json(data_dir / "settings" / "security-policy.json")
-    return OrgSecurityPolicyResponse.from_dict({
-        "success": json_data["success"],
-        "status": json_data["status"],
-        "securityPolicyRules": json_data["securityPolicyRules"]
-    })
+
 
 
 @pytest.fixture
@@ -146,13 +138,11 @@ def mock_sdk_with_responses(
     new_scan_metadata,
     new_scan_stream,
     stream_diff_response,
-    security_policy,
     create_full_scan_response,
 ):
     sdk = mock_socket_sdk.return_value
 
     # Simple returns
-    sdk.settings.get.return_value = security_policy
     sdk.fullscans.post.return_value = create_full_scan_response
 
     # Argument-based returns

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/tests/core/test_package_and_alerts.py

@@ -33,11 +33,10 @@ class TestPackageAndAlerts:
             }
         })
         
-        # Set up settings.get() to return empty security policy
+        # Set up settings.get() to return empty response
         mock.settings = Mock()
         settings_response = Mock()
         settings_response.success = True
-        settings_response.security_policy = {}
         mock.settings.get = Mock(return_value=settings_response)
         
         return mock
@@ -48,7 +47,6 @@ class TestPackageAndAlerts:
             api_key="test-key",
             allow_unverified_ssl=False
         )
-        config.security_policy = {}  # Initialize with empty dict
         return config
     
     @pytest.fixture
@@ -135,34 +133,7 @@ class TestPackageAndAlerts:
         assert alert.type == "networkAccess"
         assert alert.severity == "high"
 
-    def test_add_package_alerts_with_security_policy(self, core):
-        """Test alerts are properly tagged based on security policy"""
-        # Mock security policy in config
-        core.config.security_policy = {
-            "networkAccess": {"action": "error"}
-        }
-        
-        package = Package(
-            id="pkg:npm/test@1.0.0",
-            name="test",
-            version="1.0.0",
-            type="npm",
-            alerts=[{
-                "type": "networkAccess",
-                "key": "test-alert",
-                "severity": "high"
-            }],
-            topLevelAncestors=[]
-        )
-        
-        alerts_collection = {}
-        packages = {package.id: package}
-        
-        result = core.add_package_alerts_to_collection(package, alerts_collection, packages)
-        
-        assert len(result) == 1
-        alert = result["test-alert"][0]
-        assert alert.error is True
+
 
     def test_get_capabilities_for_added_packages(self, core):
         """Test capability extraction from package alerts"""

{socketsecurity-2.2.40 → socketsecurity-2.2.51}/tests/unit/test_config.py

@@ -7,13 +7,12 @@ def test_config_default_values():
 
     assert config.api_key == "test_key"
     assert config.api_url == "https://api.socket.dev/v0"
-    assert config.timeout == 30
+    assert config.timeout == 1200
     assert config.allow_unverified_ssl is False
     assert config.org_id is None
     assert config.org_slug is None
     assert config.full_scan_path is None
     assert config.repository_path is None
-    assert config.security_policy == {}
 
 def test_config_custom_values():
     """Test that config accepts custom values"""
@@ -67,14 +66,4 @@ def test_config_update_org_details():
     assert config.full_scan_path == "orgs/test-org/full-scans"
     assert config.repository_path == "orgs/test-org/repos"
 
-def test_config_update_security_policy():
-    """Test updating security policy"""
-    config = SocketConfig(api_key="test_key")
-
-    test_policy = {
-        "rule1": {"action": "block"},
-        "rule2": {"action": "warn"}
-    }
 
-    config.security_policy = test_policy
-    assert config.security_policy == test_policy