socketsecurity 2.2.59__tar.gz → 2.2.60__tar.gz

{socketsecurity-2.2.59 → socketsecurity-2.2.60}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: socketsecurity
-Version: 2.2.59
+Version: 2.2.60
 Summary: Socket Security CLI for CI/CD
 Project-URL: Homepage, https://socket.dev
 Author-email: Douglas Coburn <douglas@socket.dev>
@@ -35,12 +35,13 @@ Classifier: Programming Language :: Python :: 3.12
 Requires-Python: >=3.10
 Requires-Dist: bs4>=0.0.2
 Requires-Dist: gitpython
+Requires-Dist: markdown>=3.10
 Requires-Dist: mdutils
 Requires-Dist: packaging
 Requires-Dist: prettytable
 Requires-Dist: python-dotenv
 Requires-Dist: requests
-Requires-Dist: socketdev<4.0.0,>=3.0.22
+Requires-Dist: socketdev<4.0.0,>=3.0.25
 Provides-Extra: dev
 Requires-Dist: hatch; extra == 'dev'
 Requires-Dist: pre-commit; extra == 'dev'
@@ -158,14 +159,14 @@ socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--repo-is-public] [--branc
           [--only-facts-file] [--version]
 ````
 
-If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
+If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_TOKEN`
 
 ### Parameters
 
 #### Authentication
-| Parameter   | Required | Default | Description                                                                     |
-|:------------|:---------|:--------|:--------------------------------------------------------------------------------|
-| --api-token | False    |         | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) |
+| Parameter   | Required | Default | Description                                                                       |
+|:------------|:---------|:--------|:----------------------------------------------------------------------------------|
+| --api-token | False    |         | Socket Security API token (can also be set via SOCKET_SECURITY_API_TOKEN env var) |
 
 #### Repository
 | Parameter        | Required | Default | Description                                                             |
@@ -278,15 +279,43 @@ Example `SOCKET_JIRA_CONFIG_JSON` value
 
 | Environment Variable     | Required | Default | Description                        |
 |:-------------------------|:---------|:--------|:-----------------------------------|
-| SOCKET_SLACK_ENABLED     | False    | false   | Enables/Disables the Slack Plugin  |
-| SOCKET_SLACK_CONFIG_JSON | True     | None    | Required if the Plugin is enabled. |
+| SOCKET_SLACK_CONFIG_JSON | False    | None    | Slack webhook configuration (enables plugin when set). Alternatively, use --slack-webhook CLI flag. |
 
-Example `SOCKET_SLACK_CONFIG_JSON` value
+Example `SOCKET_SLACK_CONFIG_JSON` value (simple webhook):
 
 ````json
 {"url": "https://REPLACE_ME_WEBHOOK"}
 ````
 
+Example with advanced filtering (reachability-only alerts):
+
+````json
+{
+  "url": [
+    {
+      "name": "prod_alerts",
+      "url": "https://hooks.slack.com/services/YOUR/WEBHOOK/URL"
+    }
+  ],
+  "url_configs": {
+    "prod_alerts": {
+      "reachability_alerts_only": true,
+      "always_send_reachability": true
+    }
+  }
+}
+````
+
+**Advanced Configuration Options:**
+
+The `url_configs` object allows per-webhook filtering:
+
+- `reachability_alerts_only` (boolean, default: false): When `--reach` is enabled, only send blocking alerts (error=true) from diff scans
+- `always_send_reachability` (boolean, default: true): Send reachability alerts even on non-diff scans when `--reach` is enabled. Set to false to only send reachability alerts when there are diff alerts.
+- `repos` (array): Only send alerts for specific repositories (e.g., `["owner/repo1", "owner/repo2"]`)
+- `alert_types` (array): Only send specific alert types (e.g., `["malware", "typosquat"]`)
+- `severities` (array): Only send alerts with specific severities (e.g., `["high", "critical"]`)
+
 ## Automatic Git Detection
 
 The CLI now automatically detects repository information from your git environment, significantly simplifying usage in CI/CD pipelines:
@@ -547,7 +576,8 @@ Implementation targets:
 ### Environment Variables
 
 #### Core Configuration
-- `SOCKET_SECURITY_API_KEY`: Socket Security API token (alternative to --api-token parameter)
+- `SOCKET_SECURITY_API_TOKEN`: Socket Security API token (alternative to --api-token parameter)
+  - For backwards compatibility, also accepts: `SOCKET_SECURITY_API_KEY`, `SOCKET_API_KEY`, `SOCKET_API_TOKEN`
 - `SOCKET_SDK_PATH`: Path to local socketdev repository (default: ../socketdev)
 
 #### GitLab Integration

{socketsecurity-2.2.59 → socketsecurity-2.2.60}/README.md

@@ -101,14 +101,14 @@ socketcli [-h] [--api-token API_TOKEN] [--repo REPO] [--repo-is-public] [--branc
           [--only-facts-file] [--version]
 ````
 
-If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_KEY`
+If you don't want to provide the Socket API Token every time then you can use the environment variable `SOCKET_SECURITY_API_TOKEN`
 
 ### Parameters
 
 #### Authentication
-| Parameter   | Required | Default | Description                                                                     |
-|:------------|:---------|:--------|:--------------------------------------------------------------------------------|
-| --api-token | False    |         | Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var) |
+| Parameter   | Required | Default | Description                                                                       |
+|:------------|:---------|:--------|:----------------------------------------------------------------------------------|
+| --api-token | False    |         | Socket Security API token (can also be set via SOCKET_SECURITY_API_TOKEN env var) |
 
 #### Repository
 | Parameter        | Required | Default | Description                                                             |
@@ -221,15 +221,43 @@ Example `SOCKET_JIRA_CONFIG_JSON` value
 
 | Environment Variable     | Required | Default | Description                        |
 |:-------------------------|:---------|:--------|:-----------------------------------|
-| SOCKET_SLACK_ENABLED     | False    | false   | Enables/Disables the Slack Plugin  |
-| SOCKET_SLACK_CONFIG_JSON | True     | None    | Required if the Plugin is enabled. |
+| SOCKET_SLACK_CONFIG_JSON | False    | None    | Slack webhook configuration (enables plugin when set). Alternatively, use --slack-webhook CLI flag. |
 
-Example `SOCKET_SLACK_CONFIG_JSON` value
+Example `SOCKET_SLACK_CONFIG_JSON` value (simple webhook):
 
 ````json
 {"url": "https://REPLACE_ME_WEBHOOK"}
 ````
 
+Example with advanced filtering (reachability-only alerts):
+
+````json
+{
+  "url": [
+    {
+      "name": "prod_alerts",
+      "url": "https://hooks.slack.com/services/YOUR/WEBHOOK/URL"
+    }
+  ],
+  "url_configs": {
+    "prod_alerts": {
+      "reachability_alerts_only": true,
+      "always_send_reachability": true
+    }
+  }
+}
+````
+
+**Advanced Configuration Options:**
+
+The `url_configs` object allows per-webhook filtering:
+
+- `reachability_alerts_only` (boolean, default: false): When `--reach` is enabled, only send blocking alerts (error=true) from diff scans
+- `always_send_reachability` (boolean, default: true): Send reachability alerts even on non-diff scans when `--reach` is enabled. Set to false to only send reachability alerts when there are diff alerts.
+- `repos` (array): Only send alerts for specific repositories (e.g., `["owner/repo1", "owner/repo2"]`)
+- `alert_types` (array): Only send specific alert types (e.g., `["malware", "typosquat"]`)
+- `severities` (array): Only send alerts with specific severities (e.g., `["high", "critical"]`)
+
 ## Automatic Git Detection
 
 The CLI now automatically detects repository information from your git environment, significantly simplifying usage in CI/CD pipelines:
@@ -490,7 +518,8 @@ Implementation targets:
 ### Environment Variables
 
 #### Core Configuration
-- `SOCKET_SECURITY_API_KEY`: Socket Security API token (alternative to --api-token parameter)
+- `SOCKET_SECURITY_API_TOKEN`: Socket Security API token (alternative to --api-token parameter)
+  - For backwards compatibility, also accepts: `SOCKET_SECURITY_API_KEY`, `SOCKET_API_KEY`, `SOCKET_API_TOKEN`
 - `SOCKET_SDK_PATH`: Path to local socketdev repository (default: ../socketdev)
 
 #### GitLab Integration

{socketsecurity-2.2.59 → socketsecurity-2.2.60}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.2.59"
+version = "2.2.60"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [
@@ -16,8 +16,9 @@ dependencies = [
     'GitPython',
     'packaging',
     'python-dotenv',
-    'socketdev>=3.0.22,<4.0.0',
+    "socketdev>=3.0.25,<4.0.0",
     "bs4>=0.0.2",
+    "markdown>=3.10",
 ]
 readme = "README.md"
 description = "Socket Security CLI for CI/CD"

{socketsecurity-2.2.59 → socketsecurity-2.2.60}/socketsecurity/__init__.py

@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.59'
+__version__ = '2.2.60'
 USER_AGENT = f'SocketPythonCLI/{__version__}'

{socketsecurity-2.2.59 → socketsecurity-2.2.60}/socketsecurity/config.py

@@ -57,6 +57,7 @@ class CliConfig:
     version: str = __version__
     jira_plugin: PluginConfig = field(default_factory=PluginConfig)
     slack_plugin: PluginConfig = field(default_factory=PluginConfig)
+    slack_webhook: Optional[str] = None
     license_file_name: str = "license_output.json"
     save_submitted_files_list: Optional[str] = None
     save_manifest_tar: Optional[str] = None
@@ -85,8 +86,14 @@ class CliConfig:
         parser = create_argument_parser()
         args = parser.parse_args(args_list)
 
-        # Get API token from env or args
-        api_token = os.getenv("SOCKET_SECURITY_API_KEY") or args.api_token
+        # Get API token from env or args (check multiple env var names)
+        api_token = (
+            os.getenv("SOCKET_SECURITY_API_KEY") or
+            os.getenv("SOCKET_SECURITY_API_TOKEN") or
+            os.getenv("SOCKET_API_KEY") or
+            os.getenv("SOCKET_API_TOKEN") or
+            args.api_token
+        )
 
         # Strip quotes from commit message if present
         commit_message = args.commit_message
@@ -128,6 +135,7 @@ class CliConfig:
             'save_manifest_tar': args.save_manifest_tar,
             'sub_paths': args.sub_paths or [],
             'workspace_name': args.workspace_name,
+            'slack_webhook': args.slack_webhook,
             'reach': args.reach,
             'reach_version': args.reach_version,
             'reach_analysis_timeout': args.reach_analysis_timeout,
@@ -151,6 +159,11 @@ class CliConfig:
         except json.JSONDecodeError:
             logging.error(f"Unable to parse excluded_ecosystems: {config_args['excluded_ecosystems']}")
             exit(1)
+        # Build Slack plugin config, merging CLI arg with env config
+        slack_config = get_plugin_config_from_env("SOCKET_SLACK")
+        if args.slack_webhook:
+            slack_config["url"] = args.slack_webhook
+            
         config_args.update({
             "jira_plugin": PluginConfig(
                 enabled=os.getenv("SOCKET_JIRA_ENABLED", "false").lower() == "true",
@@ -158,9 +171,9 @@ class CliConfig:
                 config=get_plugin_config_from_env("SOCKET_JIRA")
             ),
             "slack_plugin": PluginConfig(
-                enabled=os.getenv("SOCKET_SLACK_ENABLED", "false").lower() == "true",
+                enabled=bool(slack_config) or bool(args.slack_webhook),
                 levels=os.getenv("SOCKET_SLACK_LEVELS", "block,warn").split(","),
-                config=get_plugin_config_from_env("SOCKET_SLACK")
+                config=slack_config
             )
         })
 
@@ -212,7 +225,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
         "--api-token",
         dest="api_token",
         metavar="<token>",
-        help="Socket Security API token (can also be set via SOCKET_SECURITY_API_KEY env var)",
+        help="Socket Security API token (can also be set via SOCKET_SECURITY_API_TOKEN env var)",
         required=False
     )
     auth_group.add_argument(
@@ -475,6 +488,15 @@ def create_argument_parser() -> argparse.ArgumentParser:
         help=argparse.SUPPRESS
     )
 
+    # Plugin Configuration
+    plugin_group = parser.add_argument_group('Plugin Configuration')
+    plugin_group.add_argument(
+        "--slack-webhook",
+        dest="slack_webhook",
+        metavar="<url>",
+        help="Slack webhook URL for notifications (automatically enables Slack plugin)"
+    )
+
     # Advanced Configuration
     advanced_group = parser.add_argument_group('Advanced Configuration')
     advanced_group.add_argument(

socketsecurity-2.2.60/socketsecurity/core/helper/socket_facts_loader.py

@@ -0,0 +1,387 @@
+"""Helper module for loading and processing .socket.facts.json files."""
+
+import json
+import logging
+from pathlib import Path
+from typing import Dict, Any, Optional, List
+from copy import deepcopy
+
+logger = logging.getLogger(__name__)
+
+
+def load_socket_facts(file_path: str = ".socket.facts.json") -> Optional[Dict[str, Any]]:
+    """
+    Load a .socket.facts.json file into a dictionary.
+    
+    The .socket.facts.json file is generated by the Socket CLI reachability analysis
+    and contains component dependency information, vulnerability data, and 
+    reachability analysis results.
+    
+    Args:
+        file_path: Path to the .socket.facts.json file. Defaults to ".socket.facts.json"
+                  in the current directory.
+    
+    Returns:
+        Dict containing the parsed JSON data with keys like:
+        - components: List of dependency components with vulnerabilities and reachability info
+        - tier1ReachabilityScanId: The scan ID for this reachability analysis
+        
+        Returns None if the file doesn't exist or cannot be parsed.
+    
+    Example structure:
+        {
+            "components": [
+                {
+                    "id": "12345",
+                    "type": "npm",
+                    "name": "package-name",
+                    "version": "1.0.0",
+                    "namespace": "@scope",
+                    "direct": false,
+                    "dev": true,
+                    "vulnerabilities": [...],
+                    "reachability": [...],
+                    ...
+                }
+            ],
+            "tier1ReachabilityScanId": "scan-id-here"
+        }
+    """
+    facts_path = Path(file_path)
+    
+    if not facts_path.exists():
+        logger.warning(f"Socket facts file not found: {file_path}")
+        return None
+    
+    try:
+        with facts_path.open('r', encoding='utf-8') as f:
+            data = json.load(f)
+        
+        logger.debug(f"Successfully loaded socket facts from {file_path}")
+        
+        # Validate expected structure
+        if not isinstance(data, dict):
+            logger.warning(f"Socket facts file has unexpected format: expected dict, got {type(data)}")
+            return None
+        
+        if 'components' not in data:
+            logger.warning(f"Socket facts file missing 'components' key")
+        
+        return data
+    
+    except json.JSONDecodeError as e:
+        logger.error(f"Failed to parse JSON from {file_path}: {e}")
+        return None
+    except IOError as e:
+        logger.error(f"Failed to read {file_path}: {e}")
+        return None
+    except Exception as e:
+        logger.error(f"Unexpected error loading socket facts from {file_path}: {e}")
+        return None
+
+
+def get_components_with_vulnerabilities(facts_data: Dict[str, Any]) -> list:
+    """
+    Extract components that have vulnerabilities from socket facts data.
+    
+    Note: The .socket.facts.json file contains 'vulnerabilities' and 'reachability'
+    data separately. This function returns components that have vulnerabilities defined.
+    
+    Args:
+        facts_data: Dictionary loaded from .socket.facts.json
+    
+    Returns:
+        List of component dictionaries that have vulnerabilities
+    """
+    if not facts_data or 'components' not in facts_data:
+        return []
+    
+    components = facts_data.get('components', [])
+    components_with_vulns = [
+        comp for comp in components 
+        if comp.get('vulnerabilities') and len(comp.get('vulnerabilities', [])) > 0
+    ]
+    
+    return components_with_vulns
+
+
+def get_scan_id(facts_data: Dict[str, Any]) -> Optional[str]:
+    """
+    Extract the tier1ReachabilityScanId from socket facts data.
+    
+    Args:
+        facts_data: Dictionary loaded from .socket.facts.json
+    
+    Returns:
+        The scan ID string if present, None otherwise
+    """
+    if not facts_data:
+        return None
+    
+    scan_id = facts_data.get('tier1ReachabilityScanId')
+    return scan_id.strip() if scan_id else None
+
+
+def _make_purl(component: Dict[str, Any]) -> str:
+    """Construct a package URL (purl) from a component entry."""
+    pkg_type = component.get('type', '')
+    namespace = component.get('namespace', '')
+    name = component.get('name') or component.get('id', '')
+    version = component.get('version', '')
+    
+    if not name:
+        return ''
+    
+    if namespace:
+        # Percent-encode @ in namespace for purl spec compliance
+        ns_encoded = namespace.replace('@', '%40')
+        purl = f"pkg:{pkg_type}/{ns_encoded}/{name}"
+    else:
+        purl = f"pkg:{pkg_type}/{name}"
+    
+    if version:
+        purl = f"{purl}@{version}"
+    
+    return purl
+
+
+def _determine_reachability(vulnerability: Dict[str, Any], component: Dict[str, Any]) -> Dict[str, Any]:
+    """
+    Determine the reachability state for a vulnerability on a component.
+    
+    Args:
+        vulnerability: Vulnerability dict from component's vulnerabilities array
+        component: Component dict containing reachability data
+    
+    Returns:
+        Dict with keys:
+        - type: 'reachable', 'unreachable', 'unknown', 'error', or 'not_applicable'
+        - undeterminableReachability: bool
+        - trace: list of formatted trace strings
+    """
+    result = {
+        'type': 'unknown',
+        'undeterminableReachability': False,
+        'trace': []
+    }
+    
+    vuln_id = vulnerability.get('ghsaId') or vulnerability.get('cveId')
+    if not vuln_id:
+        return result
+    
+    # Check for undeterminable reachability in the vulnerability data
+    reach_data = vulnerability.get('reachabilityData') or {}
+    if reach_data.get('undeterminableReachability'):
+        result['undeterminableReachability'] = True
+        result['type'] = 'unknown'
+    
+    # Find matching reachability entry in component
+    reachability_list = component.get('reachability', [])
+    matched_reach = None
+    
+    for reach_entry in reachability_list:
+        if reach_entry.get('ghsa_id') == vuln_id:
+            matched_reach = reach_entry
+            break
+    
+    if not matched_reach:
+        # No reachability data found for this vulnerability
+        if result['undeterminableReachability']:
+            return result
+        # Check if this vulnerability applies to this component version
+        if 'reachabilityData' in vulnerability:
+            # Has reachability data structure but no match - might not apply
+            result['type'] = 'not_applicable'
+        return result
+    
+    # Process reachability matches
+    reach_items = matched_reach.get('reachability', [])
+    if not reach_items:
+        return result
+    
+    # Take the first reachability entry (usually most relevant)
+    reach_info = reach_items[0]
+    reach_type = reach_info.get('type', 'unknown')
+    result['type'] = reach_type
+    
+    # Build trace for reachable vulnerabilities
+    if reach_type == 'reachable':
+        matches = reach_info.get('matches', [])
+        for match_group in matches:
+            if not match_group:
+                continue
+            
+            for i, frame in enumerate(match_group):
+                pkg = frame.get('package', '')
+                src_loc = frame.get('sourceLocation', {})
+                filename = src_loc.get('filename', '')
+                start = src_loc.get('start', {})
+                line = start.get('line')
+                col = start.get('column')
+                end = src_loc.get('end', {})
+                end_line = end.get('line')
+                end_col = end.get('column')
+                
+                if i == 0:
+                    # First frame - use filename as primary
+                    if filename:
+                        loc = filename
+                        if line is not None:
+                            if end_line is not None and end_line != line:
+                                loc = f"{filename} {line}:{col if col else ''}-{end_line}:{end_col if end_col else ''}"
+                            else:
+                                loc = f"{filename} {line}:{col if col else ''}"
+                        result['trace'].append(loc)
+                else:
+                    # Subsequent frames - show package/module reference
+                    if pkg or filename:
+                        entry = pkg if pkg else filename
+                        if line is not None:
+                            entry = f"  -> {entry} {line}:{col if col else ''}"
+                        else:
+                            entry = f"  -> {entry}"
+                        result['trace'].append(entry)
+        
+        # Add final line showing the vulnerable component
+        comp_name = component.get('name') or component.get('id')
+        comp_ver = component.get('version')
+        if comp_name:
+            final_line = f"  -> {comp_name}@{comp_ver}" if comp_ver else f"  -> {comp_name}"
+            result['trace'].append(final_line)
+    
+    return result
+
+
+def convert_to_alerts(components: List[Dict[str, Any]]) -> List[Dict[str, Any]]:
+    """
+    Convert components with vulnerabilities into components with alerts.
+    
+    This function processes the raw .socket.facts.json format (with 'vulnerabilities' 
+    and 'reachability' arrays) and converts them into an 'alerts' format suitable 
+    for formatters and notifications.
+    
+    Args:
+        components: List of component dicts from .socket.facts.json
+    
+    Returns:
+        List of component dicts with 'alerts' field added (original components unchanged)
+    """
+    components_with_alerts = []
+    
+    for comp in components:
+        vulns = comp.get('vulnerabilities', [])
+        if not vulns:
+            continue
+        
+        alerts = []
+        for vuln in vulns:
+            vuln_id = vuln.get('ghsaId') or vuln.get('cveId') or 'Unknown'
+            
+            # Extract severity
+            sev_val = vuln.get('severity', '')
+            severity = 'unknown'
+            
+            # Handle both numeric and string severities
+            try:
+                if isinstance(sev_val, (int, float)):
+                    score = float(sev_val)
+                    if score >= 9.0:
+                        severity = 'critical'
+                    elif score >= 7.0:
+                        severity = 'high'
+                    elif score >= 4.0:
+                        severity = 'medium'
+                    else:
+                        severity = 'low'
+                elif isinstance(sev_val, str):
+                    # Try to parse as number first
+                    if sev_val.replace('.', '', 1).isdigit():
+                        score = float(sev_val)
+                        if score >= 9.0:
+                            severity = 'critical'
+                        elif score >= 7.0:
+                            severity = 'high'
+                        elif score >= 4.0:
+                            severity = 'medium'
+                        else:
+                            severity = 'low'
+                    else:
+                        # Use as-is if it's a string severity
+                        severity = sev_val.lower()
+            except (ValueError, TypeError):
+                severity = 'unknown'
+            
+            # Determine reachability
+            reach_info = _determine_reachability(vuln, comp)
+            
+            # Skip vulnerabilities that don't apply to this component version
+            if reach_info.get('type') == 'not_applicable':
+                continue
+            
+            # Build alert
+            purl = _make_purl(comp)
+            trace_str = '\n'.join(reach_info.get('trace', []))
+            reach_type = reach_info.get('type', 'unknown')
+            
+            # Map reachability to severity (reachable = critical, unknown/error = high, unreachable = low)
+            final_severity = severity
+            if reach_type == 'reachable':
+                final_severity = 'critical'
+            elif reach_type in ('unknown', 'error') or reach_info.get('undeterminableReachability'):
+                final_severity = 'high'
+            elif reach_type == 'unreachable':
+                final_severity = 'low'
+            
+            alert = {
+                'title': vuln_id,
+                'severity': final_severity,
+                'type': 'vulnerability',
+                'category': 'vulnerability',
+                'props': {
+                    'cveId': vuln.get('cveId'),
+                    'ghsaId': vuln.get('ghsaId'),
+                    'range': vuln.get('range'),
+                    'purl': purl,
+                    'reachability': reach_type,
+                    'undeterminableReachability': reach_info.get('undeterminableReachability', False),
+                    'trace': trace_str,
+                    'severity': final_severity,
+                    'original_severity': severity,
+                }
+            }
+            alerts.append(alert)
+        
+        if alerts:
+            # Create a copy with alerts added
+            comp_with_alerts = deepcopy(comp)
+            comp_with_alerts['alerts'] = alerts
+            components_with_alerts.append(comp_with_alerts)
+    
+    return components_with_alerts
+
+
+def get_component_count(facts_data: Dict[str, Any]) -> Dict[str, int]:
+    """
+    Get statistics about components in the socket facts data.
+    
+    Args:
+        facts_data: Dictionary loaded from .socket.facts.json
+    
+    Returns:
+        Dictionary with counts:
+        - total: Total number of components
+        - with_vulnerabilities: Components with vulnerabilities
+        - direct: Direct dependencies
+        - dev: Development dependencies
+    """
+    if not facts_data or 'components' not in facts_data:
+        return {'total': 0, 'with_vulnerabilities': 0, 'direct': 0, 'dev': 0}
+    
+    components = facts_data.get('components', [])
+    
+    return {
+        'total': len(components),
+        'with_vulnerabilities': len([c for c in components if c.get('vulnerabilities')]),
+        'direct': len([c for c in components if c.get('direct')]),
+        'dev': len([c for c in components if c.get('dev')])
+    }

socketsecurity-2.2.60/socketsecurity/plugins/formatters/__init__.py

@@ -0,0 +1,5 @@
+"""Formatters for Socket security data output."""
+
+from .slack import format_socket_facts_for_slack
+
+__all__ = ['format_socket_facts_for_slack']