PyPI - socketsecurity - Versions diffs - 2.2.5__tar.gz → 2.2.7__tar.gz - Mend

socketsecurity 2.2.5tar.gz → 2.2.7tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (85) hide show

{socketsecurity-2.2.5 → socketsecurity-2.2.7}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: socketsecurity
-Version: 2.2.5
+Version: 2.2.7
 Summary: Socket Security CLI for CI/CD
 Project-URL: Homepage, https://socket.dev
 Author-email: Douglas Coburn <douglas@socket.dev>

{socketsecurity-2.2.5 → socketsecurity-2.2.7}/pyproject.toml RENAMED Viewed

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 [project]
 name = "socketsecurity"
-version = "2.2.5"
+version = "2.2.7"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [
@@ -52,6 +52,7 @@ dev = [
 [project.scripts]
 socketcli = "socketsecurity.socketcli:cli"
+socketclidev = "socketsecurity.socketcli:cli"
 [project.urls]
 Homepage = "https://socket.dev"

{socketsecurity-2.2.5 → socketsecurity-2.2.7}/socketsecurity/__init__.py RENAMED Viewed

@@ -1,2 +1,2 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.5'
+__version__ = '2.2.7'

{socketsecurity-2.2.5 → socketsecurity-2.2.7}/socketsecurity/core/git_interface.py RENAMED Viewed

@@ -218,8 +218,21 @@ class Git:
                     log.debug(f"Failed to get changed files via git diff (Bitbucket): {error}")
         # Fallback to git show for single commit
         if not detected:
-            self.show_files = self.repo.git.show(self.commit, name_only=True, format="%n").splitlines()
-            log.debug(f"Changed files detected via git show: {self.show_files}")
+            # Check if this is a merge commit first
+            if self._is_merge_commit():
+                # For merge commits, use git diff with parent
+                if self._detect_merge_commit_changes():
+                    detected = True
+                else:
+                    # Fallback to git show if merge detection fails
+                    self.show_files = self.repo.git.show(self.commit, name_only=True, format="%n").splitlines()
+                    log.debug(f"Changed files detected via git show (merge commit fallback): {self.show_files}")
+                    detected = True
+            else:
+                # Regular single commit
+                self.show_files = self.repo.git.show(self.commit, name_only=True, format="%n").splitlines()
+                log.debug(f"Changed files detected via git show: {self.show_files}")
+                detected = True
         self.changed_files = []
         for item in self.show_files:
             if item != "":
@@ -380,6 +393,69 @@ class Git:
         log.debug("Using fallback committer: unknown")
         return "unknown"
+    def _is_merge_commit(self) -> bool:
+        """
+        Check if the current commit is a merge commit.
+        Returns:
+            True if this is a merge commit (has multiple parents), False otherwise
+        """
+        try:
+            # A merge commit has multiple parents
+            is_merge = len(self.commit.parents) > 1
+            log.debug(f"Commit {self.commit.hexsha[:8]} has {len(self.commit.parents)} parents, is_merge: {is_merge}")
+            return is_merge
+        except Exception as error:
+            log.debug(f"Error checking if commit is merge commit: {error}")
+            return False
+    def _detect_merge_commit_changes(self) -> bool:
+        """
+        Detect changed files in a merge commit using git diff with parent.
+        This method handles the case where git show --name-only doesn't work
+        for merge commits (expected Git behavior).
+        Returns:
+            True if detection was successful, False otherwise
+        """
+        try:
+            if not self._is_merge_commit():
+                log.debug("Not a merge commit, skipping merge commit detection")
+                return False
+            # For merge commits, we need to diff against a parent
+            # We'll use the first parent (typically the target branch)
+            if not self.commit.parents:
+                log.debug("Merge commit has no parents - cannot perform merge-aware diff")
+                return False
+            parent_commit = self.commit.parents[0]
+            # Verify parent commit is accessible
+            try:
+                parent_sha = parent_commit.hexsha
+                # Quick validation that parent exists
+                self.repo.commit(parent_sha)
+            except Exception as parent_error:
+                log.error(f"Cannot resolve parent commit {parent_sha}: {parent_error}")
+                return False
+            # Use git diff to show changes from parent to merge commit
+            diff_range = f'{parent_sha}..{self.commit.hexsha}'
+            log.debug(f"Attempting merge commit diff: git diff --name-only {diff_range}")
+            diff_files = self.repo.git.diff('--name-only', diff_range)
+            self.show_files = diff_files.splitlines()
+            log.debug(f"Changed files detected via git diff (merge commit): {self.show_files}")
+            log.info(f"Changed file detection: method=merge-diff, source=merge-commit-fallback, files={len(self.show_files)}")
+            return True
+        except Exception as error:
+            log.debug(f"Failed to detect merge commit changes: {error}")
+            return False
     def get_default_branch_name(self) -> str:
         """
         Get the default branch name from the remote origin.

{socketsecurity-2.2.5 → socketsecurity-2.2.7}/socketsecurity/output.py RENAMED Viewed

@@ -34,6 +34,22 @@ class OutputHandler:
             plugin_mgr = PluginManager({"jira": jira_config})
             plugin_mgr.send(diff_report, config=self.config)
+        # Debug Slack webhook configuration when debug is enabled (always show when debug is on)
+        if self.config.enable_debug:
+            import os
+            slack_enabled_env = os.getenv("SOCKET_SLACK_ENABLED", "Not set")
+            slack_config_env = os.getenv("SOCKET_SLACK_CONFIG_JSON", "Not set")
+            slack_url = "Not configured"
+            if self.config.slack_plugin.config and self.config.slack_plugin.config.get("url"):
+                slack_url = self.config.slack_plugin.config.get("url")
+            self.logger.debug("=== Slack Webhook Debug Information ===")
+            self.logger.debug(f"Slack Plugin Enabled: {self.config.slack_plugin.enabled}")
+            self.logger.debug(f"SOCKET_SLACK_ENABLED environment variable: {slack_enabled_env}")
+            self.logger.debug(f"SOCKET_SLACK_CONFIG_JSON environment variable: {slack_config_env}")
+            self.logger.debug(f"Slack Webhook URL: {slack_url}")
+            self.logger.debug(f"Slack Alert Levels: {self.config.slack_plugin.levels}")
+            self.logger.debug("=====================================")
         if self.config.slack_plugin.enabled:
             slack_config = {
                 "enabled": self.config.slack_plugin.enabled,

{socketsecurity-2.2.5 → socketsecurity-2.2.7}/socketsecurity/plugins/slack.py RENAMED Viewed

@@ -15,9 +15,13 @@ class SlackPlugin(Plugin):
     def send(self, diff, config: CliConfig):
         if not self.config.get("enabled", False):
+            if config.enable_debug:
+                logger.debug("Slack plugin is disabled - skipping webhook notification")
             return
         if not self.config.get("url"):
             logger.warning("Slack webhook URL not configured.")
+            if config.enable_debug:
+                logger.debug("Slack webhook URL is missing from configuration")
             return
         else:
             url = self.config.get("url")
@@ -31,6 +35,12 @@ class SlackPlugin(Plugin):
         message = self.create_slack_blocks_from_diff(diff, config)
         logger.debug(f"Sending message to {url}")
+        if config.enable_debug:
+            logger.debug(f"Slack webhook URL: {url}")
+            logger.debug(f"Number of alerts to send: {len(diff.new_alerts)}")
+            logger.debug(f"Message blocks count: {len(message)}")
         response = requests.post(
             url,
             json={"blocks": message}
@@ -38,6 +48,8 @@ class SlackPlugin(Plugin):
         if response.status_code >= 400:
             logger.error("Slack error %s: %s", response.status_code, response.text)
+        elif config.enable_debug:
+            logger.debug(f"Slack webhook response: {response.status_code}")
     @staticmethod
     def create_slack_blocks_from_diff(diff: Diff, config: CliConfig):