PyPI - socketsecurity - Versions diffs - 2.2.83__tar.gz → 2.2.86__tar.gz - Mend

socketsecurity 2.2.83tar.gz → 2.2.86tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (125) hide show

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: socketsecurity
-Version: 2.2.83
+Version: 2.2.86
 Summary: Socket Security CLI for CI/CD
 Project-URL: Homepage, https://socket.dev
 Author-email: Douglas Coburn <douglas@socket.dev>
@@ -41,7 +41,7 @@ Requires-Dist: packaging
 Requires-Dist: prettytable
 Requires-Dist: python-dotenv
 Requires-Dist: requests
-Requires-Dist: socketdev<4.0.0,>=3.0.32
+Requires-Dist: socketdev<4.0.0,>=3.0.33
 Provides-Extra: dev
 Requires-Dist: hatch; extra == 'dev'
 Requires-Dist: pre-commit; extra == 'dev'

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/pyproject.toml RENAMED Viewed

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 [project]
 name = "socketsecurity"
-version = "2.2.83"
+version = "2.2.86"
 requires-python = ">= 3.11"
 license = {"file" = "LICENSE"}
 dependencies = [
@@ -16,7 +16,7 @@ dependencies = [
     'GitPython',
     'packaging',
     'python-dotenv',
-    "socketdev>=3.0.32,<4.0.0",
+    "socketdev>=3.0.33,<4.0.0",
     "bs4>=0.0.2",
     "markdown>=3.10",
 ]

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/__init__.py RENAMED Viewed

@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.83'
+__version__ = '2.2.86'
 USER_AGENT = f'SocketPythonCLI/{__version__}'

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/config.py RENAMED Viewed

@@ -131,6 +131,10 @@ class CliConfig:
     reach_additional_params: Optional[List[str]] = None
     only_facts_file: bool = False
     reach_use_only_pregenerated_sboms: bool = False
+    reach_continue_on_analysis_errors: bool = False
+    reach_continue_on_install_errors: bool = False
+    reach_continue_on_missing_lock_files: bool = False
+    reach_continue_on_no_source_files: bool = False
     max_purl_batch_size: int = 5000
     enable_commit_status: bool = False
     config_file: Optional[str] = None
@@ -236,6 +240,10 @@ class CliConfig:
             'reach_additional_params': args.reach_additional_params,
             'only_facts_file': args.only_facts_file,
             'reach_use_only_pregenerated_sboms': args.reach_use_only_pregenerated_sboms,
+            'reach_continue_on_analysis_errors': args.reach_continue_on_analysis_errors,
+            'reach_continue_on_install_errors': args.reach_continue_on_install_errors,
+            'reach_continue_on_missing_lock_files': args.reach_continue_on_missing_lock_files,
+            'reach_continue_on_no_source_files': args.reach_continue_on_no_source_files,
             'max_purl_batch_size': args.max_purl_batch_size,
             'enable_commit_status': args.enable_commit_status,
             'config_file': args.config_file,
@@ -861,6 +869,30 @@ def create_argument_parser() -> argparse.ArgumentParser:
         action="store_true",
         help="When using this option, the scan is created based only on pre-generated CDX and SPDX files in your project. (requires --reach)"
     )
+    reachability_group.add_argument(
+        "--reach-continue-on-analysis-errors",
+        dest="reach_continue_on_analysis_errors",
+        action="store_true",
+        help=argparse.SUPPRESS
+    )
+    reachability_group.add_argument(
+        "--reach-continue-on-install-errors",
+        dest="reach_continue_on_install_errors",
+        action="store_true",
+        help=argparse.SUPPRESS
+    )
+    reachability_group.add_argument(
+        "--reach-continue-on-missing-lock-files",
+        dest="reach_continue_on_missing_lock_files",
+        action="store_true",
+        help=argparse.SUPPRESS
+    )
+    reachability_group.add_argument(
+        "--reach-continue-on-no-source-files",
+        dest="reach_continue_on_no_source_files",
+        action="store_true",
+        help=argparse.SUPPRESS
+    )
     parser.add_argument(
         '--version',

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/core/classes.py RENAMED Viewed

@@ -207,7 +207,7 @@ class Package():
                 name=data["name"],
                 version=data["version"],
                 type=data["type"],
-                score=data.get("score", data.get("scores", {})),
+                score=data.get("score") or data.get("scores") or {},
                 alerts=data.get("alerts", []),
                 author=data.get("author", []),
                 size=data.get("size"),
@@ -236,7 +236,7 @@ class Package():
             name=data["name"],
             version=data["version"],
             type=data["type"],
-            score=data.get("score", data.get("scores", {})),
+            score=data.get("score") or data.get("scores") or {},
             alerts=data.get("alerts", []),
             author=data.get("author", []),
             size=data.get("size"),
@@ -448,6 +448,8 @@ class Purl:
             self.capabilities = []
         if not hasattr(self, "is_new"):
             self.is_new = False
+        if not hasattr(self, "scores") or self.scores is None:
+            self.scores = {}
         self.author_url = Purl.generate_author_data(self.author, self.ecosystem)
     @staticmethod

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/core/cli_client.py RENAMED Viewed

@@ -1,4 +1,5 @@
 import base64
+import json
 import logging
 from typing import Dict, List, Optional, Union
@@ -55,3 +56,18 @@ class CliClient:
         except requests.exceptions.RequestException as e:
             logger.error(f"API request failed: {str(e)}")
             raise APIFailure(f"Request failed: {str(e)}")
+    def post_telemetry_events(self, org_slug: str, events: List[Dict]) -> None:
+        """Post telemetry events one at a time to the v0 telemetry API. Fire-and-forget — logs errors but never raises."""
+        logger.debug(f"Sending {len(events)} telemetry event(s) to v0/orgs/{org_slug}/telemetry")
+        for i, event in enumerate(events):
+            try:
+                logger.debug(f"Telemetry event {i+1}/{len(events)}: {json.dumps(event)}")
+                resp = self.request(
+                    path=f"orgs/{org_slug}/telemetry",
+                    method="POST",
+                    payload=json.dumps(event),
+                )
+                logger.debug(f"Telemetry event {i+1}/{len(events)} sent: status={resp.status_code}")
+            except Exception as e:
+                logger.warning(f"Failed to send telemetry event {i+1}/{len(events)}: {e}")

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/core/messages.py RENAMED Viewed

@@ -1179,12 +1179,27 @@ class Messages:
                 score_percent = int(score * 100)  # Convert to integer percentage
                 return f"[![{score_percent}](https://github-app-statics.socket.dev/score-{score_percent}.svg)]({added.url})"
+            def get_score_for_badge(score_name: str) -> float:
+                scores = getattr(added, "scores", None)
+                if isinstance(scores, dict):
+                    raw_score = scores.get(score_name)
+                else:
+                    raw_score = getattr(scores, score_name, None) if scores is not None else None
+                if raw_score is None:
+                    return 1.0
+                score = float(raw_score)
+                if score > 1:
+                    score = score / 100
+                return max(0.0, min(score, 1.0))
             # Generate badges for each score type
-            supply_chain_risk_badge = score_to_badge(added.scores.get("supplyChain", 100))
-            vulnerability_badge = score_to_badge(added.scores.get("vulnerability", 100))
-            quality_badge = score_to_badge(added.scores.get("quality", 100))
-            maintenance_badge = score_to_badge(added.scores.get("maintenance", 100))
-            license_badge = score_to_badge(added.scores.get("license", 100))
+            supply_chain_risk_badge = score_to_badge(get_score_for_badge("supplyChain"))
+            vulnerability_badge = score_to_badge(get_score_for_badge("vulnerability"))
+            quality_badge = score_to_badge(get_score_for_badge("quality"))
+            maintenance_badge = score_to_badge(get_score_for_badge("maintenance"))
+            license_badge = score_to_badge(get_score_for_badge("license"))
             # Add the row for this package
             row = [

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/core/scm/gitlab.py RENAMED Viewed

@@ -1,3 +1,4 @@
+import json
 import os
 import sys
 from dataclasses import dataclass
@@ -219,6 +220,24 @@ class Gitlab:
             base_url=self.config.api_url
         )
+    def has_thumbsup_reaction(self, comment_id: int) -> bool:
+        """Best-effort check for 'thumbsup' award emoji on a MR note."""
+        if not self.config.mr_project_id or not self.config.mr_iid:
+            return False
+        path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes/{comment_id}/award_emoji"
+        try:
+            response = self._request_with_fallback(
+                path=path,
+                headers=self.config.headers,
+                base_url=self.config.api_url
+            )
+            for emoji in response.json():
+                if emoji.get("name") == "thumbsup":
+                    return True
+        except Exception as e:
+            log.debug(f"Could not check award emoji for note {comment_id} (best effort): {e}")
+        return False
     def get_comments_for_pr(self) -> dict:
         log.debug(f"Getting Gitlab comments for Repo {self.config.repository} for PR {self.config.mr_iid}")
         path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes"
@@ -326,9 +345,32 @@ class Gitlab:
         except Exception as e:
             log.error(f"Failed to set commit status: {e}")
+    def post_thumbsup_reaction(self, comment_id: int) -> None:
+        """Best-effort: add 'thumbsup' award emoji to a MR note."""
+        if not self.config.mr_project_id or not self.config.mr_iid:
+            return
+        path = f"projects/{self.config.mr_project_id}/merge_requests/{self.config.mr_iid}/notes/{comment_id}/award_emoji"
+        try:
+            headers = {**self.config.headers, "Content-Type": "application/json"}
+            self._request_with_fallback(
+                path=path,
+                payload=json.dumps({"name": "thumbsup"}),
+                method="POST",
+                headers=headers,
+                base_url=self.config.api_url
+            )
+        except Exception as e:
+            log.debug(f"Could not add thumbsup emoji to note {comment_id} (best effort): {e}")
+    def handle_ignore_reactions(self, comments: dict) -> None:
+        for comment in comments.get("ignore", []):
+            if "SocketSecurity ignore" in comment.body and not self.has_thumbsup_reaction(comment.id):
+                self.post_thumbsup_reaction(comment.id)
     def remove_comment_alerts(self, comments: dict):
         security_alert = comments.get("security")
         if security_alert is not None:
             # Type narrowing: after None check, mypy knows this is Comment
             new_body = Comments.process_security_comment(security_alert, comments)
+            self.handle_ignore_reactions(comments)
             self.update_comment(new_body, str(security_alert.id))

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/core/scm_comments.py RENAMED Viewed

@@ -51,11 +51,13 @@ class Comments:
         for comment in comments["ignore"]:
             comment: Comment
             first_line = comment.body_list[0]
-            if not ignore_all and "SocketSecurity ignore" in first_line:
+            if not ignore_all and "socketsecurity ignore" in first_line.lower():
                 try:
                     first_line = first_line.lstrip("@")
-                    _, command = first_line.split("SocketSecurity ")
-                    command = command.strip()
+                    # Case-insensitive split: find "SocketSecurity " regardless of casing
+                    lower_line = first_line.lower()
+                    split_idx = lower_line.index("socketsecurity ") + len("socketsecurity ")
+                    command = first_line[split_idx:].strip()
                     if command == "ignore-all":
                         ignore_all = True
                     else:

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/core/tools/reachability.py RENAMED Viewed

@@ -104,6 +104,10 @@ class ReachabilityAnalyzer:
         allow_unverified: bool = False,
         enable_debug: bool = False,
         use_only_pregenerated_sboms: bool = False,
+        continue_on_analysis_errors: bool = False,
+        continue_on_install_errors: bool = False,
+        continue_on_missing_lock_files: bool = False,
+        continue_on_no_source_files: bool = False,
     ) -> Dict[str, Any]:
         """
         Run reachability analysis.
@@ -196,6 +200,18 @@ class ReachabilityAnalyzer:
         if use_only_pregenerated_sboms:
             cmd.append("--use-only-pregenerated-sboms")
+        if continue_on_analysis_errors:
+            cmd.append("--reach-continue-on-analysis-errors")
+        if continue_on_install_errors:
+            cmd.append("--reach-continue-on-install-errors")
+        if continue_on_missing_lock_files:
+            cmd.append("--reach-continue-on-missing-lock-files")
+        if continue_on_no_source_files:
+            cmd.append("--reach-continue-on-no-source-files")
         # Add any additional parameters provided by the user
         if additional_params:
             cmd.extend(additional_params)

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/socketsecurity/socketcli.py RENAMED Viewed

@@ -4,6 +4,8 @@ import sys
 import traceback
 import shutil
 import warnings
+from datetime import datetime, timezone
+from uuid import uuid4
 from dotenv import load_dotenv
 from git import InvalidGitRepositoryError, NoSuchPathError
@@ -301,7 +303,11 @@ def main_code():
                     additional_params=config.reach_additional_params,
                     allow_unverified=config.allow_unverified,
                     enable_debug=config.enable_debug,
-                    use_only_pregenerated_sboms=config.reach_use_only_pregenerated_sboms
+                    use_only_pregenerated_sboms=config.reach_use_only_pregenerated_sboms,
+                    continue_on_analysis_errors=config.reach_continue_on_analysis_errors,
+                    continue_on_install_errors=config.reach_continue_on_install_errors,
+                    continue_on_missing_lock_files=config.reach_continue_on_missing_lock_files,
+                    continue_on_no_source_files=config.reach_continue_on_no_source_files,
                 )
                 log.info(f"Reachability analysis completed successfully")
@@ -478,6 +484,17 @@ def main_code():
     # Handle SCM-specific flows
     log.debug(f"Flow decision: scm={scm is not None}, force_diff_mode={force_diff_mode}, force_api_mode={force_api_mode}, enable_diff={config.enable_diff}")
+    def _is_unprocessed(c):
+        """Check if an ignore comment has not yet been marked with '+1' reaction.
+        For GitHub, reactions['+1'] is already in the comment response (no extra call).
+        For GitLab, has_thumbsup_reaction() makes a lazy API call per comment."""
+        if getattr(c, "reactions", {}).get("+1"):
+            return False
+        if hasattr(scm, "has_thumbsup_reaction") and scm.has_thumbsup_reaction(c.id):
+            return False
+        return True
     if scm is not None and scm.check_event_type() == "comment":
         # FIXME: This entire flow should be a separate command called "filter_ignored_alerts_in_comments"
         # It's not related to scanning or diff generation - it just:
@@ -489,6 +506,44 @@ def main_code():
         if not config.disable_ignore:
             comments = scm.get_comments_for_pr()
+            # Emit telemetry for ignore comments before +1 reaction is added.
+            # The +1 reaction (added by remove_comment_alerts) serves as the "processed" marker.
+            if "ignore" in comments:
+                unprocessed = [c for c in comments["ignore"] if _is_unprocessed(c)]
+                if unprocessed:
+                    try:
+                        events = []
+                        for c in unprocessed:
+                            single = {"ignore": [c]}
+                            ignore_all, ignore_commands = Comments.get_ignore_options(single)
+                            user = getattr(c, "user", None) or getattr(c, "author", None) or {}
+                            now = datetime.now(timezone.utc).isoformat()
+                            shared_fields = {
+                                "event_kind": "user-action",
+                                "client_action": "ignore",
+                                "alert_action": "error",
+                                "event_sender_created_at": now,
+                                "vcs_provider": integration_type,
+                                "owner": config.repo.split("/")[0] if "/" in config.repo else "",
+                                "repo": config.repo,
+                                "pr_number": pr_number,
+                                "ignore_all": ignore_all,
+                                "sender_name": user.get("login") or user.get("username", ""),
+                                "sender_id": str(user.get("id", "")),
+                            }
+                            if ignore_commands:
+                                for name, version in ignore_commands:
+                                    events.append({**shared_fields, "event_id": str(uuid4()), "artifact_input": f"{name}@{version}"})
+                            elif ignore_all:
+                                events.append({**shared_fields, "event_id": str(uuid4())})
+                        if events:
+                            log.debug(f"Ignore telemetry: {len(events)} events to send")
+                            client.post_telemetry_events(org_slug, events)
+                    except Exception as e:
+                        log.warning(f"Failed to send ignore telemetry: {e}")
             log.debug("Removing comment alerts")
             scm.remove_comment_alerts(comments)
         else:
@@ -504,9 +559,76 @@ def main_code():
             # FIXME: this overwrites diff.new_alerts, which was previously populated by Core.create_issue_alerts
             if not config.disable_ignore:
                 log.debug("Removing comment alerts")
+                alerts_before = list(diff.new_alerts)
                 diff.new_alerts = Comments.remove_alerts(comments, diff.new_alerts)
+                ignored_alerts = [a for a in alerts_before if a not in diff.new_alerts]
+                # Emit telemetry per-comment so each event carries the comment author.
+                unprocessed_ignore = [
+                    c for c in comments.get("ignore", [])
+                    if _is_unprocessed(c)
+                ]
+                if ignored_alerts and unprocessed_ignore:
+                    try:
+                        events = []
+                        now = datetime.now(timezone.utc).isoformat()
+                        for c in unprocessed_ignore:
+                            single = {"ignore": [c]}
+                            c_ignore_all, c_ignore_commands = Comments.get_ignore_options(single)
+                            user = getattr(c, "user", None) or getattr(c, "author", None) or {}
+                            sender_name = user.get("login") or user.get("username", "")
+                            sender_id = str(user.get("id", ""))
+                            # Match this comment's targets to the actual ignored alerts
+                            matched_alerts = []
+                            if c_ignore_all:
+                                matched_alerts = ignored_alerts
+                            else:
+                                for alert in ignored_alerts:
+                                    full_name = f"{alert.pkg_type}/{alert.pkg_name}"
+                                    purl = (full_name, alert.pkg_version)
+                                    purl_star = (full_name, "*")
+                                    if purl in c_ignore_commands or purl_star in c_ignore_commands:
+                                        matched_alerts.append(alert)
+                            shared_fields = {
+                                "event_kind": "user-action",
+                                "client_action": "ignore",
+                                "event_sender_created_at": now,
+                                "vcs_provider": integration_type,
+                                "owner": config.repo.split("/")[0] if "/" in config.repo else "",
+                                "repo": config.repo,
+                                "pr_number": pr_number,
+                                "ignore_all": c_ignore_all,
+                                "sender_name": sender_name,
+                                "sender_id": sender_id,
+                            }
+                            if matched_alerts:
+                                for alert in matched_alerts:
+                                    # Derive alert_action from the alert's resolved action flags
+                                    if getattr(alert, "error", False):
+                                        alert_action = "error"
+                                    elif getattr(alert, "warn", False):
+                                        alert_action = "warn"
+                                    elif getattr(alert, "monitor", False):
+                                        alert_action = "monitor"
+                                    else:
+                                        alert_action = "error"
+                                    events.append({**shared_fields, "alert_action": alert_action, "event_id": str(uuid4()), "artifact_purl": alert.purl})
+                            elif c_ignore_all:
+                                events.append({**shared_fields, "event_id": str(uuid4())})
+                        if events:
+                            client.post_telemetry_events(org_slug, events)
+                        # Mark ignore comments as processed with +1 reaction
+                        if hasattr(scm, "handle_ignore_reactions"):
+                            scm.handle_ignore_reactions(comments)
+                    except Exception as e:
+                        log.warning(f"Failed to send ignore telemetry: {e}")
             else:
                 log.info("Ignore commands disabled (--disable-ignore), all alerts will be reported")
             log.debug("Creating Dependency Overview Comment")
             overview_comment = Messages.dependency_overview_template(diff)

{socketsecurity-2.2.83 → socketsecurity-2.2.86}/tests/unit/test_client.py RENAMED Viewed

@@ -122,4 +122,53 @@ def test_request_with_payload(client):
         args, kwargs = mock_request.call_args
         assert kwargs['method'] == "POST"
-        assert kwargs['data'] == payload
+        assert kwargs['data'] == payload
+def test_post_telemetry_events_sends_individually(client):
+    """Test that telemetry events are posted one at a time to v0 API"""
+    import json
+    events = [
+        {"event_kind": "user-action", "client_action": "ignore_alerts", "artifact_purl": "pkg:npm/foo@1.0.0"},
+        {"event_kind": "user-action", "client_action": "ignore_alerts", "artifact_purl": "pkg:npm/bar@2.0.0"},
+    ]
+    with patch('requests.request') as mock_request:
+        mock_response = Mock()
+        mock_response.status_code = 201
+        mock_request.return_value = mock_response
+        client.post_telemetry_events("test-org", events)
+        assert mock_request.call_count == 2
+        first_call = mock_request.call_args_list[0]
+        assert first_call.kwargs['url'] == "https://api.socket.dev/v0/orgs/test-org/telemetry"
+        assert first_call.kwargs['method'] == "POST"
+        assert first_call.kwargs['data'] == json.dumps(events[0])
+        second_call = mock_request.call_args_list[1]
+        assert second_call.kwargs['data'] == json.dumps(events[1])
+def test_post_telemetry_events_continues_on_failure(client):
+    """Test that a failed event does not prevent subsequent events from being sent"""
+    import json
+    events = [
+        {"event_kind": "user-action", "artifact_purl": "pkg:npm/foo@1.0.0"},
+        {"event_kind": "user-action", "artifact_purl": "pkg:npm/bar@2.0.0"},
+    ]
+    with patch('requests.request') as mock_request:
+        mock_response = Mock()
+        mock_response.status_code = 201
+        mock_request.side_effect = [
+            requests.exceptions.ConnectionError("timeout"),
+            mock_response,
+        ]
+        client.post_telemetry_events("test-org", events)
+        assert mock_request.call_count == 2

socketsecurity-2.2.86/tests/unit/test_dependency_overview.py ADDED Viewed

@@ -0,0 +1,67 @@
+from socketsecurity.core.classes import Diff, Package, Purl
+from socketsecurity.core.messages import Messages
+def _make_purl(name: str, scores) -> Purl:
+    return Purl(
+        id=f"pkg:npm/{name}@1.0.0",
+        name=name,
+        version="1.0.0",
+        ecosystem="npm",
+        direct=True,
+        introduced_by=[("direct", "package.json")],
+        author=["test-author"],
+        size=1000,
+        transitives=0,
+        url=f"https://socket.dev/npm/package/{name}/overview/1.0.0",
+        purl=f"pkg:npm/{name}@1.0.0",
+        scores=scores,
+    )
+def test_package_from_diff_artifact_normalizes_null_score():
+    package = Package.from_diff_artifact(
+        {
+            "id": "pkg:npm/example@1.0.0",
+            "name": "example",
+            "version": "1.0.0",
+            "type": "npm",
+            "diffType": "added",
+            "score": None,
+            "alerts": [],
+            "author": [],
+            "topLevelAncestors": [],
+            "direct": True,
+            "manifestFiles": [],
+        }
+    )
+    assert package.score == {}
+def test_dependency_overview_template_defaults_missing_or_null_scores(tmp_path, monkeypatch):
+    monkeypatch.chdir(tmp_path)
+    diff = Diff(
+        id="test-diff",
+        diff_url="https://socket.dev/test-diff",
+        new_packages=[
+            _make_purl("missing-scores", None),
+            _make_purl(
+                "partial-scores",
+                {
+                    "supplyChain": 0.42,
+                    "vulnerability": None,
+                },
+            ),
+        ],
+        removed_packages=[],
+        new_alerts=[],
+    )
+    comment = Messages.dependency_overview_template(diff)
+    assert "Socket Security: Dependency Overview" in comment
+    assert "score-42.svg" in comment
+    assert "score-100.svg" in comment
+    assert "score-10000.svg" not in comment

socketsecurity 2.2.83__tar.gz → 2.2.86__tar.gz

socketsecurity 2.2.83tar.gz → 2.2.86tar.gz