socketsecurity 2.2.86__tar.gz → 2.2.89__tar.gz

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/.github/workflows/version-check.yml

@@ -4,8 +4,8 @@ on:
     types: [opened, synchronize, ready_for_review]
     paths:
       - 'socketsecurity/**'
-      - 'setup.py'
       - 'pyproject.toml'
+      - 'uv.lock'
 
 permissions:
   contents: read
@@ -46,6 +46,18 @@ jobs:
           print(f'✅ Version properly incremented from {main_ver} to {pr_ver}')
           "
 
+      - name: Require uv.lock update when pyproject changes
+        run: |
+          CHANGED_FILES="$(git diff --name-only origin/main...HEAD)"
+
+          if echo "$CHANGED_FILES" | grep -qx 'pyproject.toml'; then
+            if ! echo "$CHANGED_FILES" | grep -qx 'uv.lock'; then
+              echo "❌ pyproject.toml changed, but uv.lock was not updated."
+              echo "Run 'uv lock' and commit uv.lock with the version bump."
+              exit 1
+            fi
+          fi
+
       - name: Manage PR Comment
         uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea
         if: always() && github.event.pull_request.head.repo.full_name == github.repository

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/.hooks/sync_version.py

@@ -8,6 +8,7 @@ import json
 
 INIT_FILE = pathlib.Path("socketsecurity/__init__.py")
 PYPROJECT_FILE = pathlib.Path("pyproject.toml")
+UV_LOCK_FILE = pathlib.Path("uv.lock")
 
 VERSION_PATTERN = re.compile(r"__version__\s*=\s*['\"]([^'\"]+)['\"]")
 PYPROJECT_PATTERN = re.compile(r'^version\s*=\s*".*"$', re.MULTILINE)
@@ -72,6 +73,21 @@ def inject_version(version: str):
         new_pyproject = re.sub(r"(\[project\])", rf"\1\nversion = \"{version}\"", pyproject)
     PYPROJECT_FILE.write_text(new_pyproject)
 
+
+def run_uv_lock() -> bool:
+    before = UV_LOCK_FILE.read_bytes() if UV_LOCK_FILE.exists() else b""
+    try:
+        subprocess.run(["uv", "lock"], check=True, text=True)
+    except FileNotFoundError:
+        print("❌ `uv` is required but was not found in PATH.")
+        sys.exit(1)
+    except subprocess.CalledProcessError:
+        print("❌ `uv lock` failed. Please run it manually and fix any errors.")
+        sys.exit(1)
+
+    after = UV_LOCK_FILE.read_bytes() if UV_LOCK_FILE.exists() else b""
+    return before != after
+
 def main():
     dev_mode = "--dev" in sys.argv
     current_version = read_version_from_init(INIT_FILE)
@@ -84,15 +100,24 @@ def main():
             base_version = current_version.split(".dev")[0] if ".dev" in current_version else current_version
             new_version = find_next_available_dev_version(base_version)
             inject_version(new_version)
-            print("⚠️ Version was unchanged — auto-bumped. Please git add + commit again.")
+            uv_lock_changed = run_uv_lock()
+            lock_hint = " and uv.lock" if uv_lock_changed else ""
+            print(f"⚠️ Version was unchanged — auto-bumped. Please git add{lock_hint} + commit again.")
             sys.exit(0)
         else:
             new_version = bump_patch_version(current_version)
             inject_version(new_version)
-            print("⚠️ Version was unchanged — auto-bumped. Please git add + commit again.")
+            uv_lock_changed = run_uv_lock()
+            lock_hint = " and uv.lock" if uv_lock_changed else ""
+            print(f"⚠️ Version was unchanged — auto-bumped. Please git add{lock_hint} + commit again.")
             sys.exit(1)
     else:
-        print("✅ Version already bumped — proceeding.")
+        uv_lock_changed = run_uv_lock()
+        if uv_lock_changed:
+            print("⚠️ Version already bumped, but uv.lock was out of date and has been updated. Please git add uv.lock + commit again.")
+            sys.exit(1)
+
+        print("✅ Version already bumped and uv.lock is up to date — proceeding.")
         sys.exit(0)
 
 if __name__ == "__main__":

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: socketsecurity
-Version: 2.2.86
+Version: 2.2.89
 Summary: Socket Security CLI for CI/CD
 Project-URL: Homepage, https://socket.dev
 Author-email: Douglas Coburn <douglas@socket.dev>

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.2.86"
+version = "2.2.89"
 requires-python = ">= 3.11"
 license = {"file" = "LICENSE"}
 dependencies = [

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/socketsecurity/__init__.py

@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.86'
+__version__ = '2.2.89'
 USER_AGENT = f'SocketPythonCLI/{__version__}'

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/socketsecurity/core/utils.py

@@ -38,6 +38,15 @@ socket_globs = {
         },
         "pnpm-workspace.yml": {
             "pattern": "pnpm-workspace.yml"
+        },
+        "bun.lock": {
+            "pattern": "bun.lock"
+        },
+        "bun.lockb": {
+            "pattern": "bun.lockb"
+        },
+        "vlt-lock.json": {
+            "pattern": "vlt-lock.json"
         }
     },
     "pypi": {
@@ -105,4 +114,4 @@ socket_globs = {
             "pattern": "packages.lock.json"
         }
     }
-}
+}

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/tests/core/test_has_manifest_files.py

@@ -1,6 +1,7 @@
 from unittest.mock import patch
 
 from socketsecurity.core import Core
+from socketsecurity.core.utils import socket_globs
 
 # Minimal patterns matching what the Socket API returns
 MOCK_PATTERNS = {
@@ -8,6 +9,9 @@ MOCK_PATTERNS = {
         "packagejson": {"pattern": "package.json"},
         "packagelockjson": {"pattern": "package-lock.json"},
         "yarnlock": {"pattern": "yarn.lock"},
+        "bunlock": {"pattern": "bun.lock"},
+        "bunlockb": {"pattern": "bun.lockb"},
+        "vltlockjson": {"pattern": "vlt-lock.json"},
     },
     "pypi": {
         "requirements": {"pattern": "*requirements.txt"},
@@ -66,3 +70,42 @@ class TestHasManifestFiles:
     def test_pom_xml_root(self, mock_patterns):
         core = Core.__new__(Core)
         assert core.has_manifest_files(["pom.xml"]) is True
+
+    def test_bun_lock_root(self, mock_patterns):
+        core = Core.__new__(Core)
+        assert core.has_manifest_files(["bun.lock"]) is True
+
+    def test_bun_lockb_root(self, mock_patterns):
+        core = Core.__new__(Core)
+        assert core.has_manifest_files(["bun.lockb"]) is True
+
+    def test_vlt_lock_json_root(self, mock_patterns):
+        core = Core.__new__(Core)
+        assert core.has_manifest_files(["vlt-lock.json"]) is True
+
+    def test_bun_lock_subdirectory(self, mock_patterns):
+        core = Core.__new__(Core)
+        assert core.has_manifest_files(["apps/web/bun.lock"]) is True
+
+
+@patch.object(Core, "get_supported_patterns", side_effect=RuntimeError("API unreachable"))
+@patch.object(Core, "__init__", lambda self, *a, **kw: None)
+class TestHasManifestFilesFallback:
+    """Exercises the socket_globs fallback path used when the Socket API is unreachable."""
+
+    def test_fallback_matches_bun_lock(self, mock_patterns):
+        core = Core.__new__(Core)
+        assert core.has_manifest_files(["bun.lock"]) is True
+
+    def test_fallback_matches_bun_lockb(self, mock_patterns):
+        core = Core.__new__(Core)
+        assert core.has_manifest_files(["bun.lockb"]) is True
+
+    def test_fallback_matches_vlt_lock_json(self, mock_patterns):
+        core = Core.__new__(Core)
+        assert core.has_manifest_files(["vlt-lock.json"]) is True
+
+    def test_fallback_patterns_dict_contains_new_entries(self, mock_patterns):
+        assert "bun.lock" in socket_globs["npm"]
+        assert "bun.lockb" in socket_globs["npm"]
+        assert "vlt-lock.json" in socket_globs["npm"]

{socketsecurity-2.2.86 → socketsecurity-2.2.89}/uv.lock

@@ -1168,7 +1168,7 @@ wheels = [
 
 [[package]]
 name = "socketsecurity"
-version = "2.2.86"
+version = "2.2.89"
 source = { editable = "." }
 dependencies = [
     { name = "bs4" },