Tags: SocketDev/socket-python-cli
Tags
Fix uv lockfile sync + version incrementation checks (#204) * update uv.lock to reflect new version Signed-off-by: lelia <[email protected]> * update version check workflow to include uv.lock Signed-off-by: lelia <[email protected]> * update python hooks to include uv sync Signed-off-by: lelia <[email protected]> * remove unused setup.py check from workflow Signed-off-by: lelia <[email protected]> * rev all versions to v2.2.89 Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Add bun and vlt lockfiles (#202) * Add bun and vlt lockfiles * Add bun.lockb * Add unit tests for bun.lock, bun.lockb, and vlt-lock.json manifest matching Signed-off-by: lelia <[email protected]> * Bump version to 2.2.87 Signed-off-by: lelia <[email protected]> * Add missing version refs Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]> Co-authored-by: lelia <[email protected]>
fix: bump Socket SDK version, handle missing diff scores (#193) * fix: handle missing diff scores in dependency overview Signed-off-by: lelia <[email protected]> * chore: bump release version for CLI Signed-off-by: lelia <[email protected]> * chore: bump SDK version for release Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Add hidden reach-continue-on-* flags for Coana v15 (#191) * Add hidden reach-continue-on-* flags for Coana v15 Coana v15 introduces four new halt-by-default behaviors in socket mode and corresponding --reach-continue-on-* opt-outs. Expose them as hidden flags on the Python CLI so it is ready to forward them when Coana v15 becomes the default. Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]> * Bump version to 2.2.85 Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]> --------- Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
fix: strip git name-rev suffix operators from detected branch name (#189 ) In detached-HEAD CI checkouts (common in Buildkite/CircleCI/Jenkins/etc. where none of the GitHub/GitLab/Bitbucket CI env vars are recognized), the Python CLI falls back to `git name-rev --name-only HEAD` to detect the current branch. When the checked-out SHA is not exactly at a branch tip (e.g. master moved forward after the pipeline started), name-rev returns strings like `remotes/origin/master~1` or `master^0`. The previous split('/')[-1] cleanup kept the `~N`/`^N` suffix, which the Socket API then rejected with "Invalid branch name". Strip anything from the first `~` or `^` onward before the prefix split. Both characters are forbidden in git ref names per check-ref-format(1), so truncating at them is always safe. Assisted-by: Claude Code:opus-4-7
Fix GitLab security report schema compliance + scan alert population (#… …182) * Bump incremental version Signed-off-by: lelia <[email protected]> * Fix gitlab security report schema validation errors Signed-off-by: lelia <[email protected]> * Populate gitlab security report with alerts for full scans Signed-off-by: lelia <[email protected]> * Skip license-metadata API call when fetching full scan alerts Signed-off-by: lelia <[email protected]> * Consolidate e2e test workflows, add additional coverage Signed-off-by: lelia <[email protected]> * Strip logger timestamp prefix to fix e2e test Signed-off-by: lelia <[email protected]> * Include unchanged alerts in GitLab report Signed-off-by: lelia <[email protected]> * Fix commit status to count new + unchanged alerts when strict blocking enabled Signed-off-by: lelia <[email protected]> * Add comparison table of alert behaviors between GitLab + JSON/SARIF Signed-off-by: lelia <[email protected]> * Document comment-based ignore behavior differences Signed-off-by: lelia <[email protected]> * Add new unit tests for unchanged alerts Signed-off-by: lelia <[email protected]> * chore: bump npm test fixture versions Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Fix broken links on PyPI by using absolute GitHub URLs (#174) PyPI renders the README but has no access to the repository file tree, so all relative links (docs/, examples/config/, workflows/) resolved against pypi.org and returned 404s. Replace with absolute URLs pointing to the main branch on GitHub.
Update required Python version, tweak CI checks (#172) * Add guard to not run on external fork PRs Signed-off-by: lelia <[email protected]> * Update python tests to include installation check Signed-off-by: lelia <[email protected]> * Bump project verison and required Python version Signed-off-by: lelia <[email protected]> * Add more unit test checks Signed-off-by: lelia <[email protected]> * Bump project version and required Python version Signed-off-by: lelia <[email protected]> * Add additional guardrails for PR check behaviors Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Fix reachability filtering, add config file support (#169) * Add SARIF scoping/reachability controls, config file support Signed-off-by: lelia <[email protected]> * Add coverage for new SARIF scoping, config file behavior Signed-off-by: lelia <[email protected]> * Add config examples for different use cases Signed-off-by: lelia <[email protected]> * Refactor docs to reduce README complexity, create dedicated CLI and CI/CD guides Signed-off-by: lelia <[email protected]> * Bump version for release Signed-off-by: lelia <[email protected]> * Add shared selector/filter module Signed-off-by: lelia <[email protected]> * Refactor output handling to use shared alert selection Signed-off-by: lelia <[email protected]> * Refactor Slack diff filtering to use shared selection semantics, facts-aware reachable filtering Signed-off-by: lelia <[email protected]> * Add unit tests for shared selection logic Signed-off-by: lelia <[email protected]> * Add unit tests for new Slack behavior Signed-off-by: lelia <[email protected]> * Update output tests for strict-blocking and SARIF Signed-off-by: lelia <[email protected]> * Add JSON config examples for reference Signed-off-by: lelia <[email protected]> * Remove unnecessary backwards compat logic Signed-off-by: lelia <[email protected]> * Docs refactor for better readability, dedicated guides for CLI + CI/CD usage Signed-off-by: lelia <[email protected]> * Bump version for release Signed-off-by: lelia <[email protected]> * Fix missing version check expected in PR preview Signed-off-by: lelia <[email protected]> * Fix PR preview worklfow to use updated version check Signed-off-by: lelia <[email protected]> * Fix e2e regression tests to use correct SARIF flags and remove legacy assertions Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Fix has_manifest_files failing to match root-level manifest files (#168) * Fix has_manifest_files failing to match root-level manifest files PurePath.match("**/package.json") returns False for root-level files in Python 3.12+ because ** requires at least one directory component. The function was unconditionally prepending **/ to all patterns, causing root-level manifests like package.json and package-lock.json to never match. This forced every scan into full scan mode instead of diff scan mode, which meant MR/PR comments were never posted. Fix by trying the direct pattern match first, then falling back to the **/ prefixed pattern for subdirectory matching. Fixes Zendesk #2447 * Bump version to 2.2.77 * Add tests/core to CI trigger paths and test command * Fixing compatibility drift between CLI <> SDK surfaced by test failures Signed-off-by: lelia <[email protected]> * Fixing core test failures caused by updated stale fixtures, outdated test construction Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]> Co-authored-by: lelia <[email protected]>
PreviousNext