From cac9865805759c41dd1dc4e108df64a8cda1813c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 21 Jun 2024 18:11:04 +0000 Subject: [PATCH] fix(openapi): sync with openapi definition --- openapi.json | 5468 ++++++++++++++++++++++++------------------------ types/api.d.ts | 2697 +++++++++++++----------- 2 files changed, 4165 insertions(+), 4000 deletions(-) diff --git a/openapi.json b/openapi.json index 6e4342a..ee73ef5 100644 --- a/openapi.json +++ b/openapi.json @@ -182,7 +182,7 @@ } } }, - "SocketGone": { + "SocketInternalServerError": { "content": { "application/json": { "schema": { @@ -212,9 +212,9 @@ } } }, - "description": "Gone" + "description": "Internal server error" }, - "SocketInternalServerError": { + "SocketGone": { "content": { "application/json": { "schema": { @@ -244,53 +244,47 @@ } } }, - "description": "Internal server error" + "description": "Gone" } }, "schemas": { - "SocketIssueList": { - "type": "array", - "items": { - "$ref": "#/components/schemas/SocketIssue" - } + "SocketIssueSeverity": { + "type": "string", + "enum": [ + "low", + "middle", + "high", + "critical" + ], + "description": "", + "default": "low" }, - "SocketPackageScore": { + "SocketCategory": { + "type": "string", + "enum": [ + "supplyChainRisk", + "quality", + "maintenance", + "vulnerability", + "license", + "miscellaneous" + ], + "description": "", + "default": "miscellaneous" + }, + "SocketBatchPURLFetch": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "supplyChainRisk": { - "$ref": "#/components/schemas/SocketMetricSchema" - }, - "quality": { - "$ref": "#/components/schemas/SocketMetricSchema" - }, - "maintenance": { - "$ref": "#/components/schemas/SocketMetricSchema" - }, - "vulnerability": { - "$ref": "#/components/schemas/SocketMetricSchema" - }, - "license": { - "$ref": "#/components/schemas/SocketMetricSchema" - }, - "miscellaneous": { - "$ref": "#/components/schemas/SocketMetricSchema" - }, - "depscore": { - "type": "number", - "description": "", - "default": 0 + "components": { + "type": "array", + "items": { + "$ref": "#/components/schemas/SocketBatchPURLRequest" + } } }, "required": [ - "depscore", - "license", - "maintenance", - "miscellaneous", - "quality", - "supplyChainRisk", - "vulnerability" + "components" ] }, "SocketReport": { @@ -364,43 +358,64 @@ "url" ] }, - "SocketIssueSeverity": { - "type": "string", - "enum": [ - "low", - "middle", - "high", - "critical" - ], - "description": "", - "default": "low" + "SocketIssueList": { + "type": "array", + "items": { + "$ref": "#/components/schemas/SocketIssue" + } }, - "SocketCategory": { - "type": "string", - "enum": [ - "supplyChainRisk", - "quality", - "maintenance", - "vulnerability", - "license", - "miscellaneous" - ], + "SocketPackageScore": { + "type": "object", + "additionalProperties": false, "description": "", - "default": "miscellaneous" + "properties": { + "supplyChainRisk": { + "$ref": "#/components/schemas/SocketMetricSchema" + }, + "quality": { + "$ref": "#/components/schemas/SocketMetricSchema" + }, + "maintenance": { + "$ref": "#/components/schemas/SocketMetricSchema" + }, + "vulnerability": { + "$ref": "#/components/schemas/SocketMetricSchema" + }, + "license": { + "$ref": "#/components/schemas/SocketMetricSchema" + }, + "miscellaneous": { + "$ref": "#/components/schemas/SocketMetricSchema" + }, + "depscore": { + "type": "number", + "description": "", + "default": 0 + } + }, + "required": [ + "depscore", + "license", + "maintenance", + "miscellaneous", + "quality", + "supplyChainRisk", + "vulnerability" + ] }, - "SocketBatchPURLFetch": { + "SocketBatchPURLRequest": { "type": "object", "additionalProperties": false, + "description": "", "properties": { - "components": { - "type": "array", - "items": { - "$ref": "#/components/schemas/SocketBatchPURLRequest" - } + "purl": { + "type": "string", + "description": "", + "default": "" } }, "required": [ - "components" + "purl" ] }, "SocketIssue": { @@ -5690,21 +5705,6 @@ "score" ] }, - "SocketBatchPURLRequest": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "purl": { - "type": "string", - "description": "", - "default": "" - } - }, - "required": [ - "purl" - ] - }, "SocketIssueBasics": { "type": "object", "additionalProperties": false, @@ -6083,178 +6083,331 @@ } }, "paths": { - "/npm/{package}/{version}/issues": { - "get": { + "/purl": { + "post": { "tags": [ - "NPM" + "Packages" ], - "summary": "Get issues by package", - "operationId": "getIssuesByNPMPackage", + "summary": "Get Packages (Beta)", + "externalDocs": { + "description": "Socket Package URLs (purl)", + "url": "https://docs.socket.dev/reference/socket-package-urls-purl" + }, + "operationId": "batchPackageFetch", "parameters": [ { - "name": "package", - "in": "path", - "required": true, + "name": "license", + "in": "query", + "required": false, "schema": { - "type": "string" + "type": "boolean", + "default": false } }, { - "name": "version", - "in": "path", - "required": true, - "description": "", + "name": "alerts", + "in": "query", + "required": false, "schema": { - "type": "string" + "type": "boolean", + "default": false } } ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SocketBatchPURLFetch" + } + } + }, + "required": false + }, "security": [ { - "basicAuth": [] + "basicAuth": [ + "packages:list" + ] } ], - "description": "Get all the issues related with a particular npm package version.\nThis endpoint returns the issue type, location, and additional details related to each issue in the `props` attribute.\n\nYou can [see here](https://socket.dev/npm/issue) the full list of issues.\n\nThis endpoint consumes 1 unit of your quota.", + "description": "Batch retrieval of package metadata and alerts by PURL strings. Compatible witch CycloneDX reports.\n\nPackage URLs (PURLs) are an ecosystem agnostic way to identify packages.\nCycloneDX SBOMs use the purl format to identify components.\nThis endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report.\n\nMore information on purl and CycloneDX:\n\n- [`purl` Spec](https://github.com/package-url/purl-spec)\n- [CycloneDX Spec](https://cyclonedx.org/specification/overview/#components)\n\n## Examples:\n\n### Looking up an npm package:\n\n```json\n{\n \"components\": [\n {\n \"purl\": \"pkg:npm/express@4.19.2\"\n }\n ]\n}\n```\n\n### Looking up an PyPi package:\n\n```json\n{\n \"components\": [\n {\n \"purl\": \"pkg:pypi/django@5.0.6\"\n }\n ]\n}\n```\n\n### Looking up a Maven package:\n\n```json\n{\n \"components\": [\n {\n \"purl\": \"pkg:maven/log4j/log4j@1.2.17\"\n }\n ]\n}\n```\n\n### Batch lookup\n\n```json\n{\n \"components\": [\n {\n \"purl\": \"pkg:npm/express@4.19.2\"\n },\n {\n \"purl\": \"pkg:pypi/django@5.0.6\"\n },\n {\n \"purl\": \"pkg:maven/log4j/log4j@1.2.17\"\n }\n ]\n}\n```\n\nThis endpoint consumes 100 units of your quota.", "responses": { "200": { "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/SocketIssueList" - } - } - }, - "description": "Socket issue lists" - }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" - }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" - }, - "403": { - "$ref": "#/components/responses/SocketForbidden" - }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - } - }, - "/npm/{package}/{version}/score": { - "get": { - "tags": [ - "NPM" - ], - "summary": "Get score by package", - "operationId": "getScoreByNPMPackage", - "parameters": [ - { - "name": "package", - "in": "path", - "required": true, - "schema": { - "type": "string" - } - }, - { - "name": "version", - "in": "path", - "required": true, - "description": "", - "schema": { - "type": "string" - } - } - ], - "security": [ - { - "basicAuth": [] - } - ], - "description": "Get all the scores and metrics by category that are used to evaluate the package version.\n\n- depscore: The average of all score factors. (0-1)\n- supplyChainRisk: Score factors relating to supply chain security (0-1)\n- downloadCount: The number of downloads for the package. Higher downloads contribute to a higher score.\n- supplyChainRiskIssueLow/Mid/High/Critical: The number of supply chain risk issues of varying severity. Lower numbers contribute to a higher score.\n- dependencyCount: The number of production dependencies. Lower count contributes to a higher score.\n- devDependencyCount: The number of development dependencies. Lower count contributes to a higher score.\n- transitiveDependencyCount: The number of transitive dependencies. Lower count contributes to a higher score.\n- totalDependencyCount: The total number of dependencies (production + development + transitive). Lower count contributes to a higher score.\n- quality: Score factors relating to code quality (0-1)\n- qualityIssueLow/Mid/High/Critical: The number of code quality issues of varying severity. Lower numbers contribute to a higher score.\n- linesOfCode: The number of lines of code in the package. Lower count contributes to a higher score.\n- readmeLength: The length of the package's README file. Longer READMEs contribute to a higher score.\n- maintenance: Score factors relating to package maintenance (0-1)\n- maintainerCount: The number of maintainers for the package. More maintainers contribute to a higher score.\n- versionsLastWeek/Month/TwoMonths/Year: The number of versions released in different time periods. More recent releases contribute to a higher score.\n- versionCount: The total number of versions released. Higher count contributes to a higher score.\n- maintenanceIssueLow/Mid/High/Critical: The number of maintenance issues of varying severity. Lower numbers contribute to a higher score.\n- vulnerability: Score factors relating to package vulnerabilities (0-1)\n- vulnerabilityIssueLow/Mid/High/Critical: The number of vulnerability issues of varying severity. Lower numbers contribute to a higher score.\n- dependencyVulnerabilityCount: The number of vulnerabilities in the package's dependencies. Lower count contributes to a higher score.\n- vulnerabilityCount: The number of vulnerabilities in the package itself. Lower count contributes to a higher score.\n- license: Score factors relating to package licensing (0-1)\n- licenseIssueLow/Mid/High/Critical: The number of license issues of varying severity. Lower numbers contribute to a higher score.\n- licenseQuality: A score indicating the quality/permissiveness of the package's license. Higher quality contributes to a higher score.\n- miscellaneous: Miscellaneous metadata about the package version.\n- versionAuthorName/Email: The name and email of the version author.\n- fileCount: The number of files in the package.\n- byteCount: The total size in bytes of the package.\n- typeModule: Whether the package declares a \"type\": \"module\" field.\n\nThis endpoint consumes 1 unit of your quota.", - "responses": { - "200": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/SocketPackageScore" - } - } - }, - "description": "Socket package scores" - }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" - }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" - }, - "403": { - "$ref": "#/components/responses/SocketForbidden" - }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - } - }, - "/report/delete/{id}": { - "delete": { - "tags": [ - "Project report" - ], - "summary": "Delete a report", - "operationId": "deleteReport", - "parameters": [ - { - "name": "id", - "in": "path", - "required": true, - "description": "", - "schema": { - "type": "string" - } - } - ], - "security": [ - { - "basicAuth": [ - "report:write" - ] - } - ], - "description": "Delete a specific project report.\n\nThis endpoint consumes 10 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": { + "application/x-ndjson": { "schema": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "status": { + "type": { "type": "string", + "enum": [ + "unknown", + "npm", + "pypi", + "golang" + ], + "description": "", + "default": "unknown" + }, + "namespace": { + "type": "string", + "description": "", + "default": "" + }, + "name": { + "type": "string", + "description": "", + "default": "" + }, + "version": { + "type": "string", + "description": "", + "default": "" + }, + "subpath": { + "type": "string", + "description": "", + "default": "" + }, + "release": { + "type": "string", + "description": "", + "default": "" + }, + "id": { + "type": "string", + "description": "", + "default": "" + }, + "direct": { + "type": "boolean", + "default": false, + "description": "" + }, + "manifestFiles": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "file": { + "type": "string", + "description": "", + "default": "" + }, + "start": { + "type": "integer", + "description": "", + "default": 0 + }, + "end": { + "type": "integer", + "description": "", + "default": 0 + } + }, + "required": [ + "file" + ] + } + }, + "topLevelAncestors": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "dependencies": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "artifact": { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "unknown", + "npm", + "pypi", + "golang" + ], + "description": "", + "default": "unknown" + }, + "namespace": { + "type": "string", + "description": "", + "default": "" + }, + "name": { + "type": "string", + "description": "", + "default": "" + }, + "version": { + "type": "string", + "description": "", + "default": "" + }, + "subpath": { + "type": "string", + "description": "", + "default": "" + }, + "release": { + "type": "string", + "description": "", + "default": "" + }, + "id": { + "type": "string", + "description": "", + "default": "" + } + }, + "required": [ + "id", + "type" + ] + }, + "license": { + "type": "string", + "description": "", + "default": "" + }, + "author": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "size": { + "type": "number", + "description": "", + "default": 0 + }, + "score": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "supplyChain": { + "type": "number", + "description": "", + "default": 0 + }, + "quality": { + "type": "number", + "description": "", + "default": 0 + }, + "maintenance": { + "type": "number", + "description": "", + "default": 0 + }, + "vulnerability": { + "type": "number", + "description": "", + "default": 0 + }, + "license": { + "type": "number", + "description": "", + "default": 0 + }, + "overall": { + "type": "number", + "description": "", + "default": 0 + } + }, + "required": [ + "license", + "maintenance", + "overall", + "quality", + "supplyChain", + "vulnerability" + ] + }, + "alerts": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "key": { + "type": "string", + "description": "", + "default": "" + }, + "type": { + "type": "string", + "description": "", + "default": "" + }, + "severity": { + "$ref": "#/components/schemas/SocketIssueSeverity" + }, + "category": { + "$ref": "#/components/schemas/SocketCategory" + }, + "file": { + "type": "string", + "description": "", + "default": "" + }, + "start": { + "type": "integer", + "description": "", + "default": 0 + }, + "end": { + "type": "integer", + "description": "", + "default": 0 + }, + "props": { + "type": "object", + "description": "", + "default": null + } + }, + "required": [ + "category", + "key", + "severity", + "type" + ] + } + }, + "batchIndex": { + "type": "integer", "description": "", - "default": "ok" + "default": 0 } }, "required": [ - "status" + "id", + "type" ] } } }, - "description": "Success" + "description": "Socket issue lists and scores for all packages" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -6275,153 +6428,75 @@ "x-readme": {} } }, - "/report/list": { + "/orgs/{org_slug}/full-scans": { "get": { "tags": [ - "Project report" + "Full Scans" ], - "summary": "Get list of reports", - "operationId": "getReportList", - "security": [ + "summary": "List full scans", + "operationId": "getOrgFullScanList", + "parameters": [ { - "basicAuth": [ - "report:list" - ] - } - ], - "description": "Get all your project reports.\n\nThis endpoint consumes 10 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": { - "schema": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "id": { - "type": "string", - "description": "", - "default": "" - }, - "url": { - "type": "string", - "description": "", - "default": "" - }, - "repo": { - "type": "string", - "description": "", - "default": "" - }, - "branch": { - "type": "string", - "description": "", - "default": "" - }, - "pull_requests": { - "type": "object", - "description": "", - "default": null - }, - "commit": { - "type": "string", - "description": "", - "default": "" - }, - "owner": { - "type": "string", - "description": "", - "default": "" - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - } - }, - "required": [ - "branch", - "commit", - "created_at", - "id", - "owner", - "pull_requests", - "repo", - "url" - ] - } - } - } - }, - "description": "List of project reports" - }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" + { + "name": "sort", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "string", + "default": "created" + } }, - "403": { - "$ref": "#/components/responses/SocketForbidden" + { + "name": "direction", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "string", + "default": "desc" + } }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" + { + "name": "per_page", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "integer", + "minimum": 1, + "maximum": 100, + "default": 30 + } }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" + { + "name": "page", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "integer", + "minimum": 1, + "default": 1 + } } - }, - "x-readme": {} - } - }, - "/report/upload": { - "put": { - "tags": [ - "Project report" ], - "summary": "Create a report", - "operationId": "createReport", - "requestBody": { - "content": { - "multipart/form-data": { - "schema": { - "type": "object", - "additionalProperties": { - "type": "string", - "default": { - "type": "Buffer", - "data": [] - }, - "format": "binary", - "description": "" - }, - "properties": { - "issueRules": { - "type": "object", - "additionalProperties": { - "type": "boolean", - "default": false, - "description": "" - }, - "properties": {} - } - } - } - } - }, - "required": false - }, "security": [ { "basicAuth": [ - "report:write" + "full-scans:list" ] } ], - "description": "Upload a lockfile to get your project analyzed by Socket.\nYou can upload multiple lockfiles in the same request, but each filename must be unique.\n\nThe name of the file must be in the supported list.\n\nFor example, these are valid filenames: `package.json`, `folder/package.json` and `deep/nested/folder/package.json`.\n\nThis endpoint consumes 100 units of your quota.", + "description": "Returns a paginated list of all full scans in an org, excluding SBOM artifacts.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { @@ -6431,25 +6506,92 @@ "additionalProperties": false, "description": "", "properties": { - "id": { - "type": "string", - "description": "", - "default": "" + "results": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "id": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "", + "default": "" + }, + "organization_id": { + "type": "string", + "description": "", + "default": "" + }, + "repository_id": { + "type": "string", + "description": "", + "default": "" + }, + "committers": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "repo": { + "type": "string", + "description": "", + "default": "" + }, + "branch": { + "type": "string", + "description": "", + "default": "" + }, + "commit_message": { + "type": "string", + "description": "", + "default": "" + }, + "commit_hash": { + "type": "string", + "description": "", + "default": "" + }, + "pull_request": { + "type": "integer", + "description": "", + "default": 0 + }, + "html_report_url": { + "type": "string", + "description": "", + "default": "" + } + } + } }, - "url": { - "type": "string", + "nextPage": { + "type": "integer", "description": "", - "default": "" + "default": 0 } }, "required": [ - "id", - "url" + "nextPage", + "results" ] } } }, - "description": "ID and URL of the project report" + "description": "Lists repositories for the specified organization. The authenticated user must be a member of the organization." }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -6460,189 +6602,231 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" } }, "x-readme": {} - } - }, - "/report/view/{id}": { - "get": { + }, + "post": { "tags": [ - "Project report" + "Full Scans" ], - "summary": "View a report", - "operationId": "getReport", + "summary": "Create full scan", + "operationId": "CreateOrgFullScan", "parameters": [ { - "name": "id", + "name": "org_slug", "in": "path", "required": true, - "description": "", + "description": "The slug of the organization", "schema": { "type": "string" } - } - ], - "security": [ - { - "basicAuth": [ - "report:read" - ] - } - ], - "description": "Get all the issues, packages, and scores related to an specific project report.\n\nThis endpoint consumes 10 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/SocketReport" - } - } - }, - "description": "Socket report" }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" + { + "name": "repo", + "in": "query", + "required": true, + "description": "The slug of the repository to associate the full-scan with.", + "schema": { + "type": "string" + } }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" + { + "name": "branch", + "in": "query", + "required": false, + "description": "The branch name to associate the full-scan with.", + "schema": { + "type": "string" + } }, - "403": { - "$ref": "#/components/responses/SocketForbidden" + { + "name": "commit_message", + "in": "query", + "required": false, + "description": "The commit message to associate the full-scan with.", + "schema": { + "type": "string" + } }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" + { + "name": "commit_hash", + "in": "query", + "required": false, + "description": "The commit hash to associate the full-scan with.", + "schema": { + "type": "string" + } }, - "410": { - "$ref": "#/components/responses/SocketGone" + { + "name": "pull_request", + "in": "query", + "required": false, + "description": "The pull request number to associate the full-scan with.", + "schema": { + "type": "integer", + "minimum": 1 + } }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - } - }, - "/report/supported": { - "get": { - "tags": [ - "Project report" - ], - "summary": "Get supported files for report", - "operationId": "getReportSupportedFiles", - "security": [ - {} - ], - "description": "Get a list of supported files for project report generation.\nFiles are categorized first by environment (e.g. NPM or PyPI), then by name.\n\nFiles whose names match the patterns returned by this endpoint can be uploaded for report generation.\nExamples of supported filenames include `package.json`, `package-lock.json`, and `yarn.lock`.\n\nThis endpoint consumes 0 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": { - "type": "object", - "additionalProperties": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "pattern": { - "type": "string", - "description": "", - "default": "" - } - }, - "required": [ - "pattern" - ] - }, - "properties": {} - }, - "properties": {} - } - } - }, - "description": "Glob patterns used to match supported files" + { + "name": "committers", + "in": "query", + "required": false, + "description": "The committers to associate the full-scan with. Set query more than once to set multiple.", + "schema": { + "type": "string" + } }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" + { + "name": "make_default_branch", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": false + } }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - } - }, - "/openapi": { - "get": { - "tags": [ - "Openapi" - ], - "summary": "Returns the OpenAPI definition", - "operationId": "getOpenAPI", - "security": [ - {} - ], - "description": "Retrieve the API specification in an Openapi JSON format.\n\nThis endpoint consumes 0 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": {} - }, - "description": "OpenAPI specification" + { + "name": "set_as_pending_head", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": false + } }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" + { + "name": "tmp", + "in": "query", + "required": false, + "schema": { + "type": "boolean", + "default": false + } } - }, - "x-readme": {} - } - }, - "/quota": { - "get": { - "tags": [ - "Quota" ], - "summary": "Get quota", - "operationId": "getQuota", + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "string", + "default": { + "type": "Buffer", + "data": [] + }, + "format": "binary", + "description": "" + }, + "properties": {} + } + } + }, + "required": false + }, "security": [ { - "basicAuth": [] + "basicAuth": [ + "full-scans:create" + ] } ], - "description": "Get your current API quota. You can use this endpoint to prevent doing requests that might spend all your quota.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Create a full scan from a set of package manifest files. Returns a full scan including all SBOM artifacts.\n\nThis endpoint consumes 0 units of your quota.", "responses": { - "200": { + "201": { "content": { "application/json": { "schema": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "quota": { + "id": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "", + "default": "" + }, + "organization_id": { + "type": "string", + "description": "", + "default": "" + }, + "repository_id": { + "type": "string", + "description": "", + "default": "" + }, + "committers": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "repo": { + "type": "string", + "description": "", + "default": "" + }, + "branch": { + "type": "string", + "description": "", + "default": "" + }, + "commit_message": { + "type": "string", + "description": "", + "default": "" + }, + "commit_hash": { + "type": "string", + "description": "", + "default": "" + }, + "pull_request": { "type": "integer", "description": "", - "default": 0, - "minimum": 0 + "default": 0 + }, + "html_report_url": { + "type": "string", + "description": "", + "default": "" } - }, - "required": [ - "quota" - ] + } } } }, - "description": "Quota amount" + "description": "Upload manifest files to create a full scan in an org's repo" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" }, "401": { "$ref": "#/components/responses/SocketUnauthorized" }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" } @@ -6650,227 +6834,395 @@ "x-readme": {} } }, - "/organizations": { + "/orgs/{org_slug}/full-scans/{full_scan_id}": { "get": { "tags": [ - "Organizations" + "Full Scans" + ], + "summary": "Stream full scan", + "operationId": "getOrgFullScan", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "full_scan_id", + "in": "path", + "required": true, + "description": "The ID of the full scan", + "schema": { + "type": "string" + } + } ], - "summary": "List organizations", - "operationId": "getOrganizations", "security": [ { - "basicAuth": [] + "basicAuth": [ + "full-scans:list" + ] } ], - "description": "Get information on the current organizations associated with the API key.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Stream all SBOM artifacts for a full scan.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { - "application/json": { + "application/x-ndjson": { "schema": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "organizations": { - "type": "object", - "additionalProperties": { + "type": { + "type": "string", + "enum": [ + "unknown", + "npm", + "pypi", + "golang" + ], + "description": "", + "default": "unknown" + }, + "namespace": { + "type": "string", + "description": "", + "default": "" + }, + "name": { + "type": "string", + "description": "", + "default": "" + }, + "version": { + "type": "string", + "description": "", + "default": "" + }, + "subpath": { + "type": "string", + "description": "", + "default": "" + }, + "release": { + "type": "string", + "description": "", + "default": "" + }, + "id": { + "type": "string", + "description": "", + "default": "" + }, + "direct": { + "type": "boolean", + "default": false, + "description": "" + }, + "manifestFiles": { + "type": "array", + "items": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "id": { - "type": "string", - "description": "", - "default": "" - }, - "name": { - "type": "string", - "description": "", - "default": "" - }, - "image": { + "file": { "type": "string", "description": "", "default": "" }, - "plan": { - "type": "string", + "start": { + "type": "integer", "description": "", - "default": "" + "default": 0 }, - "slug": { - "type": "string", + "end": { + "type": "integer", "description": "", - "default": "" + "default": 0 } }, - "required": [ - "id", - "image", - "name", - "plan", - "slug" - ] + "required": [ + "file" + ] + } + }, + "topLevelAncestors": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "dependencies": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "artifact": { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "unknown", + "npm", + "pypi", + "golang" + ], + "description": "", + "default": "unknown" + }, + "namespace": { + "type": "string", + "description": "", + "default": "" + }, + "name": { + "type": "string", + "description": "", + "default": "" + }, + "version": { + "type": "string", + "description": "", + "default": "" + }, + "subpath": { + "type": "string", + "description": "", + "default": "" + }, + "release": { + "type": "string", + "description": "", + "default": "" + }, + "id": { + "type": "string", + "description": "", + "default": "" + } }, - "properties": {} - } - }, - "required": [ - "organizations" - ] - } - } - }, - "description": "Organizations information" - }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" - }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - } - }, - "/settings": { - "post": { - "tags": [ - "Settings" - ], - "summary": "Calculate settings", - "operationId": "postSettings", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "organization": { + "required": [ + "id", + "type" + ] + }, + "license": { "type": "string", "description": "", "default": "" - } - } - } - } - } - }, - "required": false - }, - "security": [ - { - "basicAuth": [] - } - ], - "description": "Get your current settings the requested organizations and default settings to allow deferrals.\n\nThis endpoint consumes 0 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "defaults": { + }, + "author": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + } + }, + "size": { + "type": "number", + "description": "", + "default": 0 + }, + "score": { "type": "object", "additionalProperties": false, "description": "", "properties": { - "issueRules": { - "type": "object", - "additionalProperties": { - "type": "object", - "properties": { - "action": { - "type": "string", - "enum": [ - "error", - "ignore", - "warn" - ] - } - } - } + "supplyChain": { + "type": "number", + "description": "", + "default": 0 + }, + "quality": { + "type": "number", + "description": "", + "default": 0 + }, + "maintenance": { + "type": "number", + "description": "", + "default": 0 + }, + "vulnerability": { + "type": "number", + "description": "", + "default": 0 + }, + "license": { + "type": "number", + "description": "", + "default": 0 + }, + "overall": { + "type": "number", + "description": "", + "default": 0 } }, "required": [ - "issueRules" + "license", + "maintenance", + "overall", + "quality", + "supplyChain", + "vulnerability" ] }, - "entries": { + "alerts": { "type": "array", "items": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "start": { + "key": { "type": "string", "description": "", - "default": "", - "nullable": true + "default": "" }, - "settings": { + "type": { + "type": "string", + "description": "", + "default": "" + }, + "severity": { + "$ref": "#/components/schemas/SocketIssueSeverity" + }, + "category": { + "$ref": "#/components/schemas/SocketCategory" + }, + "file": { + "type": "string", + "description": "", + "default": "" + }, + "start": { + "type": "integer", + "description": "", + "default": 0 + }, + "end": { + "type": "integer", + "description": "", + "default": 0 + }, + "props": { "type": "object", - "additionalProperties": { - "type": "object", - "properties": { - "deferTo": { - "type": "string", - "nullable": true - }, - "issueRules": { - "type": "object", - "nullable": false, - "additionalProperties": { - "type": "object", - "nullable": false, - "properties": { - "action": { - "type": "string", - "enum": [ - "defer", - "error", - "ignore", - "warn", - "monitor" - ] - } - }, - "required": [ - "action" - ] - } - } - }, - "required": [ - "deferTo", - "issueRules" - ] - } + "description": "", + "default": null } }, - "required": [ - "settings", - "start" + "required": [ + "category", + "key", + "severity", + "type" ] } + }, + "batchIndex": { + "type": "integer", + "description": "", + "default": 0 } }, "required": [ - "defaults", - "entries" + "id", + "type" ] } } }, - "description": "Organization settings" + "description": "Socket issue lists and scores for all packages" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + }, + "delete": { + "tags": [ + "Full Scans" + ], + "summary": "Delete full scan", + "operationId": "deleteOrgFullScan", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "full_scan_id", + "in": "path", + "required": true, + "description": "The ID of the full scan", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "basicAuth": [ + "full-scans:delete" + ] + } + ], + "description": "Delete an existing full scan.\n\nThis endpoint consumes 0 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "status": { + "type": "string", + "description": "", + "default": "ok" + } + }, + "required": [ + "status" + ] + } + } + }, + "description": "Success" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" }, "401": { "$ref": "#/components/responses/SocketUnauthorized" @@ -6878,6 +7230,9 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" } @@ -6885,33 +7240,41 @@ "x-readme": {} } }, - "/repo/list": { + "/orgs/{org_slug}/full-scans/{full_scan_id}/metadata": { "get": { "tags": [ - "Repositories" + "Full Scans" ], - "summary": "Get list of repos and their latest project report", - "operationId": "getRepoList", + "summary": "Get full scan metadata", + "operationId": "getOrgFullScanMetadata", "parameters": [ { - "name": "pageToken", - "in": "query", - "required": false, - "description": "", + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", "schema": { - "type": "string", - "default": "" + "type": "string" + } + }, + { + "name": "full_scan_id", + "in": "path", + "required": true, + "description": "The ID of the full scan", + "schema": { + "type": "string" } } ], "security": [ { "basicAuth": [ - "repo:list" + "full-scans:list" ] } ], - "description": "Get all repositories in an org including their latest project report.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Get metadata for a single full scan\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { @@ -6919,86 +7282,75 @@ "schema": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "results": { + "id": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "", + "default": "" + }, + "organization_id": { + "type": "string", + "description": "", + "default": "" + }, + "repository_id": { + "type": "string", + "description": "", + "default": "" + }, + "committers": { "type": "array", "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "", - "default": "" - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - }, - "updated_at": { - "type": "string", - "description": "", - "default": "" - }, - "github_install_id": { - "type": "string", - "description": "", - "default": "" - }, - "github_repo_id": { - "type": "string", - "description": "", - "default": "" - }, - "name": { - "type": "string", - "description": "", - "default": "" - }, - "github_full_name": { - "type": "string", - "description": "", - "default": "" - }, - "organization_id": { - "type": "string", - "description": "", - "default": "" - }, - "latest_project_report": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "id": { - "type": "string", - "description": "", - "default": "" - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - } - }, - "required": [ - "created_at", - "id" - ] - } - } + "type": "string", + "description": "", + "default": "" } + }, + "repo": { + "type": "string", + "description": "", + "default": "" + }, + "branch": { + "type": "string", + "description": "", + "default": "" + }, + "commit_message": { + "type": "string", + "description": "", + "default": "" + }, + "commit_hash": { + "type": "string", + "description": "", + "default": "" + }, + "pull_request": { + "type": "integer", + "description": "", + "default": 0 + }, + "html_report_url": { + "type": "string", + "description": "", + "default": "" } - }, - "required": [ - "results" - ] + } } } }, - "description": "List of repos and their latest project report for the organization associated with the token used" + "description": "The data from the full scan" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -7019,50 +7371,75 @@ "x-readme": {} } }, - "/dependencies/search": { - "post": { + "/orgs/{org_slug}/repos": { + "get": { "tags": [ - "Dependencies" + "Repositories" ], - "summary": "Search dependencies", - "operationId": "searchDependencies", - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "limit": { - "type": "integer", - "description": "", - "default": 50, - "minimum": 1, - "maximum": 1000 - }, - "offset": { - "type": "integer", - "description": "", - "default": 0, - "minimum": 0 - } - }, - "required": [ - "limit", - "offset" - ] - } + "summary": "List repositories", + "operationId": "getOrgRepoList", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" } }, - "required": false - }, + { + "name": "sort", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "string", + "default": "created_at" + } + }, + { + "name": "direction", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "string", + "default": "desc" + } + }, + { + "name": "per_page", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "integer", + "minimum": 1, + "maximum": 100, + "default": 30 + } + }, + { + "name": "page", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "integer", + "minimum": 1, + "default": 1 + } + } + ], "security": [ { - "basicAuth": [] + "basicAuth": [ + "repo:list" + ] } ], - "description": "Search for any dependency that is being used in your organization.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Lists repositories for the specified organization.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { @@ -7072,92 +7449,88 @@ "additionalProperties": false, "description": "", "properties": { - "end": { - "type": "boolean", - "default": false, - "description": "" - }, - "limit": { - "type": "integer", - "description": "", - "default": 1000 - }, - "offset": { - "type": "integer", - "description": "", - "default": 0 - }, - "rows": { + "results": { "type": "array", "items": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "branch": { + "id": { "type": "string", - "description": "", + "description": "The ID of the repository", "default": "" }, - "direct": { - "type": "boolean", - "default": false, - "description": "" + "created_at": { + "type": "string", + "description": "The creation date of the repository", + "default": "" }, - "id": { + "updated_at": { "type": "string", - "description": "", + "description": "The last update date of the repository", "default": "" }, - "name": { + "slug": { "type": "string", - "description": "", + "description": "The slug of the repository", "default": "" }, - "namespace": { + "head_full_scan_id": { "type": "string", - "description": "", + "description": "The ID of the head full scan of the repository", "default": "" }, - "repository": { + "name": { "type": "string", - "description": "", + "description": "The name of the repository", "default": "" }, - "type": { + "description": { "type": "string", - "description": "", + "description": "The description of the repository", "default": "" }, - "version": { + "homepage": { "type": "string", - "description": "", + "description": "The homepage URL of the repository", "default": "" + }, + "visibility": { + "type": "string", + "enum": [ + "public", + "private" + ], + "description": "The visibility of the repository", + "default": "private" + }, + "archived": { + "type": "boolean", + "default": false, + "description": "Whether the repository is archived or not" + }, + "default_branch": { + "type": "string", + "description": "The default branch of the repository", + "default": "main" } - }, - "required": [ - "branch", - "direct", - "id", - "name", - "namespace", - "repository", - "type", - "version" - ] + } } + }, + "nextPage": { + "type": "integer", + "description": "", + "default": 0 } }, "required": [ - "end", - "limit", - "offset", - "rows" + "nextPage", + "results" ] } } }, - "description": "List of repos and their latest project report for the organization associated with the token used" + "description": "Lists repositories for the specified organization. The authenticated user must be a member of the organization." }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -7176,61 +7549,64 @@ } }, "x-readme": {} - } - }, - "/dependencies/upload": { + }, "post": { "tags": [ - "Dependencies" + "Repositories" ], - "summary": "Create a snapshot of all dependencies from manifest information", - "operationId": "createDependenciesSnapshot", + "summary": "Create repository", + "operationId": "createOrgRepo", "parameters": [ { - "name": "repository", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "string", - "default": "" - } - }, - { - "name": "branch", - "in": "query", - "required": false, - "description": "", + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", "schema": { - "type": "string", - "default": "" + "type": "string" } } ], "requestBody": { "content": { - "multipart/form-data": { + "application/json": { "schema": { "type": "object", - "additionalProperties": { - "type": "string", - "default": { - "type": "Buffer", - "data": [] - }, - "format": "binary", - "description": "" - }, + "additionalProperties": false, "properties": { - "repository": { + "name": { + "type": "string", + "description": "The name of the repository", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the repository", + "default": "" + }, + "homepage": { + "type": "string", + "description": "The homepage URL of the repository", + "default": "" + }, + "visibility": { "type": "string", - "description": "", - "default": "" + "enum": [ + "public", + "private" + ], + "description": "The visibility of the repository", + "default": "private" }, - "branch": { + "archived": { + "type": "boolean", + "default": false, + "description": "Whether the repository is archived or not" + }, + "default_branch": { "type": "string", - "description": "", - "default": "" + "description": "The default branch of the repository", + "default": "main" } } } @@ -7241,24 +7617,83 @@ "security": [ { "basicAuth": [ - "report:write" + "repo:create" ] } ], - "description": "Upload a set of manifest or lockfiles to get your dependency tree analyzed by Socket.\nYou can upload multiple lockfiles in the same request, but each filename must be unique.\n\nThe name of the file must be in the supported list.\n\nFor example, these are valid filenames: \"requirements.txt\", \"package.json\", \"folder/package.json\", and \"deep/nested/folder/package.json\".\n\nThis endpoint consumes 100 units of your quota.", + "description": "Create a repository.\n\nRepos collect Full scans and Diff scans and are typically associated with a git repo.\n\nThis endpoint consumes 0 units of your quota.", "responses": { - "200": { + "201": { "content": { "application/json": { "schema": { "type": "object", "additionalProperties": false, - "description": "", - "properties": {} + "properties": { + "id": { + "type": "string", + "description": "The ID of the repository", + "default": "" + }, + "created_at": { + "type": "string", + "description": "The creation date of the repository", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "The last update date of the repository", + "default": "" + }, + "slug": { + "type": "string", + "description": "The slug of the repository", + "default": "" + }, + "head_full_scan_id": { + "type": "string", + "description": "The ID of the head full scan of the repository", + "default": "" + }, + "name": { + "type": "string", + "description": "The name of the repository", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the repository", + "default": "" + }, + "homepage": { + "type": "string", + "description": "The homepage URL of the repository", + "default": "" + }, + "visibility": { + "type": "string", + "enum": [ + "public", + "private" + ], + "description": "The visibility of the repository", + "default": "private" + }, + "archived": { + "type": "boolean", + "default": false, + "description": "Whether the repository is archived or not" + }, + "default_branch": { + "type": "string", + "description": "The default branch of the repository", + "default": "main" + } + } } } }, - "description": "ID of the dependencies snapshot" + "description": "Lists repositories for the specified organization. The authenticated user must be a member of the organization." }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -7269,23 +7704,23 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" - }, - "500": { - "$ref": "#/components/responses/SocketInternalServerError" } }, "x-readme": {} } }, - "/orgs/{org_slug}/repos": { + "/orgs/{org_slug}/repos/{repo_slug}": { "get": { "tags": [ "Repositories" ], - "summary": "List repositories (unstable)", - "operationId": "getOrgRepoList", + "summary": "Get repository", + "operationId": "getOrgRepo", "parameters": [ { "name": "org_slug", @@ -7297,46 +7732,12 @@ } }, { - "name": "sort", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "string", - "default": "created_at" - } - }, - { - "name": "direction", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "string", - "default": "desc" - } - }, - { - "name": "per_page", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "integer", - "minimum": 1, - "maximum": 100, - "default": 30 - } - }, - { - "name": "page", - "in": "query", - "required": false, - "description": "", + "name": "repo_slug", + "in": "path", + "required": true, + "description": "The slug of the repository", "schema": { - "type": "integer", - "minimum": 1, - "default": 1 + "type": "string" } } ], @@ -7347,7 +7748,7 @@ ] } ], - "description": "Lists repositories for the specified organization.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Retrieve a repository associated with an organization.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { @@ -7355,86 +7756,67 @@ "schema": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "results": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "The ID of the repository", - "default": "" - }, - "created_at": { - "type": "string", - "description": "The creation date of the repository", - "default": "" - }, - "updated_at": { - "type": "string", - "description": "The last update date of the repository", - "default": "" - }, - "slug": { - "type": "string", - "description": "The slug of the repository", - "default": "" - }, - "head_full_scan_id": { - "type": "string", - "description": "The ID of the head full scan of the repository", - "default": "" - }, - "name": { - "type": "string", - "description": "The name of the repository", - "default": "" - }, - "description": { - "type": "string", - "description": "The description of the repository", - "default": "" - }, - "homepage": { - "type": "string", - "description": "The homepage URL of the repository", - "default": "" - }, - "visibility": { - "type": "string", - "enum": [ - "public", - "private" - ], - "description": "The visibility of the repository", - "default": "private" - }, - "archived": { - "type": "boolean", - "default": false, - "description": "Whether the repository is archived or not" - }, - "default_branch": { - "type": "string", - "description": "The default branch of the repository", - "default": "main" - } - } - } + "id": { + "type": "string", + "description": "The ID of the repository", + "default": "" + }, + "created_at": { + "type": "string", + "description": "The creation date of the repository", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "The last update date of the repository", + "default": "" + }, + "slug": { + "type": "string", + "description": "The slug of the repository", + "default": "" + }, + "head_full_scan_id": { + "type": "string", + "description": "The ID of the head full scan of the repository", + "default": "" + }, + "name": { + "type": "string", + "description": "The name of the repository", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the repository", + "default": "" + }, + "homepage": { + "type": "string", + "description": "The homepage URL of the repository", + "default": "" + }, + "visibility": { + "type": "string", + "enum": [ + "public", + "private" + ], + "description": "The visibility of the repository", + "default": "private" }, - "nextPage": { - "type": "integer", - "description": "", - "default": 0 + "archived": { + "type": "boolean", + "default": false, + "description": "Whether the repository is archived or not" + }, + "default_branch": { + "type": "string", + "description": "The default branch of the repository", + "default": "main" } - }, - "required": [ - "nextPage", - "results" - ] + } } } }, @@ -7462,8 +7844,8 @@ "tags": [ "Repositories" ], - "summary": "Create repository (unstable)", - "operationId": "createOrgRepo", + "summary": "Update repository", + "operationId": "updateOrgRepo", "parameters": [ { "name": "org_slug", @@ -7473,6 +7855,15 @@ "schema": { "type": "string" } + }, + { + "name": "repo_slug", + "in": "path", + "required": true, + "description": "The slug of the repository", + "schema": { + "type": "string" + } } ], "requestBody": { @@ -7525,13 +7916,13 @@ "security": [ { "basicAuth": [ - "repo:create" + "repo:update" ] } ], - "description": "Create a repository.\n\nRepos collect Full scans and Diff scans and are typically associated with a git repo.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Update details of an existing repository.\n\nThis endpoint consumes 0 units of your quota.", "responses": { - "201": { + "200": { "content": { "application/json": { "schema": { @@ -7573,35 +7964,318 @@ "description": "The description of the repository", "default": "" }, - "homepage": { + "homepage": { + "type": "string", + "description": "The homepage URL of the repository", + "default": "" + }, + "visibility": { + "type": "string", + "enum": [ + "public", + "private" + ], + "description": "The visibility of the repository", + "default": "private" + }, + "archived": { + "type": "boolean", + "default": false, + "description": "Whether the repository is archived or not" + }, + "default_branch": { + "type": "string", + "description": "The default branch of the repository", + "default": "main" + } + } + } + } + }, + "description": "Update a repositories details" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + }, + "delete": { + "tags": [ + "Repositories" + ], + "summary": "Delete repository", + "operationId": "deleteOrgRepo", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "repo_slug", + "in": "path", + "required": true, + "description": "The slug of the repository", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "basicAuth": [ + "repo:delete" + ] + } + ], + "description": "Delete a single repository and all of its associated Full scans and Diff scans.\n\nThis endpoint consumes 0 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "status": { + "type": "string", + "description": "", + "default": "ok" + } + }, + "required": [ + "status" + ] + } + } + }, + "description": "Success" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/orgs/{org_slug}/audit-log": { + "get": { + "tags": [ + "Audit Log" + ], + "summary": "Get Audit Log Events", + "operationId": "getAuditLogEvents", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "type", + "in": "query", + "required": false, + "description": "Filter audit log events by type. Omit for all types.", + "schema": { + "type": "string", + "enum": [ + "BookDemo", + "CancelInvitation", + "ChangeMemberRole", + "ChangePlanSubscriptionSeats", + "ContactForm", + "CreateApiToken", + "CreateUser", + "GithubAppInstallation", + "JoinOrganizationByVcs", + "LinkAccount", + "RemoveMember", + "ResetInvitationLink", + "ResetOrganizationSettingToDefault", + "RotateApiToken", + "SendInvitation", + "SignIn", + "SignOut", + "Subscribe", + "SyncOrganization", + "TransferOwnership", + "UpdateAlertTriage", + "UpdateApiTokenName", + "UpdateApiTokenScopes", + "UpdateApiTokenVisibility", + "UpdateOrganizationSetting", + "UpgradeOrganizationPlan", + "VerifiedEmail" + ] + } + }, + { + "name": "per_page", + "in": "query", + "required": false, + "description": "Number of events per page", + "schema": { + "type": "integer", + "minimum": 1, + "maximum": 100, + "default": 30 + } + }, + { + "name": "page", + "in": "query", + "required": false, + "description": "Page token", + "schema": { + "type": "string", + "default": "1" + } + } + ], + "security": [ + { + "basicAuth": [ + "audit-log:list" + ] + } + ], + "description": "Paginated list of audit log events.\n\nThis endpoint consumes 0 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "results": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "event_id": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "", + "default": "" + }, + "country_code": { + "type": "string", + "description": "", + "default": "" + }, + "organization_id": { + "type": "string", + "description": "", + "default": "" + }, + "ip_address": { + "type": "string", + "description": "", + "default": "" + }, + "payload": { + "type": "object", + "description": "", + "default": null + }, + "status_code": { + "type": "integer", + "description": "", + "default": 0 + }, + "type": { + "type": "string", + "description": "", + "default": "" + }, + "user_agent": { + "type": "string", + "description": "", + "default": "" + }, + "user_id": { + "type": "string", + "description": "", + "default": "" + }, + "user_email": { + "type": "string", + "description": "", + "default": "" + }, + "user_image": { + "type": "string", + "description": "", + "default": "" + }, + "organization_name": { + "type": "string", + "description": "", + "default": "" + } + } + } + }, + "nextPage": { "type": "string", - "description": "The homepage URL of the repository", + "description": "", "default": "" - }, - "visibility": { - "type": "string", - "enum": [ - "public", - "private" - ], - "description": "The visibility of the repository", - "default": "private" - }, - "archived": { - "type": "boolean", - "default": false, - "description": "Whether the repository is archived or not" - }, - "default_branch": { - "type": "string", - "description": "The default branch of the repository", - "default": "main" } - } + }, + "required": [ + "nextPage", + "results" + ] } } }, - "description": "Lists repositories for the specified organization. The authenticated user must be a member of the organization." + "description": "The paginated list of events in an organizations audit log and the next page querystring token." }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -7622,28 +8296,19 @@ "x-readme": {} } }, - "/orgs/{org_slug}/repos/{repo_slug}": { + "/analytics/org/{filter}": { "get": { "tags": [ - "Repositories" + "Analytics" ], - "summary": "Get repository (unstable)", - "operationId": "getOrgRepo", + "summary": "Get organization analytics (unstable)", + "operationId": "getOrgAnalytics", "parameters": [ { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" - } - }, - { - "name": "repo_slug", + "name": "filter", "in": "path", "required": true, - "description": "The slug of the repository", + "description": "", "schema": { "type": "string" } @@ -7652,83 +8317,138 @@ "security": [ { "basicAuth": [ - "repo:list" + "report:write" ] } ], - "description": "Retrieve a repository associated with an organization.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Get analytics data regarding the number of alerts found across all active repositories.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { "application/json": { "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "The ID of the repository", - "default": "" - }, - "created_at": { - "type": "string", - "description": "The creation date of the repository", - "default": "" - }, - "updated_at": { - "type": "string", - "description": "The last update date of the repository", - "default": "" - }, - "slug": { - "type": "string", - "description": "The slug of the repository", - "default": "" - }, - "head_full_scan_id": { - "type": "string", - "description": "The ID of the head full scan of the repository", - "default": "" - }, - "name": { - "type": "string", - "description": "The name of the repository", - "default": "" - }, - "description": { - "type": "string", - "description": "The description of the repository", - "default": "" - }, - "homepage": { - "type": "string", - "description": "The homepage URL of the repository", - "default": "" - }, - "visibility": { - "type": "string", - "enum": [ - "public", - "private" - ], - "description": "The visibility of the repository", - "default": "private" - }, - "archived": { - "type": "boolean", - "default": false, - "description": "Whether the repository is archived or not" + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "id": { + "type": "integer", + "description": "", + "default": 0 + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + }, + "repository_id": { + "type": "string", + "description": "", + "default": "" + }, + "organization_id": { + "type": "integer", + "description": "", + "default": 0 + }, + "repository_name": { + "type": "string", + "description": "", + "default": "" + }, + "total_critical_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_high_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_medium_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_low_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_critical_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_high_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_medium_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_low_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_critical_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_high_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_medium_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_low_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "top_five_alert_types": { + "type": "object", + "default": {}, + "additionalProperties": false + } }, - "default_branch": { - "type": "string", - "description": "The default branch of the repository", - "default": "main" - } + "required": [ + "created_at", + "id", + "organization_id", + "repository_id", + "repository_name", + "top_five_alert_types", + "total_critical_added", + "total_critical_alerts", + "total_critical_prevented", + "total_high_added", + "total_high_alerts", + "total_high_prevented", + "total_low_added", + "total_low_alerts", + "total_low_prevented", + "total_medium_added", + "total_medium_alerts", + "total_medium_prevented" + ] } } } }, - "description": "Lists repositories for the specified organization. The authenticated user must be a member of the organization." + "description": "Socket analytics - organization-level data" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -7739,243 +8459,175 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" } }, "x-readme": {} - }, - "post": { + } + }, + "/analytics/repo/{name}/{filter}": { + "get": { "tags": [ - "Repositories" + "Analytics" ], - "summary": "Update repository (unstable)", - "operationId": "updateOrgRepo", + "summary": "Get repository analytics", + "operationId": "getRepoAnalytics", "parameters": [ { - "name": "org_slug", + "name": "name", "in": "path", "required": true, - "description": "The slug of the organization", + "description": "", "schema": { "type": "string" } }, { - "name": "repo_slug", + "name": "filter", "in": "path", "required": true, - "description": "The slug of the repository", + "description": "", "schema": { "type": "string" } } ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "name": { - "type": "string", - "description": "The name of the repository", - "default": "" - }, - "description": { - "type": "string", - "description": "The description of the repository", - "default": "" - }, - "homepage": { - "type": "string", - "description": "The homepage URL of the repository", - "default": "" - }, - "visibility": { - "type": "string", - "enum": [ - "public", - "private" - ], - "description": "The visibility of the repository", - "default": "private" - }, - "archived": { - "type": "boolean", - "default": false, - "description": "Whether the repository is archived or not" - }, - "default_branch": { - "type": "string", - "description": "The default branch of the repository", - "default": "main" - } - } - } - } - }, - "required": false - }, "security": [ { "basicAuth": [ - "repo:update" + "report:write" ] } ], - "description": "Update details of an existing repository.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Get analytics data regarding the number of alerts found in a single repository.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { "application/json": { "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "The ID of the repository", - "default": "" - }, - "created_at": { - "type": "string", - "description": "The creation date of the repository", - "default": "" - }, - "updated_at": { - "type": "string", - "description": "The last update date of the repository", - "default": "" - }, - "slug": { - "type": "string", - "description": "The slug of the repository", - "default": "" - }, - "head_full_scan_id": { - "type": "string", - "description": "The ID of the head full scan of the repository", - "default": "" - }, - "name": { - "type": "string", - "description": "The name of the repository", - "default": "" - }, - "description": { - "type": "string", - "description": "The description of the repository", - "default": "" - }, - "homepage": { - "type": "string", - "description": "The homepage URL of the repository", - "default": "" - }, - "visibility": { - "type": "string", - "enum": [ - "public", - "private" - ], - "description": "The visibility of the repository", - "default": "private" - }, - "archived": { - "type": "boolean", - "default": false, - "description": "Whether the repository is archived or not" + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "id": { + "type": "integer", + "description": "", + "default": 0 + }, + "repository_id": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + }, + "organization_id": { + "type": "integer", + "description": "", + "default": 0 + }, + "repository_name": { + "type": "string", + "description": "", + "default": "" + }, + "total_critical_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_high_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_medium_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_low_alerts": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_critical_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_high_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_medium_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_low_added": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_critical_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_high_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_medium_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "total_low_prevented": { + "type": "integer", + "description": "", + "default": 0 + }, + "top_five_alert_types": { + "type": "object", + "default": {}, + "additionalProperties": false + } }, - "default_branch": { - "type": "string", - "description": "The default branch of the repository", - "default": "main" - } + "required": [ + "created_at", + "id", + "organization_id", + "repository_id", + "repository_name", + "top_five_alert_types", + "total_critical_added", + "total_critical_alerts", + "total_critical_prevented", + "total_high_added", + "total_high_alerts", + "total_high_prevented", + "total_low_added", + "total_low_alerts", + "total_low_prevented", + "total_medium_added", + "total_medium_alerts", + "total_medium_prevented" + ] } } } }, - "description": "Update a repositories details" - }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" - }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" - }, - "403": { - "$ref": "#/components/responses/SocketForbidden" - }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - }, - "delete": { - "tags": [ - "Repositories" - ], - "summary": "Delete repository (unstable)", - "operationId": "deleteOrgRepo", - "parameters": [ - { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" - } - }, - { - "name": "repo_slug", - "in": "path", - "required": true, - "description": "The slug of the repository", - "schema": { - "type": "string" - } - } - ], - "security": [ - { - "basicAuth": [ - "repo:delete" - ] - } - ], - "description": "Delete a single repository and all of its associated Full scans and Diff scans.\n\nThis endpoint consumes 0 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "status": { - "type": "string", - "description": "", - "default": "ok" - } - }, - "required": [ - "status" - ] - } - } - }, - "description": "Success" + "description": "Socket analytics - repo-level data" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -7996,75 +8648,50 @@ "x-readme": {} } }, - "/orgs/{org_slug}/full-scans": { - "get": { + "/dependencies/search": { + "post": { "tags": [ - "Full scans" + "Dependencies" ], - "summary": "List full scans", - "operationId": "getOrgFullScanList", - "parameters": [ - { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" - } - }, - { - "name": "sort", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "string", - "default": "created" - } - }, - { - "name": "direction", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "string", - "default": "desc" - } - }, - { - "name": "per_page", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "integer", - "minimum": 1, - "maximum": 100, - "default": 30 + "summary": "Search dependencies", + "operationId": "searchDependencies", + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "limit": { + "type": "integer", + "description": "", + "default": 50, + "minimum": 1, + "maximum": 1000 + }, + "offset": { + "type": "integer", + "description": "", + "default": 0, + "minimum": 0 + } + }, + "required": [ + "limit", + "offset" + ] + } } }, - { - "name": "page", - "in": "query", - "required": false, - "description": "", - "schema": { - "type": "integer", - "minimum": 1, - "default": 1 - } - } - ], + "required": false + }, "security": [ { - "basicAuth": [ - "full-scans:list" - ] + "basicAuth": [] } ], - "description": "Returns a paginated list of all full scans in an org, excluding SBOM artifacts.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Search for any dependency that is being used in your organization.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { @@ -8074,92 +8701,92 @@ "additionalProperties": false, "description": "", "properties": { - "results": { + "end": { + "type": "boolean", + "default": false, + "description": "" + }, + "limit": { + "type": "integer", + "description": "", + "default": 1000 + }, + "offset": { + "type": "integer", + "description": "", + "default": 0 + }, + "rows": { "type": "array", "items": { "type": "object", "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "", - "default": "" - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - }, - "updated_at": { + "description": "", + "properties": { + "branch": { "type": "string", "description": "", "default": "" }, - "organization_id": { - "type": "string", - "description": "", - "default": "" + "direct": { + "type": "boolean", + "default": false, + "description": "" }, - "repository_id": { + "id": { "type": "string", "description": "", "default": "" }, - "committers": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "repo": { + "name": { "type": "string", "description": "", "default": "" }, - "branch": { + "namespace": { "type": "string", "description": "", "default": "" }, - "commit_message": { + "repository": { "type": "string", "description": "", "default": "" }, - "commit_hash": { + "type": { "type": "string", "description": "", "default": "" }, - "pull_request": { - "type": "integer", - "description": "", - "default": 0 - }, - "html_report_url": { + "version": { "type": "string", "description": "", "default": "" } - } + }, + "required": [ + "branch", + "direct", + "id", + "name", + "namespace", + "repository", + "type", + "version" + ] } - }, - "nextPage": { - "type": "integer", - "description": "", - "default": 0 } }, "required": [ - "nextPage", - "results" + "end", + "limit", + "offset", + "rows" ] } } }, - "description": "Lists repositories for the specified organization. The authenticated user must be a member of the organization." + "description": "List of repos and their latest project report for the organization associated with the token used" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -8178,210 +8805,89 @@ } }, "x-readme": {} - }, + } + }, + "/dependencies/upload": { "post": { "tags": [ - "Full scans" + "Dependencies" ], - "summary": "Create full scan", - "operationId": "CreateOrgFullScan", + "summary": "Create a snapshot of all dependencies from manifest information", + "operationId": "createDependenciesSnapshot", "parameters": [ { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" - } - }, - { - "name": "repo", - "in": "query", - "required": true, - "description": "The slug of the repository to associate the full-scan with.", - "schema": { - "type": "string" - } - }, - { - "name": "branch", - "in": "query", - "required": false, - "description": "The branch name to associate the full-scan with.", - "schema": { - "type": "string" - } - }, - { - "name": "commit_message", - "in": "query", - "required": false, - "description": "The commit message to associate the full-scan with.", - "schema": { - "type": "string" - } - }, - { - "name": "commit_hash", - "in": "query", - "required": false, - "description": "The commit hash to associate the full-scan with.", - "schema": { - "type": "string" - } - }, - { - "name": "pull_request", - "in": "query", - "required": false, - "description": "The pull request number to associate the full-scan with.", - "schema": { - "type": "integer", - "minimum": 1 - } - }, - { - "name": "committers", - "in": "query", - "required": false, - "description": "The committers to associate the full-scan with. Set query more than once to set multiple.", - "schema": { - "type": "string" - } - }, - { - "name": "make_default_branch", - "in": "query", - "required": false, - "schema": { - "type": "boolean", - "default": false - } - }, - { - "name": "set_as_pending_head", + "name": "repository", "in": "query", "required": false, + "description": "", "schema": { - "type": "boolean", - "default": false + "type": "string", + "default": "" } }, { - "name": "tmp", + "name": "branch", "in": "query", "required": false, + "description": "", "schema": { - "type": "boolean", - "default": false - } - } - ], - "requestBody": { - "content": { - "multipart/form-data": { - "schema": { - "type": "object", - "additionalProperties": { - "type": "string", - "default": { - "type": "Buffer", - "data": [] - }, - "format": "binary", - "description": "" - }, - "properties": {} - } + "type": "string", + "default": "" } - }, - "required": false - }, - "security": [ - { - "basicAuth": [ - "full-scans:create" - ] } - ], - "description": "Create a full scan from a set of package manifest files. Returns a full scan including all SBOM artifacts.\n\nThis endpoint consumes 0 units of your quota.", - "responses": { - "201": { - "content": { - "application/json": { - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "", - "default": "" - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - }, - "updated_at": { - "type": "string", - "description": "", - "default": "" - }, - "organization_id": { - "type": "string", - "description": "", - "default": "" - }, - "repository_id": { - "type": "string", - "description": "", - "default": "" - }, - "committers": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "repo": { - "type": "string", - "description": "", - "default": "" - }, - "branch": { - "type": "string", - "description": "", - "default": "" - }, - "commit_message": { - "type": "string", - "description": "", - "default": "" - }, - "commit_hash": { - "type": "string", - "description": "", - "default": "" - }, - "pull_request": { - "type": "integer", - "description": "", - "default": 0 - }, - "html_report_url": { - "type": "string", - "description": "", - "default": "" - } + ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "string", + "default": { + "type": "Buffer", + "data": [] + }, + "format": "binary", + "description": "" + }, + "properties": { + "repository": { + "type": "string", + "description": "", + "default": "" + }, + "branch": { + "type": "string", + "description": "", + "default": "" } } } + } + }, + "required": false + }, + "security": [ + { + "basicAuth": [ + "report:write" + ] + } + ], + "description": "Upload a set of manifest or lockfiles to get your dependency tree analyzed by Socket.\nYou can upload multiple lockfiles in the same request, but each filename must be unique.\n\nThe name of the file must be in the supported list.\n\nFor example, these are valid filenames: \"requirements.txt\", \"package.json\", \"folder/package.json\", and \"deep/nested/folder/package.json\".\n\nThis endpoint consumes 100 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": {} + } + } }, - "description": "Upload manifest files to create a full scan in an org's repo" + "description": "ID of the dependencies snapshot" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -8392,327 +8898,219 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" + }, + "500": { + "$ref": "#/components/responses/SocketInternalServerError" } }, "x-readme": {} } }, - "/orgs/{org_slug}/full-scans/{full_scan_id}": { + "/report/supported": { "get": { "tags": [ - "Full scans" - ], - "summary": "Stream full scan", - "operationId": "getOrgFullScan", - "parameters": [ - { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" - } - }, - { - "name": "full_scan_id", - "in": "path", - "required": true, - "description": "The ID of the full scan", - "schema": { - "type": "string" - } - } + "Project Reports" ], + "summary": "Get supported files for report", + "operationId": "getReportSupportedFiles", "security": [ - { - "basicAuth": [ - "full-scans:list" - ] - } + {} ], - "description": "Stream all SBOM artifacts for a full scan.\n\nThis endpoint consumes 0 units of your quota.", - "responses": { - "200": { - "content": { - "application/x-ndjson": { - "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "type": { - "type": "string", - "enum": [ - "unknown", - "npm", - "pypi", - "golang" - ], - "description": "", - "default": "unknown" - }, - "namespace": { - "type": "string", - "description": "", - "default": "" - }, - "name": { - "type": "string", - "description": "", - "default": "" - }, - "version": { - "type": "string", - "description": "", - "default": "" - }, - "subpath": { - "type": "string", - "description": "", - "default": "" - }, - "release": { - "type": "string", - "description": "", - "default": "" - }, - "id": { - "type": "string", - "description": "", - "default": "" - }, - "direct": { - "type": "boolean", - "default": false, - "description": "" - }, - "manifestFiles": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "file": { - "type": "string", - "description": "", - "default": "" - }, - "start": { - "type": "integer", - "description": "", - "default": 0 - }, - "end": { - "type": "integer", - "description": "", - "default": 0 - } - }, - "required": [ - "file" - ] - } - }, - "topLevelAncestors": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "dependencies": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "artifact": { - "type": "object", - "additionalProperties": false, - "properties": { - "type": { - "type": "string", - "enum": [ - "unknown", - "npm", - "pypi", - "golang" - ], - "description": "", - "default": "unknown" - }, - "namespace": { - "type": "string", - "description": "", - "default": "" - }, - "name": { - "type": "string", - "description": "", - "default": "" - }, - "version": { - "type": "string", - "description": "", - "default": "" - }, - "subpath": { - "type": "string", - "description": "", - "default": "" - }, - "release": { - "type": "string", - "description": "", - "default": "" - }, - "id": { - "type": "string", - "description": "", - "default": "" - } - }, - "required": [ - "id", - "type" - ] - }, - "license": { - "type": "string", - "description": "", - "default": "" - }, - "author": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "size": { - "type": "number", - "description": "", - "default": 0 - }, - "score": { + "description": "Get a list of supported files for project report generation.\nFiles are categorized first by environment (e.g. NPM or PyPI), then by name.\n\nFiles whose names match the patterns returned by this endpoint can be uploaded for report generation.\nExamples of supported filenames include `package.json`, `package-lock.json`, and `yarn.lock`.\n\nThis endpoint consumes 0 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "object", + "additionalProperties": { "type": "object", "additionalProperties": false, "description": "", "properties": { - "supplyChain": { - "type": "number", - "description": "", - "default": 0 - }, - "quality": { - "type": "number", - "description": "", - "default": 0 - }, - "maintenance": { - "type": "number", - "description": "", - "default": 0 - }, - "vulnerability": { - "type": "number", - "description": "", - "default": 0 - }, - "license": { - "type": "number", - "description": "", - "default": 0 - }, - "overall": { - "type": "number", + "pattern": { + "type": "string", "description": "", - "default": 0 + "default": "" } }, "required": [ - "license", - "maintenance", - "overall", - "quality", - "supplyChain", - "vulnerability" + "pattern" ] }, - "alerts": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": false, - "properties": { - "key": { - "type": "string", - "description": "", - "default": "" - }, - "type": { - "type": "string", - "description": "", - "default": "" - }, - "severity": { - "$ref": "#/components/schemas/SocketIssueSeverity" - }, - "category": { - "$ref": "#/components/schemas/SocketCategory" - }, - "file": { - "type": "string", - "description": "", - "default": "" - }, - "start": { - "type": "integer", - "description": "", - "default": 0 - }, - "end": { - "type": "integer", - "description": "", - "default": 0 - }, - "props": { - "type": "object", - "description": "", - "default": null - } - }, - "required": [ - "category", - "key", - "severity", - "type" - ] - } - }, - "batchIndex": { - "type": "integer", + "properties": {} + }, + "properties": {} + } + } + }, + "description": "Glob patterns used to match supported files" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/report/delete/{id}": { + "delete": { + "tags": [ + "Project Reports" + ], + "summary": "Delete a report", + "operationId": "deleteReport", + "parameters": [ + { + "name": "id", + "in": "path", + "required": true, + "description": "", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "basicAuth": [ + "report:write" + ] + } + ], + "description": "Delete a specific project report generated with the GitHub app. These endpoints will be merged into the full-scans endpoint so\n\nThis endpoint consumes 10 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "status": { + "type": "string", "description": "", - "default": 0 + "default": "ok" } }, "required": [ - "id", - "type" + "status" ] } } }, - "description": "Socket issue lists and scores for all packages" + "description": "Success" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/report/list": { + "get": { + "tags": [ + "Project Reports" + ], + "summary": "Get list of reports", + "deprecated": true, + "operationId": "getReportList", + "security": [ + { + "basicAuth": [ + "report:list" + ] + } + ], + "description": "Get all your project reports generated with the GitHub app. This endpoint will be merged into the full-scans endpoint soon.\n\nThis endpoint consumes 10 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "id": { + "type": "string", + "description": "", + "default": "" + }, + "url": { + "type": "string", + "description": "", + "default": "" + }, + "repo": { + "type": "string", + "description": "", + "default": "" + }, + "branch": { + "type": "string", + "description": "", + "default": "" + }, + "pull_requests": { + "type": "object", + "description": "", + "default": null + }, + "commit": { + "type": "string", + "description": "", + "default": "" + }, + "owner": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + } + }, + "required": [ + "branch", + "commit", + "created_at", + "id", + "owner", + "pull_requests", + "repo", + "url" + ] + } + } + } + }, + "description": "List of project reports" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -8731,41 +9129,54 @@ } }, "x-readme": {} - }, - "delete": { + } + }, + "/report/upload": { + "put": { "tags": [ - "Full scans" + "Project Reports" ], - "summary": "Delete full scan", - "operationId": "deleteOrgFullScan", - "parameters": [ - { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" + "summary": "Create a report", + "deprecated": true, + "operationId": "createReport", + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "string", + "default": { + "type": "Buffer", + "data": [] + }, + "format": "binary", + "description": "" + }, + "properties": { + "issueRules": { + "type": "object", + "additionalProperties": { + "type": "boolean", + "default": false, + "description": "" + }, + "properties": {} + } + } + } } }, - { - "name": "full_scan_id", - "in": "path", - "required": true, - "description": "The ID of the full scan", - "schema": { - "type": "string" - } - } - ], + "required": false + }, "security": [ { "basicAuth": [ - "full-scans:delete" + "report:write" ] } ], - "description": "Delete an existing full scan.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Upload a lockfile to get your project analyzed by Socket.\nYou can upload multiple lockfiles in the same request, but each filename must be unique.\n\nThe name of the file must be in the supported list.\n\nFor example, these are valid filenames: `package.json`, `folder/package.json` and `deep/nested/folder/package.json`.\n\nThis endpoint consumes 100 units of your quota.", "responses": { "200": { "content": { @@ -8775,19 +9186,25 @@ "additionalProperties": false, "description": "", "properties": { - "status": { + "id": { "type": "string", "description": "", - "default": "ok" + "default": "" + }, + "url": { + "type": "string", + "description": "", + "default": "" } }, "required": [ - "status" + "id", + "url" ] } } }, - "description": "Success" + "description": "ID and URL of the project report" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -8798,9 +9215,6 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" } @@ -8808,28 +9222,20 @@ "x-readme": {} } }, - "/orgs/{org_slug}/full-scans/{full_scan_id}/metadata": { + "/report/view/{id}": { "get": { "tags": [ - "Full scans" + "Project Reports" ], - "summary": "Get full scan metadata", - "operationId": "getOrgFullScanMetadata", + "summary": "View a report", + "deprecated": true, + "operationId": "getReport", "parameters": [ { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" - } - }, - { - "name": "full_scan_id", + "name": "id", "in": "path", "required": true, - "description": "The ID of the full scan", + "description": "", "schema": { "type": "string" } @@ -8838,194 +9244,72 @@ "security": [ { "basicAuth": [ - "full-scans:list" + "report:read" ] } ], - "description": "Get metadata for a single full scan\n\nThis endpoint consumes 0 units of your quota.", + "description": "Get all the issues, packages, and scores related to an specific project report.\n\nThis endpoint consumes 10 units of your quota.", "responses": { "200": { "content": { "application/json": { "schema": { - "type": "object", - "additionalProperties": false, - "properties": { - "id": { - "type": "string", - "description": "", - "default": "" - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - }, - "updated_at": { - "type": "string", - "description": "", - "default": "" - }, - "organization_id": { - "type": "string", - "description": "", - "default": "" - }, - "repository_id": { - "type": "string", - "description": "", - "default": "" - }, - "committers": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "repo": { - "type": "string", - "description": "", - "default": "" - }, - "branch": { - "type": "string", - "description": "", - "default": "" - }, - "commit_message": { - "type": "string", - "description": "", - "default": "" - }, - "commit_hash": { - "type": "string", - "description": "", - "default": "" - }, - "pull_request": { - "type": "integer", - "description": "", - "default": 0 - }, - "html_report_url": { - "type": "string", - "description": "", - "default": "" - } - } + "$ref": "#/components/schemas/SocketReport" } } }, - "description": "The data from the full scan" + "description": "Socket report" }, "400": { "$ref": "#/components/responses/SocketBadRequest" }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" - }, - "403": { - "$ref": "#/components/responses/SocketForbidden" - }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - } - }, - "/orgs/{org_slug}/audit-log": { - "get": { - "tags": [ - "Audit Log" - ], - "summary": "Get Audit Log Events", - "operationId": "getAuditLogEvents", - "parameters": [ - { - "name": "org_slug", - "in": "path", - "required": true, - "description": "The slug of the organization", - "schema": { - "type": "string" - } - }, - { - "name": "type", - "in": "query", - "required": false, - "description": "Filter audit log events by type", - "schema": { - "type": "string", - "enum": [ - "BookDemo", - "CancelInvitation", - "ChangeMemberRole", - "ChangePlanSubscriptionSeats", - "ContactForm", - "CreateApiToken", - "CreateUser", - "GithubAppInstallation", - "JoinOrganizationByVcs", - "LinkAccount", - "RemoveMember", - "ResetInvitationLink", - "ResetOrganizationSettingToDefault", - "RotateApiToken", - "SendInvitation", - "SignIn", - "SignOut", - "Subscribe", - "SyncOrganization", - "TransferOwnership", - "UpdateAlertTriage", - "UpdateApiTokenName", - "UpdateApiTokenScopes", - "UpdateApiTokenVisibility", - "UpdateOrganizationSetting", - "UpgradeOrganizationPlan", - "VerifiedEmail" - ], - "default": "" - } - }, - { - "name": "per_page", - "in": "query", - "required": false, - "description": "Number of events per page", - "schema": { - "type": "integer", - "minimum": 1, - "maximum": 100, - "default": 30 - } + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" }, + "410": { + "$ref": "#/components/responses/SocketGone" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/repo/list": { + "get": { + "tags": [ + "Repositories" + ], + "summary": "Get list of GitHub repos and their latest project report", + "deprecated": true, + "operationId": "getRepoList", + "parameters": [ { - "name": "page", + "name": "pageToken", "in": "query", "required": false, - "description": "Page token", + "description": "", "schema": { "type": "string", - "default": "1" + "default": "" } } ], "security": [ { "basicAuth": [ - "audit-log:list" + "repo:list" ] } ], - "description": "Paginated list of audit log events.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Get all repositories in an org including their latest project report.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { @@ -9041,7 +9325,7 @@ "type": "object", "additionalProperties": false, "properties": { - "event_id": { + "id": { "type": "string", "description": "", "default": "" @@ -9056,251 +9340,63 @@ "description": "", "default": "" }, - "country_code": { - "type": "string", - "description": "", - "default": "" - }, - "organization_id": { - "type": "string", - "description": "", - "default": "" - }, - "ip_address": { - "type": "string", - "description": "", - "default": "" - }, - "payload": { - "type": "object", - "description": "", - "default": null - }, - "status_code": { - "type": "integer", - "description": "", - "default": 0 - }, - "type": { + "github_install_id": { "type": "string", "description": "", "default": "" }, - "user_agent": { + "github_repo_id": { "type": "string", "description": "", "default": "" }, - "user_id": { + "name": { "type": "string", "description": "", "default": "" }, - "user_email": { + "github_full_name": { "type": "string", "description": "", "default": "" }, - "user_image": { + "organization_id": { "type": "string", "description": "", "default": "" }, - "organization_name": { - "type": "string", + "latest_project_report": { + "type": "object", + "additionalProperties": false, "description": "", - "default": "" + "properties": { + "id": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + } + }, + "required": [ + "created_at", + "id" + ] } } } - }, - "nextPage": { - "type": "string", - "description": "", - "default": "" - } - }, - "required": [ - "nextPage", - "results" - ] - } - } - }, - "description": "The paginated list of events in an organizations audit log and the next page querystring token." - }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" - }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" - }, - "403": { - "$ref": "#/components/responses/SocketForbidden" - }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" - }, - "429": { - "$ref": "#/components/responses/SocketTooManyRequestsResponse" - } - }, - "x-readme": {} - } - }, - "/analytics/org/{filter}": { - "get": { - "tags": [ - "Analytics" - ], - "summary": "Get organization analytics (unstable)", - "operationId": "getOrgAnalytics", - "parameters": [ - { - "name": "filter", - "in": "path", - "required": true, - "description": "", - "schema": { - "type": "string" - } - } - ], - "security": [ - { - "basicAuth": [ - "report:write" - ] - } - ], - "description": "Get analytics data regarding the number of alerts found across all active repositories.\n\nThis endpoint consumes 0 units of your quota.", - "responses": { - "200": { - "content": { - "application/json": { - "schema": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "id": { - "type": "integer", - "description": "", - "default": 0 - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - }, - "repository_id": { - "type": "string", - "description": "", - "default": "" - }, - "organization_id": { - "type": "integer", - "description": "", - "default": 0 - }, - "repository_name": { - "type": "string", - "description": "", - "default": "" - }, - "total_critical_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_high_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_medium_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_low_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_critical_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_high_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_medium_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_low_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_critical_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_high_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_medium_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_low_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "top_five_alert_types": { - "type": "object", - "default": {}, - "additionalProperties": false - } - }, - "required": [ - "created_at", - "id", - "organization_id", - "repository_id", - "repository_name", - "top_five_alert_types", - "total_critical_added", - "total_critical_alerts", - "total_critical_prevented", - "total_high_added", - "total_high_alerts", - "total_high_prevented", - "total_low_added", - "total_low_alerts", - "total_low_prevented", - "total_medium_added", - "total_medium_alerts", - "total_medium_prevented" - ] - } + } + }, + "required": [ + "results" + ] } } }, - "description": "Socket analytics - organization-level data" + "description": "List of repos and their latest project report for the organization associated with the token used" }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -9311,6 +9407,9 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" } @@ -9318,180 +9417,23 @@ "x-readme": {} } }, - "/analytics/repo/{name}/{filter}": { + "/openapi": { "get": { "tags": [ - "Analytics" - ], - "summary": "Get repository analytics", - "operationId": "getRepoAnalytics", - "parameters": [ - { - "name": "name", - "in": "path", - "required": true, - "description": "", - "schema": { - "type": "string" - } - }, - { - "name": "filter", - "in": "path", - "required": true, - "description": "", - "schema": { - "type": "string" - } - } + "Misc" ], + "summary": "Returns the OpenAPI definition", + "operationId": "getOpenAPI", "security": [ - { - "basicAuth": [ - "report:write" - ] - } + {} ], - "description": "Get analytics data regarding the number of alerts found in a single repository.\n\nThis endpoint consumes 0 units of your quota.", + "description": "Retrieve the API specification in an Openapi JSON format.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { - "application/json": { - "schema": { - "type": "array", - "items": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "id": { - "type": "integer", - "description": "", - "default": 0 - }, - "repository_id": { - "type": "string", - "description": "", - "default": "" - }, - "created_at": { - "type": "string", - "description": "", - "default": "" - }, - "organization_id": { - "type": "integer", - "description": "", - "default": 0 - }, - "repository_name": { - "type": "string", - "description": "", - "default": "" - }, - "total_critical_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_high_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_medium_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_low_alerts": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_critical_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_high_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_medium_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_low_added": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_critical_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_high_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_medium_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "total_low_prevented": { - "type": "integer", - "description": "", - "default": 0 - }, - "top_five_alert_types": { - "type": "object", - "default": {}, - "additionalProperties": false - } - }, - "required": [ - "created_at", - "id", - "organization_id", - "repository_id", - "repository_name", - "top_five_alert_types", - "total_critical_added", - "total_critical_alerts", - "total_critical_prevented", - "total_high_added", - "total_high_alerts", - "total_high_prevented", - "total_low_added", - "total_low_alerts", - "total_low_prevented", - "total_medium_added", - "total_medium_alerts", - "total_medium_prevented" - ] - } - } - } + "application/json": {} }, - "description": "Socket analytics - repo-level data" - }, - "400": { - "$ref": "#/components/responses/SocketBadRequest" - }, - "401": { - "$ref": "#/components/responses/SocketUnauthorized" - }, - "403": { - "$ref": "#/components/responses/SocketForbidden" - }, - "404": { - "$ref": "#/components/responses/SocketNotFoundResponse" + "description": "OpenAPI specification" }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" @@ -9500,318 +9442,394 @@ "x-readme": {} } }, - "/purl": { - "post": { + "/quota": { + "get": { "tags": [ - "Packages" + "Misc" ], - "summary": "Get Packages (unstable)", - "operationId": "batchPackageFetch", - "parameters": [ + "summary": "Get quota", + "operationId": "getQuota", + "security": [ { - "name": "license", - "in": "query", - "required": false, - "schema": { - "type": "boolean", - "default": false - } + "basicAuth": [] } ], - "requestBody": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/SocketBatchPURLFetch" + "description": "Get your current API quota. You can use this endpoint to prevent doing requests that might spend all your quota.\n\nThis endpoint consumes 0 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "quota": { + "type": "integer", + "description": "", + "default": 0, + "minimum": 0 + } + }, + "required": [ + "quota" + ] + } } - } + }, + "description": "Quota amount" }, - "required": false + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } }, + "x-readme": {} + } + }, + "/organizations": { + "get": { + "tags": [ + "Misc" + ], + "summary": "List organizations", + "operationId": "getOrganizations", "security": [ { - "basicAuth": [ - "packages:list" - ] + "basicAuth": [] } ], - "description": "Batch retrieval of package metadata and alerts by PURL strings\n\nThis endpoint consumes 100 units of your quota.", + "description": "Get information on the current organizations associated with the API key.\n\nThis endpoint consumes 0 units of your quota.", "responses": { "200": { "content": { - "application/x-ndjson": { + "application/json": { "schema": { "type": "object", "additionalProperties": false, + "description": "", "properties": { - "type": { - "type": "string", - "enum": [ - "unknown", - "npm", - "pypi", - "golang" - ], - "description": "", - "default": "unknown" - }, - "namespace": { - "type": "string", - "description": "", - "default": "" - }, - "name": { - "type": "string", - "description": "", - "default": "" - }, - "version": { - "type": "string", - "description": "", - "default": "" - }, - "subpath": { - "type": "string", - "description": "", - "default": "" - }, - "release": { - "type": "string", - "description": "", - "default": "" - }, - "id": { - "type": "string", - "description": "", - "default": "" - }, - "direct": { - "type": "boolean", - "default": false, - "description": "" - }, - "manifestFiles": { - "type": "array", - "items": { + "organizations": { + "type": "object", + "additionalProperties": { "type": "object", "additionalProperties": false, + "description": "", "properties": { - "file": { + "id": { "type": "string", "description": "", "default": "" }, - "start": { - "type": "integer", + "name": { + "type": "string", "description": "", - "default": 0 + "default": "" }, - "end": { - "type": "integer", + "image": { + "type": "string", "description": "", - "default": 0 + "default": "" + }, + "plan": { + "type": "string", + "description": "", + "default": "" + }, + "slug": { + "type": "string", + "description": "", + "default": "" } }, "required": [ - "file" + "id", + "image", + "name", + "plan", + "slug" ] - } - }, - "topLevelAncestors": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "dependencies": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "artifact": { - "type": "object", - "additionalProperties": false, - "properties": { - "type": { - "type": "string", - "enum": [ - "unknown", - "npm", - "pypi", - "golang" - ], - "description": "", - "default": "unknown" - }, - "namespace": { - "type": "string", - "description": "", - "default": "" - }, - "name": { - "type": "string", - "description": "", - "default": "" - }, - "version": { - "type": "string", - "description": "", - "default": "" - }, - "subpath": { - "type": "string", - "description": "", - "default": "" - }, - "release": { - "type": "string", - "description": "", - "default": "" - }, - "id": { - "type": "string", - "description": "", - "default": "" - } }, - "required": [ - "id", - "type" - ] - }, - "license": { + "properties": {} + } + }, + "required": [ + "organizations" + ] + } + } + }, + "description": "Organizations information" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/settings": { + "post": { + "tags": [ + "Misc" + ], + "summary": "Calculate settings", + "operationId": "postSettings", + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "properties": { + "organization": { "type": "string", "description": "", "default": "" - }, - "author": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - } - }, - "size": { - "type": "number", - "description": "", - "default": 0 - }, - "score": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "supplyChain": { - "type": "number", - "description": "", - "default": 0 - }, - "quality": { - "type": "number", - "description": "", - "default": 0 - }, - "maintenance": { - "type": "number", - "description": "", - "default": 0 - }, - "vulnerability": { - "type": "number", - "description": "", - "default": 0 - }, - "license": { - "type": "number", - "description": "", - "default": 0 - }, - "overall": { - "type": "number", - "description": "", - "default": 0 + } + } + } + } + } + }, + "required": false + }, + "security": [ + { + "basicAuth": [] + } + ], + "description": "Get your current settings the requested organizations and default settings to allow deferrals.\n\nThis endpoint consumes 0 units of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "defaults": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "issueRules": { + "type": "object", + "additionalProperties": { + "type": "object", + "properties": { + "action": { + "type": "string", + "enum": [ + "error", + "ignore", + "warn" + ] + } + } + } } }, "required": [ - "license", - "maintenance", - "overall", - "quality", - "supplyChain", - "vulnerability" + "issueRules" ] }, - "alerts": { + "entries": { "type": "array", "items": { "type": "object", "additionalProperties": false, + "description": "", "properties": { - "key": { - "type": "string", - "description": "", - "default": "" - }, - "type": { - "type": "string", - "description": "", - "default": "" - }, - "severity": { - "$ref": "#/components/schemas/SocketIssueSeverity" - }, - "category": { - "$ref": "#/components/schemas/SocketCategory" - }, - "file": { - "type": "string", - "description": "", - "default": "" - }, "start": { - "type": "integer", - "description": "", - "default": 0 - }, - "end": { - "type": "integer", + "type": "string", "description": "", - "default": 0 + "default": "", + "nullable": true }, - "props": { + "settings": { "type": "object", - "description": "", - "default": null + "additionalProperties": { + "type": "object", + "properties": { + "deferTo": { + "type": "string", + "nullable": true + }, + "issueRules": { + "type": "object", + "nullable": false, + "additionalProperties": { + "type": "object", + "nullable": false, + "properties": { + "action": { + "type": "string", + "enum": [ + "defer", + "error", + "ignore", + "warn", + "monitor" + ] + } + }, + "required": [ + "action" + ] + } + } + }, + "required": [ + "deferTo", + "issueRules" + ] + } } }, "required": [ - "category", - "key", - "severity", - "type" + "settings", + "start" ] } - }, - "batchIndex": { - "type": "integer", - "description": "", - "default": 0 } }, "required": [ - "id", - "type" + "defaults", + "entries" ] } } }, - "description": "Socket issue lists and scores for all packages" + "description": "Organization settings" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/npm/{package}/{version}/issues": { + "get": { + "tags": [ + "npm" + ], + "summary": "Get issues by package", + "deprecated": true, + "operationId": "getIssuesByNPMPackage", + "parameters": [ + { + "name": "package", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "version", + "in": "path", + "required": true, + "description": "", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "basicAuth": [] + } + ], + "description": "Get all the issues related with a particular npm package version.\nThis endpoint returns the issue type, location, and additional details related to each issue in the `props` attribute.\n\nYou can [see here](https://socket.dev/npm/issue) the full list of issues.\n\nThis endpoint consumes 1 unit of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SocketIssueList" + } + } + }, + "description": "Socket issue lists" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/npm/{package}/{version}/score": { + "get": { + "tags": [ + "npm" + ], + "summary": "Get score by package", + "deprecated": true, + "operationId": "getScoreByNPMPackage", + "parameters": [ + { + "name": "package", + "in": "path", + "required": true, + "schema": { + "type": "string" + } + }, + { + "name": "version", + "in": "path", + "required": true, + "description": "", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "basicAuth": [] + } + ], + "description": "Get all the scores and metrics by category that are used to evaluate the package version.\n\nThis endpoint is deprecated. Use the batched \"Get Packages\" endpoint instead.\n\n- depscore: The average of all score factors. (0-1)\n- supplyChainRisk: Score factors relating to supply chain security (0-1)\n- downloadCount: The number of downloads for the package. Higher downloads contribute to a higher score.\n- supplyChainRiskIssueLow/Mid/High/Critical: The number of supply chain risk issues of varying severity. Lower numbers contribute to a higher score.\n- dependencyCount: The number of production dependencies. Lower count contributes to a higher score.\n- devDependencyCount: The number of development dependencies. Lower count contributes to a higher score.\n- transitiveDependencyCount: The number of transitive dependencies. Lower count contributes to a higher score.\n- totalDependencyCount: The total number of dependencies (production + development + transitive). Lower count contributes to a higher score.\n- quality: Score factors relating to code quality (0-1)\n- qualityIssueLow/Mid/High/Critical: The number of code quality issues of varying severity. Lower numbers contribute to a higher score.\n- linesOfCode: The number of lines of code in the package. Lower count contributes to a higher score.\n- readmeLength: The length of the package's README file. Longer READMEs contribute to a higher score.\n- maintenance: Score factors relating to package maintenance (0-1)\n- maintainerCount: The number of maintainers for the package. More maintainers contribute to a higher score.\n- versionsLastWeek/Month/TwoMonths/Year: The number of versions released in different time periods. More recent releases contribute to a higher score.\n- versionCount: The total number of versions released. Higher count contributes to a higher score.\n- maintenanceIssueLow/Mid/High/Critical: The number of maintenance issues of varying severity. Lower numbers contribute to a higher score.\n- vulnerability: Score factors relating to package vulnerabilities (0-1)\n- vulnerabilityIssueLow/Mid/High/Critical: The number of vulnerability issues of varying severity. Lower numbers contribute to a higher score.\n- dependencyVulnerabilityCount: The number of vulnerabilities in the package's dependencies. Lower count contributes to a higher score.\n- vulnerabilityCount: The number of vulnerabilities in the package itself. Lower count contributes to a higher score.\n- license: Score factors relating to package licensing (0-1)\n- licenseIssueLow/Mid/High/Critical: The number of license issues of varying severity. Lower numbers contribute to a higher score.\n- licenseQuality: A score indicating the quality/permissiveness of the package's license. Higher quality contributes to a higher score.\n- miscellaneous: Miscellaneous metadata about the package version.\n- versionAuthorName/Email: The name and email of the version author.\n- fileCount: The number of files in the package.\n- byteCount: The total size in bytes of the package.\n- typeModule: Whether the package declares a \"type\": \"module\" field.\n\nThis endpoint consumes 1 unit of your quota.", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/SocketPackageScore" + } + } + }, + "description": "Socket package scores" }, "400": { "$ref": "#/components/responses/SocketBadRequest" diff --git a/types/api.d.ts b/types/api.d.ts index 1911701..c7357f7 100644 --- a/types/api.d.ts +++ b/types/api.d.ts @@ -5,155 +5,188 @@ export interface paths { - "/npm/{package}/{version}/issues": { + "/purl": { /** - * Get issues by package - * @description Get all the issues related with a particular npm package version. - * This endpoint returns the issue type, location, and additional details related to each issue in the `props` attribute. + * Get Packages (Beta) + * @description Batch retrieval of package metadata and alerts by PURL strings. Compatible witch CycloneDX reports. * - * You can [see here](https://socket.dev/npm/issue) the full list of issues. + * Package URLs (PURLs) are an ecosystem agnostic way to identify packages. + * CycloneDX SBOMs use the purl format to identify components. + * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report. * - * This endpoint consumes 1 unit of your quota. + * More information on purl and CycloneDX: + * + * - [`purl` Spec](https://github.com/package-url/purl-spec) + * - [CycloneDX Spec](https://cyclonedx.org/specification/overview/#components) + * + * ## Examples: + * + * ### Looking up an npm package: + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:npm/express@4.19.2" + * } + * ] + * } + * ``` + * + * ### Looking up an PyPi package: + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:pypi/django@5.0.6" + * } + * ] + * } + * ``` + * + * ### Looking up a Maven package: + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:maven/log4j/log4j@1.2.17" + * } + * ] + * } + * ``` + * + * ### Batch lookup + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:npm/express@4.19.2" + * }, + * { + * "purl": "pkg:pypi/django@5.0.6" + * }, + * { + * "purl": "pkg:maven/log4j/log4j@1.2.17" + * } + * ] + * } + * ``` + * + * This endpoint consumes 100 units of your quota. */ - get: operations["getIssuesByNPMPackage"]; + post: operations["batchPackageFetch"]; }; - "/npm/{package}/{version}/score": { + "/orgs/{org_slug}/full-scans": { /** - * Get score by package - * @description Get all the scores and metrics by category that are used to evaluate the package version. + * List full scans + * @description Returns a paginated list of all full scans in an org, excluding SBOM artifacts. * - * - depscore: The average of all score factors. (0-1) - * - supplyChainRisk: Score factors relating to supply chain security (0-1) - * - downloadCount: The number of downloads for the package. Higher downloads contribute to a higher score. - * - supplyChainRiskIssueLow/Mid/High/Critical: The number of supply chain risk issues of varying severity. Lower numbers contribute to a higher score. - * - dependencyCount: The number of production dependencies. Lower count contributes to a higher score. - * - devDependencyCount: The number of development dependencies. Lower count contributes to a higher score. - * - transitiveDependencyCount: The number of transitive dependencies. Lower count contributes to a higher score. - * - totalDependencyCount: The total number of dependencies (production + development + transitive). Lower count contributes to a higher score. - * - quality: Score factors relating to code quality (0-1) - * - qualityIssueLow/Mid/High/Critical: The number of code quality issues of varying severity. Lower numbers contribute to a higher score. - * - linesOfCode: The number of lines of code in the package. Lower count contributes to a higher score. - * - readmeLength: The length of the package's README file. Longer READMEs contribute to a higher score. - * - maintenance: Score factors relating to package maintenance (0-1) - * - maintainerCount: The number of maintainers for the package. More maintainers contribute to a higher score. - * - versionsLastWeek/Month/TwoMonths/Year: The number of versions released in different time periods. More recent releases contribute to a higher score. - * - versionCount: The total number of versions released. Higher count contributes to a higher score. - * - maintenanceIssueLow/Mid/High/Critical: The number of maintenance issues of varying severity. Lower numbers contribute to a higher score. - * - vulnerability: Score factors relating to package vulnerabilities (0-1) - * - vulnerabilityIssueLow/Mid/High/Critical: The number of vulnerability issues of varying severity. Lower numbers contribute to a higher score. - * - dependencyVulnerabilityCount: The number of vulnerabilities in the package's dependencies. Lower count contributes to a higher score. - * - vulnerabilityCount: The number of vulnerabilities in the package itself. Lower count contributes to a higher score. - * - license: Score factors relating to package licensing (0-1) - * - licenseIssueLow/Mid/High/Critical: The number of license issues of varying severity. Lower numbers contribute to a higher score. - * - licenseQuality: A score indicating the quality/permissiveness of the package's license. Higher quality contributes to a higher score. - * - miscellaneous: Miscellaneous metadata about the package version. - * - versionAuthorName/Email: The name and email of the version author. - * - fileCount: The number of files in the package. - * - byteCount: The total size in bytes of the package. - * - typeModule: Whether the package declares a "type": "module" field. + * This endpoint consumes 0 units of your quota. + */ + get: operations["getOrgFullScanList"]; + /** + * Create full scan + * @description Create a full scan from a set of package manifest files. Returns a full scan including all SBOM artifacts. * - * This endpoint consumes 1 unit of your quota. + * This endpoint consumes 0 units of your quota. */ - get: operations["getScoreByNPMPackage"]; + post: operations["CreateOrgFullScan"]; }; - "/report/delete/{id}": { + "/orgs/{org_slug}/full-scans/{full_scan_id}": { /** - * Delete a report - * @description Delete a specific project report. + * Stream full scan + * @description Stream all SBOM artifacts for a full scan. * - * This endpoint consumes 10 units of your quota. + * This endpoint consumes 0 units of your quota. */ - delete: operations["deleteReport"]; - }; - "/report/list": { + get: operations["getOrgFullScan"]; /** - * Get list of reports - * @description Get all your project reports. + * Delete full scan + * @description Delete an existing full scan. * - * This endpoint consumes 10 units of your quota. + * This endpoint consumes 0 units of your quota. */ - get: operations["getReportList"]; + delete: operations["deleteOrgFullScan"]; }; - "/report/upload": { + "/orgs/{org_slug}/full-scans/{full_scan_id}/metadata": { /** - * Create a report - * @description Upload a lockfile to get your project analyzed by Socket. - * You can upload multiple lockfiles in the same request, but each filename must be unique. - * - * The name of the file must be in the supported list. - * - * For example, these are valid filenames: `package.json`, `folder/package.json` and `deep/nested/folder/package.json`. + * Get full scan metadata + * @description Get metadata for a single full scan * - * This endpoint consumes 100 units of your quota. + * This endpoint consumes 0 units of your quota. */ - put: operations["createReport"]; + get: operations["getOrgFullScanMetadata"]; }; - "/report/view/{id}": { + "/orgs/{org_slug}/repos": { /** - * View a report - * @description Get all the issues, packages, and scores related to an specific project report. + * List repositories + * @description Lists repositories for the specified organization. * - * This endpoint consumes 10 units of your quota. + * This endpoint consumes 0 units of your quota. */ - get: operations["getReport"]; - }; - "/report/supported": { + get: operations["getOrgRepoList"]; /** - * Get supported files for report - * @description Get a list of supported files for project report generation. - * Files are categorized first by environment (e.g. NPM or PyPI), then by name. + * Create repository + * @description Create a repository. * - * Files whose names match the patterns returned by this endpoint can be uploaded for report generation. - * Examples of supported filenames include `package.json`, `package-lock.json`, and `yarn.lock`. + * Repos collect Full scans and Diff scans and are typically associated with a git repo. * * This endpoint consumes 0 units of your quota. */ - get: operations["getReportSupportedFiles"]; + post: operations["createOrgRepo"]; }; - "/openapi": { + "/orgs/{org_slug}/repos/{repo_slug}": { /** - * Returns the OpenAPI definition - * @description Retrieve the API specification in an Openapi JSON format. + * Get repository + * @description Retrieve a repository associated with an organization. * * This endpoint consumes 0 units of your quota. */ - get: operations["getOpenAPI"]; - }; - "/quota": { + get: operations["getOrgRepo"]; /** - * Get quota - * @description Get your current API quota. You can use this endpoint to prevent doing requests that might spend all your quota. + * Update repository + * @description Update details of an existing repository. * * This endpoint consumes 0 units of your quota. */ - get: operations["getQuota"]; + post: operations["updateOrgRepo"]; + /** + * Delete repository + * @description Delete a single repository and all of its associated Full scans and Diff scans. + * + * This endpoint consumes 0 units of your quota. + */ + delete: operations["deleteOrgRepo"]; }; - "/organizations": { + "/orgs/{org_slug}/audit-log": { /** - * List organizations - * @description Get information on the current organizations associated with the API key. + * Get Audit Log Events + * @description Paginated list of audit log events. * * This endpoint consumes 0 units of your quota. */ - get: operations["getOrganizations"]; + get: operations["getAuditLogEvents"]; }; - "/settings": { + "/analytics/org/{filter}": { /** - * Calculate settings - * @description Get your current settings the requested organizations and default settings to allow deferrals. + * Get organization analytics (unstable) + * @description Get analytics data regarding the number of alerts found across all active repositories. * * This endpoint consumes 0 units of your quota. */ - post: operations["postSettings"]; + get: operations["getOrgAnalytics"]; }; - "/repo/list": { + "/analytics/repo/{name}/{filter}": { /** - * Get list of repos and their latest project report - * @description Get all repositories in an org including their latest project report. + * Get repository analytics + * @description Get analytics data regarding the number of alerts found in a single repository. * * This endpoint consumes 0 units of your quota. */ - get: operations["getRepoList"]; + get: operations["getRepoAnalytics"]; }; "/dependencies/search": { /** @@ -178,123 +211,163 @@ export interface paths { */ post: operations["createDependenciesSnapshot"]; }; - "/orgs/{org_slug}/repos": { - /** - * List repositories (unstable) - * @description Lists repositories for the specified organization. - * - * This endpoint consumes 0 units of your quota. - */ - get: operations["getOrgRepoList"]; + "/report/supported": { /** - * Create repository (unstable) - * @description Create a repository. + * Get supported files for report + * @description Get a list of supported files for project report generation. + * Files are categorized first by environment (e.g. NPM or PyPI), then by name. * - * Repos collect Full scans and Diff scans and are typically associated with a git repo. + * Files whose names match the patterns returned by this endpoint can be uploaded for report generation. + * Examples of supported filenames include `package.json`, `package-lock.json`, and `yarn.lock`. * * This endpoint consumes 0 units of your quota. */ - post: operations["createOrgRepo"]; + get: operations["getReportSupportedFiles"]; }; - "/orgs/{org_slug}/repos/{repo_slug}": { + "/report/delete/{id}": { /** - * Get repository (unstable) - * @description Retrieve a repository associated with an organization. + * Delete a report + * @description Delete a specific project report generated with the GitHub app. These endpoints will be merged into the full-scans endpoint so * - * This endpoint consumes 0 units of your quota. + * This endpoint consumes 10 units of your quota. */ - get: operations["getOrgRepo"]; + delete: operations["deleteReport"]; + }; + "/report/list": { /** - * Update repository (unstable) - * @description Update details of an existing repository. + * Get list of reports + * @deprecated + * @description Get all your project reports generated with the GitHub app. This endpoint will be merged into the full-scans endpoint soon. * - * This endpoint consumes 0 units of your quota. + * This endpoint consumes 10 units of your quota. */ - post: operations["updateOrgRepo"]; + get: operations["getReportList"]; + }; + "/report/upload": { /** - * Delete repository (unstable) - * @description Delete a single repository and all of its associated Full scans and Diff scans. + * Create a report + * @deprecated + * @description Upload a lockfile to get your project analyzed by Socket. + * You can upload multiple lockfiles in the same request, but each filename must be unique. * - * This endpoint consumes 0 units of your quota. + * The name of the file must be in the supported list. + * + * For example, these are valid filenames: `package.json`, `folder/package.json` and `deep/nested/folder/package.json`. + * + * This endpoint consumes 100 units of your quota. */ - delete: operations["deleteOrgRepo"]; + put: operations["createReport"]; }; - "/orgs/{org_slug}/full-scans": { + "/report/view/{id}": { /** - * List full scans - * @description Returns a paginated list of all full scans in an org, excluding SBOM artifacts. + * View a report + * @deprecated + * @description Get all the issues, packages, and scores related to an specific project report. * - * This endpoint consumes 0 units of your quota. + * This endpoint consumes 10 units of your quota. */ - get: operations["getOrgFullScanList"]; + get: operations["getReport"]; + }; + "/repo/list": { /** - * Create full scan - * @description Create a full scan from a set of package manifest files. Returns a full scan including all SBOM artifacts. + * Get list of GitHub repos and their latest project report + * @deprecated + * @description Get all repositories in an org including their latest project report. * * This endpoint consumes 0 units of your quota. */ - post: operations["CreateOrgFullScan"]; + get: operations["getRepoList"]; }; - "/orgs/{org_slug}/full-scans/{full_scan_id}": { + "/openapi": { /** - * Stream full scan - * @description Stream all SBOM artifacts for a full scan. + * Returns the OpenAPI definition + * @description Retrieve the API specification in an Openapi JSON format. * * This endpoint consumes 0 units of your quota. */ - get: operations["getOrgFullScan"]; + get: operations["getOpenAPI"]; + }; + "/quota": { /** - * Delete full scan - * @description Delete an existing full scan. + * Get quota + * @description Get your current API quota. You can use this endpoint to prevent doing requests that might spend all your quota. * * This endpoint consumes 0 units of your quota. */ - delete: operations["deleteOrgFullScan"]; + get: operations["getQuota"]; }; - "/orgs/{org_slug}/full-scans/{full_scan_id}/metadata": { + "/organizations": { /** - * Get full scan metadata - * @description Get metadata for a single full scan + * List organizations + * @description Get information on the current organizations associated with the API key. * * This endpoint consumes 0 units of your quota. */ - get: operations["getOrgFullScanMetadata"]; + get: operations["getOrganizations"]; }; - "/orgs/{org_slug}/audit-log": { + "/settings": { /** - * Get Audit Log Events - * @description Paginated list of audit log events. + * Calculate settings + * @description Get your current settings the requested organizations and default settings to allow deferrals. * * This endpoint consumes 0 units of your quota. */ - get: operations["getAuditLogEvents"]; + post: operations["postSettings"]; }; - "/analytics/org/{filter}": { + "/npm/{package}/{version}/issues": { /** - * Get organization analytics (unstable) - * @description Get analytics data regarding the number of alerts found across all active repositories. + * Get issues by package + * @deprecated + * @description Get all the issues related with a particular npm package version. + * This endpoint returns the issue type, location, and additional details related to each issue in the `props` attribute. * - * This endpoint consumes 0 units of your quota. - */ - get: operations["getOrgAnalytics"]; - }; - "/analytics/repo/{name}/{filter}": { - /** - * Get repository analytics - * @description Get analytics data regarding the number of alerts found in a single repository. + * You can [see here](https://socket.dev/npm/issue) the full list of issues. * - * This endpoint consumes 0 units of your quota. + * This endpoint consumes 1 unit of your quota. */ - get: operations["getRepoAnalytics"]; + get: operations["getIssuesByNPMPackage"]; }; - "/purl": { + "/npm/{package}/{version}/score": { /** - * Get Packages (unstable) - * @description Batch retrieval of package metadata and alerts by PURL strings + * Get score by package + * @deprecated + * @description Get all the scores and metrics by category that are used to evaluate the package version. * - * This endpoint consumes 100 units of your quota. + * This endpoint is deprecated. Use the batched "Get Packages" endpoint instead. + * + * - depscore: The average of all score factors. (0-1) + * - supplyChainRisk: Score factors relating to supply chain security (0-1) + * - downloadCount: The number of downloads for the package. Higher downloads contribute to a higher score. + * - supplyChainRiskIssueLow/Mid/High/Critical: The number of supply chain risk issues of varying severity. Lower numbers contribute to a higher score. + * - dependencyCount: The number of production dependencies. Lower count contributes to a higher score. + * - devDependencyCount: The number of development dependencies. Lower count contributes to a higher score. + * - transitiveDependencyCount: The number of transitive dependencies. Lower count contributes to a higher score. + * - totalDependencyCount: The total number of dependencies (production + development + transitive). Lower count contributes to a higher score. + * - quality: Score factors relating to code quality (0-1) + * - qualityIssueLow/Mid/High/Critical: The number of code quality issues of varying severity. Lower numbers contribute to a higher score. + * - linesOfCode: The number of lines of code in the package. Lower count contributes to a higher score. + * - readmeLength: The length of the package's README file. Longer READMEs contribute to a higher score. + * - maintenance: Score factors relating to package maintenance (0-1) + * - maintainerCount: The number of maintainers for the package. More maintainers contribute to a higher score. + * - versionsLastWeek/Month/TwoMonths/Year: The number of versions released in different time periods. More recent releases contribute to a higher score. + * - versionCount: The total number of versions released. Higher count contributes to a higher score. + * - maintenanceIssueLow/Mid/High/Critical: The number of maintenance issues of varying severity. Lower numbers contribute to a higher score. + * - vulnerability: Score factors relating to package vulnerabilities (0-1) + * - vulnerabilityIssueLow/Mid/High/Critical: The number of vulnerability issues of varying severity. Lower numbers contribute to a higher score. + * - dependencyVulnerabilityCount: The number of vulnerabilities in the package's dependencies. Lower count contributes to a higher score. + * - vulnerabilityCount: The number of vulnerabilities in the package itself. Lower count contributes to a higher score. + * - license: Score factors relating to package licensing (0-1) + * - licenseIssueLow/Mid/High/Critical: The number of license issues of varying severity. Lower numbers contribute to a higher score. + * - licenseQuality: A score indicating the quality/permissiveness of the package's license. Higher quality contributes to a higher score. + * - miscellaneous: Miscellaneous metadata about the package version. + * - versionAuthorName/Email: The name and email of the version author. + * - fileCount: The number of files in the package. + * - byteCount: The total size in bytes of the package. + * - typeModule: Whether the package declares a "type": "module" field. + * + * This endpoint consumes 1 unit of your quota. */ - post: operations["batchPackageFetch"]; + get: operations["getScoreByNPMPackage"]; }; } @@ -302,16 +375,18 @@ export type webhooks = Record; export interface components { schemas: { - SocketIssueList: components["schemas"]["SocketIssue"][]; - SocketPackageScore: { - supplyChainRisk: components["schemas"]["SocketMetricSchema"]; - quality: components["schemas"]["SocketMetricSchema"]; - maintenance: components["schemas"]["SocketMetricSchema"]; - vulnerability: components["schemas"]["SocketMetricSchema"]; - license: components["schemas"]["SocketMetricSchema"]; - miscellaneous: components["schemas"]["SocketMetricSchema"]; - /** @default 0 */ - depscore: number; + /** + * @default low + * @enum {string} + */ + SocketIssueSeverity: "low" | "middle" | "high" | "critical"; + /** + * @default miscellaneous + * @enum {string} + */ + SocketCategory: "supplyChainRisk" | "quality" | "maintenance" | "vulnerability" | "license" | "miscellaneous"; + SocketBatchPURLFetch: { + components: components["schemas"]["SocketBatchPURLRequest"][]; }; SocketReport: { /** @default */ @@ -334,18 +409,20 @@ export interface components { /** @default */ url: string; }; - /** - * @default low - * @enum {string} - */ - SocketIssueSeverity: "low" | "middle" | "high" | "critical"; - /** - * @default miscellaneous - * @enum {string} - */ - SocketCategory: "supplyChainRisk" | "quality" | "maintenance" | "vulnerability" | "license" | "miscellaneous"; - SocketBatchPURLFetch: { - components: components["schemas"]["SocketBatchPURLRequest"][]; + SocketIssueList: components["schemas"]["SocketIssue"][]; + SocketPackageScore: { + supplyChainRisk: components["schemas"]["SocketMetricSchema"]; + quality: components["schemas"]["SocketMetricSchema"]; + maintenance: components["schemas"]["SocketMetricSchema"]; + vulnerability: components["schemas"]["SocketMetricSchema"]; + license: components["schemas"]["SocketMetricSchema"]; + miscellaneous: components["schemas"]["SocketMetricSchema"]; + /** @default 0 */ + depscore: number; + }; + SocketBatchPURLRequest: { + /** @default */ + purl: string; }; SocketIssue: ({ /** @enum {string} */ @@ -1596,10 +1673,6 @@ export interface components { /** @default */ limitingMetric?: string; }; - SocketBatchPURLRequest: { - /** @default */ - purl: string; - }; SocketIssueBasics: { severity: components["schemas"]["SocketIssueSeverity"]; category: components["schemas"]["SocketCategory"]; @@ -1770,8 +1843,8 @@ export interface components { }; }; }; - /** @description Gone */ - SocketGone: { + /** @description Internal server error */ + SocketInternalServerError: { content: { "application/json": { error: { @@ -1781,8 +1854,8 @@ export interface components { }; }; }; - /** @description Internal server error */ - SocketInternalServerError: { + /** @description Gone */ + SocketGone: { content: { "application/json": { error: { @@ -1807,26 +1880,179 @@ export type external = Record; export interface operations { /** - * Get issues by package - * @description Get all the issues related with a particular npm package version. - * This endpoint returns the issue type, location, and additional details related to each issue in the `props` attribute. + * Get Packages (Beta) + * @description Batch retrieval of package metadata and alerts by PURL strings. Compatible witch CycloneDX reports. * - * You can [see here](https://socket.dev/npm/issue) the full list of issues. + * Package URLs (PURLs) are an ecosystem agnostic way to identify packages. + * CycloneDX SBOMs use the purl format to identify components. + * This endpoint supports fetching metadata and alerts for multiple packages at once by passing an array of purl strings, or by passing an entire CycloneDX report. * - * This endpoint consumes 1 unit of your quota. + * More information on purl and CycloneDX: + * + * - [`purl` Spec](https://github.com/package-url/purl-spec) + * - [CycloneDX Spec](https://cyclonedx.org/specification/overview/#components) + * + * ## Examples: + * + * ### Looking up an npm package: + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:npm/express@4.19.2" + * } + * ] + * } + * ``` + * + * ### Looking up an PyPi package: + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:pypi/django@5.0.6" + * } + * ] + * } + * ``` + * + * ### Looking up a Maven package: + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:maven/log4j/log4j@1.2.17" + * } + * ] + * } + * ``` + * + * ### Batch lookup + * + * ```json + * { + * "components": [ + * { + * "purl": "pkg:npm/express@4.19.2" + * }, + * { + * "purl": "pkg:pypi/django@5.0.6" + * }, + * { + * "purl": "pkg:maven/log4j/log4j@1.2.17" + * } + * ] + * } + * ``` + * + * This endpoint consumes 100 units of your quota. */ - getIssuesByNPMPackage: { + batchPackageFetch: { parameters: { - path: { - package: string; - version: string; + query?: { + license?: boolean; + alerts?: boolean; + }; + }; + requestBody?: { + content: { + "application/json": components["schemas"]["SocketBatchPURLFetch"]; }; }; responses: { - /** @description Socket issue lists */ + /** @description Socket issue lists and scores for all packages */ 200: { content: { - "application/json": components["schemas"]["SocketIssueList"]; + "application/x-ndjson": { + /** + * @default unknown + * @enum {string} + */ + type: "unknown" | "npm" | "pypi" | "golang"; + /** @default */ + namespace?: string; + /** @default */ + name?: string; + /** @default */ + version?: string; + /** @default */ + subpath?: string; + /** @default */ + release?: string; + /** @default */ + id: string; + /** @default false */ + direct?: boolean; + manifestFiles?: { + /** @default */ + file: string; + /** @default 0 */ + start?: number; + /** @default 0 */ + end?: number; + }[]; + topLevelAncestors?: string[]; + dependencies?: string[]; + artifact?: { + /** + * @default unknown + * @enum {string} + */ + type: "unknown" | "npm" | "pypi" | "golang"; + /** @default */ + namespace?: string; + /** @default */ + name?: string; + /** @default */ + version?: string; + /** @default */ + subpath?: string; + /** @default */ + release?: string; + /** @default */ + id: string; + }; + /** @default */ + license?: string; + author?: string[]; + /** @default 0 */ + size?: number; + score?: { + /** @default 0 */ + supplyChain: number; + /** @default 0 */ + quality: number; + /** @default 0 */ + maintenance: number; + /** @default 0 */ + vulnerability: number; + /** @default 0 */ + license: number; + /** @default 0 */ + overall: number; + }; + alerts?: { + /** @default */ + key: string; + /** @default */ + type: string; + severity: components["schemas"]["SocketIssueSeverity"]; + category: components["schemas"]["SocketCategory"]; + /** @default */ + file?: string; + /** @default 0 */ + start?: number; + /** @default 0 */ + end?: number; + /** @default null */ + props?: Record; + }[]; + /** @default 0 */ + batchIndex?: number; + }; }; }; 400: components["responses"]["SocketBadRequest"]; @@ -1837,53 +2063,57 @@ export interface operations { }; }; /** - * Get score by package - * @description Get all the scores and metrics by category that are used to evaluate the package version. + * List full scans + * @description Returns a paginated list of all full scans in an org, excluding SBOM artifacts. * - * - depscore: The average of all score factors. (0-1) - * - supplyChainRisk: Score factors relating to supply chain security (0-1) - * - downloadCount: The number of downloads for the package. Higher downloads contribute to a higher score. - * - supplyChainRiskIssueLow/Mid/High/Critical: The number of supply chain risk issues of varying severity. Lower numbers contribute to a higher score. - * - dependencyCount: The number of production dependencies. Lower count contributes to a higher score. - * - devDependencyCount: The number of development dependencies. Lower count contributes to a higher score. - * - transitiveDependencyCount: The number of transitive dependencies. Lower count contributes to a higher score. - * - totalDependencyCount: The total number of dependencies (production + development + transitive). Lower count contributes to a higher score. - * - quality: Score factors relating to code quality (0-1) - * - qualityIssueLow/Mid/High/Critical: The number of code quality issues of varying severity. Lower numbers contribute to a higher score. - * - linesOfCode: The number of lines of code in the package. Lower count contributes to a higher score. - * - readmeLength: The length of the package's README file. Longer READMEs contribute to a higher score. - * - maintenance: Score factors relating to package maintenance (0-1) - * - maintainerCount: The number of maintainers for the package. More maintainers contribute to a higher score. - * - versionsLastWeek/Month/TwoMonths/Year: The number of versions released in different time periods. More recent releases contribute to a higher score. - * - versionCount: The total number of versions released. Higher count contributes to a higher score. - * - maintenanceIssueLow/Mid/High/Critical: The number of maintenance issues of varying severity. Lower numbers contribute to a higher score. - * - vulnerability: Score factors relating to package vulnerabilities (0-1) - * - vulnerabilityIssueLow/Mid/High/Critical: The number of vulnerability issues of varying severity. Lower numbers contribute to a higher score. - * - dependencyVulnerabilityCount: The number of vulnerabilities in the package's dependencies. Lower count contributes to a higher score. - * - vulnerabilityCount: The number of vulnerabilities in the package itself. Lower count contributes to a higher score. - * - license: Score factors relating to package licensing (0-1) - * - licenseIssueLow/Mid/High/Critical: The number of license issues of varying severity. Lower numbers contribute to a higher score. - * - licenseQuality: A score indicating the quality/permissiveness of the package's license. Higher quality contributes to a higher score. - * - miscellaneous: Miscellaneous metadata about the package version. - * - versionAuthorName/Email: The name and email of the version author. - * - fileCount: The number of files in the package. - * - byteCount: The total size in bytes of the package. - * - typeModule: Whether the package declares a "type": "module" field. - * - * This endpoint consumes 1 unit of your quota. + * This endpoint consumes 0 units of your quota. */ - getScoreByNPMPackage: { + getOrgFullScanList: { parameters: { + query?: { + sort?: string; + direction?: string; + per_page?: number; + page?: number; + }; path: { - package: string; - version: string; + /** @description The slug of the organization */ + org_slug: string; }; }; responses: { - /** @description Socket package scores */ + /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ 200: { content: { - "application/json": components["schemas"]["SocketPackageScore"]; + "application/json": { + results: { + /** @default */ + id?: string; + /** @default */ + created_at?: string; + /** @default */ + updated_at?: string; + /** @default */ + organization_id?: string; + /** @default */ + repository_id?: string; + committers?: string[]; + /** @default */ + repo?: string; + /** @default */ + branch?: string; + /** @default */ + commit_message?: string; + /** @default */ + commit_hash?: string; + /** @default 0 */ + pull_request?: number; + /** @default */ + html_report_url?: string; + }[]; + /** @default 0 */ + nextPage: number; + }; }; }; 400: components["responses"]["SocketBadRequest"]; @@ -1894,24 +2124,70 @@ export interface operations { }; }; /** - * Delete a report - * @description Delete a specific project report. + * Create full scan + * @description Create a full scan from a set of package manifest files. Returns a full scan including all SBOM artifacts. * - * This endpoint consumes 10 units of your quota. + * This endpoint consumes 0 units of your quota. */ - deleteReport: { + CreateOrgFullScan: { parameters: { + query: { + /** @description The slug of the repository to associate the full-scan with. */ + repo: string; + /** @description The branch name to associate the full-scan with. */ + branch?: string; + /** @description The commit message to associate the full-scan with. */ + commit_message?: string; + /** @description The commit hash to associate the full-scan with. */ + commit_hash?: string; + /** @description The pull request number to associate the full-scan with. */ + pull_request?: number; + /** @description The committers to associate the full-scan with. Set query more than once to set multiple. */ + committers?: string; + make_default_branch?: boolean; + set_as_pending_head?: boolean; + tmp?: boolean; + }; path: { - id: string; + /** @description The slug of the organization */ + org_slug: string; + }; + }; + requestBody?: { + content: { + "multipart/form-data": { + [key: string]: never; + }; }; }; responses: { - /** @description Success */ - 200: { + /** @description Upload manifest files to create a full scan in an org's repo */ + 201: { content: { "application/json": { - /** @default ok */ - status: string; + /** @default */ + id?: string; + /** @default */ + created_at?: string; + /** @default */ + updated_at?: string; + /** @default */ + organization_id?: string; + /** @default */ + repository_id?: string; + committers?: string[]; + /** @default */ + repo?: string; + /** @default */ + branch?: string; + /** @default */ + commit_message?: string; + /** @default */ + commit_hash?: string; + /** @default 0 */ + pull_request?: number; + /** @default */ + html_report_url?: string; }; }; }; @@ -1923,34 +2199,111 @@ export interface operations { }; }; /** - * Get list of reports - * @description Get all your project reports. + * Stream full scan + * @description Stream all SBOM artifacts for a full scan. * - * This endpoint consumes 10 units of your quota. + * This endpoint consumes 0 units of your quota. */ - getReportList: { + getOrgFullScan: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string; + /** @description The ID of the full scan */ + full_scan_id: string; + }; + }; responses: { - /** @description List of project reports */ + /** @description Socket issue lists and scores for all packages */ 200: { content: { - "application/json": { - /** @default */ - id: string; + "application/x-ndjson": { + /** + * @default unknown + * @enum {string} + */ + type: "unknown" | "npm" | "pypi" | "golang"; + /** @default */ + namespace?: string; + /** @default */ + name?: string; + /** @default */ + version?: string; + /** @default */ + subpath?: string; + /** @default */ + release?: string; + /** @default */ + id: string; + /** @default false */ + direct?: boolean; + manifestFiles?: { + /** @default */ + file: string; + /** @default 0 */ + start?: number; + /** @default 0 */ + end?: number; + }[]; + topLevelAncestors?: string[]; + dependencies?: string[]; + artifact?: { + /** + * @default unknown + * @enum {string} + */ + type: "unknown" | "npm" | "pypi" | "golang"; /** @default */ - url: string; + namespace?: string; /** @default */ - repo: string; + name?: string; /** @default */ - branch: string; - /** @default null */ - pull_requests: Record; + version?: string; /** @default */ - commit: string; + subpath?: string; /** @default */ - owner: string; + release?: string; /** @default */ - created_at: string; - }[]; + id: string; + }; + /** @default */ + license?: string; + author?: string[]; + /** @default 0 */ + size?: number; + score?: { + /** @default 0 */ + supplyChain: number; + /** @default 0 */ + quality: number; + /** @default 0 */ + maintenance: number; + /** @default 0 */ + vulnerability: number; + /** @default 0 */ + license: number; + /** @default 0 */ + overall: number; + }; + alerts?: { + /** @default */ + key: string; + /** @default */ + type: string; + severity: components["schemas"]["SocketIssueSeverity"]; + category: components["schemas"]["SocketCategory"]; + /** @default */ + file?: string; + /** @default 0 */ + start?: number; + /** @default 0 */ + end?: number; + /** @default null */ + props?: Record; + }[]; + /** @default 0 */ + batchIndex?: number; + }; }; }; 400: components["responses"]["SocketBadRequest"]; @@ -1961,264 +2314,297 @@ export interface operations { }; }; /** - * Create a report - * @description Upload a lockfile to get your project analyzed by Socket. - * You can upload multiple lockfiles in the same request, but each filename must be unique. - * - * The name of the file must be in the supported list. - * - * For example, these are valid filenames: `package.json`, `folder/package.json` and `deep/nested/folder/package.json`. + * Delete full scan + * @description Delete an existing full scan. * - * This endpoint consumes 100 units of your quota. + * This endpoint consumes 0 units of your quota. */ - createReport: { - requestBody?: { - content: { - "multipart/form-data": { - issueRules?: { - [key: string]: boolean; - }; - [key: string]: undefined; - }; + deleteOrgFullScan: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string; + /** @description The ID of the full scan */ + full_scan_id: string; }; }; responses: { - /** @description ID and URL of the project report */ + /** @description Success */ 200: { content: { "application/json": { - /** @default */ - id: string; - /** @default */ - url: string; + /** @default ok */ + status: string; }; }; }; 400: components["responses"]["SocketBadRequest"]; 401: components["responses"]["SocketUnauthorized"]; 403: components["responses"]["SocketForbidden"]; + 404: components["responses"]["SocketNotFoundResponse"]; 429: components["responses"]["SocketTooManyRequestsResponse"]; }; }; /** - * View a report - * @description Get all the issues, packages, and scores related to an specific project report. + * Get full scan metadata + * @description Get metadata for a single full scan * - * This endpoint consumes 10 units of your quota. + * This endpoint consumes 0 units of your quota. */ - getReport: { + getOrgFullScanMetadata: { parameters: { path: { - id: string; + /** @description The slug of the organization */ + org_slug: string; + /** @description The ID of the full scan */ + full_scan_id: string; }; }; responses: { - /** @description Socket report */ + /** @description The data from the full scan */ 200: { content: { - "application/json": components["schemas"]["SocketReport"]; + "application/json": { + /** @default */ + id?: string; + /** @default */ + created_at?: string; + /** @default */ + updated_at?: string; + /** @default */ + organization_id?: string; + /** @default */ + repository_id?: string; + committers?: string[]; + /** @default */ + repo?: string; + /** @default */ + branch?: string; + /** @default */ + commit_message?: string; + /** @default */ + commit_hash?: string; + /** @default 0 */ + pull_request?: number; + /** @default */ + html_report_url?: string; + }; }; }; 400: components["responses"]["SocketBadRequest"]; 401: components["responses"]["SocketUnauthorized"]; 403: components["responses"]["SocketForbidden"]; 404: components["responses"]["SocketNotFoundResponse"]; - 410: components["responses"]["SocketGone"]; 429: components["responses"]["SocketTooManyRequestsResponse"]; }; }; /** - * Get supported files for report - * @description Get a list of supported files for project report generation. - * Files are categorized first by environment (e.g. NPM or PyPI), then by name. - * - * Files whose names match the patterns returned by this endpoint can be uploaded for report generation. - * Examples of supported filenames include `package.json`, `package-lock.json`, and `yarn.lock`. + * List repositories + * @description Lists repositories for the specified organization. * * This endpoint consumes 0 units of your quota. */ - getReportSupportedFiles: { - responses: { - /** @description Glob patterns used to match supported files */ - 200: { - content: { - "application/json": { - [key: string]: { - [key: string]: { - /** @default */ - pattern: string; - }; - }; - }; - }; + getOrgRepoList: { + parameters: { + query?: { + sort?: string; + direction?: string; + per_page?: number; + page?: number; }; - 400: components["responses"]["SocketBadRequest"]; - 429: components["responses"]["SocketTooManyRequestsResponse"]; - }; - }; - /** - * Returns the OpenAPI definition - * @description Retrieve the API specification in an Openapi JSON format. - * - * This endpoint consumes 0 units of your quota. - */ - getOpenAPI: { - responses: { - /** @description OpenAPI specification */ - 200: { - content: { - "application/json": unknown; - }; + path: { + /** @description The slug of the organization */ + org_slug: string; }; - 429: components["responses"]["SocketTooManyRequestsResponse"]; }; - }; - /** - * Get quota - * @description Get your current API quota. You can use this endpoint to prevent doing requests that might spend all your quota. - * - * This endpoint consumes 0 units of your quota. - */ - getQuota: { responses: { - /** @description Quota amount */ + /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ 200: { content: { "application/json": { + results: ({ + /** + * @description The ID of the repository + * @default + */ + id?: string; + /** + * @description The creation date of the repository + * @default + */ + created_at?: string; + /** + * @description The last update date of the repository + * @default + */ + updated_at?: string; + /** + * @description The slug of the repository + * @default + */ + slug?: string; + /** + * @description The ID of the head full scan of the repository + * @default + */ + head_full_scan_id?: string; + /** + * @description The name of the repository + * @default + */ + name?: string; + /** + * @description The description of the repository + * @default + */ + description?: string; + /** + * @description The homepage URL of the repository + * @default + */ + homepage?: string; + /** + * @description The visibility of the repository + * @default private + * @enum {string} + */ + visibility?: "public" | "private"; + /** + * @description Whether the repository is archived or not + * @default false + */ + archived?: boolean; + /** + * @description The default branch of the repository + * @default main + */ + default_branch?: string; + })[]; /** @default 0 */ - quota: number; + nextPage: number; }; }; }; + 400: components["responses"]["SocketBadRequest"]; 401: components["responses"]["SocketUnauthorized"]; + 403: components["responses"]["SocketForbidden"]; + 404: components["responses"]["SocketNotFoundResponse"]; 429: components["responses"]["SocketTooManyRequestsResponse"]; }; }; /** - * List organizations - * @description Get information on the current organizations associated with the API key. + * Create repository + * @description Create a repository. + * + * Repos collect Full scans and Diff scans and are typically associated with a git repo. * * This endpoint consumes 0 units of your quota. */ - getOrganizations: { - responses: { - /** @description Organizations information */ - 200: { - content: { - "application/json": { - organizations: { - [key: string]: { - /** @default */ - id: string; - /** @default */ - name: string; - /** @default */ - image: string; - /** @default */ - plan: string; - /** @default */ - slug: string; - }; - }; - }; - }; + createOrgRepo: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string; }; - 401: components["responses"]["SocketUnauthorized"]; - 429: components["responses"]["SocketTooManyRequestsResponse"]; }; - }; - /** - * Calculate settings - * @description Get your current settings the requested organizations and default settings to allow deferrals. - * - * This endpoint consumes 0 units of your quota. - */ - postSettings: { requestBody?: { content: { "application/json": { - /** @default */ - organization?: string; - }[]; - }; - }; - responses: { - /** @description Organization settings */ - 200: { - content: { - "application/json": { - defaults: { - issueRules: { - [key: string]: { - /** @enum {string} */ - action?: "error" | "ignore" | "warn"; - }; - }; - }; - entries: ({ - /** @default */ - start: string | null; - settings: { - [key: string]: { - deferTo: string | null; - issueRules: { - [key: string]: { - /** @enum {string} */ - action: "defer" | "error" | "ignore" | "warn" | "monitor"; - }; - }; - }; - }; - })[]; - }; + /** + * @description The name of the repository + * @default + */ + name?: string; + /** + * @description The description of the repository + * @default + */ + description?: string; + /** + * @description The homepage URL of the repository + * @default + */ + homepage?: string; + /** + * @description The visibility of the repository + * @default private + * @enum {string} + */ + visibility?: "public" | "private"; + /** + * @description Whether the repository is archived or not + * @default false + */ + archived?: boolean; + /** + * @description The default branch of the repository + * @default main + */ + default_branch?: string; }; }; - 401: components["responses"]["SocketUnauthorized"]; - 403: components["responses"]["SocketForbidden"]; - 429: components["responses"]["SocketTooManyRequestsResponse"]; - }; - }; - /** - * Get list of repos and their latest project report - * @description Get all repositories in an org including their latest project report. - * - * This endpoint consumes 0 units of your quota. - */ - getRepoList: { - parameters: { - query?: { - pageToken?: string; - }; }; responses: { - /** @description List of repos and their latest project report for the organization associated with the token used */ - 200: { + /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ + 201: { content: { "application/json": { - results: { - /** @default */ - id?: string; - /** @default */ - created_at?: string; - /** @default */ - updated_at?: string; - /** @default */ - github_install_id?: string; - /** @default */ - github_repo_id?: string; - /** @default */ - name?: string; - /** @default */ - github_full_name?: string; - /** @default */ - organization_id?: string; - latest_project_report?: { - /** @default */ - id: string; - /** @default */ - created_at: string; - }; - }[]; + /** + * @description The ID of the repository + * @default + */ + id?: string; + /** + * @description The creation date of the repository + * @default + */ + created_at?: string; + /** + * @description The last update date of the repository + * @default + */ + updated_at?: string; + /** + * @description The slug of the repository + * @default + */ + slug?: string; + /** + * @description The ID of the head full scan of the repository + * @default + */ + head_full_scan_id?: string; + /** + * @description The name of the repository + * @default + */ + name?: string; + /** + * @description The description of the repository + * @default + */ + description?: string; + /** + * @description The homepage URL of the repository + * @default + */ + homepage?: string; + /** + * @description The visibility of the repository + * @default private + * @enum {string} + */ + visibility?: "public" | "private"; + /** + * @description Whether the repository is archived or not + * @default false + */ + archived?: boolean; + /** + * @description The default branch of the repository + * @default main + */ + default_branch?: string; }; }; }; @@ -2230,51 +2616,81 @@ export interface operations { }; }; /** - * Search dependencies - * @description Search for any dependency that is being used in your organization. + * Get repository + * @description Retrieve a repository associated with an organization. * * This endpoint consumes 0 units of your quota. */ - searchDependencies: { - requestBody?: { - content: { - "application/json": { - /** @default 50 */ - limit: number; - /** @default 0 */ - offset: number; - }; + getOrgRepo: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string; + /** @description The slug of the repository */ + repo_slug: string; }; }; responses: { - /** @description List of repos and their latest project report for the organization associated with the token used */ + /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ 200: { content: { "application/json": { - /** @default false */ - end: boolean; - /** @default 1000 */ - limit: number; - /** @default 0 */ - offset: number; - rows: { - /** @default */ - branch: string; - /** @default false */ - direct: boolean; - /** @default */ - id: string; - /** @default */ - name: string; - /** @default */ - namespace: string; - /** @default */ - repository: string; - /** @default */ - type: string; - /** @default */ - version: string; - }[]; + /** + * @description The ID of the repository + * @default + */ + id?: string; + /** + * @description The creation date of the repository + * @default + */ + created_at?: string; + /** + * @description The last update date of the repository + * @default + */ + updated_at?: string; + /** + * @description The slug of the repository + * @default + */ + slug?: string; + /** + * @description The ID of the head full scan of the repository + * @default + */ + head_full_scan_id?: string; + /** + * @description The name of the repository + * @default + */ + name?: string; + /** + * @description The description of the repository + * @default + */ + description?: string; + /** + * @description The homepage URL of the repository + * @default + */ + homepage?: string; + /** + * @description The visibility of the repository + * @default private + * @enum {string} + */ + visibility?: "public" | "private"; + /** + * @description Whether the repository is archived or not + * @default false + */ + archived?: boolean; + /** + * @description The default branch of the repository + * @default main + */ + default_branch?: string; }; }; }; @@ -2286,155 +2702,18 @@ export interface operations { }; }; /** - * Create a snapshot of all dependencies from manifest information - * @description Upload a set of manifest or lockfiles to get your dependency tree analyzed by Socket. - * You can upload multiple lockfiles in the same request, but each filename must be unique. - * - * The name of the file must be in the supported list. - * - * For example, these are valid filenames: "requirements.txt", "package.json", "folder/package.json", and "deep/nested/folder/package.json". + * Update repository + * @description Update details of an existing repository. * - * This endpoint consumes 100 units of your quota. + * This endpoint consumes 0 units of your quota. */ - createDependenciesSnapshot: { + updateOrgRepo: { parameters: { - query?: { - repository?: string; - branch?: string; - }; - }; - requestBody?: { - content: { - "multipart/form-data": { - /** @default */ - repository?: string; - /** @default */ - branch?: string; - [key: string]: undefined; - }; - }; - }; - responses: { - /** @description ID of the dependencies snapshot */ - 200: { - content: { - "application/json": Record; - }; - }; - 400: components["responses"]["SocketBadRequest"]; - 401: components["responses"]["SocketUnauthorized"]; - 403: components["responses"]["SocketForbidden"]; - 429: components["responses"]["SocketTooManyRequestsResponse"]; - 500: components["responses"]["SocketInternalServerError"]; - }; - }; - /** - * List repositories (unstable) - * @description Lists repositories for the specified organization. - * - * This endpoint consumes 0 units of your quota. - */ - getOrgRepoList: { - parameters: { - query?: { - sort?: string; - direction?: string; - per_page?: number; - page?: number; - }; - path: { - /** @description The slug of the organization */ - org_slug: string; - }; - }; - responses: { - /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ - 200: { - content: { - "application/json": { - results: ({ - /** - * @description The ID of the repository - * @default - */ - id?: string; - /** - * @description The creation date of the repository - * @default - */ - created_at?: string; - /** - * @description The last update date of the repository - * @default - */ - updated_at?: string; - /** - * @description The slug of the repository - * @default - */ - slug?: string; - /** - * @description The ID of the head full scan of the repository - * @default - */ - head_full_scan_id?: string; - /** - * @description The name of the repository - * @default - */ - name?: string; - /** - * @description The description of the repository - * @default - */ - description?: string; - /** - * @description The homepage URL of the repository - * @default - */ - homepage?: string; - /** - * @description The visibility of the repository - * @default private - * @enum {string} - */ - visibility?: "public" | "private"; - /** - * @description Whether the repository is archived or not - * @default false - */ - archived?: boolean; - /** - * @description The default branch of the repository - * @default main - */ - default_branch?: string; - })[]; - /** @default 0 */ - nextPage: number; - }; - }; - }; - 400: components["responses"]["SocketBadRequest"]; - 401: components["responses"]["SocketUnauthorized"]; - 403: components["responses"]["SocketForbidden"]; - 404: components["responses"]["SocketNotFoundResponse"]; - 429: components["responses"]["SocketTooManyRequestsResponse"]; - }; - }; - /** - * Create repository (unstable) - * @description Create a repository. - * - * Repos collect Full scans and Diff scans and are typically associated with a git repo. - * - * This endpoint consumes 0 units of your quota. - */ - createOrgRepo: { - parameters: { - path: { - /** @description The slug of the organization */ - org_slug: string; + path: { + /** @description The slug of the organization */ + org_slug: string; + /** @description The slug of the repository */ + repo_slug: string; }; }; requestBody?: { @@ -2475,8 +2754,8 @@ export interface operations { }; }; responses: { - /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ - 201: { + /** @description Update a repositories details */ + 200: { content: { "application/json": { /** @@ -2546,12 +2825,12 @@ export interface operations { }; }; /** - * Get repository (unstable) - * @description Retrieve a repository associated with an organization. + * Delete repository + * @description Delete a single repository and all of its associated Full scans and Diff scans. * * This endpoint consumes 0 units of your quota. */ - getOrgRepo: { + deleteOrgRepo: { parameters: { path: { /** @description The slug of the organization */ @@ -2561,66 +2840,12 @@ export interface operations { }; }; responses: { - /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ + /** @description Success */ 200: { content: { "application/json": { - /** - * @description The ID of the repository - * @default - */ - id?: string; - /** - * @description The creation date of the repository - * @default - */ - created_at?: string; - /** - * @description The last update date of the repository - * @default - */ - updated_at?: string; - /** - * @description The slug of the repository - * @default - */ - slug?: string; - /** - * @description The ID of the head full scan of the repository - * @default - */ - head_full_scan_id?: string; - /** - * @description The name of the repository - * @default - */ - name?: string; - /** - * @description The description of the repository - * @default - */ - description?: string; - /** - * @description The homepage URL of the repository - * @default - */ - homepage?: string; - /** - * @description The visibility of the repository - * @default private - * @enum {string} - */ - visibility?: "public" | "private"; - /** - * @description Whether the repository is archived or not - * @default false - */ - archived?: boolean; - /** - * @description The default branch of the repository - * @default main - */ - default_branch?: string; + /** @default ok */ + status: string; }; }; }; @@ -2632,118 +2857,63 @@ export interface operations { }; }; /** - * Update repository (unstable) - * @description Update details of an existing repository. + * Get Audit Log Events + * @description Paginated list of audit log events. * * This endpoint consumes 0 units of your quota. */ - updateOrgRepo: { + getAuditLogEvents: { parameters: { + query?: { + /** @description Filter audit log events by type. Omit for all types. */ + type?: "BookDemo" | "CancelInvitation" | "ChangeMemberRole" | "ChangePlanSubscriptionSeats" | "ContactForm" | "CreateApiToken" | "CreateUser" | "GithubAppInstallation" | "JoinOrganizationByVcs" | "LinkAccount" | "RemoveMember" | "ResetInvitationLink" | "ResetOrganizationSettingToDefault" | "RotateApiToken" | "SendInvitation" | "SignIn" | "SignOut" | "Subscribe" | "SyncOrganization" | "TransferOwnership" | "UpdateAlertTriage" | "UpdateApiTokenName" | "UpdateApiTokenScopes" | "UpdateApiTokenVisibility" | "UpdateOrganizationSetting" | "UpgradeOrganizationPlan" | "VerifiedEmail"; + /** @description Number of events per page */ + per_page?: number; + /** @description Page token */ + page?: string; + }; path: { /** @description The slug of the organization */ org_slug: string; - /** @description The slug of the repository */ - repo_slug: string; - }; - }; - requestBody?: { - content: { - "application/json": { - /** - * @description The name of the repository - * @default - */ - name?: string; - /** - * @description The description of the repository - * @default - */ - description?: string; - /** - * @description The homepage URL of the repository - * @default - */ - homepage?: string; - /** - * @description The visibility of the repository - * @default private - * @enum {string} - */ - visibility?: "public" | "private"; - /** - * @description Whether the repository is archived or not - * @default false - */ - archived?: boolean; - /** - * @description The default branch of the repository - * @default main - */ - default_branch?: string; - }; }; }; responses: { - /** @description Update a repositories details */ + /** @description The paginated list of events in an organizations audit log and the next page querystring token. */ 200: { content: { "application/json": { - /** - * @description The ID of the repository - * @default - */ - id?: string; - /** - * @description The creation date of the repository - * @default - */ - created_at?: string; - /** - * @description The last update date of the repository - * @default - */ - updated_at?: string; - /** - * @description The slug of the repository - * @default - */ - slug?: string; - /** - * @description The ID of the head full scan of the repository - * @default - */ - head_full_scan_id?: string; - /** - * @description The name of the repository - * @default - */ - name?: string; - /** - * @description The description of the repository - * @default - */ - description?: string; - /** - * @description The homepage URL of the repository - * @default - */ - homepage?: string; - /** - * @description The visibility of the repository - * @default private - * @enum {string} - */ - visibility?: "public" | "private"; - /** - * @description Whether the repository is archived or not - * @default false - */ - archived?: boolean; - /** - * @description The default branch of the repository - * @default main - */ - default_branch?: string; + results: { + /** @default */ + event_id?: string; + /** @default */ + created_at?: string; + /** @default */ + updated_at?: string; + /** @default */ + country_code?: string; + /** @default */ + organization_id?: string; + /** @default */ + ip_address?: string; + /** @default null */ + payload?: Record; + /** @default 0 */ + status_code?: number; + /** @default */ + type?: string; + /** @default */ + user_agent?: string; + /** @default */ + user_id?: string; + /** @default */ + user_email?: string; + /** @default */ + user_image?: string; + /** @default */ + organization_name?: string; + }[]; + /** @default */ + nextPage: string; }; }; }; @@ -2755,89 +2925,122 @@ export interface operations { }; }; /** - * Delete repository (unstable) - * @description Delete a single repository and all of its associated Full scans and Diff scans. + * Get organization analytics (unstable) + * @description Get analytics data regarding the number of alerts found across all active repositories. * * This endpoint consumes 0 units of your quota. */ - deleteOrgRepo: { + getOrgAnalytics: { parameters: { path: { - /** @description The slug of the organization */ - org_slug: string; - /** @description The slug of the repository */ - repo_slug: string; + filter: string; }; }; responses: { - /** @description Success */ + /** @description Socket analytics - organization-level data */ 200: { content: { "application/json": { - /** @default ok */ - status: string; - }; + /** @default 0 */ + id: number; + /** @default */ + created_at: string; + /** @default */ + repository_id: string; + /** @default 0 */ + organization_id: number; + /** @default */ + repository_name: string; + /** @default 0 */ + total_critical_alerts: number; + /** @default 0 */ + total_high_alerts: number; + /** @default 0 */ + total_medium_alerts: number; + /** @default 0 */ + total_low_alerts: number; + /** @default 0 */ + total_critical_added: number; + /** @default 0 */ + total_high_added: number; + /** @default 0 */ + total_medium_added: number; + /** @default 0 */ + total_low_added: number; + /** @default 0 */ + total_critical_prevented: number; + /** @default 0 */ + total_high_prevented: number; + /** @default 0 */ + total_medium_prevented: number; + /** @default 0 */ + total_low_prevented: number; + /** @default {} */ + top_five_alert_types: Record; + }[]; }; }; 400: components["responses"]["SocketBadRequest"]; 401: components["responses"]["SocketUnauthorized"]; 403: components["responses"]["SocketForbidden"]; - 404: components["responses"]["SocketNotFoundResponse"]; 429: components["responses"]["SocketTooManyRequestsResponse"]; }; }; /** - * List full scans - * @description Returns a paginated list of all full scans in an org, excluding SBOM artifacts. + * Get repository analytics + * @description Get analytics data regarding the number of alerts found in a single repository. * * This endpoint consumes 0 units of your quota. */ - getOrgFullScanList: { + getRepoAnalytics: { parameters: { - query?: { - sort?: string; - direction?: string; - per_page?: number; - page?: number; - }; path: { - /** @description The slug of the organization */ - org_slug: string; + name: string; + filter: string; }; }; responses: { - /** @description Lists repositories for the specified organization. The authenticated user must be a member of the organization. */ + /** @description Socket analytics - repo-level data */ 200: { content: { "application/json": { - results: { - /** @default */ - id?: string; - /** @default */ - created_at?: string; - /** @default */ - updated_at?: string; - /** @default */ - organization_id?: string; - /** @default */ - repository_id?: string; - committers?: string[]; - /** @default */ - repo?: string; - /** @default */ - branch?: string; - /** @default */ - commit_message?: string; - /** @default */ - commit_hash?: string; - /** @default 0 */ - pull_request?: number; - /** @default */ - html_report_url?: string; - }[]; - /** @default 0 */ - nextPage: number; - }; + /** @default 0 */ + id: number; + /** @default */ + repository_id: string; + /** @default */ + created_at: string; + /** @default 0 */ + organization_id: number; + /** @default */ + repository_name: string; + /** @default 0 */ + total_critical_alerts: number; + /** @default 0 */ + total_high_alerts: number; + /** @default 0 */ + total_medium_alerts: number; + /** @default 0 */ + total_low_alerts: number; + /** @default 0 */ + total_critical_added: number; + /** @default 0 */ + total_high_added: number; + /** @default 0 */ + total_medium_added: number; + /** @default 0 */ + total_low_added: number; + /** @default 0 */ + total_critical_prevented: number; + /** @default 0 */ + total_high_prevented: number; + /** @default 0 */ + total_medium_prevented: number; + /** @default 0 */ + total_low_prevented: number; + /** @default {} */ + top_five_alert_types: Record; + }[]; }; }; 400: components["responses"]["SocketBadRequest"]; @@ -2848,70 +3051,51 @@ export interface operations { }; }; /** - * Create full scan - * @description Create a full scan from a set of package manifest files. Returns a full scan including all SBOM artifacts. + * Search dependencies + * @description Search for any dependency that is being used in your organization. * * This endpoint consumes 0 units of your quota. */ - CreateOrgFullScan: { - parameters: { - query: { - /** @description The slug of the repository to associate the full-scan with. */ - repo: string; - /** @description The branch name to associate the full-scan with. */ - branch?: string; - /** @description The commit message to associate the full-scan with. */ - commit_message?: string; - /** @description The commit hash to associate the full-scan with. */ - commit_hash?: string; - /** @description The pull request number to associate the full-scan with. */ - pull_request?: number; - /** @description The committers to associate the full-scan with. Set query more than once to set multiple. */ - committers?: string; - make_default_branch?: boolean; - set_as_pending_head?: boolean; - tmp?: boolean; - }; - path: { - /** @description The slug of the organization */ - org_slug: string; - }; - }; + searchDependencies: { requestBody?: { content: { - "multipart/form-data": { - [key: string]: never; + "application/json": { + /** @default 50 */ + limit: number; + /** @default 0 */ + offset: number; }; }; }; responses: { - /** @description Upload manifest files to create a full scan in an org's repo */ - 201: { - content: { + /** @description List of repos and their latest project report for the organization associated with the token used */ + 200: { + content: { "application/json": { - /** @default */ - id?: string; - /** @default */ - created_at?: string; - /** @default */ - updated_at?: string; - /** @default */ - organization_id?: string; - /** @default */ - repository_id?: string; - committers?: string[]; - /** @default */ - repo?: string; - /** @default */ - branch?: string; - /** @default */ - commit_message?: string; - /** @default */ - commit_hash?: string; + /** @default false */ + end: boolean; + /** @default 1000 */ + limit: number; /** @default 0 */ - pull_request?: number; - /** @default */ - html_report_url?: string; + offset: number; + rows: { + /** @default */ + branch: string; + /** @default false */ + direct: boolean; + /** @default */ + id: string; + /** @default */ + name: string; + /** @default */ + namespace: string; + /** @default */ + repository: string; + /** @default */ + type: string; + /** @default */ + version: string; + }[]; }; }; }; @@ -2923,195 +3107,96 @@ export interface operations { }; }; /** - * Stream full scan - * @description Stream all SBOM artifacts for a full scan. + * Create a snapshot of all dependencies from manifest information + * @description Upload a set of manifest or lockfiles to get your dependency tree analyzed by Socket. + * You can upload multiple lockfiles in the same request, but each filename must be unique. * - * This endpoint consumes 0 units of your quota. + * The name of the file must be in the supported list. + * + * For example, these are valid filenames: "requirements.txt", "package.json", "folder/package.json", and "deep/nested/folder/package.json". + * + * This endpoint consumes 100 units of your quota. */ - getOrgFullScan: { + createDependenciesSnapshot: { parameters: { - path: { - /** @description The slug of the organization */ - org_slug: string; - /** @description The ID of the full scan */ - full_scan_id: string; + query?: { + repository?: string; + branch?: string; + }; + }; + requestBody?: { + content: { + "multipart/form-data": { + /** @default */ + repository?: string; + /** @default */ + branch?: string; + [key: string]: undefined; + }; }; }; responses: { - /** @description Socket issue lists and scores for all packages */ + /** @description ID of the dependencies snapshot */ 200: { content: { - "application/x-ndjson": { - /** - * @default unknown - * @enum {string} - */ - type: "unknown" | "npm" | "pypi" | "golang"; - /** @default */ - namespace?: string; - /** @default */ - name?: string; - /** @default */ - version?: string; - /** @default */ - subpath?: string; - /** @default */ - release?: string; - /** @default */ - id: string; - /** @default false */ - direct?: boolean; - manifestFiles?: { - /** @default */ - file: string; - /** @default 0 */ - start?: number; - /** @default 0 */ - end?: number; - }[]; - topLevelAncestors?: string[]; - dependencies?: string[]; - artifact?: { - /** - * @default unknown - * @enum {string} - */ - type: "unknown" | "npm" | "pypi" | "golang"; - /** @default */ - namespace?: string; - /** @default */ - name?: string; - /** @default */ - version?: string; - /** @default */ - subpath?: string; - /** @default */ - release?: string; - /** @default */ - id: string; - }; - /** @default */ - license?: string; - author?: string[]; - /** @default 0 */ - size?: number; - score?: { - /** @default 0 */ - supplyChain: number; - /** @default 0 */ - quality: number; - /** @default 0 */ - maintenance: number; - /** @default 0 */ - vulnerability: number; - /** @default 0 */ - license: number; - /** @default 0 */ - overall: number; - }; - alerts?: { - /** @default */ - key: string; - /** @default */ - type: string; - severity: components["schemas"]["SocketIssueSeverity"]; - category: components["schemas"]["SocketCategory"]; - /** @default */ - file?: string; - /** @default 0 */ - start?: number; - /** @default 0 */ - end?: number; - /** @default null */ - props?: Record; - }[]; - /** @default 0 */ - batchIndex?: number; - }; + "application/json": Record; }; }; 400: components["responses"]["SocketBadRequest"]; 401: components["responses"]["SocketUnauthorized"]; 403: components["responses"]["SocketForbidden"]; - 404: components["responses"]["SocketNotFoundResponse"]; 429: components["responses"]["SocketTooManyRequestsResponse"]; + 500: components["responses"]["SocketInternalServerError"]; }; }; /** - * Delete full scan - * @description Delete an existing full scan. + * Get supported files for report + * @description Get a list of supported files for project report generation. + * Files are categorized first by environment (e.g. NPM or PyPI), then by name. + * + * Files whose names match the patterns returned by this endpoint can be uploaded for report generation. + * Examples of supported filenames include `package.json`, `package-lock.json`, and `yarn.lock`. * * This endpoint consumes 0 units of your quota. */ - deleteOrgFullScan: { - parameters: { - path: { - /** @description The slug of the organization */ - org_slug: string; - /** @description The ID of the full scan */ - full_scan_id: string; - }; - }; + getReportSupportedFiles: { responses: { - /** @description Success */ + /** @description Glob patterns used to match supported files */ 200: { content: { "application/json": { - /** @default ok */ - status: string; + [key: string]: { + [key: string]: { + /** @default */ + pattern: string; + }; + }; }; }; }; 400: components["responses"]["SocketBadRequest"]; - 401: components["responses"]["SocketUnauthorized"]; - 403: components["responses"]["SocketForbidden"]; - 404: components["responses"]["SocketNotFoundResponse"]; 429: components["responses"]["SocketTooManyRequestsResponse"]; }; }; /** - * Get full scan metadata - * @description Get metadata for a single full scan + * Delete a report + * @description Delete a specific project report generated with the GitHub app. These endpoints will be merged into the full-scans endpoint so * - * This endpoint consumes 0 units of your quota. + * This endpoint consumes 10 units of your quota. */ - getOrgFullScanMetadata: { + deleteReport: { parameters: { path: { - /** @description The slug of the organization */ - org_slug: string; - /** @description The ID of the full scan */ - full_scan_id: string; + id: string; }; }; responses: { - /** @description The data from the full scan */ + /** @description Success */ 200: { content: { "application/json": { - /** @default */ - id?: string; - /** @default */ - created_at?: string; - /** @default */ - updated_at?: string; - /** @default */ - organization_id?: string; - /** @default */ - repository_id?: string; - committers?: string[]; - /** @default */ - repo?: string; - /** @default */ - branch?: string; - /** @default */ - commit_message?: string; - /** @default */ - commit_hash?: string; - /** @default 0 */ - pull_request?: number; - /** @default */ - html_report_url?: string; + /** @default ok */ + status: string; }; }; }; @@ -3123,63 +3208,155 @@ export interface operations { }; }; /** - * Get Audit Log Events - * @description Paginated list of audit log events. + * Get list of reports + * @deprecated + * @description Get all your project reports generated with the GitHub app. This endpoint will be merged into the full-scans endpoint soon. * - * This endpoint consumes 0 units of your quota. + * This endpoint consumes 10 units of your quota. */ - getAuditLogEvents: { - parameters: { - query?: { - /** @description Filter audit log events by type */ - type?: "BookDemo" | "CancelInvitation" | "ChangeMemberRole" | "ChangePlanSubscriptionSeats" | "ContactForm" | "CreateApiToken" | "CreateUser" | "GithubAppInstallation" | "JoinOrganizationByVcs" | "LinkAccount" | "RemoveMember" | "ResetInvitationLink" | "ResetOrganizationSettingToDefault" | "RotateApiToken" | "SendInvitation" | "SignIn" | "SignOut" | "Subscribe" | "SyncOrganization" | "TransferOwnership" | "UpdateAlertTriage" | "UpdateApiTokenName" | "UpdateApiTokenScopes" | "UpdateApiTokenVisibility" | "UpdateOrganizationSetting" | "UpgradeOrganizationPlan" | "VerifiedEmail"; - /** @description Number of events per page */ - per_page?: number; - /** @description Page token */ - page?: string; - }; + getReportList: { + responses: { + /** @description List of project reports */ + 200: { + content: { + "application/json": { + /** @default */ + id: string; + /** @default */ + url: string; + /** @default */ + repo: string; + /** @default */ + branch: string; + /** @default null */ + pull_requests: Record; + /** @default */ + commit: string; + /** @default */ + owner: string; + /** @default */ + created_at: string; + }[]; + }; + }; + 400: components["responses"]["SocketBadRequest"]; + 401: components["responses"]["SocketUnauthorized"]; + 403: components["responses"]["SocketForbidden"]; + 404: components["responses"]["SocketNotFoundResponse"]; + 429: components["responses"]["SocketTooManyRequestsResponse"]; + }; + }; + /** + * Create a report + * @deprecated + * @description Upload a lockfile to get your project analyzed by Socket. + * You can upload multiple lockfiles in the same request, but each filename must be unique. + * + * The name of the file must be in the supported list. + * + * For example, these are valid filenames: `package.json`, `folder/package.json` and `deep/nested/folder/package.json`. + * + * This endpoint consumes 100 units of your quota. + */ + createReport: { + requestBody?: { + content: { + "multipart/form-data": { + issueRules?: { + [key: string]: boolean; + }; + [key: string]: undefined; + }; + }; + }; + responses: { + /** @description ID and URL of the project report */ + 200: { + content: { + "application/json": { + /** @default */ + id: string; + /** @default */ + url: string; + }; + }; + }; + 400: components["responses"]["SocketBadRequest"]; + 401: components["responses"]["SocketUnauthorized"]; + 403: components["responses"]["SocketForbidden"]; + 429: components["responses"]["SocketTooManyRequestsResponse"]; + }; + }; + /** + * View a report + * @deprecated + * @description Get all the issues, packages, and scores related to an specific project report. + * + * This endpoint consumes 10 units of your quota. + */ + getReport: { + parameters: { path: { - /** @description The slug of the organization */ - org_slug: string; + id: string; }; }; responses: { - /** @description The paginated list of events in an organizations audit log and the next page querystring token. */ + /** @description Socket report */ + 200: { + content: { + "application/json": components["schemas"]["SocketReport"]; + }; + }; + 400: components["responses"]["SocketBadRequest"]; + 401: components["responses"]["SocketUnauthorized"]; + 403: components["responses"]["SocketForbidden"]; + 404: components["responses"]["SocketNotFoundResponse"]; + 410: components["responses"]["SocketGone"]; + 429: components["responses"]["SocketTooManyRequestsResponse"]; + }; + }; + /** + * Get list of GitHub repos and their latest project report + * @deprecated + * @description Get all repositories in an org including their latest project report. + * + * This endpoint consumes 0 units of your quota. + */ + getRepoList: { + parameters: { + query?: { + pageToken?: string; + }; + }; + responses: { + /** @description List of repos and their latest project report for the organization associated with the token used */ 200: { content: { "application/json": { results: { /** @default */ - event_id?: string; + id?: string; /** @default */ created_at?: string; /** @default */ updated_at?: string; /** @default */ - country_code?: string; - /** @default */ - organization_id?: string; - /** @default */ - ip_address?: string; - /** @default null */ - payload?: Record; - /** @default 0 */ - status_code?: number; - /** @default */ - type?: string; - /** @default */ - user_agent?: string; + github_install_id?: string; /** @default */ - user_id?: string; + github_repo_id?: string; /** @default */ - user_email?: string; + name?: string; /** @default */ - user_image?: string; + github_full_name?: string; /** @default */ - organization_name?: string; + organization_id?: string; + latest_project_report?: { + /** @default */ + id: string; + /** @default */ + created_at: string; + }; }[]; - /** @default */ - nextPage: string; }; }; }; @@ -3191,122 +3368,149 @@ export interface operations { }; }; /** - * Get organization analytics (unstable) - * @description Get analytics data regarding the number of alerts found across all active repositories. + * Returns the OpenAPI definition + * @description Retrieve the API specification in an Openapi JSON format. * * This endpoint consumes 0 units of your quota. */ - getOrgAnalytics: { - parameters: { - path: { - filter: string; + getOpenAPI: { + responses: { + /** @description OpenAPI specification */ + 200: { + content: { + "application/json": unknown; + }; }; + 429: components["responses"]["SocketTooManyRequestsResponse"]; }; + }; + /** + * Get quota + * @description Get your current API quota. You can use this endpoint to prevent doing requests that might spend all your quota. + * + * This endpoint consumes 0 units of your quota. + */ + getQuota: { responses: { - /** @description Socket analytics - organization-level data */ + /** @description Quota amount */ 200: { content: { "application/json": { - /** @default 0 */ - id: number; - /** @default */ - created_at: string; - /** @default */ - repository_id: string; - /** @default 0 */ - organization_id: number; - /** @default */ - repository_name: string; - /** @default 0 */ - total_critical_alerts: number; - /** @default 0 */ - total_high_alerts: number; - /** @default 0 */ - total_medium_alerts: number; - /** @default 0 */ - total_low_alerts: number; - /** @default 0 */ - total_critical_added: number; - /** @default 0 */ - total_high_added: number; - /** @default 0 */ - total_medium_added: number; - /** @default 0 */ - total_low_added: number; - /** @default 0 */ - total_critical_prevented: number; - /** @default 0 */ - total_high_prevented: number; - /** @default 0 */ - total_medium_prevented: number; - /** @default 0 */ - total_low_prevented: number; - /** @default {} */ - top_five_alert_types: Record; - }[]; + /** @default 0 */ + quota: number; + }; }; }; - 400: components["responses"]["SocketBadRequest"]; 401: components["responses"]["SocketUnauthorized"]; - 403: components["responses"]["SocketForbidden"]; 429: components["responses"]["SocketTooManyRequestsResponse"]; }; }; /** - * Get repository analytics - * @description Get analytics data regarding the number of alerts found in a single repository. + * List organizations + * @description Get information on the current organizations associated with the API key. * * This endpoint consumes 0 units of your quota. */ - getRepoAnalytics: { + getOrganizations: { + responses: { + /** @description Organizations information */ + 200: { + content: { + "application/json": { + organizations: { + [key: string]: { + /** @default */ + id: string; + /** @default */ + name: string; + /** @default */ + image: string; + /** @default */ + plan: string; + /** @default */ + slug: string; + }; + }; + }; + }; + }; + 401: components["responses"]["SocketUnauthorized"]; + 429: components["responses"]["SocketTooManyRequestsResponse"]; + }; + }; + /** + * Calculate settings + * @description Get your current settings the requested organizations and default settings to allow deferrals. + * + * This endpoint consumes 0 units of your quota. + */ + postSettings: { + requestBody?: { + content: { + "application/json": { + /** @default */ + organization?: string; + }[]; + }; + }; + responses: { + /** @description Organization settings */ + 200: { + content: { + "application/json": { + defaults: { + issueRules: { + [key: string]: { + /** @enum {string} */ + action?: "error" | "ignore" | "warn"; + }; + }; + }; + entries: ({ + /** @default */ + start: string | null; + settings: { + [key: string]: { + deferTo: string | null; + issueRules: { + [key: string]: { + /** @enum {string} */ + action: "defer" | "error" | "ignore" | "warn" | "monitor"; + }; + }; + }; + }; + })[]; + }; + }; + }; + 401: components["responses"]["SocketUnauthorized"]; + 403: components["responses"]["SocketForbidden"]; + 429: components["responses"]["SocketTooManyRequestsResponse"]; + }; + }; + /** + * Get issues by package + * @deprecated + * @description Get all the issues related with a particular npm package version. + * This endpoint returns the issue type, location, and additional details related to each issue in the `props` attribute. + * + * You can [see here](https://socket.dev/npm/issue) the full list of issues. + * + * This endpoint consumes 1 unit of your quota. + */ + getIssuesByNPMPackage: { parameters: { path: { - name: string; - filter: string; + package: string; + version: string; }; }; responses: { - /** @description Socket analytics - repo-level data */ + /** @description Socket issue lists */ 200: { content: { - "application/json": { - /** @default 0 */ - id: number; - /** @default */ - repository_id: string; - /** @default */ - created_at: string; - /** @default 0 */ - organization_id: number; - /** @default */ - repository_name: string; - /** @default 0 */ - total_critical_alerts: number; - /** @default 0 */ - total_high_alerts: number; - /** @default 0 */ - total_medium_alerts: number; - /** @default 0 */ - total_low_alerts: number; - /** @default 0 */ - total_critical_added: number; - /** @default 0 */ - total_high_added: number; - /** @default 0 */ - total_medium_added: number; - /** @default 0 */ - total_low_added: number; - /** @default 0 */ - total_critical_prevented: number; - /** @default 0 */ - total_high_prevented: number; - /** @default 0 */ - total_medium_prevented: number; - /** @default 0 */ - total_low_prevented: number; - /** @default {} */ - top_five_alert_types: Record; - }[]; + "application/json": components["schemas"]["SocketIssueList"]; }; }; 400: components["responses"]["SocketBadRequest"]; @@ -3317,113 +3521,56 @@ export interface operations { }; }; /** - * Get Packages (unstable) - * @description Batch retrieval of package metadata and alerts by PURL strings + * Get score by package + * @deprecated + * @description Get all the scores and metrics by category that are used to evaluate the package version. * - * This endpoint consumes 100 units of your quota. + * This endpoint is deprecated. Use the batched "Get Packages" endpoint instead. + * + * - depscore: The average of all score factors. (0-1) + * - supplyChainRisk: Score factors relating to supply chain security (0-1) + * - downloadCount: The number of downloads for the package. Higher downloads contribute to a higher score. + * - supplyChainRiskIssueLow/Mid/High/Critical: The number of supply chain risk issues of varying severity. Lower numbers contribute to a higher score. + * - dependencyCount: The number of production dependencies. Lower count contributes to a higher score. + * - devDependencyCount: The number of development dependencies. Lower count contributes to a higher score. + * - transitiveDependencyCount: The number of transitive dependencies. Lower count contributes to a higher score. + * - totalDependencyCount: The total number of dependencies (production + development + transitive). Lower count contributes to a higher score. + * - quality: Score factors relating to code quality (0-1) + * - qualityIssueLow/Mid/High/Critical: The number of code quality issues of varying severity. Lower numbers contribute to a higher score. + * - linesOfCode: The number of lines of code in the package. Lower count contributes to a higher score. + * - readmeLength: The length of the package's README file. Longer READMEs contribute to a higher score. + * - maintenance: Score factors relating to package maintenance (0-1) + * - maintainerCount: The number of maintainers for the package. More maintainers contribute to a higher score. + * - versionsLastWeek/Month/TwoMonths/Year: The number of versions released in different time periods. More recent releases contribute to a higher score. + * - versionCount: The total number of versions released. Higher count contributes to a higher score. + * - maintenanceIssueLow/Mid/High/Critical: The number of maintenance issues of varying severity. Lower numbers contribute to a higher score. + * - vulnerability: Score factors relating to package vulnerabilities (0-1) + * - vulnerabilityIssueLow/Mid/High/Critical: The number of vulnerability issues of varying severity. Lower numbers contribute to a higher score. + * - dependencyVulnerabilityCount: The number of vulnerabilities in the package's dependencies. Lower count contributes to a higher score. + * - vulnerabilityCount: The number of vulnerabilities in the package itself. Lower count contributes to a higher score. + * - license: Score factors relating to package licensing (0-1) + * - licenseIssueLow/Mid/High/Critical: The number of license issues of varying severity. Lower numbers contribute to a higher score. + * - licenseQuality: A score indicating the quality/permissiveness of the package's license. Higher quality contributes to a higher score. + * - miscellaneous: Miscellaneous metadata about the package version. + * - versionAuthorName/Email: The name and email of the version author. + * - fileCount: The number of files in the package. + * - byteCount: The total size in bytes of the package. + * - typeModule: Whether the package declares a "type": "module" field. + * + * This endpoint consumes 1 unit of your quota. */ - batchPackageFetch: { + getScoreByNPMPackage: { parameters: { - query?: { - license?: boolean; - }; - }; - requestBody?: { - content: { - "application/json": components["schemas"]["SocketBatchPURLFetch"]; + path: { + package: string; + version: string; }; }; responses: { - /** @description Socket issue lists and scores for all packages */ + /** @description Socket package scores */ 200: { content: { - "application/x-ndjson": { - /** - * @default unknown - * @enum {string} - */ - type: "unknown" | "npm" | "pypi" | "golang"; - /** @default */ - namespace?: string; - /** @default */ - name?: string; - /** @default */ - version?: string; - /** @default */ - subpath?: string; - /** @default */ - release?: string; - /** @default */ - id: string; - /** @default false */ - direct?: boolean; - manifestFiles?: { - /** @default */ - file: string; - /** @default 0 */ - start?: number; - /** @default 0 */ - end?: number; - }[]; - topLevelAncestors?: string[]; - dependencies?: string[]; - artifact?: { - /** - * @default unknown - * @enum {string} - */ - type: "unknown" | "npm" | "pypi" | "golang"; - /** @default */ - namespace?: string; - /** @default */ - name?: string; - /** @default */ - version?: string; - /** @default */ - subpath?: string; - /** @default */ - release?: string; - /** @default */ - id: string; - }; - /** @default */ - license?: string; - author?: string[]; - /** @default 0 */ - size?: number; - score?: { - /** @default 0 */ - supplyChain: number; - /** @default 0 */ - quality: number; - /** @default 0 */ - maintenance: number; - /** @default 0 */ - vulnerability: number; - /** @default 0 */ - license: number; - /** @default 0 */ - overall: number; - }; - alerts?: { - /** @default */ - key: string; - /** @default */ - type: string; - severity: components["schemas"]["SocketIssueSeverity"]; - category: components["schemas"]["SocketCategory"]; - /** @default */ - file?: string; - /** @default 0 */ - start?: number; - /** @default 0 */ - end?: number; - /** @default null */ - props?: Record; - }[]; - /** @default 0 */ - batchIndex?: number; - }; + "application/json": components["schemas"]["SocketPackageScore"]; }; }; 400: components["responses"]["SocketBadRequest"];