Tags: SocketDev/socket-python-cli
Tags
fix: strip git name-rev suffix operators from detected branch name (#189 ) In detached-HEAD CI checkouts (common in Buildkite/CircleCI/Jenkins/etc. where none of the GitHub/GitLab/Bitbucket CI env vars are recognized), the Python CLI falls back to `git name-rev --name-only HEAD` to detect the current branch. When the checked-out SHA is not exactly at a branch tip (e.g. master moved forward after the pipeline started), name-rev returns strings like `remotes/origin/master~1` or `master^0`. The previous split('/')[-1] cleanup kept the `~N`/`^N` suffix, which the Socket API then rejected with "Invalid branch name". Strip anything from the first `~` or `^` onward before the prefix split. Both characters are forbidden in git ref names per check-ref-format(1), so truncating at them is always safe. Assisted-by: Claude Code:opus-4-7
Fix GitLab security report schema compliance + scan alert population (#… …182) * Bump incremental version Signed-off-by: lelia <[email protected]> * Fix gitlab security report schema validation errors Signed-off-by: lelia <[email protected]> * Populate gitlab security report with alerts for full scans Signed-off-by: lelia <[email protected]> * Skip license-metadata API call when fetching full scan alerts Signed-off-by: lelia <[email protected]> * Consolidate e2e test workflows, add additional coverage Signed-off-by: lelia <[email protected]> * Strip logger timestamp prefix to fix e2e test Signed-off-by: lelia <[email protected]> * Include unchanged alerts in GitLab report Signed-off-by: lelia <[email protected]> * Fix commit status to count new + unchanged alerts when strict blocking enabled Signed-off-by: lelia <[email protected]> * Add comparison table of alert behaviors between GitLab + JSON/SARIF Signed-off-by: lelia <[email protected]> * Document comment-based ignore behavior differences Signed-off-by: lelia <[email protected]> * Add new unit tests for unchanged alerts Signed-off-by: lelia <[email protected]> * chore: bump npm test fixture versions Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Fix broken links on PyPI by using absolute GitHub URLs (#174) PyPI renders the README but has no access to the repository file tree, so all relative links (docs/, examples/config/, workflows/) resolved against pypi.org and returned 404s. Replace with absolute URLs pointing to the main branch on GitHub.
Update required Python version, tweak CI checks (#172) * Add guard to not run on external fork PRs Signed-off-by: lelia <[email protected]> * Update python tests to include installation check Signed-off-by: lelia <[email protected]> * Bump project verison and required Python version Signed-off-by: lelia <[email protected]> * Add more unit test checks Signed-off-by: lelia <[email protected]> * Bump project version and required Python version Signed-off-by: lelia <[email protected]> * Add additional guardrails for PR check behaviors Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Fix reachability filtering, add config file support (#169) * Add SARIF scoping/reachability controls, config file support Signed-off-by: lelia <[email protected]> * Add coverage for new SARIF scoping, config file behavior Signed-off-by: lelia <[email protected]> * Add config examples for different use cases Signed-off-by: lelia <[email protected]> * Refactor docs to reduce README complexity, create dedicated CLI and CI/CD guides Signed-off-by: lelia <[email protected]> * Bump version for release Signed-off-by: lelia <[email protected]> * Add shared selector/filter module Signed-off-by: lelia <[email protected]> * Refactor output handling to use shared alert selection Signed-off-by: lelia <[email protected]> * Refactor Slack diff filtering to use shared selection semantics, facts-aware reachable filtering Signed-off-by: lelia <[email protected]> * Add unit tests for shared selection logic Signed-off-by: lelia <[email protected]> * Add unit tests for new Slack behavior Signed-off-by: lelia <[email protected]> * Update output tests for strict-blocking and SARIF Signed-off-by: lelia <[email protected]> * Add JSON config examples for reference Signed-off-by: lelia <[email protected]> * Remove unnecessary backwards compat logic Signed-off-by: lelia <[email protected]> * Docs refactor for better readability, dedicated guides for CLI + CI/CD usage Signed-off-by: lelia <[email protected]> * Bump version for release Signed-off-by: lelia <[email protected]> * Fix missing version check expected in PR preview Signed-off-by: lelia <[email protected]> * Fix PR preview worklfow to use updated version check Signed-off-by: lelia <[email protected]> * Fix e2e regression tests to use correct SARIF flags and remove legacy assertions Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Fix has_manifest_files failing to match root-level manifest files (#168) * Fix has_manifest_files failing to match root-level manifest files PurePath.match("**/package.json") returns False for root-level files in Python 3.12+ because ** requires at least one directory component. The function was unconditionally prepending **/ to all patterns, causing root-level manifests like package.json and package-lock.json to never match. This forced every scan into full scan mode instead of diff scan mode, which meant MR/PR comments were never posted. Fix by trying the direct pattern match first, then falling back to the **/ prefixed pattern for subdirectory matching. Fixes Zendesk #2447 * Bump version to 2.2.77 * Add tests/core to CI trigger paths and test command * Fixing compatibility drift between CLI <> SDK surfaced by test failures Signed-off-by: lelia <[email protected]> * Fixing core test failures caused by updated stale fixtures, outdated test construction Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]> Co-authored-by: lelia <[email protected]>
SARIF file output and reachability filtering (#165) * Add support for SARIF file output Signed-off-by: lelia <[email protected]> * Ignore SARIF results Signed-off-by: lelia <[email protected]> * Add test for new SARIF output functionality Signed-off-by: lelia <[email protected]> * Document new CLI output flag and clarify intended usage Signed-off-by: lelia <[email protected]> * Bump version to prep for release Signed-off-by: lelia <[email protected]> * Bump version to account for new release Signed-off-by: lelia <[email protected]> * Add workflow for running unittests Signed-off-by: lelia <[email protected]> * Tweak workflow name Signed-off-by: lelia <[email protected]> * Install dev dependencies for testing Signed-off-by: lelia <[email protected]> * Update lockfile Signed-off-by: lelia <[email protected]> * Add configurable option for reachabilty filtering with SARIF Signed-off-by: lelia <[email protected]> * Implement reachabilty logic for SARIF output Signed-off-by: lelia <[email protected]> * Add unittests to cover new reachability filtering functionality Signed-off-by: lelia <[email protected]> * Update README to document new filtering options and required use of --reach flag Signed-off-by: lelia <[email protected]> * Update e2e tests to include SARIF workflow Signed-off-by: lelia <[email protected]> * Impove Slack bot mode debug logging to surface failures Signed-off-by: lelia <[email protected]> * Skip gitlab tests that pass incorrect mock client to constructor Signed-off-by: lelia <[email protected]> * Update old constructor to use current Mock(spec=CliConfig) pattern, plus other test fixes Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Update SDK version to fix `workspace` issue (#167) * Update python SDK to v3.0.32 Signed-off-by: lelia <[email protected]> * Bump CLI version for release Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
Add `workspace` flag to CLI args (#164) * Add support for --workspace flag Signed-off-by: lelia <[email protected]> * Add tests to cover new workspace CLI args Signed-off-by: lelia <[email protected]> * Update README to document new CLI flag, and differentiate it from existing workspace-name flag Signed-off-by: lelia <[email protected]> * Update refs to use generic project names Signed-off-by: lelia <[email protected]> * Bump CLI version Signed-off-by: lelia <[email protected]> * Pin python and virtualenv versions to unblock builds Signed-off-by: lelia <[email protected]> * Bump published SDK version refs Signed-off-by: lelia <[email protected]> * Tweak helper text for CLI flag Signed-off-by: lelia <[email protected]> * Update CODEOWNERS to reflect proper team structure Signed-off-by: lelia <[email protected]> * Increment version again for release Signed-off-by: lelia <[email protected]> --------- Signed-off-by: lelia <[email protected]>
PreviousNext