
Product
Introducing Socket Fix for Safe, Automated Dependency Upgrades
Automatically fix and test dependency updates with socket fix—a new CLI tool that turns CVE alerts into safe, automated upgrades.
Product
Bret Comnes
January 9, 2023
If you use Socket for GitHub and you're a GitHub organization admin, you will receive a permissions update email from Socket today.
We are preparing to launch a new dashboard feature on the Socket website and we need one new permission, "Members", which gives us access to the list of members in the organization. This helps ensure GitHub app installations are accurately represented in the dashboard, and to also ease the onboarding flow of organization members into the Socket dashboard if they don't have a Socket account.
Additionally, we took this as an opportunity to remove some permissions we no longer rely on, specifically the "Single file" permission. The Socket app continues to only read package manifest files (e.g. package.json
) and never sends source code to our servers.
When you get a moment, please review the new permissions and click accept on the permission request!
If you have any questions about this change, please reach out to us at support@socket.dev and we'll be happy to help!
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Try it now
Product
Automatically fix and test dependency updates with socket fix—a new CLI tool that turns CVE alerts into safe, automated upgrades.
Security News
CISA denies CVE funding issues amid backlash over a new CVE foundation formed by board members, raising concerns about transparency and program governance.
Product
We’re excited to announce a powerful new capability in Socket: historical data and enhanced analytics.