What's new at Socket?

Socket now supports Scala and Kotlin, extending JVM coverage beyond Java. Developers can now easily generate manifests with sbt or Gradle and run fast, AI-powered scans to catch malicious dependencies and other indicators of supply chain risk.

Read the announcement post or check out our Scala setup docs and Kotlin setup docs to get started.

The Dependency Search API now supports passing a list of purl (Package URL) strings in the request body. This enables you to search for specific dependencies within your environment, rather than just listing all detected dependencies.

We fixed several issues around default branch detection and scanning behavior in the Python CLI:

• Fixed default branch detection in git repositories, ensuring reliable SCM behavior.
• Resolved cases where scans were skipped when manifest files hadn’t changed — scans now always run as expected.
• Ensured the --default-branch flag is correctly prioritized over SCM detection.
• Improved GitLab CI integration to correctly detect the default branch.
• Enhanced git auto-detection for repository details (branch, commit SHA, message, committer, and changed files).
• Simplified CI/CD usage by adding production-ready workflow examples for GitHub Actions, GitLab CI, and Bitbucket Pipelines.

The Insights panel on the Alerts page now includes a trend chart to help visualize how alerts change over time. This enhancement offers better visibility into alert patterns and trends, paving the way for the upcoming Analytics V3 experience.

We’ve raised the maximum number of files that can be submitted in an API full-scan or diff-scan from 1,000 to 5,000 files, allowing larger projects and repos to be scanned without hitting file count limits.

We’ve enhanced how the Python CLI detects and scans files in commits, making it more reliable and accurate:

• Fixed file detection logic that previously missed changed manifest files, ensuring proper scanning of commits.
• Improved parsing of file inputs (list, string, JSON) to handle various formats more robustly.
• Enhanced detection of git repository changes and filtering of manifest files for commit-based scans.
• Resolved issues where scans would incorrectly skip when manifest files were present in commits.

We’ve added support for displaying the EPSS (Exploit Prediction Scoring System) score and percentile in the AlertModal. This provides better context for prioritizing vulnerabilities by showing the likelihood that a vulnerability will be exploited in the wild.

You can now upload gradle.lockfile files directly to Socket! This means Gradle projects no longer need to generate a CycloneDX SBOM to take advantage of Socket’s deep dependency analysis.

Using gradle.lockfile gives you more reproducible builds and improves protection against dependency hijacking—no more risk of a transitive dependency quietly changing under your nose.

If you're not using lockfiles yet, now’s a great time to start:

dependencyLocking.lockAllConfigurations()

Then run:

./gradlew dependencies --write-locks

…and commit the generated gradle.lockfile to your repo.

We've added CISA Known Exploited Vulnerabilities (KEV) data to the alert modal in the Socket Dashboard.

What’s new:

• A dedicated “Known Exploits” section appears when relevant, highlighting vulnerabilities actively exploited in the wild
• Quick access to critical context from CISA’s KEV catalog, surfaced directly in-package alerts

This helps you prioritize the most dangerous issues faster by identifying alerts tied to real-world exploitation.

What’s new:

• Added support for the api event type in GitLab pipelines, preventing CLI errors when triggered via API events.
• Introduced a new CLI flag: --license-file-name
  This allows you to specify a safe, static output filename (defaults to license_output.json) instead of relying on auto-generated names from repo/branch, which could sometimes produce invalid paths.

This update improves both stability and flexibility when running Socket in GitLab CI environments.