What's new at Socket?

We’ve added a new /alert-types API endpoint that returns detailed information for a given alert identifier, including support for multiple languages.

This fills a key gap in the API: previously, some alert metadata wasn’t available outside the UI. Now, you can fetch that context programmatically, streamlining integrations and reducing scan payload sizes.

For more information and implementation details, check out the Alert Types documentation.

The Socket Python CLI now correctly generates license attributions again. A recent change in how license data is structured, alongside a new diff endpoint, had caused errors during generation.

This update:

• Switches to the batch PURL endpoint to fetch license details
• Replaces license_text with licenseDetails and licenseAttrib

Everything should now work as expected when pulling license metadata via the CLI.

We’ve added a collapse/expand button to the sidebar in the Socket dashboard. It lives at the bottom of the left-hand menu and lets you shrink the sidebar to free up more space for content.

The dashboard now remembers your preference across sessions using cookies, just like it does with language settings.

This is especially handy if you're using the new Alerts Insights panel, which already takes up some space on the right. The button allows you to add more room when necessary.

We’ve made it easier to share code directly from the Socket File Explorer. When viewing a loaded file, you’ll now see a copy-to-clipboard button in the header for quickly grabbing and sharing snippets.

This update also includes a small UI polish:

• Tooltips are now properly applied to the download icon.
• We’ve renamed the Deobfuscate button to Reformat, clarifying its current behavior.

Socket CLI v1 is here! This release streamlines and simplifies the command-line experience with cleaner defaults, improved ergonomics, and includes several breaking changes.

Highlights:

• Dropped the need to manually pass org and cwd. We’ll use stored defaults and prompt you when needed.
• Reworked commands like socket analytics, socket audit-log, and socket repository for simpler, more consistent usage.
• Deprecated older commands in favor of new ones like socket scan diff, socket package score, and socket scan report.

This is now the default experience for everyone using the CLI. View the full migration guide for detailed changes and command updates.

New to the CLI?
Get started by installing Socket CLI on npm and reading the CLI docs. It’s the fastest way to automate scans, view threats, and manage your Socket org from the terminal.

You can now search blog posts on the Socket site! Whether you're looking for a recent product update, security alert, or research deep dive, the new search bar makes it easy to find what you need fast.

We’ve also added a handy “Back” button on individual blog post pages to make browsing smoother. Enjoy a better, faster way to explore our latest content.

We have dramatically improved accuracy and efficiency in Maven SBOM calculation. The vast majority of noise has been eliminated (~90+% noise reduction).

We now miss fewer compile time dependencies while collecting far fewer development dependencies. This plus a few other optimizations result in much faster SBOM resolution times - typically 10–100x faster (outpacing a cold-cache mvn dependency:tree on large projects).

As part of these changes, we've also improved support for:

- import scopes (BOM imports)

- exclusions

- dependencyManagement

- property inheritance

Check out our ecosystem support docs for a full overview of our Java support.

We’ve rolled out our redesigned dashboard to all Socket users!
The new layout improves focus with a cleaner visual hierarchy, collapsible sections, and a refreshed color scheme that’s optimized for focusing.

Check out the announcement on the blog for more details on the streamlined navigation, layout, and other UI updates.

You can now manually refresh alert data from the Alerts page.
Click the “…” menu in the top-right corner and select Request refresh to get the latest snapshot.

• Refreshes are rate-limited:
  • Enterprise: once every 6 hours
  • Team: once every 12 hours
• We’ll show you the time of the last refresh
• You’ll see an error if you hit the rate limit

This gives users more control when they need fresher alert data than the standard update cycle.

We’ve improved how the Socket Python CLI handles full scans.
Instead of relying on long-running connections, the CLI now polls for scan readiness before running a diff.

This makes it more resilient in environments where idle connections might be cut off by network settings.