@socketsecurity/sdk
Advanced tools
SDK for the Socket API client, generated by api.
npm install @socketsecurity/sdk
import { SocketSdk } from '@socketsecurity/sdk'
const client = new SocketSdk('yourApiKeyHere')
const res = await client.getQuota()
if (res.success) {
// Will output { quota: 123 } if the quota you have left is 123
console.log(res.data)
}
const { SocketSdk } = require('@socketsecurity/sdk')
getIssuesByNPMPackage(packageName, version)
packageName: A string representing the name of the npm package you want the issues forversion: A string representing the version of the npm package to return the issues forgetScoreByNPMPackage(packageName, version)
packageName: A string representing the name of the npm package you want the score forversion: A string representing the version of the npm package to return the score forcreateReportFromFilePaths(filePaths, pathsRelativeTo=., [issueRules])
filePaths: An array of absolute or relative string paths to package.json and any corresponding package-lock.json filespathsRelativeTo: A string path that the absolute paths filePaths are relative to. This to calculate where in your project the package.json/package-lock.json files livesissueRules: An object that follows the format of the socket.yml issue rules. Keys being issue names, values being a boolean that activates or deactivates it. Is applied on top of default config and organization config.getReportList()getReportSupportedFiles()getReport(id)
id: A string representing the id of a created reportgetQuota()getOrganizations()postSettings(selectors)
selectors: An array of settings selectors, e.g. [{ organization: 'id' }]createUserAgentFromPkgJson(pkgJson)
pkgJson: The content of the package.json you want to create a User-Agent string forThe SocketSdk constructor accepts an options object as its second argument and there a userAgent key with a string value can be specified. If specified then that user agent will be prepended to the SDK user agent. See this example:
const client = new SocketSdk('yourApiKeyHere', {
userAgent: 'example/1.2.3 (http://example.com/)'
})
Which results in the HTTP User-Agent header:
User-Agent: example/1.2.3 (http://example.com/) socketsecurity-sdk/0.5.2 (https://github.com/SocketDev/socket-sdk-js)
To easily create a user agent for your code you can use the additional export createUserAgentFromPkgJson() like this, assuming pkgJson contains your parsed package.json:
const client = new SocketSdk('yourApiKeyHere', {
userAgent: createUserAgentFromPkgJson(pkgJson)
})
Specifying a custom user agent is good practice when shipping a piece of code that others can use to make requests. Eg. our CLI uses this option to identify requests coming from it + mentioning which version of it that is used.
FAQs
SDK for the Socket API client
We found that @socketsecurity/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.
Security News
The npm package for the LottieFiles Player web component was hit with a supply chain attack after a software engineer's npmjs credentials were compromised.