@socketsecurity/sdk
Advanced tools
SDK for the Socket API client, generated by api.
npm install @socketsecurity/sdk
import { SocketSdk } from '@socketsecurity/sdk'
const client = new SocketSdk('yourApiKeyHere')
const res = await client.getQuota()
if (res.success) {
// Will output { quota: 123 } if the quota you have left is 123
console.log(res.data)
}
const { SocketSdk } = require('@socketsecurity/sdk')
getIssuesByNPMPackage(packageName, version)
packageName: A string representing the name of the npm package you want the issues forversion: A string representing the version of the npm package to return the issues forgetScoreByNPMPackage(packageName, version)
packageName: A string representing the name of the npm package you want the score forversion: A string representing the version of the npm package to return the score forcreateReportFromFilepaths(filePaths, pathsRelativeTo=., [issueRules])
filePaths: An array of absolute or relative string paths to package.json and any corresponding package-lock.json filespathsRelativeTo: A string path that the absolute paths filePaths are relative to. This to calculate where in your project the package.json/package-lock.json files livesissueRules: An object that follows the format of the socket.yml issue rules. Keys being issue names, values being a boolean that activates or deactivates it. Is applied on top of default config and organization config.getReportList()getReportSupportedFiles()getReport(id)
id: A string representing the id of a created reportgetQuota()getOrganizations()postSettings(selectors)
selectors: An array of settings selectors, e.g. [{ organization: 'id' }]getOrgSecurityPolicy(orgSlug)
orgSlug: the slug of the organizationcreateUserAgentFromPkgJson(pkgJson)
pkgJson: The content of the package.json you want to create a User-Agent string forThe SocketSdk constructor accepts an options object as its second argument and there a userAgent key with a string value can be specified. If specified then that user agent will be prepended to the SDK user agent. See this example:
const client = new SocketSdk('yourApiKeyHere', {
userAgent: 'example/1.2.3 (http://example.com/)'
})
Which results in the HTTP User-Agent header:
User-Agent: example/1.2.3 (http://example.com/) socketsecurity-sdk/0.5.2 (https://github.com/SocketDev/socket-sdk-js)
To easily create a user agent for your code you can use the additional export createUserAgentFromPkgJson() like this, assuming pkgJson contains your parsed package.json:
const client = new SocketSdk('yourApiKeyHere', {
userAgent: createUserAgentFromPkgJson(pkgJson)
})
Specifying a custom user agent is good practice when shipping a piece of code that others can use to make requests. Eg. our CLI uses this option to identify requests coming from it + mentioning which version of it that is used.
FAQs
SDK for the Socket API client
The npm package @socketsecurity/sdk receives a total of 22,001 weekly downloads. As such, @socketsecurity/sdk popularity was classified as popular.
We found that @socketsecurity/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
GemStuffer abuses RubyGems as an exfiltration channel, packaging scraped UK council portal data into junk gems published from new accounts.
Company News
Socket was named to the Rising in Cyber 2026 list, recognizing 30 private cybersecurity startups selected by CISOs and security executives.
Research
Socket detected 84 compromised TanStack npm package artifacts modified with suspected CI credential-stealing malware.