@socketsecurity/sdk
Advanced tools
SDK for the Socket API client, generated by api.
npm install @socketsecurity/sdk
import { SocketSdk } from '@socketsecurity/sdk'
const client = new SocketSdk('yourApiKeyHere')
const res = await client.getQuota()
if (res.success) {
// Will output { quota: 123 } if the quota you have left is 123
console.log(res.data)
}
const { SocketSdk } = require('@socketsecurity/sdk')
getIssuesByNPMPackage(packageName, version)
packageName: A string representing the name of the npm package you want the issues forversion: A string representing the version of the npm package to return the issues forgetScoreByNPMPackage(packageName, version)
packageName: A string representing the name of the npm package you want the score forversion: A string representing the version of the npm package to return the score forcreateReportFromFilePaths(filePaths, pathsRelativeTo=., [issueRules])
filePaths: An array of absolute or relative string paths to package.json and any corresponding package-lock.json filespathsRelativeTo: A string path that the absolute paths filePaths are relative to. This to calculate where in your project the package.json/package-lock.json files livesissueRules: An object that follows the format of the socket.yml issue rules. Keys being issue names, values being a boolean that activates or deactivates it. Is applied on top of default config and organization config.getReportList()getReport(id)
id: A string representing the id of a created reportgetQuota()createUserAgentFromPkgJson(pkgJson)
pkgJson: The content of the package.json you want to create a User-Agent string forThe SocketSdk constructor accepts an options object as its second argument and there a userAgent key with a string value can be specified. If specified then that user agent will be prepended to the SDK user agent. See this example:
const client = new SocketSdk('yourApiKeyHere', {
userAgent: 'example/1.2.3 (http://example.com/)'
})
Which results in the HTTP User-Agent header:
User-Agent: example/1.2.3 (http://example.com/) socketsecurity-sdk/0.5.2 (https://github.com/SocketDev/socket-sdk-js)
To easily create a user agent for your code you can use the additional export createUserAgentFromPkgJson() like this, assuming pkgJson contains your parsed package.json:
const client = new SocketSdk('yourApiKeyHere', {
userAgent: createUserAgentFromPkgJson(pkgJson)
})
Specifying a custom user agent is good practice when shipping a piece of code that others can use to make requests. Eg. our CLI uses this option to identify requests coming from it + mentioning which version of it that is used.
FAQs
SDK for the Socket API client
We found that @socketsecurity/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.