Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
@soos-io/soos-scm-audit
Advanced tools
The SOOS SCM Audit script should be used to determine the number of contributing developers in your organization.
You may choose to install the package globally or locally, if you are unsure, you can find out more about installing globally on npm.
run npm i -g @soos-io/soos-scm-audit@latest
run npm install --prefix ./soos @soos-io/soos-scm-audit
NOTE: you can find values for the --apiKey
and --clientId
at app.soos.io.
Generate a GitHub Public Access Token (PAT) for your organization and ensure that it has the full repo
permission set.
Plug in the values for --apiKey
, --clientId
, --secret
, and --organizationName
and run the script.
soos-scm-audit --apiKey=<API_KEY> --clientId=<CLIENT_ID> --scmType=GitHub --secret=<GITHUB_PAT> --organizationName="<GITHUB_ORG_NAME>"
node ./soos/node_modules/@soos-io/soos-scm-audit/bin/index.js --apiKey=<API_KEY> --clientId=<CLIENT_ID> --scmType=GitHub --secret=<GITHUB_PAT> --organizationName="<GITHUB_ORG_NAME>"
Generate an App Password for your organization and ensure that it has the Read Repositories
permission set.
Plug in the values for --apiKey
, --clientId
, --secret
, and --workspace
, and --username
and run the script.
soos-scm-audit --apiKey=<API_KEY> --clientId=<CLIENT_ID> --scmType=BitbucketCloud --secret=<APP_PASSWORD> --workspace="<BITBUCKET_WORKSPACE>" --username="<BITBUCKET_USERNAME>"
node ./soos/node_modules/@soos-io/soos-scm-audit/bin/index.js --apiKey=<API_KEY> --clientId=<CLIENT_ID> --scmType=BitbucketCloud --secret=<APP_PASSWORD> --workspace="<BITBUCKET_WORKSPACE>" --username="<BITBUCKET_USERNAME>"
General Parameters | Default | Description |
---|---|---|
--apiKey | SOOS API Key - get yours from SOOS Integration. Uses SOOS_API_KEY env value if present. | |
--clientId | SOOS Client ID - get yours from SOOS Integration. Uses SOOS_API_CLIENT env value if present. | |
--logLevel | Minimum level to show logs: DEBUG, INFO, WARN, FAIL, ERROR. | |
--saveResults | Save results to file. | |
--scmType | Scm Type to use for the audit. Options: GitHub, BitBucketCloud | |
--verbose | false | Enable verbose logging. |
BitBucket Cloud Parameters | Default | Description |
---|---|---|
--username | Username where the App password was generated for BitBucketCloud. | |
--secret | Secret to use for API calls. It should be a App Password | |
--workspace | Workspace name to run audit for BitBucketCloud. |
GitHub Parameters | Default | Description |
---|---|---|
--organizationName | Organization name to run audit for GitHub. | |
--secret | Secret to use for API calls. It should be a GPAT |
FAQs
SOOS SCM Audit CLI
We found that @soos-io/soos-scm-audit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.