Skip to content

Added back in transitive logic and fixed format of integration messages #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 21, 2025
Merged

Added back in transitive logic and fixed format of integration messages #6

merged 1 commit into from
Oct 21, 2025

Conversation

@dacoburn
Copy link
Collaborator

@dacoburn dacoburn commented Oct 21, 2025

Description

Fixed multiple issues with Socket Basics formatters and notifiers:

  1. Tier 1 Reachability Sorting: Socket Tier 1 results were displaying in incorrect order - packages and findings needed to be sorted by severity (Critical → High → Medium → Low) and reachability sections needed proper prioritization (Reachable → Unknown → Error → Unreachable)

  2. Full Scan URL Links Missing: Notifiers were not displaying "View Full Socket Scan" links at the bottom of notifications, even when the Socket API successfully returned the scan URL

  3. Slack Invalid Blocks Error: Slack notifier was receiving invalid_blocks errors due to content being appended to blocks instead of being added as separate structured blocks

  4. Incorrect notifications.yaml Path: All formatters were looking for notifications.yaml in the wrong location (socket_basics/core/notifications.yaml instead of socket_basics/notifications.yaml)

Root Cause

  1. Sorting Logic: Socket Tier 1 formatters were using ascending sort (sort(key=lambda x: x[0])) which correctly puts critical (0) before high (1), but the reachability sections were being iterated in the wrong order (Reachable → Unreachable → Unknown instead of the proper priority order). Additionally, the 'error' reachability type was missing from the grouping structure.

  2. URL Link Logic: The notifiers were conditionally creating a new dict only when full_scan_url existed, causing inconsistent behavior. The notification manager was also potentially overwriting the URL if it existed in app_config but not properly preserving it when already present in the facts dict.

  3. Slack Block Structure: The Slack notifier was appending the full scan URL directly to the content string within a single block, which could exceed Slack's 3000 character limit and cause validation errors. Additionally, there was no content length truncation.

  4. Path Resolution: Formatters were using Path(__file__).parent.parent.parent which resolved to socket_basics/core/ instead of going up one more level to socket_basics/.

Fix

  1. Socket Tier 1 Sorting & Grouping:

    • Updated purl_groups defaultdict to include all four reachability types: {'reachable': [], 'unknown': [], 'error': [], 'unreachable': []}
    • Modified iteration order to display reachability sections in priority order: Reachable → Unknown → Error → Unreachable
    • Maintained ascending severity sort within each section so Critical (0) appears before High (1)
    • Applied changes to all Socket Tier 1 formatters: slack.py, ms_teams.py, github_pr.py, jira.py

  2. Full Scan URL Links:

    • Changed all notifiers to always create a new dict with content, regardless of whether full_scan_url exists
    • Updated link text from "View complete scan results" to "View Full Socket Scan" across all notifiers
    • Modified notification manager to check if 'full_scan_html_url' not in facts: before attempting to set it from app_config, preserving the URL if already present in the results dict
    • For Slack specifically, changed to store the URL separately and add it as its own section block rather than appending to content

  3. Slack Block Validation:

    • Restructured Slack notifier to add the full scan URL as a separate section block instead of appending to content
    • Added content truncation (2900 character limit) to prevent exceeding Slack's 3000 char block limit
    • Enhanced error logging to show 500 characters of error response and debug payload for troubleshooting
    • Properly structured blocks array with URL added conditionally as a separate element

  4. notifications.yaml Path:

    • Updated all formatters to use Path(__file__).parent.parent.parent.parent / 'notifications.yaml' to correctly resolve to socket_basics/notifications.yaml
    • Applied to formatters in: opengrep/, trufflehog/, socket_tier1/ (slack, ms_teams, github_pr, jira, ms_sentinel, sumologic)

Public Changelog

  • Fixed Socket Tier 1 reachability results to display in correct priority order: Reachable → Unknown → Error → Unreachable, with findings sorted Critical → High → Medium → Low within each section
  • Added "View Full Socket Scan" links to all notification outputs (Slack, MS Teams, GitHub PR, Jira) that direct users to the complete Socket Security report
  • Fixed Slack notification errors by properly structuring message blocks and adding content truncation
  • Resolved configuration loading issues for result limits across all formatters

@dacoburn dacoburn requested a review from a team as a code owner October 21, 2025 04:32
@dacoburn dacoburn requested review from kapravel and mtorp and removed request for a team October 21, 2025 04:32
@dacoburn dacoburn merged commit 1f418da into main Oct 21, 2025
4 checks passed
@dacoburn dacoburn deleted the doug/update-params-and-transitive-logic branch October 21, 2025 05:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtorp mtorp mtorp approved these changes

@kapravel kapravel Awaiting requested review from kapravel kapravel is a code owner automatically assigned from SocketDev/eng

Assignees

No one assigned

Labels

product changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dacoburn @mtorp