feat: add @socketsecurity/lib and @socketsecurity/sdk as workspace packages #881
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add @socketsecurity/lib v3.2.8 and @socketsecurity/sdk v3.1.3 as internal workspace packages. This establishes the foundation for local development and testing of core infrastructure libraries within the monorepo. - Add packages/lib/ with core utilities and infrastructure for Socket.dev security tools - Add packages/sdk/ providing SDK for Socket API client - Both packages include comprehensive test suites, build scripts, and documentation
Update pnpm-workspace.yaml to include the new lib and sdk workspace packages for local development and dependency resolution.
Update all package dependencies to reference @socketsecurity/lib and @socketsecurity/sdk as workspace packages instead of catalog versions. This enables local development and testing of core libraries within the monorepo. Changed packages: - bootstrap - build-infra - cli (adds sdk workspace dependency) - codet5-models-builder - minilm-builder - models - node-smol-builder - onnxruntime - sbom-generator - socket - yoga-layout
Remove @socketsecurity/lib and @socketsecurity/sdk from root package dependencies and overrides since they are now managed as workspace packages. Individual packages will reference them via workspace protocol.
Update pnpm-lock.yaml to reflect workspace package structure with lib and sdk as internal workspace dependencies. This lockfile update ensures dependency resolution aligns with the new workspace configuration.
Remove CLAUDE.md files from lib and sdk packages as they duplicate the main CLI CLAUDE.md. Package-specific guidance is already covered in the root CLAUDE.md file.
mikolalysenko
approved these changes
Nov 5, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds
@socketsecurity/liband@socketsecurity/sdkas internal workspace packages to the socket-cli monorepo. This enables local development and testing of core infrastructure libraries within the monorepo without relying on published npm packages.Changes
packages/lib/andpackages/sdk/with full source code, tests, and build infrastructurepnpm-workspace.yaml@socketsecurity/liband@socketsecurity/sdkas workspace dependencies (viaworkspace:*protocol)pnpm-lock.yamlto reflect new workspace structurePackage Details
@socketsecurity/lib v3.2.8
@socketsecurity/sdk v3.1.3
Benefits
Test Plan
Migration Path
This change is transparent to existing CLI functionality. All packages now use local workspace versions of lib and sdk via pnpm's workspace protocol, which automatically resolves to the local packages during development.
🤖 Generated with Claude Code