Skip to content

Since the API Changes to not accept unsupported files changed the tem… #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 21, 2025
Merged

Since the API Changes to not accept unsupported files changed the tem… #132

merged 2 commits into from
Nov 21, 2025

Conversation

@dacoburn
Copy link
Collaborator

@dacoburn dacoburn commented Nov 21, 2025

Description

API changes caused temporary baseline scan files to be rejected by the validator when they don't have the expected .socket.facts.json filename format. This prevented baseline scans from being created when no previous scan exists, causing scan failures for new repositories.

Root Cause

The empty_head_scan_file() method was creating temporary files using tempfile.mkstemp() with a generic suffix (.empty) and prefix (socket_baseline_), which generated filenames that didn't match the expected .socket.facts.json format required by the API validator. The API now validates that manifest files follow expected naming patterns, causing these temporary baseline files to be rejected.

Fix

Changed the temporary file creation logic to create files with the exact filename .socket.facts.json in the system temporary directory instead of using tempfile.mkstemp(). This ensures the temporary baseline scan files pass API validation while maintaining the same functionality. Also added debug flag support to the reachability engine.

Public Changelog

  • Fix for the API Schema change for only accepting supported manifest file types which was breaking empty full scans
  • Added support for directories that don't have supported manifest files to create a report anyways and log out that there were no supported manifest files

@dacoburn
Since the API Changes to not accept unsupported files changed the tem…
4db876e 
…p scan file to be .socket.facts.json to pass the validator. Also, added the debug flag support to the reachability engine
@dacoburn
Fix if there is no supported manifest files
1677e61
@dacoburn dacoburn requested a review from a team as a code owner November 21, 2025 15:57
@dacoburn dacoburn requested review from mikolalysenko and rchatrath7 and removed request for a team November 21, 2025 15:57
@dacoburn dacoburn added the Product Changelog New features for the public changelog label Nov 21, 2025
@github-actions
Copy link

github-actions bot commented Nov 21, 2025
edited
Loading

🚀 Preview package published!

Install with:

pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==2.2.35.dev1

Docker image: socketdev/cli:pr-132

@dacoburn dacoburn merged commit 106766e into main Nov 21, 2025
6 of 7 checks passed
@dacoburn dacoburn deleted the doug/fix-tmp-file-creation branch November 21, 2025 16:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ahmadnassri ahmadnassri ahmadnassri approved these changes

@philidem philidem philidem approved these changes

@mikolalysenko mikolalysenko Awaiting requested review from mikolalysenko mikolalysenko is a code owner automatically assigned from SocketDev/eng

@rchatrath7 rchatrath7 Awaiting requested review from rchatrath7 rchatrath7 is a code owner automatically assigned from SocketDev/eng

Assignees

No one assigned

Labels

Product Changelog New features for the public changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dacoburn @ahmadnassri @philidem