diff --git a/openapi.json b/openapi.json index bd73b32a..1561d0c9 100644 --- a/openapi.json +++ b/openapi.json @@ -59,6 +59,9 @@ { "name": "API Tokens" }, + { + "name": "Webhooks" + }, { "name": "Metadata" }, @@ -376,6 +379,25 @@ "_type", "value" ] + }, + { + "type": "object", + "additionalProperties": false, + "properties": { + "_type": { + "type": "string", + "enum": [ + "summary" + ] + }, + "value": { + "$ref": "#/components/schemas/PurlSummarySchema" + } + }, + "required": [ + "_type", + "value" + ] } ] }, @@ -1590,6 +1612,49 @@ "inputPurl" ] }, + "PurlSummarySchema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl_input": { + "type": "integer", + "description": "", + "default": 0 + }, + "resolved": { + "type": "integer", + "description": "", + "default": 0 + }, + "errors": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl_malformed": { + "type": "integer", + "description": "", + "default": 0 + }, + "package_not_found": { + "type": "integer", + "description": "", + "default": 0 + } + }, + "required": [ + "package_not_found", + "purl_malformed" + ] + } + }, + "required": [ + "errors", + "purl_input", + "resolved" + ] + }, "SocketBatchPURLRequest": { "type": "object", "additionalProperties": false, @@ -10526,6 +10591,16 @@ "type": "boolean", "default": false } + }, + { + "name": "summary", + "in": "query", + "required": false, + "description": "Include a summary object at the end of the stream with counts of malformed, resolved, and not found PURLs.", + "schema": { + "type": "boolean", + "default": false + } } ], "requestBody": { @@ -11319,7 +11394,7 @@ "name": "committers", "in": "query", "required": false, - "description": "The committers to associate the full-scan with. Set query more than once to set multiple.", + "description": "The committers to associate with the full-scan. Set query more than once to set multiple.", "schema": { "type": "string" } @@ -12714,13 +12789,13 @@ "x-readme": {} } }, - "/orgs/{org_slug}/export/cdx/{id}": { + "/orgs/{org_slug}/full-scans/{full_scan_id}/files/tar": { "get": { "tags": [ "Full Scans" ], - "summary": "Export CycloneDX SBOM (Beta)", - "operationId": "exportCDX", + "summary": "Download full scan files as tarball", + "operationId": "downloadOrgFullScanFilesAsTar", "parameters": [ { "name": "org_slug", @@ -12732,98 +12807,394 @@ } }, { - "name": "id", + "name": "full_scan_id", "in": "path", "required": true, - "description": "The full scan OR sbom report ID", + "description": "The ID of the full scan", "schema": { "type": "string" } + } + ], + "security": [ + { + "bearerAuth": [ + "full-scans:list" + ] }, { - "name": "author", + "basicAuth": [ + "full-scans:list" + ] + } + ], + "description": "Download all files associated with a full scan in tar format.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- full-scans:list", + "responses": { + "200": { + "content": { + "application/x-tar": {} + }, + "description": "Tar archive of full scan files" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/orgs/{org_slug}/full-scans/archive": { + "post": { + "tags": [ + "Full Scans" + ], + "summary": "Create full scan from archive", + "operationId": "CreateOrgFullScanArchive", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "repo", + "in": "query", + "required": true, + "description": "The slug of the repository to associate the full-scan with.", + "schema": { + "type": "string" + } + }, + { + "name": "workspace", "in": "query", "required": false, - "description": "The person(s) who created the BOM.\nSet this value if you're intending the modify the BOM and claim authorship.", + "description": "The workspace of the repository to associate the full-scan with.", "schema": { - "type": "string", - "default": "OWASP Foundation" + "type": "string" } }, { - "name": "project_group", + "name": "branch", "in": "query", "required": false, - "description": "Dependency track project group", + "description": "The branch name to associate the full-scan with. Branch names must follow Git branch name rules: be 1–255 characters long; cannot be exactly @; cannot begin or end with /, ., or .lock; cannot contain \"//\", \"..\", or \"@{\"; and cannot include control characters, spaces, or any of ~^:?*[.", "schema": { - "type": "string", - "default": "" + "type": "string" } }, { - "name": "project_name", + "name": "commit_message", "in": "query", "required": false, - "description": "Dependency track project name. Default use the directory name", + "description": "The commit message to associate the full-scan with.", "schema": { - "type": "string", - "default": "" + "type": "string" } }, { - "name": "project_version", + "name": "commit_hash", "in": "query", "required": false, - "description": "Dependency track project version", + "description": "The commit hash to associate the full-scan with.", "schema": { - "type": "string", - "default": "" + "type": "string" } }, { - "name": "project_id", + "name": "pull_request", "in": "query", "required": false, - "description": "Dependency track project id. Either provide the id or the project name and version together", + "description": "The pull request number to associate the full-scan with.", + "schema": { + "type": "integer", + "minimum": 1 + } + }, + { + "name": "committers", + "in": "query", + "required": false, + "description": "The committers to associate with the full-scan. Set query more than once to set multiple.", + "schema": { + "type": "string" + } + }, + { + "name": "integration_type", + "in": "query", + "required": false, + "description": "The integration type to associate the full-scan with. Defaults to \"Api\" if omitted.", "schema": { "type": "string", - "default": "" + "enum": [ + "api", + "github", + "gitlab", + "bitbucket", + "azure" + ] } }, { - "name": "include_vulnerabilities", + "name": "integration_org_slug", "in": "query", "required": false, - "description": "Include vulnerability information in the SBOM. Also includes reachability/VEX if available", + "description": "The integration org slug to associate the full-scan with. If omitted, the Socket org name will be used. This is used to generate links and badges.", + "schema": { + "type": "string" + } + }, + { + "name": "make_default_branch", + "in": "query", + "required": false, + "description": "Set the default branch of the repository to the branch of this full-scan. A branch name is required with this option.", + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "set_as_pending_head", + "in": "query", + "required": false, + "description": "Designate this full-scan as the latest scan of a given branch. Default branch head scans are included in org alerts. This is only supported on the default branch. A branch name is required with this option.", + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "tmp", + "in": "query", + "required": false, + "description": "Create a temporary full-scan that is not listed in the reports dashboard. Cannot be used when set_as_pending_head=true.", + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "scan_type", + "in": "query", + "required": false, + "description": "The type of scan to perform. Defaults to 'socket'. Must be 32 characters or less. Used for categorizing multiple SBOM heads per repository branch.", "schema": { "type": "string", - "default": "false" + "default": "socket" } } ], + "requestBody": { + "content": { + "multipart/form-data": { + "schema": { + "type": "object", + "additionalProperties": { + "type": "string", + "default": { + "type": "Buffer", + "data": [] + }, + "format": "binary", + "description": "" + }, + "properties": {}, + "description": "" + } + } + }, + "required": false + }, "security": [ { "bearerAuth": [ - "report:read" + "full-scans:create" ] }, { "basicAuth": [ - "report:read" + "full-scans:create" ] } ], - "description": "Export a Socket SBOM as a CycloneDX SBOM\n\nSupported ecosystems:\n\n- crates\n- go\n- maven\n- npm\n- nuget\n- pypi\n- rubygems\n- spdx\n- cdx\n\nUnsupported ecosystems are filtered from the export.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- report:read", + "description": "Create a full scan by uploading one or more archives. Supported archive formats include **.tar**, **.tar.gz/.tgz**, and **.zip**.\n\nEach uploaded archive is extracted server-side and any supported manifest files (like package.json, package-lock.json, pnpm-lock.yaml, etc.) are ingested for the scan. If you upload multiple archives in a single request, the manifests from every archive are merged into one full scan. The response includes any files that were ignored.\n\nThe maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 67 MB.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- full-scans:create", "responses": { - "200": { + "201": { "content": { "application/json": { "schema": { - "$ref": "#/components/schemas/CDXManifestSchema" + "type": "object", + "additionalProperties": false, + "properties": { + "id": { + "type": "string", + "description": "", + "default": "" + }, + "created_at": { + "type": "string", + "description": "", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "", + "default": "" + }, + "organization_id": { + "type": "string", + "description": "", + "default": "" + }, + "organization_slug": { + "type": "string", + "description": "", + "default": "" + }, + "repository_id": { + "type": "string", + "description": "", + "default": "" + }, + "repository_slug": { + "type": "string", + "description": "", + "default": "" + }, + "branch": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "commit_message": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "commit_hash": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "pull_request": { + "type": "integer", + "description": "", + "default": 0, + "nullable": true + }, + "committers": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "html_url": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "api_url": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "workspace": { + "type": "string", + "description": "", + "default": "" + }, + "repo": { + "type": "string", + "description": "", + "default": "" + }, + "html_report_url": { + "type": "string", + "description": "", + "default": "" + }, + "integration_type": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "integration_repo_url": { + "type": "string", + "description": "", + "default": "" + }, + "integration_branch_url": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "integration_commit_url": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "integration_pull_request_url": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "scan_state": { + "type": "string", + "enum": [ + "pending", + "precrawl", + "resolve", + "scan" + ], + "description": "The current processing status of the SBOM", + "default": "pending", + "nullable": true + }, + "unmatchedFiles": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + } + }, + "description": "" } } }, - "description": "CycloneDX SBOM" + "description": "The details of the created full scan." }, "400": { "$ref": "#/components/responses/SocketBadRequest" @@ -12834,6 +13205,9 @@ "403": { "$ref": "#/components/responses/SocketForbidden" }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, "429": { "$ref": "#/components/responses/SocketTooManyRequestsResponse" } @@ -12841,13 +13215,140 @@ "x-readme": {} } }, - "/orgs/{org_slug}/export/spdx/{id}": { + "/orgs/{org_slug}/export/cdx/{id}": { "get": { "tags": [ "Full Scans" ], - "summary": "Export SPDX SBOM (Beta)", - "operationId": "exportSPDX", + "summary": "Export CycloneDX SBOM (Beta)", + "operationId": "exportCDX", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "id", + "in": "path", + "required": true, + "description": "The full scan OR sbom report ID", + "schema": { + "type": "string" + } + }, + { + "name": "author", + "in": "query", + "required": false, + "description": "The person(s) who created the BOM.\nSet this value if you're intending the modify the BOM and claim authorship.", + "schema": { + "type": "string", + "default": "OWASP Foundation" + } + }, + { + "name": "project_group", + "in": "query", + "required": false, + "description": "Dependency track project group", + "schema": { + "type": "string", + "default": "" + } + }, + { + "name": "project_name", + "in": "query", + "required": false, + "description": "Dependency track project name. Default use the directory name", + "schema": { + "type": "string", + "default": "" + } + }, + { + "name": "project_version", + "in": "query", + "required": false, + "description": "Dependency track project version", + "schema": { + "type": "string", + "default": "" + } + }, + { + "name": "project_id", + "in": "query", + "required": false, + "description": "Dependency track project id. Either provide the id or the project name and version together", + "schema": { + "type": "string", + "default": "" + } + }, + { + "name": "include_vulnerabilities", + "in": "query", + "required": false, + "description": "Include vulnerability information in the SBOM. Also includes reachability/VEX if available", + "schema": { + "type": "string", + "default": "false" + } + } + ], + "security": [ + { + "bearerAuth": [ + "report:read" + ] + }, + { + "basicAuth": [ + "report:read" + ] + } + ], + "description": "Export a Socket SBOM as a CycloneDX SBOM\n\nSupported ecosystems:\n\n- crates\n- go\n- maven\n- npm\n- nuget\n- pypi\n- rubygems\n- spdx\n- cdx\n\nUnsupported ecosystems are filtered from the export.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- report:read", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/CDXManifestSchema" + } + } + }, + "description": "CycloneDX SBOM" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/orgs/{org_slug}/export/spdx/{id}": { + "get": { + "tags": [ + "Full Scans" + ], + "summary": "Export SPDX SBOM (Beta)", + "operationId": "exportSPDX", "parameters": [ { "name": "org_slug", @@ -34252,7 +34753,12 @@ "threat-feed:list", "triage", "triage:alerts-list", - "triage:alerts-update" + "triage:alerts-update", + "webhooks", + "webhooks:create", + "webhooks:list", + "webhooks:update", + "webhooks:delete" ], "description": "", "default": "repo:list" @@ -34601,7 +35107,12 @@ "threat-feed:list", "triage", "triage:alerts-list", - "triage:alerts-update" + "triage:alerts-update", + "webhooks", + "webhooks:create", + "webhooks:list", + "webhooks:update", + "webhooks:delete" ], "description": "", "default": "repo:list" @@ -34767,7 +35278,12 @@ "threat-feed:list", "triage", "triage:alerts-list", - "triage:alerts-update" + "triage:alerts-update", + "webhooks", + "webhooks:create", + "webhooks:list", + "webhooks:update", + "webhooks:delete" ], "description": "", "default": "repo:list" @@ -35781,6 +36297,16 @@ "type": "boolean", "default": false } + }, + { + "name": "include_responsible_direct_dependencies", + "in": "query", + "required": false, + "description": "Set to include the direct dependencies responsible for introducing the dependency or dependencies with the vulnerability in the response", + "schema": { + "type": "boolean", + "default": false + } } ], "security": [ @@ -35846,17 +36372,7 @@ "fixDetails": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "responsibleDirectDependencyPurls": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "The PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability" - }, - "description": "" - }, "fixes": { "type": "array", "items": { @@ -35903,11 +36419,88 @@ ] }, "description": "" + }, + "responsibleDirectDependencies": { + "type": "object", + "additionalProperties": { + "type": "object", + "additionalProperties": false, + "properties": { + "currentVersion": { + "type": "string", + "description": "", + "default": "", + "format": "The current version of the package" + }, + "nextAvailableVersion": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "version": { + "type": "string", + "description": "", + "default": "", + "format": "The next available version of the package" + }, + "updateType": { + "type": "string", + "enum": [ + "patch", + "minor", + "major", + "unknown" + ], + "description": "The type of version update (patch, minor, major, or unknown if it cannot be determined)", + "default": "unknown" + } + }, + "required": [ + "updateType", + "version" + ], + "nullable": true + }, + "fixByUpgradingTo": { + "type": "object", + "additionalProperties": false, + "description": "The version and update type of the package that is necessary to fix the vulnerability. If the value is null, it means the package does not have to be upgraded to fix the vulnerability", + "properties": { + "version": { + "type": "string", + "description": "", + "default": "" + }, + "updateType": { + "type": "string", + "enum": [ + "patch", + "minor", + "major", + "unknown" + ], + "description": "The type of version update (patch, minor, major, or unknown if it cannot be determined)", + "default": "unknown" + } + }, + "required": [ + "updateType", + "version" + ], + "nullable": true + } + }, + "required": [ + "currentVersion" + ] + }, + "properties": {}, + "description": "The keys are the PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability.", + "nullable": true } }, "required": [ - "fixes", - "responsibleDirectDependencyPurls" + "fixes" ] }, "advisoryDetails": { @@ -36046,17 +36639,7 @@ "fixDetails": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "responsibleDirectDependencyPurls": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "The PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability" - }, - "description": "" - }, "fixes": { "type": "array", "items": { @@ -36132,152 +36715,229 @@ ] }, "description": "" - } - }, - "required": [ - "fixes", - "responsibleDirectDependencyPurls", - "unfixablePurls" - ] - }, - "advisoryDetails": { - "type": "object", - "additionalProperties": false, - "properties": { - "title": { - "type": "string", - "description": "", - "default": "", - "nullable": true - }, - "description": { - "type": "string", - "description": "", - "default": "", - "nullable": true - }, - "cwes": { - "type": "array", - "items": { - "type": "string", - "description": "", - "default": "" - }, - "description": "" - }, - "severity": { - "type": "string", - "enum": [ - "LOW", - "MODERATE", - "HIGH", - "CRITICAL" - ], - "description": "Severity level of the vulnerability", - "default": "LOW" }, - "cvssVector": { - "type": "string", - "description": "", - "default": "", - "nullable": true - }, - "publishedAt": { - "type": "string", - "description": "", - "default": "" - }, - "kev": { - "type": "boolean", - "default": false, - "description": "Whether the vulnerability is a Known Exploited Vulnerability" - }, - "epss": { - "type": "number", - "description": "Exploit Prediction Scoring System score", - "default": 0, - "nullable": true - }, - "affectedPurls": { - "type": "array", - "items": { + "responsibleDirectDependencies": { + "type": "object", + "additionalProperties": { "type": "object", "additionalProperties": false, - "description": "", "properties": { - "purl": { + "currentVersion": { "type": "string", "description": "", "default": "", - "format": "The PURL (unique package identifier) of the affected package" + "format": "The current version of the package" }, - "affectedRange": { - "type": "string", + "nextAvailableVersion": { + "type": "object", + "additionalProperties": false, "description": "", - "default": "The range of vulnerable versions" + "properties": { + "version": { + "type": "string", + "description": "", + "default": "", + "format": "The next available version of the package" + }, + "updateType": { + "type": "string", + "enum": [ + "patch", + "minor", + "major", + "unknown" + ], + "description": "The type of version update (patch, minor, major, or unknown if it cannot be determined)", + "default": "unknown" + } + }, + "required": [ + "updateType", + "version" + ], + "nullable": true + }, + "fixByUpgradingTo": { + "type": "object", + "additionalProperties": false, + "description": "The version and update type of the package that is necessary to fix the vulnerability. If the value is null, it means the package does not have to be upgraded to fix the vulnerability", + "properties": { + "version": { + "type": "string", + "description": "", + "default": "" + }, + "updateType": { + "type": "string", + "enum": [ + "patch", + "minor", + "major", + "unknown" + ], + "description": "The type of version update (patch, minor, major, or unknown if it cannot be determined)", + "default": "unknown" + } + }, + "required": [ + "updateType", + "version" + ], + "nullable": true } }, "required": [ - "affectedRange", - "purl" + "currentVersion" ] }, - "description": "" + "properties": {}, + "description": "The keys are the PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability.", + "nullable": true } }, - "description": "", - "nullable": true - } - }, - "required": [ - "advisoryDetails", - "cve", - "fixDetails", - "ghsa", - "type" - ] - } - } - }, - { - "type": "object", - "additionalProperties": false, - "properties": { - "type": { - "type": "string", - "enum": [ - "errorComputingFix" - ] - }, - "value": { - "type": "object", - "additionalProperties": false, - "description": "", - "properties": { - "type": { - "type": "string", - "enum": [ - "errorComputingFix" - ], - "description": "", - "default": "errorComputingFix" - }, - "ghsa": { - "type": "string", - "description": "", - "default": "", - "nullable": true - }, - "cve": { - "type": "string", - "description": "", - "default": "", - "nullable": true - }, - "message": { - "type": "string", - "description": "", - "default": "" + "required": [ + "fixes", + "unfixablePurls" + ] + }, + "advisoryDetails": { + "type": "object", + "additionalProperties": false, + "properties": { + "title": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "description": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cwes": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "severity": { + "type": "string", + "enum": [ + "LOW", + "MODERATE", + "HIGH", + "CRITICAL" + ], + "description": "Severity level of the vulnerability", + "default": "LOW" + }, + "cvssVector": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "publishedAt": { + "type": "string", + "description": "", + "default": "" + }, + "kev": { + "type": "boolean", + "default": false, + "description": "Whether the vulnerability is a Known Exploited Vulnerability" + }, + "epss": { + "type": "number", + "description": "Exploit Prediction Scoring System score", + "default": 0, + "nullable": true + }, + "affectedPurls": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "", + "format": "The PURL (unique package identifier) of the affected package" + }, + "affectedRange": { + "type": "string", + "description": "", + "default": "The range of vulnerable versions" + } + }, + "required": [ + "affectedRange", + "purl" + ] + }, + "description": "" + } + }, + "description": "", + "nullable": true + } + }, + "required": [ + "advisoryDetails", + "cve", + "fixDetails", + "ghsa", + "type" + ] + } + } + }, + { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "errorComputingFix" + ] + }, + "value": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "enum": [ + "errorComputingFix" + ], + "description": "", + "default": "errorComputingFix" + }, + "ghsa": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cve": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "message": { + "type": "string", + "description": "", + "default": "" }, "advisoryDetails": { "type": "object", @@ -36675,6 +37335,932 @@ "x-readme": {} } }, + "/orgs/{org_slug}/webhooks": { + "get": { + "tags": [ + "Webhooks" + ], + "summary": "List all webhooks", + "externalDocs": { + "description": "Webhooks documentation", + "url": "https://docs.socket.dev/docs/webhooks" + }, + "operationId": "getOrgWebhooksList", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "sort", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "string", + "default": "created_at" + } + }, + { + "name": "direction", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "string", + "default": "desc" + } + }, + { + "name": "per_page", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "integer", + "minimum": 1, + "maximum": 100, + "default": 30 + } + }, + { + "name": "page", + "in": "query", + "required": false, + "description": "", + "schema": { + "type": "integer", + "minimum": 1, + "default": 1 + } + } + ], + "security": [ + { + "bearerAuth": [ + "webhooks:list" + ] + }, + { + "basicAuth": [ + "webhooks:list" + ] + } + ], + "description": "List all webhooks in the specified organization.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- webhooks:list", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "results": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "id": { + "type": "string", + "description": "The ID of the webhook", + "default": "" + }, + "created_at": { + "type": "string", + "description": "The creation date of the webhook", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "The last update date of the webhook", + "default": "" + }, + "name": { + "type": "string", + "description": "The name of the webhook", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the webhook", + "default": "", + "nullable": true + }, + "url": { + "type": "string", + "description": "The URL where webhook events will be sent", + "default": "" + }, + "secret": { + "type": "string", + "description": "The signing key used to sign webhook payloads", + "default": "", + "nullable": true + }, + "events": { + "type": "array", + "items": { + "type": "string", + "description": "The event types to subscribe to", + "default": "" + }, + "description": "Array of event names" + }, + "headers": { + "type": "object", + "description": "Custom headers to include in webhook requests", + "default": null, + "nullable": true + }, + "filters": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "repositoryIds": { + "type": "array", + "items": { + "type": "string", + "description": "Repository IDs to filter events", + "default": "" + }, + "description": "Array of repository IDs", + "nullable": true + } + }, + "required": [ + "repositoryIds" + ], + "nullable": true + } + }, + "required": [ + "created_at", + "description", + "events", + "filters", + "headers", + "id", + "name", + "secret", + "updated_at", + "url" + ] + }, + "description": "" + }, + "nextPage": { + "type": "integer", + "description": "", + "default": 0, + "nullable": true + } + }, + "required": [ + "nextPage", + "results" + ] + } + } + }, + "description": "List of webhooks" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + }, + "post": { + "tags": [ + "Webhooks" + ], + "summary": "Create a webhook", + "externalDocs": { + "description": "Webhooks documentation", + "url": "https://docs.socket.dev/docs/webhooks" + }, + "operationId": "createOrgWebhook", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "The name of the webhook", + "default": "" + }, + "url": { + "type": "string", + "description": "The URL where webhook events will be sent", + "default": "" + }, + "secret": { + "type": "string", + "description": "The signing key used to sign webhook payloads", + "default": "" + }, + "events": { + "type": "array", + "items": { + "type": "string", + "description": "The event types to subscribe to", + "default": "" + }, + "description": "Array of event names" + }, + "description": { + "type": "string", + "description": "The description of the webhook", + "default": "", + "nullable": true + }, + "headers": { + "type": "object", + "description": "Custom headers to include in webhook requests", + "default": null, + "nullable": true + }, + "filters": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "repositoryIds": { + "type": "array", + "items": { + "type": "string", + "description": "Repository IDs to filter events", + "default": "" + }, + "description": "Array of repository IDs", + "nullable": true + } + }, + "required": [ + "repositoryIds" + ], + "nullable": true + } + }, + "required": [ + "events", + "name", + "secret", + "url" + ] + } + } + }, + "required": false + }, + "security": [ + { + "bearerAuth": [ + "webhooks:create" + ] + }, + { + "basicAuth": [ + "webhooks:create" + ] + } + ], + "description": "Create a new webhook. Returns the created webhook details.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- webhooks:create", + "responses": { + "201": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "id": { + "type": "string", + "description": "The ID of the webhook", + "default": "" + }, + "created_at": { + "type": "string", + "description": "The creation date of the webhook", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "The last update date of the webhook", + "default": "" + }, + "name": { + "type": "string", + "description": "The name of the webhook", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the webhook", + "default": "", + "nullable": true + }, + "url": { + "type": "string", + "description": "The URL where webhook events will be sent", + "default": "" + }, + "secret": { + "type": "string", + "description": "The signing key used to sign webhook payloads", + "default": "", + "nullable": true + }, + "events": { + "type": "array", + "items": { + "type": "string", + "description": "The event types to subscribe to", + "default": "" + }, + "description": "Array of event names" + }, + "headers": { + "type": "object", + "description": "Custom headers to include in webhook requests", + "default": null, + "nullable": true + }, + "filters": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "repositoryIds": { + "type": "array", + "items": { + "type": "string", + "description": "Repository IDs to filter events", + "default": "" + }, + "description": "Array of repository IDs", + "nullable": true + } + }, + "required": [ + "repositoryIds" + ], + "nullable": true + } + }, + "required": [ + "created_at", + "description", + "events", + "filters", + "headers", + "id", + "name", + "secret", + "updated_at", + "url" + ] + } + } + }, + "description": "The created webhook" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, + "/orgs/{org_slug}/webhooks/{webhook_id}": { + "get": { + "tags": [ + "Webhooks" + ], + "summary": "Get webhook", + "externalDocs": { + "description": "Webhooks documentation", + "url": "https://docs.socket.dev/docs/webhooks" + }, + "operationId": "getOrgWebhook", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "webhook_id", + "in": "path", + "required": true, + "description": "The ID of the webhook", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "bearerAuth": [ + "webhooks:list" + ] + }, + { + "basicAuth": [ + "webhooks:list" + ] + } + ], + "description": "Get a webhook for the specified organization.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- webhooks:list", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "id": { + "type": "string", + "description": "The ID of the webhook", + "default": "" + }, + "created_at": { + "type": "string", + "description": "The creation date of the webhook", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "The last update date of the webhook", + "default": "" + }, + "name": { + "type": "string", + "description": "The name of the webhook", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the webhook", + "default": "", + "nullable": true + }, + "url": { + "type": "string", + "description": "The URL where webhook events will be sent", + "default": "" + }, + "secret": { + "type": "string", + "description": "The signing key used to sign webhook payloads", + "default": "", + "nullable": true + }, + "events": { + "type": "array", + "items": { + "type": "string", + "description": "The event types to subscribe to", + "default": "" + }, + "description": "Array of event names" + }, + "headers": { + "type": "object", + "description": "Custom headers to include in webhook requests", + "default": null, + "nullable": true + }, + "filters": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "repositoryIds": { + "type": "array", + "items": { + "type": "string", + "description": "Repository IDs to filter events", + "default": "" + }, + "description": "Array of repository IDs", + "nullable": true + } + }, + "required": [ + "repositoryIds" + ], + "nullable": true + } + }, + "required": [ + "created_at", + "description", + "events", + "filters", + "headers", + "id", + "name", + "secret", + "updated_at", + "url" + ] + } + } + }, + "description": "Webhook details" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + }, + "put": { + "tags": [ + "Webhooks" + ], + "summary": "Update webhook", + "externalDocs": { + "description": "Webhooks documentation", + "url": "https://docs.socket.dev/docs/webhooks" + }, + "operationId": "updateOrgWebhook", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "webhook_id", + "in": "path", + "required": true, + "description": "The ID of the webhook", + "schema": { + "type": "string" + } + } + ], + "requestBody": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "properties": { + "name": { + "type": "string", + "description": "The name of the webhook", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the webhook", + "default": "", + "nullable": true + }, + "url": { + "type": "string", + "description": "The URL where webhook events will be sent", + "default": "" + }, + "secret": { + "type": "string", + "description": "The signing key used to sign webhook payloads", + "default": "", + "nullable": true + }, + "events": { + "type": "array", + "items": { + "type": "string", + "description": "The event types to subscribe to", + "default": "" + }, + "description": "Array of event names" + }, + "headers": { + "type": "object", + "description": "Custom headers to include in webhook requests", + "default": null, + "nullable": true + }, + "filters": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "repositoryIds": { + "type": "array", + "items": { + "type": "string", + "description": "Repository IDs to filter events", + "default": "" + }, + "description": "Array of repository IDs", + "nullable": true + } + }, + "required": [ + "repositoryIds" + ], + "nullable": true + } + }, + "description": "" + } + } + }, + "required": false + }, + "security": [ + { + "bearerAuth": [ + "webhooks:update" + ] + }, + { + "basicAuth": [ + "webhooks:update" + ] + } + ], + "description": "Update details of an existing webhook.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- webhooks:update", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "id": { + "type": "string", + "description": "The ID of the webhook", + "default": "" + }, + "created_at": { + "type": "string", + "description": "The creation date of the webhook", + "default": "" + }, + "updated_at": { + "type": "string", + "description": "The last update date of the webhook", + "default": "" + }, + "name": { + "type": "string", + "description": "The name of the webhook", + "default": "" + }, + "description": { + "type": "string", + "description": "The description of the webhook", + "default": "", + "nullable": true + }, + "url": { + "type": "string", + "description": "The URL where webhook events will be sent", + "default": "" + }, + "secret": { + "type": "string", + "description": "The signing key used to sign webhook payloads", + "default": "", + "nullable": true + }, + "events": { + "type": "array", + "items": { + "type": "string", + "description": "The event types to subscribe to", + "default": "" + }, + "description": "Array of event names" + }, + "headers": { + "type": "object", + "description": "Custom headers to include in webhook requests", + "default": null, + "nullable": true + }, + "filters": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "repositoryIds": { + "type": "array", + "items": { + "type": "string", + "description": "Repository IDs to filter events", + "default": "" + }, + "description": "Array of repository IDs", + "nullable": true + } + }, + "required": [ + "repositoryIds" + ], + "nullable": true + } + }, + "required": [ + "created_at", + "description", + "events", + "filters", + "headers", + "id", + "name", + "secret", + "updated_at", + "url" + ] + } + } + }, + "description": "Updated webhook details" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + }, + "delete": { + "tags": [ + "Webhooks" + ], + "summary": "Delete webhook", + "externalDocs": { + "description": "Webhooks documentation", + "url": "https://docs.socket.dev/docs/webhooks" + }, + "operationId": "deleteOrgWebhook", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "webhook_id", + "in": "path", + "required": true, + "description": "The ID of the webhook", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "bearerAuth": [ + "webhooks:delete" + ] + }, + { + "basicAuth": [ + "webhooks:delete" + ] + } + ], + "description": "Delete a webhook. This will stop all future webhook deliveries to the webhook URL.\n\nThis endpoint consumes 1 unit of your quota.\n\nThis endpoint requires the following org token scopes:\n- webhooks:delete", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "status": { + "type": "string", + "description": "", + "default": "ok" + } + }, + "required": [ + "status" + ] + } + } + }, + "description": "Success" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, "/license-policy": { "post": { "tags": [ diff --git a/types/api.d.ts b/types/api.d.ts index 255e9925..3526d507 100644 --- a/types/api.d.ts +++ b/types/api.d.ts @@ -212,6 +212,34 @@ export interface paths { */ get: operations['GetOrgFullScanDiffGfm'] } + '/orgs/{org_slug}/full-scans/{full_scan_id}/files/tar': { + /** + * Download full scan files as tarball + * @description Download all files associated with a full scan in tar format. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - full-scans:list + */ + get: operations['downloadOrgFullScanFilesAsTar'] + } + '/orgs/{org_slug}/full-scans/archive': { + /** + * Create full scan from archive + * @description Create a full scan by uploading one or more archives. Supported archive formats include **.tar**, **.tar.gz/.tgz**, and **.zip**. + * + * Each uploaded archive is extracted server-side and any supported manifest files (like package.json, package-lock.json, pnpm-lock.yaml, etc.) are ingested for the scan. If you upload multiple archives in a single request, the manifests from every archive are merged into one full scan. The response includes any files that were ignored. + * + * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 67 MB. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - full-scans:create + */ + post: operations['CreateOrgFullScanArchive'] + } '/orgs/{org_slug}/export/cdx/{id}': { /** * Export CycloneDX SBOM (Beta) @@ -915,6 +943,60 @@ export interface paths { */ get: operations['fetch-fixes'] } + '/orgs/{org_slug}/webhooks': { + /** + * List all webhooks + * @description List all webhooks in the specified organization. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:list + */ + get: operations['getOrgWebhooksList'] + /** + * Create a webhook + * @description Create a new webhook. Returns the created webhook details. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:create + */ + post: operations['createOrgWebhook'] + } + '/orgs/{org_slug}/webhooks/{webhook_id}': { + /** + * Get webhook + * @description Get a webhook for the specified organization. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:list + */ + get: operations['getOrgWebhook'] + /** + * Update webhook + * @description Update details of an existing webhook. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:update + */ + put: operations['updateOrgWebhook'] + /** + * Delete webhook + * @description Delete a webhook. This will stop all future webhook deliveries to the webhook URL. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:delete + */ + delete: operations['deleteOrgWebhook'] + } '/license-policy': { /** * License Policy (Beta) @@ -1516,6 +1598,11 @@ export interface components { _type: 'purlError' value: components['schemas']['PurlErrorSchema'] } + | { + /** @enum {string} */ + _type: 'summary' + value: components['schemas']['PurlSummarySchema'] + } SocketBatchPURLFetch: { components: Array } @@ -1898,6 +1985,18 @@ export interface components { /** @default */ inputPurl: string } + PurlSummarySchema: { + /** @default 0 */ + purl_input: number + /** @default 0 */ + resolved: number + errors: { + /** @default 0 */ + purl_malformed: number + /** @default 0 */ + package_not_found: number + } + } SocketBatchPURLRequest: { /** @default */ purl: string @@ -4764,6 +4863,8 @@ export interface operations { purlErrors?: boolean /** @description Return only cached results, do not attempt to scan new artifacts or rescan stale results. */ cachedResultsOnly?: boolean + /** @description Include a summary object at the end of the stream with counts of malformed, resolved, and not found PURLs. */ + summary?: boolean } } requestBody?: { @@ -5043,7 +5144,7 @@ export interface operations { commit_hash?: string /** @description The pull request number to associate the full-scan with. */ pull_request?: number - /** @description The committers to associate the full-scan with. Set query more than once to set multiple. */ + /** @description The committers to associate with the full-scan. Set query more than once to set multiple. */ committers?: string /** @description The integration type to associate the full-scan with. Defaults to "Api" if omitted. */ integration_type?: 'api' | 'github' | 'gitlab' | 'bitbucket' | 'azure' @@ -5520,6 +5621,158 @@ export interface operations { 429: components['responses']['SocketTooManyRequestsResponse'] } } + /** + * Download full scan files as tarball + * @description Download all files associated with a full scan in tar format. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - full-scans:list + */ + downloadOrgFullScanFilesAsTar: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string + /** @description The ID of the full scan */ + full_scan_id: string + } + } + responses: { + /** @description Tar archive of full scan files */ + 200: { + content: { + 'application/x-tar': unknown + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } + /** + * Create full scan from archive + * @description Create a full scan by uploading one or more archives. Supported archive formats include **.tar**, **.tar.gz/.tgz**, and **.zip**. + * + * Each uploaded archive is extracted server-side and any supported manifest files (like package.json, package-lock.json, pnpm-lock.yaml, etc.) are ingested for the scan. If you upload multiple archives in a single request, the manifests from every archive are merged into one full scan. The response includes any files that were ignored. + * + * The maximum combined number of files extracted from your upload is 5000 and each extracted file can be no bigger than 67 MB. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - full-scans:create + */ + CreateOrgFullScanArchive: { + parameters: { + query: { + /** @description The slug of the repository to associate the full-scan with. */ + repo: string + /** @description The workspace of the repository to associate the full-scan with. */ + workspace?: string + /** @description The branch name to associate the full-scan with. Branch names must follow Git branch name rules: be 1–255 characters long; cannot be exactly @; cannot begin or end with /, ., or .lock; cannot contain "//", "..", or "@{"; and cannot include control characters, spaces, or any of ~^:?*[. */ + branch?: string + /** @description The commit message to associate the full-scan with. */ + commit_message?: string + /** @description The commit hash to associate the full-scan with. */ + commit_hash?: string + /** @description The pull request number to associate the full-scan with. */ + pull_request?: number + /** @description The committers to associate with the full-scan. Set query more than once to set multiple. */ + committers?: string + /** @description The integration type to associate the full-scan with. Defaults to "Api" if omitted. */ + integration_type?: 'api' | 'github' | 'gitlab' | 'bitbucket' | 'azure' + /** @description The integration org slug to associate the full-scan with. If omitted, the Socket org name will be used. This is used to generate links and badges. */ + integration_org_slug?: string + /** @description Set the default branch of the repository to the branch of this full-scan. A branch name is required with this option. */ + make_default_branch?: boolean + /** @description Designate this full-scan as the latest scan of a given branch. Default branch head scans are included in org alerts. This is only supported on the default branch. A branch name is required with this option. */ + set_as_pending_head?: boolean + /** @description Create a temporary full-scan that is not listed in the reports dashboard. Cannot be used when set_as_pending_head=true. */ + tmp?: boolean + /** @description The type of scan to perform. Defaults to 'socket'. Must be 32 characters or less. Used for categorizing multiple SBOM heads per repository branch. */ + scan_type?: string + } + path: { + /** @description The slug of the organization */ + org_slug: string + } + } + requestBody?: { + content: { + 'multipart/form-data': { + [key: string]: never + } + } + } + responses: { + /** @description The details of the created full scan. */ + 201: { + content: { + 'application/json': { + /** @default */ + id?: string + /** @default */ + created_at?: string + /** @default */ + updated_at?: string + /** @default */ + organization_id?: string + /** @default */ + organization_slug?: string + /** @default */ + repository_id?: string + /** @default */ + repository_slug?: string + /** @default */ + branch?: string | null + /** @default */ + commit_message?: string | null + /** @default */ + commit_hash?: string | null + /** @default 0 */ + pull_request?: number | null + committers?: string[] + /** @default */ + html_url?: string | null + /** @default */ + api_url?: string | null + /** @default */ + workspace?: string + /** @default */ + repo?: string + /** @default */ + html_report_url?: string + /** @default */ + integration_type?: string | null + /** @default */ + integration_repo_url?: string + /** @default */ + integration_branch_url?: string | null + /** @default */ + integration_commit_url?: string | null + /** @default */ + integration_pull_request_url?: string | null + /** + * @description The current processing status of the SBOM + * @default pending + * @enum {string|null} + */ + scan_state?: 'pending' | 'precrawl' | 'resolve' | 'scan' | null + unmatchedFiles?: string[] + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } /** * Export CycloneDX SBOM (Beta) * @description Export a Socket SBOM as a CycloneDX SBOM @@ -13572,6 +13825,11 @@ export interface operations { | 'triage' | 'triage:alerts-list' | 'triage:alerts-update' + | 'webhooks' + | 'webhooks:create' + | 'webhooks:list' + | 'webhooks:update' + | 'webhooks:delete' )[] /** * @description The obfuscated token of the API Token @@ -13685,6 +13943,11 @@ export interface operations { | 'triage' | 'triage:alerts-list' | 'triage:alerts-update' + | 'webhooks' + | 'webhooks:create' + | 'webhooks:list' + | 'webhooks:update' + | 'webhooks:delete' > /** * @description The visibility of the API Token. Warning: this field is deprecated and will be removed in the future. @@ -13818,6 +14081,11 @@ export interface operations { | 'triage' | 'triage:alerts-list' | 'triage:alerts-update' + | 'webhooks' + | 'webhooks:create' + | 'webhooks:list' + | 'webhooks:update' + | 'webhooks:delete' > /** @default */ token: string @@ -14233,6 +14501,8 @@ export interface operations { minimum_release_age?: string /** @description Whether to include advisory details in the response */ include_details?: boolean + /** @description Set to include the direct dependencies responsible for introducing the dependency or dependencies with the vulnerability in the response */ + include_responsible_direct_dependencies?: boolean } path: { /** @description The slug of the organization */ @@ -14260,7 +14530,6 @@ export interface operations { /** @default */ cve: string | null fixDetails: { - responsibleDirectDependencyPurls: string[] fixes: Array<{ /** @default The PURL (unique package identifier) of the package to upgrade */ purl: string @@ -14274,6 +14543,48 @@ export interface operations { */ updateType: 'patch' | 'minor' | 'major' | 'unknown' }> + /** @description The keys are the PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability. */ + responsibleDirectDependencies?: { + [key: string]: { + /** + * Format: The current version of the package + * @default + */ + currentVersion: string + nextAvailableVersion?: { + /** + * Format: The next available version of the package + * @default + */ + version: string + /** + * @description The type of version update (patch, minor, major, or unknown if it cannot be determined) + * @default unknown + * @enum {string} + */ + updateType: + | 'patch' + | 'minor' + | 'major' + | 'unknown' + } | null + /** @description The version and update type of the package that is necessary to fix the vulnerability. If the value is null, it means the package does not have to be upgraded to fix the vulnerability */ + fixByUpgradingTo?: { + /** @default */ + version: string + /** + * @description The type of version update (patch, minor, major, or unknown if it cannot be determined) + * @default unknown + * @enum {string} + */ + updateType: + | 'patch' + | 'minor' + | 'major' + | 'unknown' + } | null + } + } | null } advisoryDetails: { /** @default */ @@ -14327,7 +14638,6 @@ export interface operations { /** @default */ cve: string | null fixDetails: { - responsibleDirectDependencyPurls: string[] fixes: Array<{ /** @default The PURL (unique package identifier) of the package to upgrade */ purl: string @@ -14346,6 +14656,48 @@ export interface operations { purl: string manifestFiles: string[] }> + /** @description The keys are the PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability. */ + responsibleDirectDependencies?: { + [key: string]: { + /** + * Format: The current version of the package + * @default + */ + currentVersion: string + nextAvailableVersion?: { + /** + * Format: The next available version of the package + * @default + */ + version: string + /** + * @description The type of version update (patch, minor, major, or unknown if it cannot be determined) + * @default unknown + * @enum {string} + */ + updateType: + | 'patch' + | 'minor' + | 'major' + | 'unknown' + } | null + /** @description The version and update type of the package that is necessary to fix the vulnerability. If the value is null, it means the package does not have to be upgraded to fix the vulnerability */ + fixByUpgradingTo?: { + /** @default */ + version: string + /** + * @description The type of version update (patch, minor, major, or unknown if it cannot be determined) + * @default unknown + * @enum {string} + */ + updateType: + | 'patch' + | 'minor' + | 'major' + | 'unknown' + } | null + } + } | null } advisoryDetails: { /** @default */ @@ -14551,6 +14903,437 @@ export interface operations { 429: components['responses']['SocketTooManyRequestsResponse'] } } + /** + * List all webhooks + * @description List all webhooks in the specified organization. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:list + */ + getOrgWebhooksList: { + parameters: { + query?: { + sort?: string + direction?: string + per_page?: number + page?: number + } + path: { + /** @description The slug of the organization */ + org_slug: string + } + } + responses: { + /** @description List of webhooks */ + 200: { + content: { + 'application/json': { + results: Array<{ + /** + * @description The ID of the webhook + * @default + */ + id: string + /** + * @description The creation date of the webhook + * @default + */ + created_at: string + /** + * @description The last update date of the webhook + * @default + */ + updated_at: string + /** + * @description The name of the webhook + * @default + */ + name: string + /** + * @description The description of the webhook + * @default + */ + description: string | null + /** + * @description The URL where webhook events will be sent + * @default + */ + url: string + /** + * @description The signing key used to sign webhook payloads + * @default + */ + secret: string | null + /** @description Array of event names */ + events: string[] + /** + * @description Custom headers to include in webhook requests + * @default null + */ + headers: Record | null + filters: { + /** @description Array of repository IDs */ + repositoryIds: string[] | null + } | null + }> + /** @default 0 */ + nextPage: number | null + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } + /** + * Create a webhook + * @description Create a new webhook. Returns the created webhook details. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:create + */ + createOrgWebhook: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string + } + } + requestBody?: { + content: { + 'application/json': { + /** + * @description The name of the webhook + * @default + */ + name: string + /** + * @description The URL where webhook events will be sent + * @default + */ + url: string + /** + * @description The signing key used to sign webhook payloads + * @default + */ + secret: string + /** @description Array of event names */ + events: string[] + /** + * @description The description of the webhook + * @default + */ + description?: string | null + /** + * @description Custom headers to include in webhook requests + * @default null + */ + headers?: Record | null + filters?: { + /** @description Array of repository IDs */ + repositoryIds: string[] | null + } | null + } + } + } + responses: { + /** @description The created webhook */ + 201: { + content: { + 'application/json': { + /** + * @description The ID of the webhook + * @default + */ + id: string + /** + * @description The creation date of the webhook + * @default + */ + created_at: string + /** + * @description The last update date of the webhook + * @default + */ + updated_at: string + /** + * @description The name of the webhook + * @default + */ + name: string + /** + * @description The description of the webhook + * @default + */ + description: string | null + /** + * @description The URL where webhook events will be sent + * @default + */ + url: string + /** + * @description The signing key used to sign webhook payloads + * @default + */ + secret: string | null + /** @description Array of event names */ + events: string[] + /** + * @description Custom headers to include in webhook requests + * @default null + */ + headers: Record | null + filters: { + /** @description Array of repository IDs */ + repositoryIds: string[] | null + } | null + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } + /** + * Get webhook + * @description Get a webhook for the specified organization. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:list + */ + getOrgWebhook: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string + /** @description The ID of the webhook */ + webhook_id: string + } + } + responses: { + /** @description Webhook details */ + 200: { + content: { + 'application/json': { + /** + * @description The ID of the webhook + * @default + */ + id: string + /** + * @description The creation date of the webhook + * @default + */ + created_at: string + /** + * @description The last update date of the webhook + * @default + */ + updated_at: string + /** + * @description The name of the webhook + * @default + */ + name: string + /** + * @description The description of the webhook + * @default + */ + description: string | null + /** + * @description The URL where webhook events will be sent + * @default + */ + url: string + /** + * @description The signing key used to sign webhook payloads + * @default + */ + secret: string | null + /** @description Array of event names */ + events: string[] + /** + * @description Custom headers to include in webhook requests + * @default null + */ + headers: Record | null + filters: { + /** @description Array of repository IDs */ + repositoryIds: string[] | null + } | null + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } + /** + * Update webhook + * @description Update details of an existing webhook. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:update + */ + updateOrgWebhook: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string + /** @description The ID of the webhook */ + webhook_id: string + } + } + requestBody?: { + content: { + 'application/json': { + /** + * @description The name of the webhook + * @default + */ + name?: string + /** + * @description The description of the webhook + * @default + */ + description?: string | null + /** + * @description The URL where webhook events will be sent + * @default + */ + url?: string + /** + * @description The signing key used to sign webhook payloads + * @default + */ + secret?: string | null + /** @description Array of event names */ + events?: string[] + /** + * @description Custom headers to include in webhook requests + * @default null + */ + headers?: Record | null + filters?: { + /** @description Array of repository IDs */ + repositoryIds: string[] | null + } | null + } + } + } + responses: { + /** @description Updated webhook details */ + 200: { + content: { + 'application/json': { + /** + * @description The ID of the webhook + * @default + */ + id: string + /** + * @description The creation date of the webhook + * @default + */ + created_at: string + /** + * @description The last update date of the webhook + * @default + */ + updated_at: string + /** + * @description The name of the webhook + * @default + */ + name: string + /** + * @description The description of the webhook + * @default + */ + description: string | null + /** + * @description The URL where webhook events will be sent + * @default + */ + url: string + /** + * @description The signing key used to sign webhook payloads + * @default + */ + secret: string | null + /** @description Array of event names */ + events: string[] + /** + * @description Custom headers to include in webhook requests + * @default null + */ + headers: Record | null + filters: { + /** @description Array of repository IDs */ + repositoryIds: string[] | null + } | null + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } + /** + * Delete webhook + * @description Delete a webhook. This will stop all future webhook deliveries to the webhook URL. + * + * This endpoint consumes 1 unit of your quota. + * + * This endpoint requires the following org token scopes: + * - webhooks:delete + */ + deleteOrgWebhook: { + parameters: { + path: { + /** @description The slug of the organization */ + org_slug: string + /** @description The ID of the webhook */ + webhook_id: string + } + } + responses: { + /** @description Success */ + 200: { + content: { + 'application/json': { + /** @default ok */ + status: string + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } /** * License Policy (Beta) * @description Compare the license data found for a list of packages (given as PURL strings) with the contents of a configurable license policy,