diff --git a/openapi.json b/openapi.json index 9cf19b57..7487c568 100644 --- a/openapi.json +++ b/openapi.json @@ -35230,6 +35230,13 @@ "additionalProperties": false, "description": "", "properties": { + "created_by": { + "type": "string", + "description": "ID of the Socket user who created the API Token, if available", + "default": "", + "format": "uuid", + "nullable": true + }, "token": { "type": "string", "description": "", @@ -35237,6 +35244,7 @@ } }, "required": [ + "created_by", "token" ] } @@ -35390,6 +35398,13 @@ }, "description": "List of committers associated with this API Token" }, + "created_by": { + "type": "string", + "description": "ID of the Socket user who created the API Token", + "default": "", + "format": "uuid", + "nullable": true + }, "created_at": { "type": "string", "description": "Timestamp when the API Token was created", @@ -35521,6 +35536,7 @@ "required": [ "committers", "created_at", + "created_by", "id", "last_used_at", "max_quota", @@ -35855,6 +35871,13 @@ "additionalProperties": false, "description": "", "properties": { + "created_by": { + "type": "string", + "description": "ID of the Socket user who initiated the rotation, if available", + "default": "", + "format": "uuid", + "nullable": true + }, "token": { "type": "string", "description": "", @@ -35862,6 +35885,7 @@ } }, "required": [ + "created_by", "token" ] } @@ -38846,6 +38870,1368 @@ "x-readme": {} } }, + "/orgs/{org_slug}/alerts": { + "get": { + "tags": [ + "Alerts" + ], + "summary": "List latest alerts (Beta)", + "operationId": "alertsList", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "per_page", + "in": "query", + "required": false, + "description": "Specify the maximum number of results to return per page (intermediate pages may have fewer than this limit and callers should always check \"endCursor\" in response body to know if there are more pages)", + "schema": { + "type": "integer", + "minimum": 1, + "maximum": 5000, + "default": 1000 + } + }, + { + "name": "startAfterCursor", + "in": "query", + "required": false, + "description": "The pagination cursor that was returned as the \"endCursor\" property in previous request", + "schema": { + "type": "string", + "default": "" + } + }, + { + "name": "filters.alertAction", + "in": "query", + "required": false, + "description": "Comma-separated list of alert actions (\"error\", \"warn\", \"monitor\", or \"ignore) that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertAction.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of alert actions (\"error\", \"warn\", \"monitor\", or \"ignore) that should be excluded", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCategory", + "in": "query", + "required": false, + "description": "Comma-separated list of alert categories (\"supplyChainRisk\", \"maintenance\", \"quality\", \"license\", or \"vulnerability\") that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCategory.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of alert categories (\"supplyChainRisk\", \"maintenance\", \"quality\", \"license\", or \"vulnerability\") that should be excluded", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCveId", + "in": "query", + "required": false, + "description": "CVE ID", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCveId.notIn", + "in": "query", + "required": false, + "description": "CVE ID", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCveTitle", + "in": "query", + "required": false, + "description": "CVE title", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCveTitle.notIn", + "in": "query", + "required": false, + "description": "CVE title", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCweId", + "in": "query", + "required": false, + "description": "CWE ID", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCweId.notIn", + "in": "query", + "required": false, + "description": "CWE ID", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCweName", + "in": "query", + "required": false, + "description": "CWE name", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertCweName.notIn", + "in": "query", + "required": false, + "description": "CWE name", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertEPSS", + "in": "query", + "required": false, + "description": "Alert EPSS (\"low\", \"medium\", \"high\", \"critical\")", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertEPSS.notIn", + "in": "query", + "required": false, + "description": "Alert EPSS (\"low\", \"medium\", \"high\", \"critical\")", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertFixType", + "in": "query", + "required": false, + "description": "Comma-separated list of alert fix types (\"upgrade\", \"cve\", or \"remove\") that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertFixType.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of alert fix types (\"upgrade\", \"cve\", or \"remove\") that should be excluded", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertKEV", + "in": "query", + "required": false, + "description": "Alert KEV (Known Exploited Vulnerability) filter flag", + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "filters.alertKEV.notIn", + "in": "query", + "required": false, + "description": "Alert KEV (Known Exploited Vulnerability) filter flag", + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "filters.alertPriority", + "in": "query", + "required": false, + "description": "Alert priority (\"low\", \"medium\", \"high\", or \"critical\")", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertPriority.notIn", + "in": "query", + "required": false, + "description": "Alert priority (\"low\", \"medium\", \"high\", or \"critical\")", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertReachabilityType", + "in": "query", + "required": false, + "description": "Comma-separated list of alert CVE reachability types (\"direct_dependency\", \"error\", \"maybe_reachable\", \"missing_support\", \"pending\", \"reachable\", \"undeterminable_reachability\", \"unknown\", or \"unreachable\") that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertReachabilityType.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of alert CVE reachability types (\"direct_dependency\", \"error\", \"maybe_reachable\", \"missing_support\", \"pending\", \"reachable\", \"undeterminable_reachability\", \"unknown\", or \"unreachable\") that should be excluded", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertSeverity", + "in": "query", + "required": false, + "description": "Comma-separated list of alert severities (\"low\", \"medium\", \"high\", or \"critical\") that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertSeverity.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of alert severities (\"low\", \"medium\", \"high\", or \"critical\") that should be excluded", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertStatus", + "in": "query", + "required": false, + "description": "A single alert status (\"open\" or \"cleared\")", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertStatus.notIn", + "in": "query", + "required": false, + "description": "A single alert status (\"open\" or \"cleared\")", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertType", + "in": "query", + "required": false, + "description": "Comma-separated list of alert types (e.g. \"usesEval\", \"unmaintained\", etc.) that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertType.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of alert types (e.g. \"usesEval\", \"unmaintained\", etc.) that should be excluded", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertUpdatedAt.eq", + "in": "query", + "required": false, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertUpdatedAt.lt", + "in": "query", + "required": false, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertUpdatedAt.lte", + "in": "query", + "required": false, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertUpdatedAt.gt", + "in": "query", + "required": false, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)", + "schema": { + "type": "string" + } + }, + { + "name": "filters.alertUpdatedAt.gte", + "in": "query", + "required": false, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)", + "schema": { + "type": "string" + } + }, + { + "name": "filters.repoFullName", + "in": "query", + "required": false, + "description": "Comma-separated list of repo full names that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.repoFullName.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of repo full names that should be excluded", + "schema": { + "type": "string" + } + }, + { + "name": "filters.repoLabels", + "in": "query", + "required": false, + "description": "Comma-separated list of repo labels that should be included. Use \"\" to filter for repositories with no labels.", + "schema": { + "type": "string" + } + }, + { + "name": "filters.repoLabels.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of repo labels that should be excluded. Use \"\" to filter for repositories with no labels.", + "schema": { + "type": "string" + } + }, + { + "name": "filters.repoSlug", + "in": "query", + "required": false, + "description": "Comma-separated list of repo slugs that should be included", + "schema": { + "type": "string" + } + }, + { + "name": "filters.repoSlug.notIn", + "in": "query", + "required": false, + "description": "Comma-separated list of repo slugs that should be excluded", + "schema": { + "type": "string" + } + } + ], + "security": [ + { + "bearerAuth": [ + "alerts:list" + ] + }, + { + "basicAuth": [ + "alerts:list" + ] + } + ], + "description": "List latest alerts.\n\nThis endpoint consumes 10 units of your quota.\n\nThis endpoint requires the following org token scopes:\n- alerts:list", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "endCursor": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "items": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "key": { + "type": "string", + "description": "", + "default": "" + }, + "type": { + "type": "string", + "description": "", + "default": "" + }, + "category": { + "type": "string", + "description": "", + "default": "" + }, + "fix": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "description": "", + "default": "" + }, + "description": { + "type": "string", + "description": "", + "default": "", + "nullable": true + } + }, + "required": [ + "description", + "type" + ], + "nullable": true + }, + "vulnerability": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "cveId": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cveTitle": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cveDescription": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cvssScore": { + "type": "number", + "description": "", + "default": 0 + }, + "cweIds": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "", + "nullable": true + }, + "cweNames": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "", + "nullable": true + }, + "ghsaIds": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "", + "nullable": true + }, + "epssScore": { + "type": "number", + "description": "", + "default": 0 + }, + "epssPercentile": { + "type": "number", + "description": "", + "default": 0 + }, + "isKev": { + "type": "boolean", + "default": false, + "description": "" + } + }, + "required": [ + "cveDescription", + "cveId", + "cveTitle", + "cvssScore", + "cweIds", + "cweNames", + "epssPercentile", + "epssScore", + "ghsaIds", + "isKev" + ], + "nullable": true + }, + "id": { + "type": "string", + "description": "", + "default": "" + }, + "version": { + "type": "integer", + "description": "", + "default": 0 + }, + "status": { + "type": "string", + "enum": [ + "open", + "cleared" + ], + "description": "", + "default": "open" + }, + "createdAt": { + "type": "string", + "description": "", + "default": "" + }, + "updatedAt": { + "type": "string", + "description": "", + "default": "" + }, + "clearedAt": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "dashboardUrl": { + "type": "string", + "description": "", + "default": "" + }, + "severity": { + "type": "string", + "enum": [ + "low", + "medium", + "high", + "critical" + ], + "description": "", + "default": "low" + }, + "locations": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "action": { + "type": "string", + "description": "", + "default": "" + }, + "actionSourceType": { + "type": "string", + "description": "", + "default": "" + }, + "reachability": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "description": "", + "default": "" + }, + "analysisType": { + "type": "string", + "description": "", + "default": "", + "nullable": true + } + }, + "required": [ + "analysisType", + "type" + ] + }, + "licenseViolation": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "violationData": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "spdxAtomOrExtraData": { + "type": "string", + "description": "", + "default": "" + } + }, + "required": [ + "purl", + "spdxAtomOrExtraData" + ] + }, + "description": "" + } + }, + "required": [ + "violationData" + ], + "nullable": true + }, + "prioritization": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "overallScore": { + "type": "number", + "description": "", + "default": 0 + }, + "fixableScore": { + "type": "number", + "description": "", + "default": 0 + }, + "reachableScore": { + "type": "number", + "description": "", + "default": 0 + }, + "severityScore": { + "type": "number", + "description": "", + "default": 0 + } + }, + "required": [ + "fixableScore", + "overallScore", + "reachableScore", + "severityScore" + ] + }, + "repository": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "fullName": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "id": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "slug": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "workspace": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "labels": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "labelIds": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + } + }, + "required": [ + "fullName", + "id", + "labelIds", + "labels", + "slug", + "workspace" + ], + "nullable": true + }, + "branch": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "name": { + "type": "string", + "description": "", + "default": "" + }, + "type": { + "type": "string", + "description": "", + "default": "", + "nullable": true + } + }, + "required": [ + "name", + "type" + ], + "nullable": true + }, + "patch": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "uuid": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "status": { + "type": "string", + "enum": [ + "patch_unavailable", + "patch_available", + "patch_applied" + ], + "description": "", + "default": "patch_unavailable" + }, + "deprecated": { + "type": "boolean", + "default": false, + "description": "" + } + }, + "required": [ + "deprecated", + "status", + "uuid" + ] + }, + "dependency": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "direct": { + "type": "boolean", + "default": false, + "description": "" + }, + "dev": { + "type": "boolean", + "default": false, + "description": "" + }, + "dead": { + "type": "boolean", + "default": false, + "description": "" + }, + "manifestFiles": { + "type": "array", + "items": { + "$ref": "#/components/schemas/SocketManifestReference" + }, + "description": "" + } + }, + "required": [ + "dead", + "dev", + "direct", + "manifestFiles" + ] + }, + "artifact": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "description": "", + "default": "" + }, + "namespace": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "name": { + "type": "string", + "description": "", + "default": "" + }, + "id": { + "type": "string", + "description": "", + "default": "" + }, + "version": { + "type": "string", + "description": "", + "default": "" + }, + "author": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "license": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "scores": { + "$ref": "#/components/schemas/SocketScore" + }, + "artifactId": { + "type": "string", + "description": "", + "default": "", + "nullable": true + } + }, + "required": [ + "artifactId", + "author", + "id", + "license", + "name", + "namespace", + "scores", + "type", + "version" + ] + } + }, + "required": [ + "action", + "actionSourceType", + "artifact", + "branch", + "dependency", + "licenseViolation", + "patch", + "prioritization", + "reachability", + "repository" + ] + }, + "description": "" + } + }, + "required": [ + "category", + "clearedAt", + "createdAt", + "dashboardUrl", + "fix", + "id", + "key", + "locations", + "severity", + "status", + "type", + "updatedAt", + "version", + "vulnerability" + ] + }, + "description": "" + }, + "meta": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "organizationId": { + "type": "string", + "description": "", + "default": "" + }, + "queryStartTimestamp": { + "type": "number", + "description": "", + "default": 0 + }, + "filters": { + "type": "object", + "additionalProperties": false, + "properties": { + "alertAction": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert actions (\"error\", \"warn\", \"monitor\", or \"ignore) that should be included" + }, + "alertAction.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert actions (\"error\", \"warn\", \"monitor\", or \"ignore) that should be excluded" + }, + "alertCategory": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert categories (\"supplyChainRisk\", \"maintenance\", \"quality\", \"license\", or \"vulnerability\") that should be included" + }, + "alertCategory.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert categories (\"supplyChainRisk\", \"maintenance\", \"quality\", \"license\", or \"vulnerability\") that should be excluded" + }, + "alertCveId": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CVE ID" + }, + "alertCveId.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CVE ID" + }, + "alertCveTitle": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CVE title" + }, + "alertCveTitle.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CVE title" + }, + "alertCweId": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CWE ID" + }, + "alertCweId.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CWE ID" + }, + "alertCweName": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CWE name" + }, + "alertCweName.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "CWE name" + }, + "alertEPSS": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert EPSS (\"low\", \"medium\", \"high\", \"critical\")" + }, + "alertEPSS.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert EPSS (\"low\", \"medium\", \"high\", \"critical\")" + }, + "alertFixType": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert fix types (\"upgrade\", \"cve\", or \"remove\") that should be included" + }, + "alertFixType.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert fix types (\"upgrade\", \"cve\", or \"remove\") that should be excluded" + }, + "alertKEV": { + "type": "array", + "items": { + "type": "boolean", + "default": false, + "description": "" + }, + "description": "Alert KEV (Known Exploited Vulnerability) filter flag" + }, + "alertPriority": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert priority (\"low\", \"medium\", \"high\", or \"critical\")" + }, + "alertPriority.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert priority (\"low\", \"medium\", \"high\", or \"critical\")" + }, + "alertReachabilityType": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert CVE reachability types (\"direct_dependency\", \"error\", \"maybe_reachable\", \"missing_support\", \"pending\", \"reachable\", \"undeterminable_reachability\", \"unknown\", or \"unreachable\") that should be included" + }, + "alertReachabilityType.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert CVE reachability types (\"direct_dependency\", \"error\", \"maybe_reachable\", \"missing_support\", \"pending\", \"reachable\", \"undeterminable_reachability\", \"unknown\", or \"unreachable\") that should be excluded" + }, + "alertSeverity": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert severities (\"low\", \"medium\", \"high\", or \"critical\") that should be included" + }, + "alertSeverity.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert severities (\"low\", \"medium\", \"high\", or \"critical\") that should be excluded" + }, + "alertStatus": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "A single alert status (\"open\" or \"cleared\")" + }, + "alertStatus.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "A single alert status (\"open\" or \"cleared\")" + }, + "alertType": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert types (e.g. \"usesEval\", \"unmaintained\", etc.) that should be included" + }, + "alertType.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of alert types (e.g. \"usesEval\", \"unmaintained\", etc.) that should be excluded" + }, + "alertUpdatedAt.eq": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)" + }, + "alertUpdatedAt.lt": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)" + }, + "alertUpdatedAt.lte": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)" + }, + "alertUpdatedAt.gt": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)" + }, + "alertUpdatedAt.gte": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone)" + }, + "repoFullName": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of repo full names that should be included" + }, + "repoFullName.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of repo full names that should be excluded" + }, + "repoLabels": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of repo labels that should be included. Use \"\" to filter for repositories with no labels." + }, + "repoLabels.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of repo labels that should be excluded. Use \"\" to filter for repositories with no labels." + }, + "repoSlug": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of repo slugs that should be included" + }, + "repoSlug.notIn": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "Comma-separated list of repo slugs that should be excluded" + } + }, + "description": "" + } + }, + "required": [ + "filters", + "organizationId", + "queryStartTimestamp" + ] + } + }, + "required": [ + "endCursor", + "items", + "meta" + ] + } + } + }, + "description": "The paginated array of API tokens for the organization, and related metadata." + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, "/license-policy": { "post": { "tags": [ diff --git a/types/api.d.ts b/types/api.d.ts index a98392ef..52449cea 100644 --- a/types/api.d.ts +++ b/types/api.d.ts @@ -1020,6 +1020,18 @@ export interface paths { */ delete: operations['deleteOrgWebhook'] } + '/orgs/{org_slug}/alerts': { + /** + * List latest alerts (Beta) + * @description List latest alerts. + * + * This endpoint consumes 10 units of your quota. + * + * This endpoint requires the following org token scopes: + * - alerts:list + */ + get: operations['alertsList'] + } '/license-policy': { /** * License Policy (Beta) @@ -13868,6 +13880,12 @@ export interface operations { */ providerUserId?: string }[] + /** + * Format: uuid + * @description ID of the Socket user who created the API Token + * @default + */ + created_by: string | null /** * Format: date * @description Timestamp when the API Token was created @@ -14157,6 +14175,12 @@ export interface operations { 200: { content: { 'application/json': { + /** + * Format: uuid + * @description ID of the Socket user who created the API Token, if available + * @default + */ + created_by: string | null /** @default */ token: string } @@ -14357,6 +14381,12 @@ export interface operations { 200: { content: { 'application/json': { + /** + * Format: uuid + * @description ID of the Socket user who initiated the rotation, if available + * @default + */ + created_by: string | null /** @default */ token: string } @@ -15621,6 +15651,351 @@ export interface operations { 429: components['responses']['SocketTooManyRequestsResponse'] } } + /** + * List latest alerts (Beta) + * @description List latest alerts. + * + * This endpoint consumes 10 units of your quota. + * + * This endpoint requires the following org token scopes: + * - alerts:list + */ + alertsList: { + parameters: { + query?: { + /** @description Specify the maximum number of results to return per page (intermediate pages may have fewer than this limit and callers should always check "endCursor" in response body to know if there are more pages) */ + per_page?: number + /** @description The pagination cursor that was returned as the "endCursor" property in previous request */ + startAfterCursor?: string + /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */ + 'filters.alertAction'?: string + /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */ + 'filters.alertAction.notIn'?: string + /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */ + 'filters.alertCategory'?: string + /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */ + 'filters.alertCategory.notIn'?: string + /** @description CVE ID */ + 'filters.alertCveId'?: string + /** @description CVE ID */ + 'filters.alertCveId.notIn'?: string + /** @description CVE title */ + 'filters.alertCveTitle'?: string + /** @description CVE title */ + 'filters.alertCveTitle.notIn'?: string + /** @description CWE ID */ + 'filters.alertCweId'?: string + /** @description CWE ID */ + 'filters.alertCweId.notIn'?: string + /** @description CWE name */ + 'filters.alertCweName'?: string + /** @description CWE name */ + 'filters.alertCweName.notIn'?: string + /** @description Alert EPSS ("low", "medium", "high", "critical") */ + 'filters.alertEPSS'?: string + /** @description Alert EPSS ("low", "medium", "high", "critical") */ + 'filters.alertEPSS.notIn'?: string + /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */ + 'filters.alertFixType'?: string + /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */ + 'filters.alertFixType.notIn'?: string + /** @description Alert KEV (Known Exploited Vulnerability) filter flag */ + 'filters.alertKEV'?: boolean + /** @description Alert KEV (Known Exploited Vulnerability) filter flag */ + 'filters.alertKEV.notIn'?: boolean + /** @description Alert priority ("low", "medium", "high", or "critical") */ + 'filters.alertPriority'?: string + /** @description Alert priority ("low", "medium", "high", or "critical") */ + 'filters.alertPriority.notIn'?: string + /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */ + 'filters.alertReachabilityType'?: string + /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */ + 'filters.alertReachabilityType.notIn'?: string + /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */ + 'filters.alertSeverity'?: string + /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */ + 'filters.alertSeverity.notIn'?: string + /** @description A single alert status ("open" or "cleared") */ + 'filters.alertStatus'?: string + /** @description A single alert status ("open" or "cleared") */ + 'filters.alertStatus.notIn'?: string + /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */ + 'filters.alertType'?: string + /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */ + 'filters.alertType.notIn'?: string + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'filters.alertUpdatedAt.eq'?: string + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'filters.alertUpdatedAt.lt'?: string + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'filters.alertUpdatedAt.lte'?: string + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'filters.alertUpdatedAt.gt'?: string + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'filters.alertUpdatedAt.gte'?: string + /** @description Comma-separated list of repo full names that should be included */ + 'filters.repoFullName'?: string + /** @description Comma-separated list of repo full names that should be excluded */ + 'filters.repoFullName.notIn'?: string + /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */ + 'filters.repoLabels'?: string + /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */ + 'filters.repoLabels.notIn'?: string + /** @description Comma-separated list of repo slugs that should be included */ + 'filters.repoSlug'?: string + /** @description Comma-separated list of repo slugs that should be excluded */ + 'filters.repoSlug.notIn'?: string + } + path: { + /** @description The slug of the organization */ + org_slug: string + } + } + responses: { + /** @description The paginated array of API tokens for the organization, and related metadata. */ + 200: { + content: { + 'application/json': { + /** @default */ + endCursor: string | null + items: Array<{ + /** @default */ + key: string + /** @default */ + type: string + /** @default */ + category: string + fix: { + /** @default */ + type: string + /** @default */ + description: string | null + } | null + vulnerability: { + /** @default */ + cveId: string | null + /** @default */ + cveTitle: string | null + /** @default */ + cveDescription: string | null + /** @default 0 */ + cvssScore: number + cweIds: string[] | null + cweNames: string[] | null + ghsaIds: string[] | null + /** @default 0 */ + epssScore: number + /** @default 0 */ + epssPercentile: number + /** @default false */ + isKev: boolean + } | null + /** @default */ + id: string + /** @default 0 */ + version: number + /** + * @default open + * @enum {string} + */ + status: 'open' | 'cleared' + /** @default */ + createdAt: string + /** @default */ + updatedAt: string + /** @default */ + clearedAt: string | null + /** @default */ + dashboardUrl: string + /** + * @default low + * @enum {string} + */ + severity: 'low' | 'medium' | 'high' | 'critical' + locations: { + /** @default */ + action: string + /** @default */ + actionSourceType: string + reachability: { + /** @default */ + type: string + /** @default */ + analysisType: string | null + } + licenseViolation: { + violationData: { + /** @default */ + purl: string | null + /** @default */ + spdxAtomOrExtraData: string + }[] + } | null + prioritization: { + /** @default 0 */ + overallScore: number + /** @default 0 */ + fixableScore: number + /** @default 0 */ + reachableScore: number + /** @default 0 */ + severityScore: number + } + repository: { + /** @default */ + fullName: string | null + /** @default */ + id: string | null + /** @default */ + slug: string | null + /** @default */ + workspace: string | null + labels: string[] + labelIds: string[] + } | null + branch: { + /** @default */ + name: string + /** @default */ + type: string | null + } | null + patch: { + /** @default */ + uuid: string | null + /** + * @default patch_unavailable + * @enum {string} + */ + status: + | 'patch_unavailable' + | 'patch_available' + | 'patch_applied' + /** @default false */ + deprecated: boolean + } + dependency: { + /** @default false */ + direct: boolean + /** @default false */ + dev: boolean + /** @default false */ + dead: boolean + manifestFiles: components['schemas']['SocketManifestReference'][] + } + artifact: { + /** @default */ + type: string + /** @default */ + namespace: string | null + /** @default */ + name: string + /** @default */ + id: string + /** @default */ + version: string + /** @default */ + author: string | null + /** @default */ + license: string | null + scores: components['schemas']['SocketScore'] + /** @default */ + artifactId: string | null + } + }[] + }> + meta: { + /** @default */ + organizationId: string + /** @default 0 */ + queryStartTimestamp: number + filters: { + /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be included */ + alertAction?: string[] + /** @description Comma-separated list of alert actions ("error", "warn", "monitor", or "ignore) that should be excluded */ + 'alertAction.notIn'?: string[] + /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be included */ + alertCategory?: string[] + /** @description Comma-separated list of alert categories ("supplyChainRisk", "maintenance", "quality", "license", or "vulnerability") that should be excluded */ + 'alertCategory.notIn'?: string[] + /** @description CVE ID */ + alertCveId?: string[] + /** @description CVE ID */ + 'alertCveId.notIn'?: string[] + /** @description CVE title */ + alertCveTitle?: string[] + /** @description CVE title */ + 'alertCveTitle.notIn'?: string[] + /** @description CWE ID */ + alertCweId?: string[] + /** @description CWE ID */ + 'alertCweId.notIn'?: string[] + /** @description CWE name */ + alertCweName?: string[] + /** @description CWE name */ + 'alertCweName.notIn'?: string[] + /** @description Alert EPSS ("low", "medium", "high", "critical") */ + alertEPSS?: string[] + /** @description Alert EPSS ("low", "medium", "high", "critical") */ + 'alertEPSS.notIn'?: string[] + /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be included */ + alertFixType?: string[] + /** @description Comma-separated list of alert fix types ("upgrade", "cve", or "remove") that should be excluded */ + 'alertFixType.notIn'?: string[] + /** @description Alert KEV (Known Exploited Vulnerability) filter flag */ + alertKEV?: boolean[] + /** @description Alert priority ("low", "medium", "high", or "critical") */ + alertPriority?: string[] + /** @description Alert priority ("low", "medium", "high", or "critical") */ + 'alertPriority.notIn'?: string[] + /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be included */ + alertReachabilityType?: string[] + /** @description Comma-separated list of alert CVE reachability types ("direct_dependency", "error", "maybe_reachable", "missing_support", "pending", "reachable", "undeterminable_reachability", "unknown", or "unreachable") that should be excluded */ + 'alertReachabilityType.notIn'?: string[] + /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be included */ + alertSeverity?: string[] + /** @description Comma-separated list of alert severities ("low", "medium", "high", or "critical") that should be excluded */ + 'alertSeverity.notIn'?: string[] + /** @description A single alert status ("open" or "cleared") */ + alertStatus?: string[] + /** @description A single alert status ("open" or "cleared") */ + 'alertStatus.notIn'?: string[] + /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be included */ + alertType?: string[] + /** @description Comma-separated list of alert types (e.g. "usesEval", "unmaintained", etc.) that should be excluded */ + 'alertType.notIn'?: string[] + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'alertUpdatedAt.eq'?: string[] + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'alertUpdatedAt.lt'?: string[] + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'alertUpdatedAt.lte'?: string[] + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'alertUpdatedAt.gt'?: string[] + /** @description Alert updated at (YYYY-MM-DD HH:MM:SS in UTC time zone) */ + 'alertUpdatedAt.gte'?: string[] + /** @description Comma-separated list of repo full names that should be included */ + repoFullName?: string[] + /** @description Comma-separated list of repo full names that should be excluded */ + 'repoFullName.notIn'?: string[] + /** @description Comma-separated list of repo labels that should be included. Use "" to filter for repositories with no labels. */ + repoLabels?: string[] + /** @description Comma-separated list of repo labels that should be excluded. Use "" to filter for repositories with no labels. */ + 'repoLabels.notIn'?: string[] + /** @description Comma-separated list of repo slugs that should be included */ + repoSlug?: string[] + /** @description Comma-separated list of repo slugs that should be excluded */ + 'repoSlug.notIn'?: string[] + } + } + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } /** * License Policy (Beta) * @description Compare the license data found for a list of packages (given as PURL strings) with the contents of a configurable license policy,