Every public method on SocketSdk, grouped by domain. For the runtime model (result shape, pagination, file uploads, escape hatches), see SDK Concepts. For quota planning, see Quota Management.
There are 72 public methods.
- Full scans
- Diff scans
- Repositories
- Repository labels
- Organizations
- Alerts & triage
- Webhooks
- Patches
- API tokens
- Policies
- Telemetry
- Audit log
- Packages
- Dependencies & manifests
- Exports
- Quota
- Escape hatches
Create, fetch, list, and delete organization-level full security scans.
Create a full security scan for an organization.
async createFullScan(
orgSlug: string,
filepaths: string[],
options: CreateFullScanOptions,
): Promise<FullScanResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: CreateOrgFullScan · Permissions: full-scans:create
Create a full scan from an archive file (.tar, .tar.gz/.tgz, or .zip).
async createOrgFullScanFromArchive(
orgSlug: string,
archivePath: string,
options: {
branch?: string | undefined
commit_hash?: string | undefined
commit_message?: string | undefined
committers?: string | undefined
integration_org_slug?: string | undefined
integration_type?:
| 'api'
| 'azure'
| 'bitbucket'
| 'github'
| 'gitlab'
| 'web'
| undefined
make_default_branch?: boolean | undefined
pull_request?: number | undefined
repo: string
scan_type?: string | undefined
set_as_pending_head?: boolean | undefined
tmp?: boolean | undefined
workspace?: string | undefined
},
): Promise<SocketSdkResult<'CreateOrgFullScanArchive'>>Quota: not tracked · OpenAPI: CreateOrgFullScanArchive
Get complete full scan results buffered in memory.
async getFullScan(
orgSlug: string,
scanId: string,
): Promise<FullScanResult | StrictErrorResult>Quota: not tracked · OpenAPI: getOrgFullScan
Get metadata for a specific full scan.
async getFullScanMetadata(
orgSlug: string,
scanId: string,
): Promise<FullScanResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgFullScanMetadata · Permissions: full-scans:list
List all full scans for an organization.
async listFullScans(
orgSlug: string,
options?: ListFullScansOptions | undefined,
): Promise<FullScanListResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgFullScanList · Permissions: full-scans:list
Stream a full scan's results to file or stdout.
async streamFullScan(
orgSlug: string,
scanId: string,
options?: StreamOrgFullScanOptions | undefined,
): Promise<SocketSdkResult<'getOrgFullScan'>>Quota: not tracked · OpenAPI: getOrgFullScan
Download full scan files as a tar archive.
async downloadOrgFullScanFilesAsTar(
orgSlug: string,
fullScanId: string,
outputPath: string,
): Promise<SocketSdkResult<'downloadOrgFullScanFilesAsTar'>>Quota: not tracked · OpenAPI: downloadOrgFullScanFilesAsTar
Create a new full scan by rescanning an existing scan. Supports shallow
async rescanFullScan(
orgSlug: string,
fullScanId: string,
options?:
| {
mode?: 'shallow' | 'deep' | undefined
}
| undefined,
): Promise<SocketSdkResult<'rescanOrgFullScan'>>Quota: not tracked · OpenAPI: rescanOrgFullScan
Delete a full scan from an organization.
async deleteFullScan(
orgSlug: string,
scanId: string,
): Promise<DeleteResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: deleteOrgFullScan · Permissions: full-scans:delete
Compare two scans and inspect the diff.
Create a diff scan from two full scan IDs. Compares two existing full scans
async createOrgDiffScanFromIds(
orgSlug: string,
options: {
after: string
before: string
description?: string | undefined
external_href?: string | undefined
merge?: boolean | undefined
},
): Promise<SocketSdkResult<'createOrgDiffScanFromIds'>>Quota: 0 (Free) · OpenAPI: createOrgDiffScanFromIds · Permissions: diff-scans:create
Get details for a specific diff scan. Returns comparison between two full
async getDiffScanById(
orgSlug: string,
diffScanId: string,
): Promise<SocketSdkResult<'getDiffScanById'>>Quota: 0 (Free) · OpenAPI: getDiffScanById · Permissions: diff-scans:list
Get GitHub-flavored markdown comments for a diff scan. Returns dependency
async getDiffScanGfm(
orgSlug: string,
diffScanId: string,
options?: { github_installation_id?: string | undefined } | undefined,
): Promise<SocketSdkResult<'GetDiffScanGfm'>>Quota: not tracked · OpenAPI: GetDiffScanGfm
List all diff scans for an organization. Returns paginated list of diff
async listOrgDiffScans(
orgSlug: string,
): Promise<SocketSdkResult<'listOrgDiffScans'>>Quota: 0 (Free) · OpenAPI: listOrgDiffScans · Permissions: diff-scans:list
Delete a diff scan from an organization. Permanently removes diff scan data
async deleteOrgDiffScan(
orgSlug: string,
diffScanId: string,
): Promise<SocketSdkResult<'deleteOrgDiffScan'>>Quota: 0 (Free) · OpenAPI: deleteOrgDiffScan · Permissions: diff-scans:delete
Manage repositories tracked by the organization.
Create a new repository in an organization.
async createRepository(
orgSlug: string,
repoSlug: string,
params?:
| {
archived?: boolean | undefined
default_branch?: null | string | undefined
description?: null | string | undefined
homepage?: null | string | undefined
visibility?: 'private' | 'public' | undefined
workspace?: string | undefined
}
| undefined,
): Promise<RepositoryResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: createOrgRepo · Permissions: repo:create
Get details for a specific repository.
async getRepository(
orgSlug: string,
repoSlug: string,
options?: GetRepositoryOptions | undefined,
): Promise<RepositoryResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepo · Permissions: repo:list
List all repositories in an organization.
async listRepositories(
orgSlug: string,
options?: ListRepositoriesOptions | undefined,
): Promise<RepositoriesListResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepoList · Permissions: repo:list
Update configuration for a repository.
async updateRepository(
orgSlug: string,
repoSlug: string,
params?: QueryParams | undefined,
options?: GetRepositoryOptions | undefined,
): Promise<RepositoryResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: updateOrgRepo · Permissions: repo:update
Delete a repository from an organization.
async deleteRepository(
orgSlug: string,
repoSlug: string,
options?: GetRepositoryOptions | undefined,
): Promise<DeleteResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: deleteOrgRepo · Permissions: repo:delete
Per-repo labels for filtering and grouping.
Create a new repository label for an organization.
async createRepositoryLabel(
orgSlug: string,
labelData: QueryParams,
): Promise<RepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: createOrgRepoLabel · Permissions: repo-label:create
Get details for a specific repository label.
async getRepositoryLabel(
orgSlug: string,
labelId: string,
): Promise<RepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepoLabel · Permissions: repo-label:list
List all repository labels for an organization.
async listRepositoryLabels(
orgSlug: string,
options?: QueryParams | undefined,
): Promise<RepositoryLabelsListResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepoLabelList · Permissions: repo-label:list
Update a repository label for an organization.
async updateRepositoryLabel(
orgSlug: string,
labelId: string,
labelData: QueryParams,
): Promise<RepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: updateOrgRepoLabel · Permissions: repo-label:update
Delete a repository label from an organization.
async deleteRepositoryLabel(
orgSlug: string,
labelId: string,
): Promise<DeleteRepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: deleteOrgRepoLabel · Permissions: repo-label:delete
Org listing, analytics, and entitlements.
List all organizations accessible to the current user.
async listOrganizations(): Promise<OrganizationsResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrganizations
Get analytics data for organization usage patterns and security metrics.
async getOrgAnalytics(
time: string,
): Promise<SocketSdkResult<'getOrgAnalytics'>>Quota: 10 (Standard) · OpenAPI: getOrgAnalytics · Permissions: report:write
Get analytics data for a specific repository. Returns security metrics,
async getRepoAnalytics(
repo: string,
time: string,
): Promise<SocketSdkResult<'getRepoAnalytics'>>Quota: 10 (Standard) · OpenAPI: getRepoAnalytics · Permissions: report:write
Retrieve the enabled entitlements for an organization.
async getEnabledEntitlements(orgSlug: string): Promise<string[]>Quota: 0 (Free) · OpenAPI: getEnabledEntitlements
Retrieve all entitlements for an organization.
async getEntitlements(orgSlug: string): Promise<Entitlement[]>Quota: 0 (Free) · OpenAPI: getEntitlements
Surface and triage alerts across an organization.
List latest alerts for an organization (Beta). Returns paginated alerts
async getOrgAlertsList(
orgSlug: string,
options?:
| {
'filters.alertAction'?: string | undefined
'filters.alertAction.notIn'?: string | undefined
'filters.alertCategory'?: string | undefined
'filters.alertCategory.notIn'?: string | undefined
'filters.alertCveId'?: string | undefined
'filters.alertCveId.notIn'?: string | undefined
'filters.alertCveTitle'?: string | undefined
'filters.alertCveTitle.notIn'?: string | undefined
'filters.alertCweId'?: string | undefined
'filters.alertCweId.notIn'?: string | undefined
'filters.alertCweName'?: string | undefined
'filters.alertCweName.notIn'?: string | undefined
'filters.alertEPSS'?: string | undefined
'filters.alertEPSS.notIn'?: string | undefined
'filters.alertFixType'?: string | undefined
'filters.alertFixType.notIn'?: string | undefined
'filters.alertKEV'?: boolean | undefined
'filters.alertKEV.notIn'?: boolean | undefined
'filters.alertPriority'?: string | undefined
'filters.alertPriority.notIn'?: string | undefined
'filters.alertReachabilityType'?: string | undefined
'filters.alertReachabilityType.notIn'?: string | undefined
'filters.alertSeverity'?: string | undefined
'filters.alertSeverity.notIn'?: string | undefined
'filters.alertStatus'?: string | undefined
'filters.alertStatus.notIn'?: string | undefined
'filters.alertType'?: string | undefined
'filters.alertType.notIn'?: string | undefined
'filters.alertUpdatedAt.eq'?: string | undefined
'filters.alertUpdatedAt.gt'?: string | undefined
'filters.alertUpdatedAt.gte'?: string | undefined
'filters.alertUpdatedAt.lt'?: string | undefined
'filters.alertUpdatedAt.lte'?: string | undefined
'filters.repoFullName'?: string | undefined
'filters.repoFullName.notIn'?: string | undefined
'filters.repoLabels'?: string | undefined
'filters.repoLabels.notIn'?: string | undefined
'filters.repoSlug'?: string | undefined
'filters.repoSlug.notIn'?: string | undefined
per_page?: number | undefined
startAfterCursor?: string | undefined
}
| undefined,
): Promise<SocketSdkResult<'alertsList'>>Quota: not tracked · OpenAPI: alertsList
List full scans associated with a specific alert. Returns paginated full
async getOrgAlertFullScans(
orgSlug: string,
options: {
alertKey: string
per_page?: number | undefined
range?: string | undefined
startAfterCursor?: string | undefined
},
): Promise<SocketSdkResult<'alertFullScans'>>Quota: not tracked · OpenAPI: alertFullScans
Get organization triage settings and status. Returns alert triage
async getOrgTriage(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgTriage'>>Quota: 0 (Free) · OpenAPI: getOrgTriage · Permissions: triage:alerts-list
Update alert triage status for an organization. Modifies alert resolution
async updateOrgAlertTriage(
orgSlug: string,
alertId: string,
triageData: QueryParams,
): Promise<SocketSdkResult<'updateOrgAlertTriage'>>Quota: 0 (Free) · OpenAPI: updateOrgAlertTriage · Permissions: triage:alerts-update
Fetch available fixes for vulnerabilities in a repository or scan. Returns
async getOrgFixes(
orgSlug: string,
options: {
allow_major_updates: boolean
full_scan_id?: string | undefined
include_details?: boolean | undefined
include_responsible_direct_dependencies?: boolean | undefined
minimum_release_age?: string | undefined
repo_slug?: string | undefined
vulnerability_ids: string
},
): Promise<SocketSdkResult<'fetch-fixes'>>Quota: not tracked
Manage outbound webhooks for organization events.
Create a new webhook for an organization. Webhooks allow you to receive
async createOrgWebhook(
orgSlug: string,
webhookData: {
description?: null | string | undefined
events: string[]
filters?: { repositoryIds: null | string[] } | null | undefined
headers?: null | Record<string, unknown> | undefined
name: string
secret: string
url: string
},
): Promise<SocketSdkResult<'createOrgWebhook'>>Quota: not tracked · OpenAPI: createOrgWebhook
Get details of a specific webhook. Returns webhook configuration including
async getOrgWebhook(
orgSlug: string,
webhookId: string,
): Promise<SocketSdkResult<'getOrgWebhook'>>Quota: not tracked · OpenAPI: getOrgWebhook
List all webhooks for an organization. Supports pagination and sorting
async getOrgWebhooksList(
orgSlug: string,
options?:
| {
direction?: string | undefined
page?: number | undefined
per_page?: number | undefined
sort?: string | undefined
}
| undefined,
): Promise<SocketSdkResult<'getOrgWebhooksList'>>Quota: not tracked · OpenAPI: getOrgWebhooksList
Update an existing webhook's configuration. All fields are optional - only
async updateOrgWebhook(
orgSlug: string,
webhookId: string,
webhookData: {
description?: null | string | undefined
events?: string[] | undefined
filters?: { repositoryIds: null | string[] } | null | undefined
headers?: null | Record<string, unknown> | undefined
name?: string | undefined
secret?: null | string | undefined
url?: string | undefined
},
): Promise<SocketSdkResult<'updateOrgWebhook'>>Quota: not tracked · OpenAPI: updateOrgWebhook
Delete a webhook from an organization. This will stop all future webhook
async deleteOrgWebhook(
orgSlug: string,
webhookId: string,
): Promise<SocketSdkResult<'deleteOrgWebhook'>>Quota: not tracked · OpenAPI: deleteOrgWebhook
Browse and download Socket security patches.
View detailed information about a specific patch by its UUID.
async viewPatch(orgSlug: string, uuid: string): Promise<PatchViewResponse>Quota: 0 (Free) · OpenAPI: viewPatch · Permissions: patches:view
Download patch file content from Socket blob storage. Retrieves patched
async downloadPatch(
hash: string,
options?: { baseUrl?: string | undefined } | undefined,
): Promise<string>Quota: not tracked
Stream patches for artifacts in a scan report.
async streamPatchesFromScan(
orgSlug: string,
scanId: string,
): Promise<ReadableStream<ArtifactPatches>>Quota: 0 (Free) · OpenAPI: streamPatchesFromScan · Permissions: patches:list
Provision, rotate, and revoke API tokens for the organization.
Get list of API tokens for an organization. Returns organization API tokens
async getAPITokens(
orgSlug: string,
): Promise<SocketSdkResult<'getAPITokens'>>Quota: 10 (Standard) · OpenAPI: getAPITokens · Permissions: api-token:list
Create a new API token for an organization. Generates API token with
async postAPIToken(
orgSlug: string,
tokenData: QueryParams,
): Promise<SocketSdkResult<'postAPIToken'>>Quota: 10 (Standard) · OpenAPI: postAPIToken · Permissions: api-token:create
Update an existing API token for an organization. Modifies token metadata,
async postAPITokenUpdate(
orgSlug: string,
tokenId: string,
updateData: QueryParams,
): Promise<SocketSdkResult<'postAPITokenUpdate'>>Quota: 10 (Standard) · OpenAPI: postAPITokenUpdate · Permissions: api-token:update
Rotate an API token for an organization. Generates new token value while
async postAPITokensRotate(
orgSlug: string,
tokenId: string,
): Promise<SocketSdkResult<'postAPITokensRotate'>>Quota: 10 (Standard) · OpenAPI: postAPITokensRotate · Permissions: api-token:rotate
Revoke an API token for an organization. Permanently disables the token and
async postAPITokensRevoke(
orgSlug: string,
tokenId: string,
): Promise<SocketSdkResult<'postAPITokensRevoke'>>Quota: 10 (Standard) · OpenAPI: postAPITokensRevoke · Permissions: api-token:revoke
Read and update license + security policy settings.
Get organization's license policy configuration. Returns allowed,
async getOrgLicensePolicy(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgLicensePolicy'>>Quota: 0 (Free) · OpenAPI: getOrgLicensePolicy · Permissions: settings:read
Update organization's license policy configuration. Modifies allowed,
async updateOrgLicensePolicy(
orgSlug: string,
policyData: QueryParams,
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'updateOrgLicensePolicy'>>Quota: 0 (Free) · OpenAPI: updateOrgLicensePolicy · Permissions: settings:write
Get organization's security policy configuration. Returns alert rules,
async getOrgSecurityPolicy(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgSecurityPolicy'>>Quota: 0 (Free) · OpenAPI: getOrgSecurityPolicy · Permissions: settings:read
Update organization's security policy configuration. Modifies alert rules,
async updateOrgSecurityPolicy(
orgSlug: string,
policyData: QueryParams,
): Promise<SocketSdkResult<'updateOrgSecurityPolicy'>>Quota: 0 (Free) · OpenAPI: updateOrgSecurityPolicy · Permissions: settings:write
Update user or organization settings. Configures preferences,
async postSettings(
selectors: Array<{ organization?: string | undefined }>,
): Promise<SocketSdkResult<'postSettings'>>Quota: 0 (Free) · OpenAPI: postSettings
Inspect and configure organization telemetry.
Get organization's telemetry configuration. Returns whether telemetry is
async getOrgTelemetryConfig(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgTelemetryConfig'>>Quota: not tracked · OpenAPI: getOrgTelemetryConfig
Update organization's telemetry configuration. Enables or disables
async updateOrgTelemetryConfig(
orgSlug: string,
telemetryData: { enabled?: boolean | undefined },
): Promise<SocketSdkResult<'updateOrgTelemetryConfig'>>Quota: not tracked · OpenAPI: updateOrgTelemetryConfig
Post telemetry data for an organization. Sends telemetry events and
async postOrgTelemetry(
orgSlug: string,
telemetryData: PostOrgTelemetryPayload,
): Promise<SocketSdkGenericResult<PostOrgTelemetryResponse>>Quota: not tracked
Fetch organization audit log events.
Retrieve audit log events for an organization. Returns chronological log of
async getAuditLogEvents(
orgSlug: string,
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'getAuditLogEvents'>>Quota: 10 (Standard) · OpenAPI: getAuditLogEvents · Permissions: audit-log:list
Per-package and batch package analysis.
Get security score for a specific npm package and version. Returns
async getScoreByNpmPackage(
pkgName: string,
version: string,
): Promise<SocketSdkResult<'getScoreByNPMPackage'>>Quota: 10 (Standard) · OpenAPI: getScoreByNPMPackage
Get security issues for a specific npm package and version. Returns
async getIssuesByNpmPackage(
pkgName: string,
version: string,
): Promise<SocketSdkResult<'getIssuesByNPMPackage'>>Quota: 10 (Standard) · OpenAPI: getIssuesByNPMPackage
Fetch package analysis data for multiple packages in a single batch
async batchPackageFetch(
componentsObj: { components: Array<{ purl: string }> },
queryParams?: QueryParams | undefined,
): Promise<BatchPackageFetchResultType>Quota: 100 (Expensive) · OpenAPI: batchPackageFetch · Permissions: packages:list
Get package metadata and alerts by PURL strings for a specific
async batchOrgPackageFetch(
orgSlug: string,
componentsObj: { components: Array<{ purl: string }> },
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'batchPackageFetchByOrg'>>Quota: not tracked · OpenAPI: batchPackageFetchByOrg
Stream package analysis data for multiple packages with chunked processing
async *batchPackageStream(
componentsObj: { components: Array<{ purl: string }> },
options?: BatchPackageStreamOptions | undefined,
): AsyncGenerator<BatchPackageFetchResultType>Quota: 100 (Expensive) · OpenAPI: batchPackageStream · Permissions: packages:list
Check packages for malware and security alerts.
async checkMalware(
components: Array<{ purl: string }>,
): Promise<SocketSdkGenericResult<MalwareCheckResult>>Quota: not tracked
Search for dependencies across monitored projects. Returns matching
async searchDependencies(
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'searchDependencies'>>Quota: 100 (Expensive) · OpenAPI: searchDependencies
Upload manifests and snapshot dependency graphs.
Upload manifest files for dependency analysis. Processes package files to
async uploadManifestFiles(
orgSlug: string,
filepaths: string[],
options?: UploadManifestFilesOptions | undefined,
): Promise<UploadManifestFilesReturnType | UploadManifestFilesError>Quota: 100 (Expensive) · OpenAPI: uploadManifestFiles · Permissions: packages:upload
Create a snapshot of project dependencies by uploading manifest files.
async createDependenciesSnapshot(
filepaths: string[],
options?: CreateDependenciesSnapshotOptions | undefined,
): Promise<SocketSdkResult<'createDependenciesSnapshot'>>Quota: 100 (Expensive) · OpenAPI: createDependenciesSnapshot · Permissions: report:write
Get list of supported file types for full scan generation. Returns glob
async getSupportedFiles(
orgSlug: string,
): Promise<SocketSdkResult<'getSupportedFiles'>>Quota: not tracked · OpenAPI: getSupportedFiles
Export full scans in industry-standard formats.
Export scan results in CycloneDX SBOM format. Returns Software Bill of
async exportCDX(
orgSlug: string,
fullScanId: string,
): Promise<SocketSdkResult<'exportCDX'>>Quota: 0 (Free) · OpenAPI: exportCDX · Permissions: report:read
Export scan results in SPDX SBOM format. Returns Software Bill of Materials
async exportSPDX(
orgSlug: string,
fullScanId: string,
): Promise<SocketSdkResult<'exportSPDX'>>Quota: 0 (Free) · OpenAPI: exportSPDX · Permissions: report:read
Export vulnerability exploitability data as an OpenVEX v0.2.0 document.
async exportOpenVEX(
orgSlug: string,
id: string,
options?:
| {
author?: string | undefined
document_id?: string | undefined
role?: string | undefined
}
| undefined,
): Promise<SocketSdkResult<'exportOpenVEX'>>Quota: 0 (Free) · OpenAPI: exportOpenVEX · Permissions: report:read
Inspect current API quota.
Get current API quota usage and limits. Returns remaining requests, rate
async getQuota(): Promise<SocketSdkResult<'getQuota'>>Quota: 0 (Free) · OpenAPI: getQuota
Raw HTTP access for endpoints the SDK does not wrap.
Execute a raw GET request to any API endpoint with configurable response
async getApi<T = HttpResponse>(
urlPath: string,
options?: GetOptions | undefined,
): Promise<T | SocketSdkGenericResult<T>>Quota: 0 (Free) · OpenAPI: getApi
Send POST or PUT request with JSON body and return parsed JSON response.
async sendApi<T>(
urlPath: string,
options?: SendOptions | undefined,
): Promise<T | SocketSdkGenericResult<T>>Quota: 0 (Free) · OpenAPI: sendApi