Every public method on SocketSdk, grouped by domain. For the runtime model (result shape, pagination, file uploads, escape hatches), see SDK Concepts. For quota planning, see Quota Management.
There are 72 public methods.
- Full scans
- Diff scans
- Repositories
- Repository labels
- Organizations
- Alerts & triage
- Webhooks
- Patches
- API tokens
- Policies
- Telemetry
- Audit log
- Packages
- Dependencies & manifests
- Exports
- Quota
- Escape hatches
Create, fetch, list, and delete organization-level full security scans.
Create a full security scan for an organization.
async createFullScan(
orgSlug: string,
filepaths: string[],
options: CreateFullScanOptions,
): Promise<FullScanResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: CreateOrgFullScan · Permissions: full-scans:create
Create a full scan from an archive file (.tar, .tar.gz/.tgz, or .zip).
async createOrgFullScanFromArchive(
orgSlug: string,
archivePath: string,
options: {
branch?: string | undefined
commit_hash?: string | undefined
commit_message?: string | undefined
committers?: string | undefined
integration_org_slug?: string | undefined
integration_type?:
| 'api'
| 'azure'
| 'bitbucket'
| 'github'
| 'gitlab'
| 'web'
| undefined
make_default_branch?: boolean | undefined
pull_request?: number | undefined
repo: string
scan_type?: string | undefined
set_as_pending_head?: boolean | undefined
tmp?: boolean | undefined
workspace?: string | undefined
},
): Promise<SocketSdkResult<'CreateOrgFullScanArchive'>>Quota: not tracked · OpenAPI: CreateOrgFullScanArchive
Get complete full scan results buffered in memory.
async getFullScan(
orgSlug: string,
scanId: string,
): Promise<FullScanResult | StrictErrorResult>Quota: not tracked · OpenAPI: getOrgFullScan
Get metadata for a specific full scan.
async getFullScanMetadata(
orgSlug: string,
scanId: string,
): Promise<FullScanResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgFullScanMetadata · Permissions: full-scans:list
List all full scans for an organization.
async listFullScans(
orgSlug: string,
options?: ListFullScansOptions | undefined,
): Promise<FullScanListResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgFullScanList · Permissions: full-scans:list
Stream a full scan's results to file or stdout.
async streamFullScan(
orgSlug: string,
scanId: string,
options?: StreamOrgFullScanOptions | undefined,
): Promise<SocketSdkResult<'getOrgFullScan'>>Quota: not tracked · OpenAPI: getOrgFullScan
Download full scan files as a tar archive.
async downloadOrgFullScanFilesAsTar(
orgSlug: string,
fullScanId: string,
outputPath: string,
): Promise<SocketSdkResult<'downloadOrgFullScanFilesAsTar'>>Quota: not tracked · OpenAPI: downloadOrgFullScanFilesAsTar
Create a new full scan by rescanning an existing scan.
async rescanFullScan(
orgSlug: string,
fullScanId: string,
options?:
| {
mode?: 'shallow' | 'deep' | undefined
}
| undefined,
): Promise<SocketSdkResult<'rescanOrgFullScan'>>Quota: not tracked · OpenAPI: rescanOrgFullScan
Delete a full scan from an organization.
async deleteFullScan(
orgSlug: string,
scanId: string,
): Promise<DeleteResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: deleteOrgFullScan · Permissions: full-scans:delete
Compare two scans and inspect the diff.
Create a diff scan from two full scan IDs.
async createOrgDiffScanFromIds(
orgSlug: string,
options: {
after: string
before: string
description?: string | undefined
external_href?: string | undefined
merge?: boolean | undefined
},
): Promise<SocketSdkResult<'createOrgDiffScanFromIds'>>Quota: 0 (Free) · OpenAPI: createOrgDiffScanFromIds · Permissions: diff-scans:create
Get details for a specific diff scan.
async getDiffScanById(
orgSlug: string,
diffScanId: string,
): Promise<SocketSdkResult<'getDiffScanById'>>Quota: 0 (Free) · OpenAPI: getDiffScanById · Permissions: diff-scans:list
Get GitHub-flavored markdown comments for a diff scan.
async getDiffScanGfm(
orgSlug: string,
diffScanId: string,
options?: { github_installation_id?: string | undefined } | undefined,
): Promise<SocketSdkResult<'GetDiffScanGfm'>>Quota: not tracked · OpenAPI: GetDiffScanGfm
List all diff scans for an organization.
async listOrgDiffScans(
orgSlug: string,
): Promise<SocketSdkResult<'listOrgDiffScans'>>Quota: 0 (Free) · OpenAPI: listOrgDiffScans · Permissions: diff-scans:list
Delete a diff scan from an organization.
async deleteOrgDiffScan(
orgSlug: string,
diffScanId: string,
): Promise<SocketSdkResult<'deleteOrgDiffScan'>>Quota: 0 (Free) · OpenAPI: deleteOrgDiffScan · Permissions: diff-scans:delete
Manage repositories tracked by the organization.
Create a new repository in an organization.
async createRepository(
orgSlug: string,
repoSlug: string,
params?:
| {
archived?: boolean | undefined
default_branch?: null | string | undefined
description?: null | string | undefined
homepage?: null | string | undefined
visibility?: 'private' | 'public' | undefined
workspace?: string | undefined
}
| undefined,
): Promise<RepositoryResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: createOrgRepo · Permissions: repo:create
Get details for a specific repository.
async getRepository(
orgSlug: string,
repoSlug: string,
options?: GetRepositoryOptions | undefined,
): Promise<RepositoryResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepo · Permissions: repo:list
List all repositories in an organization.
async listRepositories(
orgSlug: string,
options?: ListRepositoriesOptions | undefined,
): Promise<RepositoriesListResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepoList · Permissions: repo:list
Update configuration for a repository.
async updateRepository(
orgSlug: string,
repoSlug: string,
params?: QueryParams | undefined,
options?: GetRepositoryOptions | undefined,
): Promise<RepositoryResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: updateOrgRepo · Permissions: repo:update
Delete a repository from an organization.
async deleteRepository(
orgSlug: string,
repoSlug: string,
options?: GetRepositoryOptions | undefined,
): Promise<DeleteResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: deleteOrgRepo · Permissions: repo:delete
Per-repo labels for filtering and grouping.
Create a new repository label for an organization.
async createRepositoryLabel(
orgSlug: string,
labelData: QueryParams,
): Promise<RepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: createOrgRepoLabel · Permissions: repo-label:create
Get details for a specific repository label.
async getRepositoryLabel(
orgSlug: string,
labelId: string,
): Promise<RepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepoLabel · Permissions: repo-label:list
List all repository labels for an organization.
async listRepositoryLabels(
orgSlug: string,
options?: QueryParams | undefined,
): Promise<RepositoryLabelsListResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrgRepoLabelList · Permissions: repo-label:list
Update a repository label for an organization.
async updateRepositoryLabel(
orgSlug: string,
labelId: string,
labelData: QueryParams,
): Promise<RepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: updateOrgRepoLabel · Permissions: repo-label:update
Delete a repository label from an organization.
async deleteRepositoryLabel(
orgSlug: string,
labelId: string,
): Promise<DeleteRepositoryLabelResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: deleteOrgRepoLabel · Permissions: repo-label:delete
Org listing, analytics, and entitlements.
List all organizations accessible to the current user.
async listOrganizations(): Promise<OrganizationsResult | StrictErrorResult>Quota: 0 (Free) · OpenAPI: getOrganizations
Get analytics data for organization usage patterns and security metrics.
async getOrgAnalytics(
time: string,
): Promise<SocketSdkResult<'getOrgAnalytics'>>Quota: 10 (Standard) · OpenAPI: getOrgAnalytics · Permissions: report:write
Get analytics data for a specific repository.
async getRepoAnalytics(
repo: string,
time: string,
): Promise<SocketSdkResult<'getRepoAnalytics'>>Quota: 10 (Standard) · OpenAPI: getRepoAnalytics · Permissions: report:write
Retrieve the enabled entitlements for an organization.
async getEnabledEntitlements(orgSlug: string): Promise<string[]>Quota: 0 (Free) · OpenAPI: getEnabledEntitlements
Retrieve all entitlements for an organization.
async getEntitlements(orgSlug: string): Promise<Entitlement[]>Quota: 0 (Free) · OpenAPI: getEntitlements
Surface and triage alerts across an organization.
List latest alerts for an organization (Beta).
async getOrgAlertsList(
orgSlug: string,
options?:
| {
'filters.alertAction'?: string | undefined
'filters.alertAction.notIn'?: string | undefined
'filters.alertCategory'?: string | undefined
'filters.alertCategory.notIn'?: string | undefined
'filters.alertCveId'?: string | undefined
'filters.alertCveId.notIn'?: string | undefined
'filters.alertCveTitle'?: string | undefined
'filters.alertCveTitle.notIn'?: string | undefined
'filters.alertCweId'?: string | undefined
'filters.alertCweId.notIn'?: string | undefined
'filters.alertCweName'?: string | undefined
'filters.alertCweName.notIn'?: string | undefined
'filters.alertEPSS'?: string | undefined
'filters.alertEPSS.notIn'?: string | undefined
'filters.alertFixType'?: string | undefined
'filters.alertFixType.notIn'?: string | undefined
'filters.alertKEV'?: boolean | undefined
'filters.alertKEV.notIn'?: boolean | undefined
'filters.alertPriority'?: string | undefined
'filters.alertPriority.notIn'?: string | undefined
'filters.alertReachabilityType'?: string | undefined
'filters.alertReachabilityType.notIn'?: string | undefined
'filters.alertSeverity'?: string | undefined
'filters.alertSeverity.notIn'?: string | undefined
'filters.alertStatus'?: string | undefined
'filters.alertStatus.notIn'?: string | undefined
'filters.alertType'?: string | undefined
'filters.alertType.notIn'?: string | undefined
'filters.alertUpdatedAt.eq'?: string | undefined
'filters.alertUpdatedAt.gt'?: string | undefined
'filters.alertUpdatedAt.gte'?: string | undefined
'filters.alertUpdatedAt.lt'?: string | undefined
'filters.alertUpdatedAt.lte'?: string | undefined
'filters.repoFullName'?: string | undefined
'filters.repoFullName.notIn'?: string | undefined
'filters.repoLabels'?: string | undefined
'filters.repoLabels.notIn'?: string | undefined
'filters.repoSlug'?: string | undefined
'filters.repoSlug.notIn'?: string | undefined
per_page?: number | undefined
startAfterCursor?: string | undefined
}
| undefined,
): Promise<SocketSdkResult<'alertsList'>>Quota: not tracked · OpenAPI: alertsList
List full scans associated with a specific alert.
async getOrgAlertFullScans(
orgSlug: string,
options: {
alertKey: string
per_page?: number | undefined
range?: string | undefined
startAfterCursor?: string | undefined
},
): Promise<SocketSdkResult<'alertFullScans'>>Quota: not tracked · OpenAPI: alertFullScans
Get organization triage settings and status.
async getOrgTriage(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgTriage'>>Quota: 0 (Free) · OpenAPI: getOrgTriage · Permissions: triage:alerts-list
Update alert triage status for an organization.
async updateOrgAlertTriage(
orgSlug: string,
alertId: string,
triageData: QueryParams,
): Promise<SocketSdkResult<'updateOrgAlertTriage'>>Quota: 0 (Free) · OpenAPI: updateOrgAlertTriage · Permissions: triage:alerts-update
Fetch available fixes for vulnerabilities in a repository or scan.
async getOrgFixes(
orgSlug: string,
options: {
allow_major_updates: boolean
full_scan_id?: string | undefined
include_details?: boolean | undefined
include_responsible_direct_dependencies?: boolean | undefined
minimum_release_age?: string | undefined
repo_slug?: string | undefined
vulnerability_ids: string
},
): Promise<SocketSdkResult<'fetch-fixes'>>Quota: not tracked
Manage outbound webhooks for organization events.
Create a new webhook for an organization.
async createOrgWebhook(
orgSlug: string,
webhookData: {
description?: null | string | undefined
events: string[]
filters?: { repositoryIds: null | string[] } | null | undefined
headers?: null | Record<string, unknown> | undefined
name: string
secret: string
url: string
},
): Promise<SocketSdkResult<'createOrgWebhook'>>Quota: not tracked · OpenAPI: createOrgWebhook
Get details of a specific webhook.
async getOrgWebhook(
orgSlug: string,
webhookId: string,
): Promise<SocketSdkResult<'getOrgWebhook'>>Quota: not tracked · OpenAPI: getOrgWebhook
List all webhooks for an organization.
async getOrgWebhooksList(
orgSlug: string,
options?:
| {
direction?: string | undefined
page?: number | undefined
per_page?: number | undefined
sort?: string | undefined
}
| undefined,
): Promise<SocketSdkResult<'getOrgWebhooksList'>>Quota: not tracked · OpenAPI: getOrgWebhooksList
Update an existing webhook's configuration.
async updateOrgWebhook(
orgSlug: string,
webhookId: string,
webhookData: {
description?: null | string | undefined
events?: string[] | undefined
filters?: { repositoryIds: null | string[] } | null | undefined
headers?: null | Record<string, unknown> | undefined
name?: string | undefined
secret?: null | string | undefined
url?: string | undefined
},
): Promise<SocketSdkResult<'updateOrgWebhook'>>Quota: not tracked · OpenAPI: updateOrgWebhook
Delete a webhook from an organization.
async deleteOrgWebhook(
orgSlug: string,
webhookId: string,
): Promise<SocketSdkResult<'deleteOrgWebhook'>>Quota: not tracked · OpenAPI: deleteOrgWebhook
Browse and download Socket security patches.
View detailed information about a specific patch by its UUID.
async viewPatch(orgSlug: string, uuid: string): Promise<PatchViewResponse>Quota: 0 (Free) · OpenAPI: viewPatch · Permissions: patches:view
Download patch file content from Socket blob storage.
async downloadPatch(
hash: string,
options?: { baseUrl?: string | undefined } | undefined,
): Promise<string>Quota: not tracked
Stream patches for artifacts in a scan report.
async streamPatchesFromScan(
orgSlug: string,
scanId: string,
): Promise<ReadableStream<ArtifactPatches>>Quota: 0 (Free) · OpenAPI: streamPatchesFromScan · Permissions: patches:list
Provision, rotate, and revoke API tokens for the organization.
Get list of API tokens for an organization.
async getAPITokens(
orgSlug: string,
): Promise<SocketSdkResult<'getAPITokens'>>Quota: 10 (Standard) · OpenAPI: getAPITokens · Permissions: api-token:list
Create a new API token for an organization.
async postAPIToken(
orgSlug: string,
tokenData: QueryParams,
): Promise<SocketSdkResult<'postAPIToken'>>Quota: 10 (Standard) · OpenAPI: postAPIToken · Permissions: api-token:create
Update an existing API token for an organization.
async postAPITokenUpdate(
orgSlug: string,
tokenId: string,
updateData: QueryParams,
): Promise<SocketSdkResult<'postAPITokenUpdate'>>Quota: 10 (Standard) · OpenAPI: postAPITokenUpdate · Permissions: api-token:update
Rotate an API token for an organization.
async postAPITokensRotate(
orgSlug: string,
tokenId: string,
): Promise<SocketSdkResult<'postAPITokensRotate'>>Quota: 10 (Standard) · OpenAPI: postAPITokensRotate · Permissions: api-token:rotate
Revoke an API token for an organization.
async postAPITokensRevoke(
orgSlug: string,
tokenId: string,
): Promise<SocketSdkResult<'postAPITokensRevoke'>>Quota: 10 (Standard) · OpenAPI: postAPITokensRevoke · Permissions: api-token:revoke
Read and update license + security policy settings.
Get organization's license policy configuration.
async getOrgLicensePolicy(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgLicensePolicy'>>Quota: 0 (Free) · OpenAPI: getOrgLicensePolicy · Permissions: settings:read
Update organization's license policy configuration.
async updateOrgLicensePolicy(
orgSlug: string,
policyData: QueryParams,
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'updateOrgLicensePolicy'>>Quota: 0 (Free) · OpenAPI: updateOrgLicensePolicy · Permissions: settings:write
Get organization's security policy configuration.
async getOrgSecurityPolicy(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgSecurityPolicy'>>Quota: 0 (Free) · OpenAPI: getOrgSecurityPolicy · Permissions: settings:read
Update organization's security policy configuration.
async updateOrgSecurityPolicy(
orgSlug: string,
policyData: QueryParams,
): Promise<SocketSdkResult<'updateOrgSecurityPolicy'>>Quota: 0 (Free) · OpenAPI: updateOrgSecurityPolicy · Permissions: settings:write
Update user or organization settings.
async postSettings(
selectors: Array<{ organization?: string | undefined }>,
): Promise<SocketSdkResult<'postSettings'>>Quota: 0 (Free) · OpenAPI: postSettings
Inspect and configure organization telemetry.
Get organization's telemetry configuration.
async getOrgTelemetryConfig(
orgSlug: string,
): Promise<SocketSdkResult<'getOrgTelemetryConfig'>>Quota: not tracked · OpenAPI: getOrgTelemetryConfig
Update organization's telemetry configuration.
async updateOrgTelemetryConfig(
orgSlug: string,
telemetryData: { enabled?: boolean | undefined },
): Promise<SocketSdkResult<'updateOrgTelemetryConfig'>>Quota: not tracked · OpenAPI: updateOrgTelemetryConfig
Post telemetry data for an organization.
async postOrgTelemetry(
orgSlug: string,
telemetryData: PostOrgTelemetryPayload,
): Promise<SocketSdkGenericResult<PostOrgTelemetryResponse>>Quota: not tracked
Fetch organization audit log events.
Retrieve audit log events for an organization.
async getAuditLogEvents(
orgSlug: string,
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'getAuditLogEvents'>>Quota: 10 (Standard) · OpenAPI: getAuditLogEvents · Permissions: audit-log:list
Per-package and batch package analysis.
Get security score for a specific npm package and version.
async getScoreByNpmPackage(
pkgName: string,
version: string,
): Promise<SocketSdkResult<'getScoreByNPMPackage'>>Quota: 10 (Standard) · OpenAPI: getScoreByNPMPackage
Get security issues for a specific npm package and version.
async getIssuesByNpmPackage(
pkgName: string,
version: string,
): Promise<SocketSdkResult<'getIssuesByNPMPackage'>>Quota: 10 (Standard) · OpenAPI: getIssuesByNPMPackage
Fetch package analysis data for multiple packages in a single batch request.
async batchPackageFetch(
componentsObj: { components: Array<{ purl: string }> },
queryParams?: QueryParams | undefined,
): Promise<BatchPackageFetchResultType>Quota: 100 (Expensive) · OpenAPI: batchPackageFetch · Permissions: packages:list
Get package metadata and alerts by PURL strings for a specific organization.
async batchOrgPackageFetch(
orgSlug: string,
componentsObj: { components: Array<{ purl: string }> },
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'batchPackageFetchByOrg'>>Quota: not tracked · OpenAPI: batchPackageFetchByOrg
Stream package analysis data for multiple packages with chunked processing and concurrency control.
async *batchPackageStream(
componentsObj: { components: Array<{ purl: string }> },
options?: BatchPackageStreamOptions | undefined,
): AsyncGenerator<BatchPackageFetchResultType>Quota: 100 (Expensive) · OpenAPI: batchPackageStream · Permissions: packages:list
Check packages for malware and security alerts.
async checkMalware(
components: Array<{ purl: string }>,
): Promise<SocketSdkGenericResult<MalwareCheckResult>>Quota: not tracked
Search for dependencies across monitored projects.
async searchDependencies(
queryParams?: QueryParams | undefined,
): Promise<SocketSdkResult<'searchDependencies'>>Quota: 100 (Expensive) · OpenAPI: searchDependencies
Upload manifests and snapshot dependency graphs.
Upload manifest files for dependency analysis.
async uploadManifestFiles(
orgSlug: string,
filepaths: string[],
options?: UploadManifestFilesOptions | undefined,
): Promise<UploadManifestFilesReturnType | UploadManifestFilesError>Quota: 100 (Expensive) · OpenAPI: uploadManifestFiles · Permissions: packages:upload
Create a snapshot of project dependencies by uploading manifest files.
async createDependenciesSnapshot(
filepaths: string[],
options?: CreateDependenciesSnapshotOptions | undefined,
): Promise<SocketSdkResult<'createDependenciesSnapshot'>>Quota: 100 (Expensive) · OpenAPI: createDependenciesSnapshot · Permissions: report:write
Get list of supported file types for full scan generation.
async getSupportedFiles(
orgSlug: string,
): Promise<SocketSdkResult<'getSupportedFiles'>>Quota: not tracked · OpenAPI: getSupportedFiles
Export full scans in industry-standard formats.
Export scan results in CycloneDX SBOM format.
async exportCDX(
orgSlug: string,
fullScanId: string,
): Promise<SocketSdkResult<'exportCDX'>>Quota: 0 (Free) · OpenAPI: exportCDX · Permissions: report:read
Export scan results in SPDX SBOM format.
async exportSPDX(
orgSlug: string,
fullScanId: string,
): Promise<SocketSdkResult<'exportSPDX'>>Quota: 0 (Free) · OpenAPI: exportSPDX · Permissions: report:read
Export vulnerability exploitability data as an OpenVEX v0.2.0 document.
async exportOpenVEX(
orgSlug: string,
id: string,
options?:
| {
author?: string | undefined
document_id?: string | undefined
role?: string | undefined
}
| undefined,
): Promise<SocketSdkResult<'exportOpenVEX'>>Quota: 0 (Free) · OpenAPI: exportOpenVEX · Permissions: report:read
Inspect current API quota.
Get current API quota usage and limits.
async getQuota(): Promise<SocketSdkResult<'getQuota'>>Quota: 0 (Free) · OpenAPI: getQuota
Raw HTTP access for endpoints the SDK does not wrap.
Execute a raw GET request to any API endpoint with configurable response type.
async getApi<T = HttpResponse>(
urlPath: string,
options?: GetOptions | undefined,
): Promise<T | SocketSdkGenericResult<T>>Quota: 0 (Free) · OpenAPI: getApi
Send POST or PUT request with JSON body and return parsed JSON response.
async sendApi<T>(
urlPath: string,
options?: SendOptions | undefined,
): Promise<T | SocketSdkGenericResult<T>>Quota: 0 (Free) · OpenAPI: sendApi