just waiting on diff endpoint fix

Author: flowstate

pyproject.toml

@@ -12,9 +12,9 @@ dependencies = [
     'prettytable',
     'argparse',
     'GitPython',
-    'packaging'
+    'packaging',
     'python-dotenv',  # Add this
-    'socket-sdk-python @ file:///${PROJECT_ROOT}/../socket-sdk-python'
+    'socket-sdk-python'
 ]
 readme = "README.md"
 description = "Socket Security CLI for CI/CD"
@@ -62,7 +62,6 @@ include = [
 version = {attr = "socketsecurity.__version__"}
 
 
-pythonpath = "."
 
 [tool.coverage.run]
 source = ["socketsecurity"]

socketsecurity/config.py

@@ -3,13 +3,15 @@
 from dataclasses import dataclass
 from typing import List, Optional
 
+from socketdev import INTEGRATION_TYPES, IntegrationType
+
 
 @dataclass
 class CliConfig:
     api_token: str
     repo: Optional[str]
     branch: str = ""
-    committer: Optional[List[str]] = None
+    committers: Optional[List[str]] = None
     pr_number: str = "0"
     commit_message: Optional[str] = None
     default_branch: bool = False
@@ -26,6 +28,8 @@ class CliConfig:
     files: str = "[]"
     ignore_commit_files: bool = False
     disable_blocking: bool = False
+    integration_type: IntegrationType = "api"
+    integration_org_slug: Optional[str] = None
 
     @classmethod
     def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig':
@@ -35,28 +39,34 @@ def from_args(cls, args_list: Optional[List[str]] = None) -> 'CliConfig':
         # Get API token from env or args
         api_token = os.getenv("SOCKET_SECURITY_API_KEY") or args.api_token
 
-        return cls(
-            api_token=api_token,
-            repo=args.repo,
-            branch=args.branch,
-            committer=args.committer,
-            pr_number=args.pr_number,
-            commit_message=args.commit_message,
-            default_branch=args.default_branch,
-            target_path=args.target_path,
-            scm=args.scm,
-            sbom_file=args.sbom_file,
-            commit_sha=args.commit_sha,
-            generate_license=args.generate_license,
-            enable_debug=args.enable_debug,
-            allow_unverified=args.allow_unverified,
-            enable_json=args.enable_json,
-            disable_overview=args.disable_overview,
-            disable_security_issue=args.disable_security_issue,
-            files=args.files,
-            ignore_commit_files=args.ignore_commit_files,
-            disable_blocking=args.disable_blocking
-        )
+        config_args = {
+            'api_token': api_token,
+            'repo': args.repo,
+            'branch': args.branch,
+            'committers': args.committers,
+            'pr_number': args.pr_number,
+            'commit_message': args.commit_message,
+            'default_branch': args.default_branch,
+            'target_path': args.target_path,
+            'scm': args.scm,
+            'sbom_file': args.sbom_file,
+            'commit_sha': args.commit_sha,
+            'generate_license': args.generate_license,
+            'enable_debug': args.enable_debug,
+            'allow_unverified': args.allow_unverified,
+            'enable_json': args.enable_json,
+            'disable_overview': args.disable_overview,
+            'disable_security_issue': args.disable_security_issue,
+            'files': args.files,
+            'ignore_commit_files': args.ignore_commit_files,
+            'disable_blocking': args.disable_blocking,
+            'integration_type': args.integration,
+        }
+
+        if args.owner:
+            config_args['integration_org_slug'] = args.owner
+
+        return cls(**config_args)
 
 def create_argument_parser() -> argparse.ArgumentParser:
     parser = argparse.ArgumentParser(
@@ -76,14 +86,27 @@ def create_argument_parser() -> argparse.ArgumentParser:
         required=False
     )
 
+    parser.add_argument(
+        "--integration",
+        choices=INTEGRATION_TYPES,
+        help="Integration type",
+        default="api"
+    )
+
+    parser.add_argument(
+        "--owner",
+        help="Name of the integration owner, defaults to the socket organization slug",
+        required=False
+    )
+
     parser.add_argument(
         "--branch",
         help="Branch name",
         default=""
     )
 
     parser.add_argument(
-        "--committer",
+        "--committers",
         help="Committer(s) to filter by",
         nargs="*"
     )
@@ -103,7 +126,7 @@ def create_argument_parser() -> argparse.ArgumentParser:
     parser.add_argument(
         "--default-branch",
         action="store_true",
-        help="Use default branch"
+        help="Make this branch the default branch"
     )
 
     parser.add_argument(

socketsecurity/core/__init__.py

@@ -2,27 +2,22 @@
 import time
 from glob import glob
 from pathlib import PurePath
-from typing import Dict, List, Tuple, Optional
+from typing import Dict, List, Tuple
 
 from socketdev import socketdev
 from socketdev.fullscans import (
-    DiffArtifacts,
     DiffArtifact,
-    SecurityCapabilities,
-    Alert as SDKAlert,  # To distinguish from our Alert class
-    FullScanDiffReport
+    DiffArtifacts,
 )
-
 from socketdev.org import Organization
 
 from socketsecurity import __version__
+from socketsecurity.config import CliConfig
 from socketsecurity.core.classes import Diff, FullScan, FullScanParams, Issue, Package, Purl, Report, Repository
 from socketsecurity.core.exceptions import (
     APIResourceNotFound,
 )
 
-
-
 from .socket_config import SocketConfig
 from .utils import socket_globs
 
@@ -40,6 +35,7 @@ class Core:
 
     config: SocketConfig
     sdk: socketdev
+
     def __init__(self, config: SocketConfig, sdk: socketdev) -> None:
         self.config = config
         self.sdk = sdk
@@ -79,7 +75,7 @@ def get_sbom_data(self, full_scan_id: str) -> list:
         """
 
         response = self.sdk.fullscans.stream(self.config.org_slug, full_scan_id)
-        if(response.get("success", False) == False):
+        if(response.get("success", False) is False):
             log.debug(f"Failed to get SBOM data for full-scan {full_scan_id}")
             log.debug(response.get("message", "No message"))
             return []
@@ -143,7 +139,7 @@ def get_manifest_files(artifact: DiffArtifact, is_head: bool = True) -> str:
     def create_sbom_output(self, diff: Diff) -> dict:
         try:
             result = self.sdk.export.cdx_bom(self.config.org_slug, diff.id)
-            if(result.get("success", False) == False):
+            if(result.get("success", False) is False):
                 log.error(f"Failed to get CycloneDX Output for full-scan {diff.id}")
                 log.error(result.get("message", "No message"))
                 return {}
@@ -200,7 +196,7 @@ def create_full_scan(self, files: List[str], params: FullScanParams, workspace:
 
         create_full_start = time.time()
         log.debug("Creating new full scan")
-        params.org_slug = self.config.org_slug
+
         res = self.sdk.fullscans.post(files, params)
 
         # If the response is a string, it's an error message
@@ -334,7 +330,7 @@ def create_new_diff(
         except APIResourceNotFound:
             head_full_scan_id = None
 
-        # Create new scan and get diff report
+        # Create new scan
         new_scan_start = time.time()
         new_full_scan = self.create_full_scan(files, params, workspace)
 

socketsecurity/core/classes.py

@@ -65,6 +65,16 @@ def __init__(self, **kwargs):
     def __str__(self):
         return json.dumps(self.__dict__)
 
+    def to_dict(self) -> dict:
+        return {
+            "supplyChain": self.supplyChain if hasattr(self, "supplyChain") else 0,
+            "quality": self.quality if hasattr(self, "quality") else 0,
+            "maintenance": self.maintenance if hasattr(self, "maintenance") else 0,
+            "license": self.license if hasattr(self, "license") else 0,
+            "overall": self.overall if hasattr(self, "overall") else 0,
+            "vulnerability": self.vulnerability if hasattr(self, "vulnerability") else 0
+        }
+
 
 class Package:
     type: str
@@ -130,6 +140,31 @@ def __init__(self, **kwargs):
     def __str__(self):
         return json.dumps(self.__dict__)
 
+    def to_dict(self) -> dict:
+        return {
+            "type": self.type,
+            "name": self.name,
+            "version": self.version,
+            "release": self.release if hasattr(self, "release") else None,
+            "id": self.id,
+            "direct": self.direct,
+            "manifestFiles": self.manifestFiles,
+            "author": self.author,
+            "size": self.size,
+            "score": self.score if hasattr(self, "score") else {},
+            "scores": self.scores.to_dict() if hasattr(self, "scores") else {},
+            "alerts": self.alerts,
+            "error_alerts": self.error_alerts,
+            "alert_counts": self.alert_counts,
+            "topLevelAncestors": self.topLevelAncestors,
+            "url": self.url,
+            "transitives": self.transitives,
+            "license": self.license,
+            "license_text": self.license_text,
+            "purl": self.purl
+        }
+
+
 
 class Issue:
     pkg_type: str
@@ -300,7 +335,7 @@ class FullScanParams:
     commit_message: str
     commit_hash: str
     pull_request: int
-    committer: str
+    committers: str
     make_default_branch: bool
     set_as_pending_head: bool
 
@@ -340,6 +375,19 @@ def __init__(self, **kwargs):
     def __str__(self):
         return json.dumps(self.__dict__)
 
+    def to_dict(self) -> dict:
+        return {
+            "new_packages": [p.to_dict() for p in self.new_packages],
+            "new_capabilities": self.new_capabilities,
+            "removed_packages": [p.to_dict() for p in self.removed_packages],
+            "new_alerts": [alert.__dict__ for alert in self.new_alerts],
+            "id": self.id,
+            "sbom": self.sbom if hasattr(self, "sbom") else [],
+            "packages": {k: v.to_dict() for k, v in self.packages.items()} if hasattr(self, "packages") else {},
+            "report_url": self.report_url if hasattr(self, "report_url") else None,
+            "diff_url": self.diff_url if hasattr(self, "diff_url") else None
+        }
+
 
 class Purl:
     id: str
@@ -387,6 +435,24 @@ def generate_author_data(authors: list, ecosystem: str) -> str:
     def __str__(self):
         return json.dumps(self.__dict__)
 
+    def to_dict(self) -> dict:
+        return {
+            "id": self.id,
+            "name": self.name,
+            "version": self.version,
+            "ecosystem": self.ecosystem,
+            "direct": self.direct,
+            "author": self.author,
+            "size": self.size,
+            "transitives": self.transitives,
+            "introduced_by": self.introduced_by,
+            "capabilities": self.capabilities,
+            "is_new": self.is_new,
+            "author_url": self.author_url,
+            "url": self.url,
+            "purl": self.purl
+        }
+
 
 class GithubComment:
     url: str

socketsecurity/socketcli.py

@@ -4,16 +4,17 @@
 from dotenv import load_dotenv
 from git import InvalidGitRepositoryError, NoSuchPathError
 from socketdev import socketdev
+from socketdev.fullscans import FullScanParams
 
 from socketsecurity.config import CliConfig
 from socketsecurity.core import Core
-from socketsecurity.core.classes import Diff, FullScanParams
+from socketsecurity.core.classes import Diff
 from socketsecurity.core.cli_client import CliClient
-from socketsecurity.core.socket_config import SocketConfig
 from socketsecurity.core.git_interface import Git
 from socketsecurity.core.logging import initialize_logging, set_debug_mode
 from socketsecurity.core.messages import Messages
 from socketsecurity.core.scm_comments import Comments
+from socketsecurity.core.socket_config import SocketConfig
 from socketsecurity.output import OutputHandler
 
 socket_logger, log = initialize_logging()
@@ -131,15 +132,22 @@ def main_code():
     else:
         log.debug("Found manifest files or forced scan, proceeding")
 
+    org_slug = core.config.org_slug
+    integration_type = config.integration_type
+    integration_org_slug = config.integration_org_slug or org_slug
+
     params = FullScanParams(
+        org_slug=org_slug,
+        integration_type=integration_type,
+        integration_org_slug=integration_org_slug,
         repo=config.repo,
         branch=config.branch,
         commit_message=config.commit_message,
         commit_hash=config.commit_sha,
         pull_request=config.pr_number,
-        committers=config.committer,
-        make_default_branch=config.default_branch, # This and
-        set_as_pending_head=config.default_branch  # This are the same, do we need both?
+        committers=config.committers,
+        make_default_branch=config.default_branch,
+        set_as_pending_head=True
     )
 
     # Initialize diff