…111)

* feat: upgrade to SDK 2.1.8 with lazy loading and improved committer handling

- Upgrade socket-sdk-python dependency to version 2.1.8 to support lazy file loading capabilities
- Enable lazy file loading in fullscans.post() with use_lazy_loading=True and max_open_files=50 to prevent "Too many open files" errors when processing large numbers of manifest files
- Remove custom lazy_file_loader module as this functionality is now handled by the SDK
- Fix committer display format by implementing proper priority order:
  1. CLI --committers argument (highest priority)
  2. CI/CD SCM username (GITHUB_ACTOR, GITLAB_USER_LOGIN, BITBUCKET_STEP_TRIGGERER_UUID)
  3. Git username extracted from email patterns (e.g., GitHub noreply emails)
  4. Git email address
  5. Git author name (fallback)
- Add get_formatted_committer() method to Git class to properly format committer strings instead of displaying raw git.Actor objects
- Include license alerts in diff processing by removing licenseSpdxDisj filter condition
- Change ulimit warning messages from log.warning to log.debug to reduce noise
- Update create_full_scan() method signature to accept file paths directly instead of pre-processed file objects
- Remove deprecated load_files_for_sending() method as lazy loading is now handled by the SDK

This update improves performance for large repositories, provides better committer identification in CI/CD environments, and ensures license violations are properly reported.

* feat: add --enable-diff flag and improve license policy violation handling

- Add --enable-diff flag to force differential scanning even when using --integration api
- Improve license policy violation grouping and display in PR comments
- Fix alert consolidation logic to prevent duplicate alerts based on manifest files
- Enhance empty baseline scan creation with proper file cleanup
- Add comprehensive test coverage for new enable_diff functionality
- Update documentation with new scanning mode examples and usage patterns

The --enable-diff flag enables differential mode without SCM integration,
useful for getting diff reports while using the API integration type.
License policy violations are now properly grouped by package and displayed
with consistent formatting in GitHub PR comments.

* changes for license processing

* Fixing login issues for pushing Docker image

* Another docker fix

* bumping minor version since the PR ended up having a lot of changes

* Removing test files

* Adding support for both gitlab token styles

…113)

* Migrate from socket-sdk-python to socketdev>=3.0.0 and switch to uv

- Update pyproject.toml to use socketdev>=3.0.0,<4.0.0 instead of socket-sdk-python
- Replace pip-tools with uv for dependency management
- Update Makefile to use uv commands (uv pip compile, uv pip sync, etc.)
- Update Dockerfile to install socketdev instead of socket-sdk-python
- Update deployment scripts to reference socketdev
- Update README to reflect uv usage
- Regenerate all requirements files with uv
- Add requirements-test.txt file
- Update SOCKET_SDK_PATH references to point to ../socketdev
- Version bump to 2.2.3

* Switch to uv.lock for dependency management

- Replace requirements.txt files with uv.lock
- Update Makefile to use 'uv sync' instead of pip-compile workflow
- Simplify dependency management with 'uv lock' and 'uv sync --all-extras'
- Update test and lint commands to use 'uv run'
- Remove old requirements.txt, requirements-dev.txt, requirements-test.txt files
- Update README documentation to reflect uv.lock workflow
- Version bump to 2.2.4

…tly failing (#114)

* chore: add slack webhook debugging

* Version bump

---------

Co-authored-by: Douglas <[email protected]>
Co-authored-by: Douglas Coburn <[email protected]>

…#119)

- Add get_manifest_file_url() method with GitHub/GitLab/Bitbucket support
- Support environment variables for custom SCM servers (GitHub Enterprise, self-hosted GitLab, Bitbucket Server)
- Fix manifest file links in security comments to use proper SCM URLs instead of Socket dashboard URLs
- Fix 'View full report' links to use diff_url for PRs and report_url for non-PR scans
- Add base_path parameter to create_full_scan() for improved path handling
- Update socketdev dependency to >=3.0.5 for latest features
- Add os module import for environment variable access
- Update type hints for better code clarity

…name (#120)

- Add --sub-path option to scan manifest files in a subdirectory while preserving git context from target-path
- Add --workspace-name option to append suffix to repository name (repo-name-workspace_name)
- Require both options to be used together with validation
- Update scanning logic to use combined target_path + sub_path for manifest file detection
- Modify repository naming to include workspace suffix when provided
- Preserve git repository context (commits, branches, etc.) from main target-path
- Enable Socket CLI to work with monorepo structures where manifests are in subdirectories

This allows users to scan specific workspaces within a monorepo while maintaining proper git context and

* Updated readme and updated sdk requirements

* feat: enhance monorepo support with multiple --sub-path options

- Add support for multiple --sub-path arguments to scan different directories within a single workspace
- Require --workspace-name when using --sub-path for proper workspace identification
- Optimize base_paths parameter to pass target_path for simplified SDK integration
- Update argument validation to enforce sub_paths and workspace_name pairing
- Add comprehensive README documentation with monorepo examples and usage patterns
- Include GitHub Actions workflow examples for monorepo CI/CD scenarios
- Extend parameter table with detailed descriptions of new CLI options

This enhancement enables scanning multiple directories (e.g., frontend, backend, services/api)
as a single workspace while preserving git context from the repository root, making it ideal
for organizations with monorepo structures.