Thanks to visit codestin.com
Credit goes to github.com

Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: SocketDev/socket-python-cli
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.1.35
Choose a base ref
...
head repository: SocketDev/socket-python-cli
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.2.0
Choose a head ref
  • 1 commit
  • 13 files changed
  • 1 contributor

Commits on Aug 23, 2025

  1. fix: include license violations in diff results + SDK 2.1.8 upgrade (#… 

    …111)

* feat: upgrade to SDK 2.1.8 with lazy loading and improved committer handling

- Upgrade socket-sdk-python dependency to version 2.1.8 to support lazy file loading capabilities
- Enable lazy file loading in fullscans.post() with use_lazy_loading=True and max_open_files=50 to prevent "Too many open files" errors when processing large numbers of manifest files
- Remove custom lazy_file_loader module as this functionality is now handled by the SDK
- Fix committer display format by implementing proper priority order:
  1. CLI --committers argument (highest priority)
  2. CI/CD SCM username (GITHUB_ACTOR, GITLAB_USER_LOGIN, BITBUCKET_STEP_TRIGGERER_UUID)
  3. Git username extracted from email patterns (e.g., GitHub noreply emails)
  4. Git email address
  5. Git author name (fallback)
- Add get_formatted_committer() method to Git class to properly format committer strings instead of displaying raw git.Actor objects
- Include license alerts in diff processing by removing licenseSpdxDisj filter condition
- Change ulimit warning messages from log.warning to log.debug to reduce noise
- Update create_full_scan() method signature to accept file paths directly instead of pre-processed file objects
- Remove deprecated load_files_for_sending() method as lazy loading is now handled by the SDK

This update improves performance for large repositories, provides better committer identification in CI/CD environments, and ensures license violations are properly reported.

* feat: add --enable-diff flag and improve license policy violation handling

- Add --enable-diff flag to force differential scanning even when using --integration api
- Improve license policy violation grouping and display in PR comments
- Fix alert consolidation logic to prevent duplicate alerts based on manifest files
- Enhance empty baseline scan creation with proper file cleanup
- Add comprehensive test coverage for new enable_diff functionality
- Update documentation with new scanning mode examples and usage patterns

The --enable-diff flag enables differential mode without SCM integration,
useful for getting diff reports while using the API integration type.
License policy violations are now properly grouped by package and displayed
with consistent formatting in GitHub PR comments.

* changes for license processing

* Fixing login issues for pushing Docker image

* Another docker fix

* bumping minor version since the PR ended up having a lot of changes
    @dacoburn
    dacoburn authored Aug 23, 2025
    Configuration menu
    Copy the full SHA
    c9df808 View commit details
    Browse the repository at this point in the history
Loading