Thanks to visit codestin.com
Credit goes to github.com

Skip to content

fix: Align SDK endpoints and tests with OpenAPI spec #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 9, 2025
Merged

fix: Align SDK endpoints and tests with OpenAPI spec #47

merged 1 commit into from
Sep 9, 2025

Conversation

dacoburn
Copy link
Collaborator

@dacoburn dacoburn commented Sep 9, 2025

Multiple Socket SDK endpoints were not properly aligned with the OpenAPI specification, causing unit tests to fail and incorrect API behavior. The PURL endpoint deduplication logic was grouping by batchIndex instead of inputPurl, causing different packages with the same batch index to be incorrectly merged into a single result.

Root Cause

  1. Deduplication Logic: The Dedupe.dedupe() function was using batchIndex for grouping packages instead of inputPurl, which caused different packages that happened to have the same batch index to be merged together incorrectly.

  2. API Specification Misalignment: Several SDK endpoints had incorrect URL paths, HTTP methods, and response handling that didn't match the actual OpenAPI specification, leading to failed API calls and incorrect behavior.

  3. Missing Functionality: Some endpoints were missing methods (like apitokens.list()) and parameters (like base_path for file uploads) that are available in the API.

Fix

  1. Fixed Deduplication Logic: Updated Dedupe.dedupe() to always group by inputPurl instead of batchIndex, ensuring different packages remain separate even if they share the same batch index. Maintained backward compatibility by keeping the batched parameter but ignoring its value.

  2. Aligned API Endpoints: Updated multiple endpoints to match OpenAPI specifications:

    • Fixed URL paths, HTTP methods, and status codes across 15+ endpoints
    • Added missing methods like apitokens.list() and enhanced parameter handling
    • Corrected file handling in report creation and other upload endpoints

  3. Enhanced File Upload Support: Added base_path parameter to file upload methods for cleaner file organization and better key naming in multipart uploads.

  4. Comprehensive Test Updates: Updated all unit tests to reflect correct API behavior and added proper mocking for 40+ endpoints.

Public Changelog

  • Fixed: PURL endpoint deduplication now correctly groups by inputPurl instead of batchIndex, ensuring different packages remain separate in results
  • Fixed: Multiple API endpoints now properly align with OpenAPI specifications for correct URL paths, HTTP methods, and response handling
  • Added: base_path parameter support in file upload methods for cleaner file organization
  • Added: Missing apitokens.list() method for retrieving organization API tokens
  • Enhanced: File upload handling in report creation and scan endpoints for better reliability

@dacoburn
fix: Align SDK endpoints and tests with OpenAPI spec
a8c2336 
- Fix deduplication logic to group by inputPurl instead of batchIndex
- Update API endpoints to match OpenAPI specifications:
  - fullscans: Support both listing and individual scan retrieval
  - report: Fix file handling and accept 200/201 status codes
  - diffscans: Correct path structure for create_from_repo
  - apitokens: Add list method and flexible update routing
  - auditlog: Fix query parameter handling
  - Multiple endpoints: Correct HTTP methods and response formats
- Add base_path parameter support for cleaner file organization
- Update all unit tests to match actual API behavior
- Remove batchIndex from deduped results while maintaining backward compatibility
- Comprehensive test coverage for 40+ endpoints with proper mocking
@dacoburn dacoburn requested a review from a team as a code owner September 9, 2025 06:40
@dacoburn dacoburn added the product changelog Any public-facing change in the product's features label Sep 9, 2025
@dacoburn dacoburn requested review from nolanlawson and reberhardt7 and removed request for a team September 9, 2025 06:40
@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 9, 2025

🚀 Preview package published!

Install with:

pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketdev==3.0.5.dev1

@dacoburn dacoburn merged commit cf621a4 into main Sep 9, 2025
6 checks passed
@dacoburn dacoburn deleted the doug/fix-dedupe-logic-for-purl branch September 9, 2025 07:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@barslev barslev barslev approved these changes

@nolanlawson nolanlawson Awaiting requested review from nolanlawson nolanlawson is a code owner automatically assigned from SocketDev/eng

@reberhardt7 reberhardt7 Awaiting requested review from reberhardt7 reberhardt7 is a code owner automatically assigned from SocketDev/eng

Assignees
No one assigned
Labels
product changelog Any public-facing change in the product's features
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dacoburn @barslev