Gitattributes eol typo#1086
Draft
cursor[bot] wants to merge 3099 commits intounbeta_license_featuresfrom
Draft
Conversation
- Remove unsupported --no-update-notifier flag from pnpm wrapper - Add test for pnpm dlx usage scenario - Update CLAUDE.md to forbid dynamic imports - Revert setup action to use pnpm dlx approach
* use proper tmp directory in fix e2e tests * rename fixture to simple-npm * create e2e tests for the socket scan reach and socket scan reach --reach-exclude-paths commands * e2e test --reach-ecosystems * add requirements.txt fixture * assert correct recahability structure in one of the e2e tests * fix lint issues * add reachability e2e tests to test the --cwd option and target argument * upgrade @coana-tech/cli to v14.12.117 * fix typo * ignore all fixtures * upgrade coana to version 14.12.118 * increase e2e test timeout
* update coana to v14.12.126 * fix tags
…pper (#985) Co-authored-by: John-David Dalton <jdalton@users.noreply.github.com>
…king alerts were found. (#986) This is the expected behaviour based on our docs: https://docs.socket.dev/docs/socket-ci#non-zero-exit-code Co-authored-by: Graydon Hope <graydonhope@mac.lan>
* Use @socketsecurity/socket-patch for patch command - Replace inline patch implementation with @socketsecurity/socket-patch@1.0.0 - Use runPatch() from socket-patch/run for programmatic invocation - Remove deleted handle-patch.mts, manifest-schema.mts, output-patch-result.mts - Add SOCKET_PATCH_PROXY_URL environment variable support - Forward socket-cli environment to socket-patch options * update lockfile --------- Co-authored-by: John-David Dalton <jdalton@users.noreply.github.com>
Co-authored-by: John-David Dalton <jdalton@users.noreply.github.com>
* feat(config): use EditableJson for non-destructive config saving Use EditableJson for preserving existing properties and key order when updating config values. This prevents overwriting unrelated config properties during partial updates. - Add standalone EditableJson implementation in src/utils/editable-json.mts - Update config.mts to use EditableJson for config file writes - Fix socketAppDataPath usage to include config.json filename - Add resetConfigForTesting() helper for test isolation - Update tests to use Node.js built-in fs functions * fix: address PR review feedback - Preserve JSON formatting by using editor's indent/newline symbols - Handle deleted config keys explicitly (editor.update only merges) - Capture config snapshot at write time, not schedule time - Fix load method create parameter to actually create empty state * fix: TypeScript compilation errors - Fix symbol index type errors with type assertions - Remove unused getDefaultFormatting function - Add null check for match[1] in detectIndent - Remove unused contentWithoutImport variable * fix: ESLint errors in config and editable-json - Fix import sort order in config.test.mts (promises as fs sorted by alias name) - Add no-await-in-loop eslint-disable comments for retry loops in editable-json.mts - Remove unused eslint-disable directive * chore: remove unused imports from config.test.mts
* add --reach-lazy-mode. update coana to v138 * add missing option validation --------- Co-authored-by: John-David Dalton <jdalton@users.noreply.github.com>
* add --silence flag to suppress non-output stdout/stderr when running socket fix * fix silence bug. debug output to e2e reachability tests * upgrade coana. fix formatting
…1014) * set scanType to socket_tier1 when creating reachability full scans * fix changelog link
* fix(glob): add dot:true to match dotfiles and dot directories
Ensures fastGlob matches files and directories starting with a dot in
gitIgnoreStream and globWorkspace functions.
* fix(glob): add dot:true to micromatch for dot directory matching
Adds { dot: true } option to micromatch.some() calls in
filterBySupportedScanFiles() and isReportSupportedFile() to ensure
patterns like **/poetry.lock match files in dot directories such as
.mcp-servers/neo4j/poetry.lock.
* style: fix linting issues
…1006) Removes the semver-based Node version check that was filtering manifest entries, allowing all Socket registry overrides to be applied regardless of the Node version specified in package engines.
* fix: prevent heap overflow in large monorepo scans Add streaming-based filtering to globWithGitIgnore to prevent heap overflow when scanning large monorepos with 100k+ files. Instead of accumulating all file paths and filtering afterwards, files are now filtered during streaming which dramatically reduces memory usage. Changes: - Add `filter` option to globWithGitIgnore for early filtering during streaming - Add createSupportedFilesFilter helper to create filter from supported files - Update getPackageFilesForScan to use streaming filter - Add comprehensive tests for the new filter functionality Fixes SMO-522 * Update src/utils/glob.mts Signed-off-by: John-David Dalton <jdalton@users.noreply.github.com> --------- Signed-off-by: John-David Dalton <jdalton@users.noreply.github.com> Co-authored-by: John-David Dalton <jdalton@users.noreply.github.com>
Update socket-patch dependency from v1.0.0 to v1.2.0, which includes: - Progress spinner for scan command - Improved test coverage This update addresses reviewer feedback in depscan PR #16387 regarding the socket-patch version mismatch. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
License related alerts are no longer experimental
Author
|
Cursor Agent can help with this pull request. Just |
ammkrn
force-pushed
the
unbeta_license_features
branch
from
600799b to
050cf80
Compare
scutuatua-crypto
approved these changes
Feb 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
14 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Correct
eol=lfstoeol=lfin.gitattributesto ensure proper line-ending normalization.