Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion 2 pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ build-backend = "hatchling.build"

[project]
name = "socketdev"
version = "3.1.0"
version = "3.1.1"
requires-python = ">= 3.9"
dependencies = [
'requests',
Expand Down
2 changes: 1 addition & 1 deletion 2 socketdev/core/issues.py
Original file line number Diff line number Diff line change
Expand Up @@ -463,7 +463,7 @@ class didYouMean:

def __init__(self):
self.description = "Package name is similar to other popular packages and may not be the package you want."
self.props = {"alternatePackage": "Alternate package", "downloads": "Downloads", "downloadsRatio": "Download ratio", "editDistance": "Edit distance"}
self.props = {"alternatePackage": "Alternate package", "detectedAt": "Detected at"}
self.suggestion = "Use care when consuming similarly named packages and ensure that you did not intend to consume a different package. Malicious packages often publish using similar names as existing popular packages."
self.title = "Possible typosquat attack"
self.emoji = "\ud83e\uddd0"
Expand Down
2 changes: 1 addition & 1 deletion 2 socketdev/version.py
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "3.1.0"
__version__ = "3.1.1"
28 changes: 28 additions & 0 deletions 28 tests/unit/test_issues_did_you_mean_props.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
"""Contract test for the didYouMean alert-type class's props.

The OpenAPI schema (`socket-sdk-js/openapi.json` around line 9298) declares
that the API emits `didYouMean` alerts with ``props: { alternatePackage,
detectedAt }``. The Python SDK previously declared four props
(``alternatePackage``, ``downloads``, ``downloadsRatio``, ``editDistance``);
the latter three are no longer in the API schema and were dead keys at
runtime — and ``detectedAt`` was missing.

Tracks CUS2-5. Sibling of CUS2-4.
"""

import unittest

from socketdev.core.issues import didYouMean


class TestDidYouMeanProps(unittest.TestCase):
def test_props_match_openapi_schema(self):
"""API emits props { alternatePackage, detectedAt } (openapi.json:9298)."""
issue = didYouMean()
self.assertEqual(set(issue.props.keys()), {"alternatePackage", "detectedAt"})

def test_props_label_strings_are_non_empty(self):
"""Every props key must have a non-empty human-readable label."""
issue = didYouMean()
for key, label in issue.props.items():
self.assertTrue(label, f"props[{key!r}] label should not be empty")
2 changes: 1 addition & 1 deletion 2 uv.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Morty Proxy This is a proxified and sanitized view of the page, visit original site.