From 3e56be08e2cc43f576e17abf743c0f255dc21003 Mon Sep 17 00:00:00 2001 From: Peter van der Zee Date: Fri, 6 Jun 2025 05:03:38 -0500 Subject: [PATCH] Threat-feed; use new api endpoint, add search flags --- src/commands/threat-feed/cmd-threat-feed.mts | 64 +++++++++++++------ .../threat-feed/cmd-threat-feed.test.mts | 7 ++ .../threat-feed/fetch-threat-feed.mts | 14 +++- .../threat-feed/handle-threat-feed.mts | 9 +++ 4 files changed, 71 insertions(+), 23 deletions(-) diff --git a/src/commands/threat-feed/cmd-threat-feed.mts b/src/commands/threat-feed/cmd-threat-feed.mts index b2617fd6d..a7c66de76 100644 --- a/src/commands/threat-feed/cmd-threat-feed.mts +++ b/src/commands/threat-feed/cmd-threat-feed.mts @@ -22,6 +22,24 @@ const config: CliCommandConfig = { flags: { ...commonFlags, ...outputFlags, + direction: { + type: 'string', + shortFlag: 'd', + default: 'desc', + description: 'Order asc or desc by the createdAt attribute', + }, + eco: { + type: 'string', + shortFlag: 'e', + default: '', + description: 'Only show threats for a particular ecosystem', + }, + filter: { + type: 'string', + shortFlag: 'f', + default: 'mal', + description: 'Filter what type of threats to return', + }, interactive: { type: 'boolean', default: true, @@ -33,35 +51,25 @@ const config: CliCommandConfig = { description: 'Force override the organization slug, overrides the default org from config', }, - perPage: { - type: 'number', - shortFlag: 'pp', - default: 30, - description: 'Number of items per page', - }, page: { type: 'string', shortFlag: 'p', default: '1', description: 'Page token', }, - direction: { - type: 'string', - shortFlag: 'd', - default: 'desc', - description: 'Order asc or desc by the createdAt attribute', + perPage: { + type: 'number', + shortFlag: 'pp', + default: 30, + description: 'Number of items per page', }, - eco: { + pkg: { type: 'string', - shortFlag: 'e', - default: '', - description: 'Only show threats for a particular ecosystem', + description: 'Filter by this package name', }, - filter: { + version: { type: 'string', - shortFlag: 'f', - default: 'mal', - description: 'Filter what type of threats to return', + description: 'Filter by this package version', }, }, help: (command, config) => ` @@ -102,6 +110,11 @@ const config: CliCommandConfig = { - nuget - pypi + Note: if you filter by package name or version, it will do so for anything + unless you also filter by that ecosystem and/or package name. When in + doubt, look at the threat-feed and see the names in the name/version + column. That's what you want to search for. + Examples $ ${command}${isTestingV1() ? '' : ' FakeOrg'} $ ${command}${isTestingV1() ? '' : ' FakeOrg'} --perPage=5 --page=2 --direction=asc --filter=joke @@ -126,7 +139,15 @@ async function run( parentName, }) - const { dryRun, interactive, json, markdown, org: orgFlag } = cli.flags + const { + dryRun, + interactive, + json, + markdown, + org: orgFlag, + pkg, + version, + } = cli.flags const outputKind = getOutputKind(json, markdown) const [orgSlug] = await determineOrgSlug( @@ -177,7 +198,10 @@ async function run( ecosystem: String(cli.flags['eco'] || ''), filter: String(cli.flags['filter'] || 'mal'), outputKind, + orgSlug, page: String(cli.flags['page'] || '1'), perPage: Number(cli.flags['perPage']) || 30, + pkg: String(pkg || ''), + version: String(version || ''), }) } diff --git a/src/commands/threat-feed/cmd-threat-feed.test.mts b/src/commands/threat-feed/cmd-threat-feed.test.mts index 85f20783a..578bc9353 100644 --- a/src/commands/threat-feed/cmd-threat-feed.test.mts +++ b/src/commands/threat-feed/cmd-threat-feed.test.mts @@ -39,6 +39,8 @@ describe('socket threat-feed', async () => { --org Force override the organization slug, overrides the default org from config --page Page token --perPage Number of items per page + --pkg Filter by this package name + --version Filter by this package version Valid filters: @@ -63,6 +65,11 @@ describe('socket threat-feed', async () => { - nuget - pypi + Note: if you filter by package name or version, it will do so for anything + unless you also filter by that ecosystem and/or package name. When in + doubt, look at the threat-feed and see the names in the name/version + column. That's what you want to search for. + Examples $ socket threat-feed FakeOrg $ socket threat-feed FakeOrg --perPage=5 --page=2 --direction=asc --filter=joke" diff --git a/src/commands/threat-feed/fetch-threat-feed.mts b/src/commands/threat-feed/fetch-threat-feed.mts index b383d4043..21236b0d0 100644 --- a/src/commands/threat-feed/fetch-threat-feed.mts +++ b/src/commands/threat-feed/fetch-threat-feed.mts @@ -7,25 +7,33 @@ export async function fetchThreatFeed({ direction, ecosystem, filter, + orgSlug, page, perPage, + pkg, + version, }: { direction: string ecosystem: string filter: string + orgSlug: string page: string perPage: number + pkg: string + version: string }): Promise> { const queryParams = new URLSearchParams([ ['direction', direction], ['ecosystem', ecosystem], - ['filter', filter], - ['page', page], + filter ? ['filter', filter] : ['', ''], + ['page_cursor', page], ['per_page', String(perPage)], + pkg ? ['name', pkg] : ['', ''], + version ? ['version', version] : ['', ''], ]) return await queryApiSafeJson( - `threat-feed?${queryParams}`, + `orgs/${orgSlug}/threat-feed?${queryParams}`, 'the Threat Feed data', ) } diff --git a/src/commands/threat-feed/handle-threat-feed.mts b/src/commands/threat-feed/handle-threat-feed.mts index 85e87a406..b3c1753d0 100644 --- a/src/commands/threat-feed/handle-threat-feed.mts +++ b/src/commands/threat-feed/handle-threat-feed.mts @@ -7,23 +7,32 @@ export async function handleThreatFeed({ direction, ecosystem, filter, + orgSlug, outputKind, page, perPage, + pkg, + version, }: { direction: string ecosystem: string filter: string outputKind: OutputKind + orgSlug: string page: string perPage: number + pkg: string + version: string }): Promise { const data = await fetchThreatFeed({ direction, ecosystem, filter, + orgSlug, page, perPage, + pkg, + version, }) await outputThreatFeed(data, outputKind)