From 17d2a732cfe95591a608cbf42986c063c85a164b Mon Sep 17 00:00:00 2001 From: jdalton Date: Mon, 12 Jan 2026 15:41:14 -0500 Subject: [PATCH 1/2] fix(test): resolve TypeScript errors in fixDetails type handling Fixed TypeScript errors when accessing properties from index signature types in getRepoFixes test. The fixDetails response type uses Record which requires proper type assertions to access nested properties. - Add type assertion for fixDetail object - Add explicit type guards and runtime checks - Define inline type for value object with proper structure - Use type-safe access for all nested properties This resolves TS4111 (index signature access) and TS18048 (undefined checks) errors while maintaining runtime safety. --- .../socket-sdk-api-methods.coverage.test.mts | 43 +++++++++++++------ 1 file changed, 29 insertions(+), 14 deletions(-) diff --git a/test/unit/socket-sdk-api-methods.coverage.test.mts b/test/unit/socket-sdk-api-methods.coverage.test.mts index 10dca271..1c7fbb20 100644 --- a/test/unit/socket-sdk-api-methods.coverage.test.mts +++ b/test/unit/socket-sdk-api-methods.coverage.test.mts @@ -779,20 +779,35 @@ describe('SocketSdk - API Methods Coverage', () => { expect(result.data).toBeDefined() expect(result.data.fixDetails).toBeDefined() expect(result.data.fixDetails['GHSA-xxxx-yyyy-zzzz']).toBeDefined() - const fixDetail = result.data.fixDetails['GHSA-xxxx-yyyy-zzzz'] - if (fixDetail && 'type' in fixDetail && fixDetail.type === 'fixFound') { - expect(fixDetail.value.ghsa).toBe('GHSA-xxxx-yyyy-zzzz') - expect(fixDetail.value.cve).toBe('CVE-2024-1234') - expect(fixDetail.value.fixDetails.fixes).toBeInstanceOf(Array) - expect(fixDetail.value.fixDetails.fixes.length).toBeGreaterThan(0) - if (fixDetail.value.fixDetails.fixes[0]) { - expect(fixDetail.value.fixDetails.fixes[0].purl).toBe( - 'pkg:npm/lodash', - ) - expect(fixDetail.value.fixDetails.fixes[0].fixedVersion).toBe( - '2.0.0', - ) - expect(fixDetail.value.fixDetails.fixes[0].updateType).toBe('major') + const fixDetail = result.data.fixDetails[ + 'GHSA-xxxx-yyyy-zzzz' + ] as unknown + if ( + fixDetail && + typeof fixDetail === 'object' && + 'type' in fixDetail && + fixDetail.type === 'fixFound' && + 'value' in fixDetail + ) { + const value = fixDetail.value as { + ghsa: string + cve: string + fixDetails: { + fixes: Array<{ + purl: string + fixedVersion: string + updateType: string + }> + } + } + expect(value.ghsa).toBe('GHSA-xxxx-yyyy-zzzz') + expect(value.cve).toBe('CVE-2024-1234') + expect(value.fixDetails.fixes).toBeInstanceOf(Array) + expect(value.fixDetails.fixes.length).toBeGreaterThan(0) + if (value.fixDetails.fixes[0]) { + expect(value.fixDetails.fixes[0].purl).toBe('pkg:npm/lodash') + expect(value.fixDetails.fixes[0].fixedVersion).toBe('2.0.0') + expect(value.fixDetails.fixes[0].updateType).toBe('major') } } } From f0f2a1349d2d35be6772fac4390733dfe1dec51b Mon Sep 17 00:00:00 2001 From: jdalton Date: Mon, 12 Jan 2026 15:44:55 -0500 Subject: [PATCH 2/2] chore(deps): update dependencies and package manager MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Updated dependencies to latest versions: - pnpm: 10.27.0 → 10.28.0 (packageManager field) - @socketsecurity/lib: 5.2.1 → 5.4.1 - @dotenvx/dotenvx: ^1.51.2 → ^1.51.4 Updated lockfile with new dependency versions. --- package.json | 6 +++--- pnpm-lock.yaml | 20 ++++++++++---------- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/package.json b/package.json index 87240b73..d5b62212 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@socketsecurity/sdk", "version": "3.2.0", - "packageManager": "pnpm@10.27.0", + "packageManager": "pnpm@10.28.0", "license": "MIT", "description": "SDK for the Socket API client", "author": { @@ -57,7 +57,7 @@ }, "dependencies": { "@socketregistry/packageurl-js": "1.3.5", - "@socketsecurity/lib": "5.2.1", + "@socketsecurity/lib": "5.4.1", "form-data": "4.0.5" }, "devDependencies": { @@ -66,7 +66,7 @@ "@babel/traverse": "7.26.4", "@babel/types": "7.26.3", "@biomejs/biome": "2.2.4", - "@dotenvx/dotenvx": "^1.51.2", + "@dotenvx/dotenvx": "^1.51.4", "@eslint/compat": "1.3.2", "@eslint/js": "9.35.0", "@types/babel__traverse": "7.28.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index f39d1c4b..665f578a 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -15,8 +15,8 @@ importers: specifier: 1.3.5 version: 1.3.5 '@socketsecurity/lib': - specifier: 5.2.1 - version: 5.2.1(typescript@5.9.3) + specifier: 5.4.1 + version: 5.4.1(typescript@5.9.3) form-data: specifier: 4.0.5 version: 4.0.5 @@ -37,8 +37,8 @@ importers: specifier: 2.2.4 version: 2.2.4 '@dotenvx/dotenvx': - specifier: ^1.51.2 - version: 1.51.2 + specifier: ^1.51.4 + version: 1.51.4 '@eslint/compat': specifier: 1.3.2 version: 1.3.2(eslint@9.35.0(jiti@2.6.1)) @@ -250,8 +250,8 @@ packages: cpu: [x64] os: [win32] - '@dotenvx/dotenvx@1.51.2': - resolution: {integrity: sha512-+693mNflujDZxudSEqSNGpn92QgFhJlBn9q2mDQ9yGWyHuz3hZ8B5g3EXCwdAz4DMJAI+OFCIbfEFZS+YRdrEA==} + '@dotenvx/dotenvx@1.51.4': + resolution: {integrity: sha512-AoziS8lRQ3ew/lY5J4JSlzYSN9Fo0oiyMBY37L3Bwq4mOQJT5GSrdZYLFPt6pH1LApDI3ZJceNyx+rHRACZSeQ==} hasBin: true '@ecies/ciphers@0.2.5': @@ -689,8 +689,8 @@ packages: resolution: {integrity: sha512-Fl4GNUJ/z3IBJBGj4IsJfuRGUBCRMgX0df0mb5x5buaCPDKC+NhMhAFuxpc3viLSHV12CO2rGaNCf4fBYWI0FA==} engines: {node: '>=18', pnpm: '>=10.16.0'} - '@socketsecurity/lib@5.2.1': - resolution: {integrity: sha512-o35SxGhSlg/jEXEGyqRDJt0Q9ujYuV3fMTWX7ZRVqa+8nz2bV0Mfyohli0l1Zbds5F78Z4upLXxCcXIPuX3f+w==} + '@socketsecurity/lib@5.4.1': + resolution: {integrity: sha512-YOPKzwhHj6W6vhtkx+Lfrgm1j/WMrM7QZe3AJvipVokN5ZKxCuqN27dGzlkhKJhXGVGw0iXYE39uxy950TkkVA==} engines: {node: '>=22', pnpm: '>=10.25.0'} peerDependencies: typescript: '>=5.0.0' @@ -2440,7 +2440,7 @@ snapshots: '@biomejs/cli-win32-x64@2.2.4': optional: true - '@dotenvx/dotenvx@1.51.2': + '@dotenvx/dotenvx@1.51.4': dependencies: commander: 11.1.0 dotenv: 17.2.3 @@ -2758,7 +2758,7 @@ snapshots: '@socketregistry/packageurl-js@1.3.5': {} - '@socketsecurity/lib@5.2.1(typescript@5.9.3)': + '@socketsecurity/lib@5.4.1(typescript@5.9.3)': optionalDependencies: typescript: 5.9.3