Repositories
Introduction
The Socket Repositories page provides a comprehensive overview of all the repositories being monitored by Socket for security vulnerabilities and other issues. This guide will walk you through the features and functionalities of the Repositories page, helping you understand how to manage and review your repositories efficiently.
Overview
The Repositories page lists all the repositories associated with your organization, displaying critical information and allowing you to sort and filter the data to meet your needs.
Key Features
- Repository List: Displays all repositories being tracked, with options to sort and search.
- Reports: Shows the reports generated for each repository, including details about vulnerabilities and issues found.
- Alerts: Provides a detailed view of alerts categorized by severity and type.
- Dependencies: Lists the dependencies identified within each repository, helping to track and manage third-party packages.
- Advanced Tools: Includes tools for viewing npm scripts and licenses within the repository.
Repository List
The repository list is the main section where all tracked repositories are displayed.
Each repository entry includes Reports:
- Repository Name: The name of the repository.
- Branch: The branch of the repository being monitored.
- Pull Request: Information on associated pull requests.
- Commit: Details of the latest commit in the repository.
Sorting and Searching
You can sort the repositories by name or the date they were last updated. Use the search bar to quickly find a specific repository.
Reports
Each repository has an associated Reports section, where you can view all the reports that have run for that repository. Reports provide detailed insights into the security posture of the repository, including any detected vulnerabilities or issues.
Report Details
Clicking on a report will open a detailed view where you can see:
- Alerts: Detailed information on alerts, categorized by severity (Critical, High, Medium, Low).
- Dependencies: A list of dependencies found in the repository.
- Files: The specific files within the repository where issues were detected.
Alerts
The Alerts section within a report provides a comprehensive view of all the detected issues, allowing you to filter and sort by severity, category, and type. This helps in quickly identifying and prioritizing critical issues.
Dependencies
The Dependencies section lists transitive or direct dependencies used within the repository. This section is crucial for tracking and managing dependencies, ensuring that all packages are up-to-date and secure.
Files
The Files section lists files used within the repository. You can select individual files to view the contents.
Conclusion
The Socket Repositories page is a powerful tool for managing the security and compliance of your code repositories. By leveraging the features described in this guide, you can effectively monitor and address security issues, ensuring the integrity and safety of your software projects.
Updated 4 months ago