Repositories

Introduction

The Socket Repositories page provides a comprehensive overview of all the repositories being monitored by Socket for security vulnerabilities and other issues. This guide will walk you through the features and functionalities of the Repositories page, helping you understand how to manage and review your repositories efficiently.

Overview

The Repositories page lists all the repositories associated with your organization, displaying critical information and allowing you to sort and filter the data to meet your needs.

Key Features

  1. Repository List: Displays all repositories being tracked, with options to sort and search.
  2. Reports: Shows the reports generated for each repository, including details about vulnerabilities and issues found.
  3. Alerts: Provides a detailed view of alerts categorized by severity and type.
  4. Dependencies: Lists the dependencies identified within each repository, helping to track and manage third-party packages.
  5. Advanced Tools: Includes tools for viewing npm scripts and licenses within the repository.

Repository List

The repository list is the main section where all tracked repositories are displayed.

Repositories List

Each repository entry includes Reports:

  • Repository Name: The name of the repository.
  • Branch: The branch of the repository being monitored.
  • Pull Request: Information on associated pull requests.
  • Commit: Details of the latest commit in the repository.
Repositories List

Sorting and Searching

You can sort the repositories by name or the date they were last updated. Use the search bar to quickly find a specific repository.

Sort Options

Reports

Each repository has an associated Reports section, where you can view all the reports that have run for that repository. Reports provide detailed insights into the security posture of the repository, including any detected vulnerabilities or issues.

Reports

Report Details

Clicking on a report will open a detailed view where you can see:

  • Alerts: Detailed information on alerts, categorized by severity (Critical, High, Medium, Low).
  • Dependencies: A list of dependencies found in the repository.
  • Files: The specific files within the repository where issues were detected.
Report Details

Alerts

The Alerts section within a report provides a comprehensive view of all the detected issues, allowing you to filter and sort by severity, category, and type. This helps in quickly identifying and prioritizing critical issues.

Alerts

Dependencies

The Dependencies section lists transitive or direct dependencies used within the repository. This section is crucial for tracking and managing dependencies, ensuring that all packages are up-to-date and secure.

Dependencies

Files

The Files section lists files used within the repository. You can select individual files to view the contents.

Files

Conclusion

The Socket Repositories page is a powerful tool for managing the security and compliance of your code repositories. By leveraging the features described in this guide, you can effectively monitor and address security issues, ensuring the integrity and safety of your software projects.