Alert Actions

Alert ActionShows up in DashboardDevelopers see it (e.g. GitHub comment, CLI prints a warning)Developers blocked (GitHub PR fails, CLI errors)
Ignore
Monitor
Warn
Block

Ignore

Set alerts to "Ignore" if you don't want to see these alerts at all. This is great for cutting out noise and focusing on what matters in your project or orgnization. Alerts set to “Ignore” won't pop up in your pull requests (PRs) or merge requests (MRs), nor anywhere in the Socket platform, including in the Socket Dashboard (including Organization Alerts and Report Runs).

Monitor

Choose "Monitor" for alerts you're still evaluating. You'll see these in the Socket Dashboard, including in the organization-wide alert page and report summaries. This way, you can keep an eye on them without alerting developers or cluttering your PRs or MRs with potential false alarms.

Alerts in Monitor mode display findings in:

  • Socket Dashboard (including Organization Alerts and Report Runs)

Warn

Switch to "Warn" for alerts you trust and need to act on. These will show up in your PRs or MRs, the Socket Dashboard, and through any integrations you've set up, like Slack notifications or security incident and event management (SIEM) systems. It's for when you're ready to take findings seriously but not let them stop developer work.

Alerts in Warn mode display findings in:

  • Developers' PRs or MRs
  • Socket CLI (e.g. socket ci , socket report create , and safe-npm)
  • Socket Dashboard (including Organization Alerts and Report Runs)
  • Integrations (e.g. Slack alerts, Vanta, SIEM integrations)

Block

"Block" is for the highest confidence and severity issues. Using this will fail the Socket CI/CD check effectively blocking the PR or MR until the issue is resolved. This level is strict: if a Socket scan fails, so does your PR or MR. To prevent developers bypassing these alerts, GitHub users, for example, can enable branch protection and set the PR to fail if the Socket scan fails.

Alerts in Block mode display findings in:

  • Developers' PRs or MRs
  • Socket CLI (e.g. socket ci , socket report create , and safe-npm)
  • Socket Dashboard (including Organization Alerts and Report Runs)
  • Integrations (e.g. Slack alerts, Vanta, SIEM integrations)