Skip to content

Fix stale didYouMean props #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lelia merged 4 commits into from
May 22, 2026
+32 −4
Merged

Fix stale didYouMean props #81

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f7236da
test: failing regression for stale didYouMean props
flowstate May 21, 2026
3fec08f
fix(issues): drop stale didYouMean props, add detectedAt
flowstate May 21, 2026
3e2afce
chore(release): bump to 3.1.1 and sync pyproject.toml
flowstate May 21, 2026
5e9d425
chore: sync uv.lock to 3.1.1
flowstate May 22, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ build-backend = "hatchling.build"

[project]
name = "socketdev"
version = "3.1.0"
version = "3.1.1"
requires-python = ">= 3.9"
dependencies = [
'requests',
Expand Down
2 changes: 1 addition & 1 deletion socketdev/core/issues.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -463,7 +463,7 @@ class didYouMean:

def __init__(self):
self.description = "Package name is similar to other popular packages and may not be the package you want."
self.props = {"alternatePackage": "Alternate package", "downloads": "Downloads", "downloadsRatio": "Download ratio", "editDistance": "Edit distance"}
self.props = {"alternatePackage": "Alternate package", "detectedAt": "Detected at"}
self.suggestion = "Use care when consuming similarly named packages and ensure that you did not intend to consume a different package. Malicious packages often publish using similar names as existing popular packages."
self.title = "Possible typosquat attack"
self.emoji = "\ud83e\uddd0"
Expand Down
2 changes: 1 addition & 1 deletion socketdev/version.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "3.1.0"
__version__ = "3.1.1"
28 changes: 28 additions & 0 deletions tests/unit/test_issues_did_you_mean_props.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
"""Contract test for the didYouMean alert-type class's props.

The OpenAPI schema (`socket-sdk-js/openapi.json` around line 9298) declares
that the API emits `didYouMean` alerts with ``props: { alternatePackage,
detectedAt }``. The Python SDK previously declared four props
(``alternatePackage``, ``downloads``, ``downloadsRatio``, ``editDistance``);
the latter three are no longer in the API schema and were dead keys at
runtime — and ``detectedAt`` was missing.

Tracks CUS2-5. Sibling of CUS2-4.
"""

import unittest

from socketdev.core.issues import didYouMean


class TestDidYouMeanProps(unittest.TestCase):
def test_props_match_openapi_schema(self):
"""API emits props { alternatePackage, detectedAt } (openapi.json:9298)."""
issue = didYouMean()
self.assertEqual(set(issue.props.keys()), {"alternatePackage", "detectedAt"})

def test_props_label_strings_are_non_empty(self):
"""Every props key must have a non-empty human-readable label."""
issue = didYouMean()
for key, label in issue.props.items():
self.assertTrue(label, f"props[{key!r}] label should not be empty")
2 changes: 1 addition & 1 deletion uv.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading