🚀 Launch Week Day 4:Introducing the Alert Details Page: A Better Way to Explore Alerts.Learn More →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@socketsecurity/registry

Package Overview
Dependencies
Maintainers
2
Versions
332
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@socketsecurity/registry

Socket Registry - Core utilities and infrastructure for Socket.dev security tools

latest
Source
npmnpm
Version
2.0.2
Version published
Weekly downloads
4.5K
14.87%
Maintainers
2
Weekly downloads
 
Created
Source

@socketsecurity/registry

Socket Badge CI

Follow @SocketSecurity Follow @socket.dev on Bluesky

Query Socket Registry manifest data. Zero dependencies, ~5KB.

Installation

pnpm install @socketsecurity/registry

Usage

import { getManifestData, PURL_Type } from '@socketsecurity/registry'

// Get all manifest data
const manifest = getManifestData()

// Get ecosystem packages
const npmPackages = getManifestData('npm')

// Get specific package
const pkg = getManifestData('npm', 'deep-equal')
console.log(pkg.name) // '@socketregistry/deep-equal'
console.log(pkg.version) // '2.2.3'
console.log(pkg.categories) // ['speedup', 'cleanup']

API

getManifestData()

function getManifestData(): Manifest
function getManifestData(ecosystem: string): ManifestEntry[] | undefined
function getManifestData(ecosystem: string, packageName: string): ManifestEntryData | ManifestEntry | undefined

version

import { version } from '@socketsecurity/registry'

Types

type ManifestEntryData = {
  categories?: ('cleanup' | 'levelup' | 'speedup' | 'tuneup')[]
  deprecated?: boolean
  engines?: Record<string, string>
  interop?: ('browserify' | 'cjs' | 'esm')[]
  license?: string
  name: string // Socket registry name
  package: string // Original package name
  version: string
  [key: string]: unknown
}

type ManifestEntry = [purl: string, data: ManifestEntryData]
type Manifest = Record<string, ManifestEntry[]>

PURL_Type enum

Ecosystem identifiers: APK, BITBUCKET, CARGO, COCOAPODS, COMPOSER, CONAN, CONDA, CRAN, DEB, DOCKER, GEM, GENERIC, GITHUB, GOLANG, HACKAGE, HEX, HUGGINGFACE, MAVEN, MLFLOW, NPM, NUGET, OCI, PUB, PYPI, QPKG, RPM, SWID, SWIFT, VCS

Additional Exports

import manifest from '@socketsecurity/registry/manifest.json'
import pkg from '@socketsecurity/registry/package.json'
import extensions from '@socketsecurity/registry/extensions.json'

Breaking Changes in v2.0.0

  • Removed all utility subpath exports (constants, lib utilities, etc.)
  • Removed all runtime dependencies
  • Focused solely on manifest data access

Pin to v1.x if you need the removed utilities.

License

MIT

Keywords

Socket.dev
security
registry
npm
packages

FAQs

Package last updated on 02 Nov 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

curl Shuts Down Bug Bounty Program After Flood of AI Slop Reports

Security News

curl Shuts Down Bug Bounty Program After Flood of AI Slop Reports

A surge of AI-generated vulnerability reports has pushed open source maintainers to rethink bug bounties and tighten security disclosure processes.

By Sarah Gooding  -  Jan 23, 2026
Introducing Immutable Scans

Product

Introducing Immutable Scans

Scan results now load faster and remain consistent over time, with stable URLs and on-demand rescans for fresh security data.

By Nolan Lawson  -  Jan 23, 2026