Doug/add unverified option (#56)

* feat: Add allow_unverified option to disable SSL certificate verification

- Add allow_unverified parameter to socketdev constructor (defaults to False)
- Add set_allow_unverified method to API class
- Pass verify=not allow_unverified to requests.request() calls
- Add comprehensive unit tests for the new functionality
- Update README.rst with documentation for the new parameter
- Maintains backward compatibility with existing code

This allows users to disable SSL verification for testing environments
with self-signed certificates while keeping secure defaults for production.

* chore: Remove temporary test file that was accidentally committed

Author: dacoburn

README.rst

@@ -20,7 +20,8 @@ Initializing the module
 **PARAMETERS:**
 
 - **token (str)** - The Socket API Key for your Organization
-- **Timeout (int)** - The number of seconds to wait before failing the connection
+- **timeout (int)** - The number of seconds to wait before failing the connection
+- **allow_unverified (bool)** - Whether to skip SSL certificate verification (default: False). Set to True for testing with self-signed certificates.
 
 Supported Functions
 -------------------

socketdev/__init__.py

@@ -44,11 +44,12 @@
 
 
 class socketdev:
-    def __init__(self, token: str, timeout: int = 1200):
+    def __init__(self, token: str, timeout: int = 1200, allow_unverified: bool = False):
         self.api = API()
         self.token = token + ":"
         self.api.encode_key(self.token)
         self.api.set_timeout(timeout)
+        self.api.set_allow_unverified(allow_unverified)
 
         self.dependencies = Dependencies(self.api)
         self.export = Export(self.api)

socketdev/core/api.py

@@ -25,13 +25,17 @@ def __init__(self):
         self.encoded_key = None
         self.api_url = "https://api.socket.dev/v0"
         self.request_timeout = 30
+        self.allow_unverified = False
 
     def encode_key(self, token: str):
         self.encoded_key = base64.b64encode(token.encode()).decode("ascii")
 
     def set_timeout(self, timeout: int):
         self.request_timeout = timeout
 
+    def set_allow_unverified(self, allow_unverified: bool):
+        self.allow_unverified = allow_unverified
+
     def do_request(
         self,
         path: str,
@@ -58,7 +62,8 @@ def format_headers(headers_dict):
         try:
 
             response = requests.request(
-                method.upper(), url, headers=headers, data=payload, files=files, timeout=self.request_timeout
+                method.upper(), url, headers=headers, data=payload, files=files, 
+                timeout=self.request_timeout, verify=not self.allow_unverified
             )
             request_duration = time.time() - start_time
 

socketdev/version.py

@@ -1 +1 @@
-__version__ = "3.0.17"
+__version__ = "3.0.19"

tests/unit/test_socket_sdk_unit.py

@@ -36,6 +36,20 @@ def test_sdk_initialization(self):
         for component in expected_components:
             self.assertTrue(hasattr(sdk, component), f"SDK missing component: {component}")
 
+    def test_sdk_initialization_with_allow_unverified(self):
+        """Test that the SDK initializes correctly with allow_unverified option."""
+        # Test default behavior (allow_unverified=False)
+        sdk_default = socketdev(token="test-token")
+        self.assertFalse(sdk_default.api.allow_unverified)
+        
+        # Test with allow_unverified=True
+        sdk_unverified = socketdev(token="test-token", allow_unverified=True)
+        self.assertTrue(sdk_unverified.api.allow_unverified)
+        
+        # Test with explicit allow_unverified=False
+        sdk_verified = socketdev(token="test-token", allow_unverified=False)
+        self.assertFalse(sdk_verified.api.allow_unverified)
+
     def test_fullscan_params_creation(self):
         """Test FullScanParams dataclass creation and conversion."""
         params = FullScanParams(