1063 usethis badge socket (#1080)

nathanjmcdougall · web-flow · commit e7563eef2ffa · 2025-11-05T19:59:38.000+13:00
* Add Socket badge implementation

* Add the socket badge to the README
diff --git a/README.md b/README.md
@@ -198,6 +198,7 @@ If you're not interested in templating automations, then [configurator](https://
 [![CodSpeed](https://img.shields.io/endpoint?url=https://codspeed.io/badge.json)](https://codspeed.io/usethis-python/usethis-python)
 [![uv](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/uv/main/assets/badge/v0.json)](https://github.com/astral-sh/uv)
 [![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+[![Socket Badge](https://badge.socket.dev/pypi/package/usethis)](https://socket.dev/pypi/package/usethis/overview)
 
 ### Roadmap
 
diff --git a/src/usethis/_core/badge.py b/src/usethis/_core/badge.py
@@ -55,6 +55,13 @@ def get_ruff_badge() -> Badge:
     )
 
 
+def get_socket_badge() -> Badge:
+    name = get_project_name()
+    return Badge(
+        markdown=f"[![Socket Badge](https://badge.socket.dev/pypi/package/{name})](https://socket.dev/pypi/package/{name}/overview)"
+    )
+
+
 def get_uv_badge() -> Badge:
     return Badge(
         markdown="[![uv](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/uv/main/assets/badge/v0.json)](https://github.com/astral-sh/uv)"
@@ -68,12 +75,17 @@ def get_usethis_badge() -> Badge:
 
 
 def get_badge_order() -> list[Badge]:
+    # Some general principles here:
+    # 1. Dynamic badges giving factual information about the package should go first
+    # 2. Static badges which list affiliation should go next e.g. uv, Ruff, etc.
+    # 3. Badges giving project scores, ratings, etc. should go last.
     return [
         get_pypi_badge(),
         get_uv_badge(),
         get_ruff_badge(),
         get_pre_commit_badge(),
         get_usethis_badge(),
+        get_socket_badge(),
     ]
 
 
diff --git a/src/usethis/_ui/interface/badge.py b/src/usethis/_ui/interface/badge.py
@@ -65,6 +65,23 @@ def pre_commit(
         _badge_effect(get_pre_commit_badge(), remove=remove, show=show)
 
 
+@app.command(
+    help="Add a badge with your PyPI package's supply chain security rating from Socket."
+)
+def socket(
+    remove: bool = remove_opt,
+    offline: bool = offline_opt,
+    quiet: bool = quiet_opt,
+    show: bool = show_opt,
+) -> None:
+    from usethis._config import usethis_config
+    from usethis._config_file import files_manager
+    from usethis._core.badge import get_socket_badge
+
+    with usethis_config.set(offline=offline, quiet=quiet), files_manager():
+        _badge_effect(get_socket_badge(), remove=remove, show=show)
+
+
 @app.command(help="Add a badge for usethis.")
 def usethis(
     remove: bool = remove_opt,
diff --git a/tests/usethis/_ui/interface/test_interface_badge.py b/tests/usethis/_ui/interface/test_interface_badge.py
@@ -86,6 +86,17 @@ def test_show(self, tmp_path: Path):
         assert result.exit_code == 0, result.output
 
 
+class TestSocket:
+    def test_add(self, tmp_path: Path):
+        # Act
+        runner = CliRunner()
+        with change_cwd(tmp_path):
+            result = runner.invoke_safe(app, ["socket"])
+
+        # Assert
+        assert result.exit_code == 0, result.output
+
+
 class TestPreCommit:
     def test_add(self, tmp_path: Path):
         # Act
