@coana-tech/cli 13.17.19 → 13.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.js +14 -7
- package/package.json +1 -1
package/cli.js
CHANGED
|
@@ -95795,13 +95795,17 @@ var init_other_modules_communicator = __esm({
|
|
|
95795
95795
|
}
|
|
95796
95796
|
return providedArgs;
|
|
95797
95797
|
}
|
|
95798
|
-
async prepareProjectAndGetProjectData(packageManagerName, subprojectPath, workspacePaths, providedOptions) {
|
|
95798
|
+
async prepareProjectAndGetProjectData(packageManagerName, subprojectPath, workspacePaths, lightweightReachability, providedOptions) {
|
|
95799
95799
|
const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
|
|
95800
95800
|
return this.runPackageManagerCommandWithOutput(
|
|
95801
95801
|
"prepareProjectAndGetProjectData",
|
|
95802
95802
|
packageManagerName,
|
|
95803
95803
|
subprojectPath,
|
|
95804
|
-
[
|
|
95804
|
+
[
|
|
95805
|
+
...workspacePaths,
|
|
95806
|
+
...await this.getProvidedArgsForSubproject(subprojectPath, providedOptions),
|
|
95807
|
+
...lightweightReachability ? [] : ["--install-dependencies"]
|
|
95808
|
+
],
|
|
95805
95809
|
["--export-dir", tmpDir]
|
|
95806
95810
|
);
|
|
95807
95811
|
}
|
|
@@ -185213,7 +185217,7 @@ var require_version = __commonJS({
|
|
|
185213
185217
|
"use strict";
|
|
185214
185218
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
185215
185219
|
exports2.version = void 0;
|
|
185216
|
-
exports2.version = "13.
|
|
185220
|
+
exports2.version = "13.18.0";
|
|
185217
185221
|
}
|
|
185218
185222
|
});
|
|
185219
185223
|
|
|
@@ -185488,7 +185492,7 @@ var require_cli_core = __commonJS({
|
|
|
185488
185492
|
}
|
|
185489
185493
|
return {
|
|
185490
185494
|
type: "providee",
|
|
185491
|
-
provider: await providerOtherModulesCommunicator.prepareProjectAndGetProjectData(packageManagerName, providerProject, providerWorkspaces ?? providerSubproject.workspacePaths, { type: "provider" })
|
|
185495
|
+
provider: await providerOtherModulesCommunicator.prepareProjectAndGetProjectData(packageManagerName, providerProject, providerWorkspaces ?? providerSubproject.workspacePaths, this.options.lightweightReachability, { type: "provider" })
|
|
185492
185496
|
};
|
|
185493
185497
|
}
|
|
185494
185498
|
async runOnSubproject(otherModulesCommunicator, subProjAndWsPath, reachabilitySupported) {
|
|
@@ -185539,7 +185543,7 @@ var require_cli_core = __commonJS({
|
|
|
185539
185543
|
}
|
|
185540
185544
|
};
|
|
185541
185545
|
this.sendProgress("PREPARE_PROJECT_AND_GET_PROJECT_DATA", true, subprojectPath);
|
|
185542
|
-
const projectInfo = await otherModulesCommunicator.prepareProjectAndGetProjectData(packageManagerName, subprojectPath, workspacePaths, this.options.providerProject ? await this.runOnProvider(this.options.providerProject) : void 0);
|
|
185546
|
+
const projectInfo = await otherModulesCommunicator.prepareProjectAndGetProjectData(packageManagerName, subprojectPath, workspacePaths, this.options.lightweightReachability, this.options.providerProject ? await this.runOnProvider(this.options.providerProject) : void 0);
|
|
185543
185547
|
this.sendProgress("PREPARE_PROJECT_AND_GET_PROJECT_DATA", false, subprojectPath);
|
|
185544
185548
|
const workspaceToVulnerabilities = Object.fromEntries(await (0, async_1.asyncMap)(workspacePaths, async (workspacePath) => this.spinner.wrap(`Scanning for vulnerabilities: (${subProjAndWsPath.packageManagerName}) ${(0, path_1.join)(subProjAndWsPath.subprojectPath, workspacePath)}`, async () => {
|
|
185545
185549
|
const dependencyTree = projectInfo[workspacePath].dataForAnalysis.dependencyTree;
|
|
@@ -185601,7 +185605,10 @@ var require_cli_core = __commonJS({
|
|
|
185601
185605
|
// entryPoints are only supported for root workspace atm.
|
|
185602
185606
|
entryPoints: workspacePath === "." ? this.options.entryPoints : void 0,
|
|
185603
185607
|
excludeDirs: this.options.excludeDirs
|
|
185604
|
-
}, {
|
|
185608
|
+
}, {
|
|
185609
|
+
disableBucketing: !!this.options.disableAnalysisSplitting,
|
|
185610
|
+
lightweightReachability: this.options.lightweightReachability
|
|
185611
|
+
}, this.reportId, this.options.apiKey);
|
|
185605
185612
|
this.sendProgress("REACHABILITY_ANALYSIS", false, subprojectPath, workspacePath);
|
|
185606
185613
|
return res;
|
|
185607
185614
|
}
|
|
@@ -185701,7 +185708,7 @@ var cli_core_1 = require_cli_core();
|
|
|
185701
185708
|
var version_1 = require_version();
|
|
185702
185709
|
var program = new commander_1.Command();
|
|
185703
185710
|
var run = new commander_1.Command();
|
|
185704
|
-
run.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new commander_1.Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <dirs...>", "globs for directories to include from the detection of subprojects (space-separated). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <dirs...>", "globs for directories to exclude from the detection of subprojects (space-separated). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze. Currently NPM, PIP, MAVEN and GO are supported. Default is all supported ecosystems.", (ecosystems) => ecosystems.split(" ").map((e) => e.toUpperCase())).option("--changed-files <files...>", "List of files that have changed. If provided, Coana only analyzes workspaces and modules that contain changed files.").option("--disable-report-submission", "Disable the submission of the report to the Coana dashboard. Used by the pipeline blocking feature.", false).option("--provider-project <path>", "File system path to folder containing the provider project (Only supported for Maven, Gradle, and SBT)").option("--provider-workspaces <dirs...>", "List of workspaces that build the provided runtime environment (Only supported for Maven, Gradle, and SBT)", (paths) => paths.split(" ")).addOption(new commander_1.Option("--run-without-docker", "Run package managers and reachability analyzers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).version(version_1.version).configureHelp({ sortOptions: true }).action(async (path2, options) => {
|
|
185711
|
+
run.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new commander_1.Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <dirs...>", "globs for directories to include from the detection of subprojects (space-separated). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <dirs...>", "globs for directories to exclude from the detection of subprojects (space-separated). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze. Currently NPM, PIP, MAVEN and GO are supported. Default is all supported ecosystems.", (ecosystems) => ecosystems.split(" ").map((e) => e.toUpperCase())).option("--changed-files <files...>", "List of files that have changed. If provided, Coana only analyzes workspaces and modules that contain changed files.").option("--disable-report-submission", "Disable the submission of the report to the Coana dashboard. Used by the pipeline blocking feature.", false).option("--provider-project <path>", "File system path to folder containing the provider project (Only supported for Maven, Gradle, and SBT)").option("--provider-workspaces <dirs...>", "List of workspaces that build the provided runtime environment (Only supported for Maven, Gradle, and SBT)", (paths) => paths.split(" ")).option("--lightweight-reachability", "Runs Coana in lightweight mode. This increases analysis speed but also raises the risk of Coana misclassifying the reachability of certain complex vulnerabilities. Recommended only for use with Coana Guardrails mode.", false).addOption(new commander_1.Option("--run-without-docker", "Run package managers and reachability analyzers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).version(version_1.version).configureHelp({ sortOptions: true }).action(async (path2, options) => {
|
|
185705
185712
|
process.env.DOCKER_IMAGE_TAG ??= version_1.version;
|
|
185706
185713
|
await new cli_core_1.CliCore(path2, options).main();
|
|
185707
185714
|
});
|