@coana-tech/cli 13.19.39 → 14.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.js +23 -5
- package/package.json +1 -1
package/cli.js
CHANGED
|
@@ -130280,6 +130280,23 @@ var init_promise_queue = __esm({
|
|
|
130280
130280
|
}
|
|
130281
130281
|
});
|
|
130282
130282
|
|
|
130283
|
+
// ../web-compat-utils/src/analysis-error-keys.ts
|
|
130284
|
+
var analysis_error_keys_exports = {};
|
|
130285
|
+
__export(analysis_error_keys_exports, {
|
|
130286
|
+
CLI_ANALYSIS_ERROR_MESSAGE: () => CLI_ANALYSIS_ERROR_MESSAGE,
|
|
130287
|
+
FAILED_TO_INSTALL_PACKAGE_KEY: () => FAILED_TO_INSTALL_PACKAGE_KEY,
|
|
130288
|
+
SHARING_LOG_FOR_PYTHON_PROJECT_ERROR_MESSAGE: () => SHARING_LOG_FOR_PYTHON_PROJECT_ERROR_MESSAGE
|
|
130289
|
+
});
|
|
130290
|
+
var FAILED_TO_INSTALL_PACKAGE_KEY, CLI_ANALYSIS_ERROR_MESSAGE, SHARING_LOG_FOR_PYTHON_PROJECT_ERROR_MESSAGE;
|
|
130291
|
+
var init_analysis_error_keys = __esm({
|
|
130292
|
+
"../web-compat-utils/src/analysis-error-keys.ts"() {
|
|
130293
|
+
"use strict";
|
|
130294
|
+
FAILED_TO_INSTALL_PACKAGE_KEY = "[UNABLE_TO_INSTALL_PACKAGE_ERROR]: ";
|
|
130295
|
+
CLI_ANALYSIS_ERROR_MESSAGE = "Sharing log due to analysis error";
|
|
130296
|
+
SHARING_LOG_FOR_PYTHON_PROJECT_ERROR_MESSAGE = "Sharing log file for run including a python project";
|
|
130297
|
+
}
|
|
130298
|
+
});
|
|
130299
|
+
|
|
130283
130300
|
// ../utils/src/vulnerable-paths-utils.ts
|
|
130284
130301
|
var vulnerable_paths_utils_exports = {};
|
|
130285
130302
|
__export(vulnerable_paths_utils_exports, {
|
|
@@ -190057,7 +190074,7 @@ var init_security_auditor = __esm({
|
|
|
190057
190074
|
* If vulnerabilitiesMap is provided, then it's used to look for vulnerabilities instead
|
|
190058
190075
|
* of going through the vulnerability database
|
|
190059
190076
|
*/
|
|
190060
|
-
async findVulnerabilities(packageStructure, vulnerabiliesMap) {
|
|
190077
|
+
async findVulnerabilities(packageStructure, vulnerabiliesMap, enableMissingVulnerabilitySupportReporting = this.enableMissingVulnerabilitySupportReporting) {
|
|
190061
190078
|
const startTime = Date.now();
|
|
190062
190079
|
const vulnerabilitiesFound = [];
|
|
190063
190080
|
const that = this;
|
|
@@ -190103,7 +190120,7 @@ var init_security_auditor = __esm({
|
|
|
190103
190120
|
getEcosystem(vuln),
|
|
190104
190121
|
vuln.url
|
|
190105
190122
|
);
|
|
190106
|
-
if (
|
|
190123
|
+
if (enableMissingVulnerabilitySupportReporting && vulnDetails?.type === "database" && !vulnDetails.data?.demand && !vulnDetails.data?.active) {
|
|
190107
190124
|
that.slackReporter?.reportVulnerabilityWithMissingAccessPathPattern(vuln);
|
|
190108
190125
|
(await that.coanaSupportedVulnerabilitiesDbInterface).registerVulnerabilityWithMissingAccessPathPattern(vuln, that.pms);
|
|
190109
190126
|
}
|
|
@@ -190309,7 +190326,7 @@ var require_version = __commonJS({
|
|
|
190309
190326
|
"use strict";
|
|
190310
190327
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
190311
190328
|
exports2.version = void 0;
|
|
190312
|
-
exports2.version = "
|
|
190329
|
+
exports2.version = "14.0.0";
|
|
190313
190330
|
}
|
|
190314
190331
|
});
|
|
190315
190332
|
|
|
@@ -190335,6 +190352,7 @@ var require_cli_core = __commonJS({
|
|
|
190335
190352
|
var promise_queue_1 = (init_promise_queue(), __toCommonJS(promise_queue_exports));
|
|
190336
190353
|
var spinner_1 = (init_spinner(), __toCommonJS(spinner_exports));
|
|
190337
190354
|
var tmp_file_1 = (init_tmp_file(), __toCommonJS(tmp_file_exports));
|
|
190355
|
+
var analysis_error_keys_1 = (init_analysis_error_keys(), __toCommonJS(analysis_error_keys_exports));
|
|
190338
190356
|
var vulnerable_paths_utils_1 = (init_vulnerable_paths_utils(), __toCommonJS(vulnerable_paths_utils_exports));
|
|
190339
190357
|
var async_1 = (init_async(), __toCommonJS(async_exports));
|
|
190340
190358
|
var dependency_tree_1 = (init_dependency_tree(), __toCommonJS(dependency_tree_exports));
|
|
@@ -190454,9 +190472,9 @@ var require_cli_core = __commonJS({
|
|
|
190454
190472
|
}
|
|
190455
190473
|
if (report.vulnerabilities.some((v) => v.codeAwareScanResult.type === "analysisError")) {
|
|
190456
190474
|
logger_singleton_1.logger.warn("Analysis error detected in the report - sharing log with Coana to help debug the issue");
|
|
190457
|
-
await this.shareErrorLogWithDashboard(new Error(
|
|
190475
|
+
await this.shareErrorLogWithDashboard(new Error(analysis_error_keys_1.CLI_ANALYSIS_ERROR_MESSAGE), false);
|
|
190458
190476
|
} else if (report.vulnerabilities.some((v) => v.ecosystem === "PIP")) {
|
|
190459
|
-
await this.shareErrorLogWithDashboard(new Error(
|
|
190477
|
+
await this.shareErrorLogWithDashboard(new Error(analysis_error_keys_1.SHARING_LOG_FOR_PYTHON_PROJECT_ERROR_MESSAGE), false);
|
|
190460
190478
|
}
|
|
190461
190479
|
if (this.options.runEnv === "MANAGED_SCAN") {
|
|
190462
190480
|
this.shareLogWithDashboard();
|