@coana-tech/cli 14.0.20 → 14.0.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.js +8 -4
- package/package.json +1 -1
package/cli.js
CHANGED
|
@@ -99474,7 +99474,7 @@ var init_other_modules_communicator = __esm({
|
|
|
99474
99474
|
}
|
|
99475
99475
|
async runInDocker(ecosystem, image, entryPoint, commandName, args2, subprojectPath, tmpDir, env = process.env) {
|
|
99476
99476
|
if (!await pullDockerImage(image)) return false;
|
|
99477
|
-
const envArgs = Object.keys(
|
|
99477
|
+
const envArgs = Object.keys(env).filter((key) => DOCKER_ENV_WHITE_LIST.some((whiteListedKey) => key.includes(whiteListedKey))).flatMap((key) => ["-e", key]);
|
|
99478
99478
|
const cmd = cmdt`docker run --pull=never --rm -v ${this.rootWorkingDir}:/project -v ${tmpDir}:${tmpDir}
|
|
99479
99479
|
-v=${this.options.coanaLogPath}:${this.options.coanaLogPath}
|
|
99480
99480
|
${await getEcosystemSpecificDockerArgs(ecosystem)}
|
|
@@ -127929,6 +127929,9 @@ var init_dependency_types = __esm({
|
|
|
127929
127929
|
});
|
|
127930
127930
|
|
|
127931
127931
|
// ../web-compat-utils/src/vulnerability-grouping.ts
|
|
127932
|
+
function getVulnerabilityIdentifier(packageName, vulnerabilityUrl) {
|
|
127933
|
+
return `${packageName}-${extractGHSAIdFromUrl(vulnerabilityUrl)}`;
|
|
127934
|
+
}
|
|
127932
127935
|
function getVulnerabilityAggregates(vulns) {
|
|
127933
127936
|
const grouped = groupVulnsByUrlAndReachability(vulns, (byVulnInstances) => {
|
|
127934
127937
|
const dependencyTypes = byVulnInstances.map((res) => res.dependencyType);
|
|
@@ -127936,7 +127939,7 @@ function getVulnerabilityAggregates(vulns) {
|
|
|
127936
127939
|
const first2 = byVulnInstances[0];
|
|
127937
127940
|
return {
|
|
127938
127941
|
ecosystem: first2.ecosystem,
|
|
127939
|
-
identifier:
|
|
127942
|
+
identifier: getVulnerabilityIdentifier(first2.packageName ?? "", first2.vulnerabilityUrl),
|
|
127940
127943
|
packageName: first2.packageName,
|
|
127941
127944
|
reachability: first2.reachability,
|
|
127942
127945
|
reportId: first2.reportId,
|
|
@@ -133949,7 +133952,7 @@ function mkTrie() {
|
|
|
133949
133952
|
return { children: {}, leaf: false };
|
|
133950
133953
|
}
|
|
133951
133954
|
function addPathToTrie(root3, vulnPath) {
|
|
133952
|
-
if (!vulnPath.length) return;
|
|
133955
|
+
if (!vulnPath.length) return root3;
|
|
133953
133956
|
let curr = root3;
|
|
133954
133957
|
let i6 = vulnPath.length - 1;
|
|
133955
133958
|
while (i6 >= 0) {
|
|
@@ -133957,6 +133960,7 @@ function addPathToTrie(root3, vulnPath) {
|
|
|
133957
133960
|
--i6;
|
|
133958
133961
|
}
|
|
133959
133962
|
curr.leaf = true;
|
|
133963
|
+
return curr;
|
|
133960
133964
|
}
|
|
133961
133965
|
function isShortestPath(root3, vulnPath) {
|
|
133962
133966
|
let curr = root3;
|
|
@@ -193990,7 +193994,7 @@ var require_version = __commonJS({
|
|
|
193990
193994
|
"use strict";
|
|
193991
193995
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
193992
193996
|
exports2.version = void 0;
|
|
193993
|
-
exports2.version = "14.0.
|
|
193997
|
+
exports2.version = "14.0.21";
|
|
193994
193998
|
}
|
|
193995
193999
|
});
|
|
193996
194000
|
|