@coana-tech/cli 14.0.20 → 14.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.js +227 -171
- package/package.json +1 -1
package/cli.js
CHANGED
|
@@ -67427,15 +67427,15 @@ function updateCatalog(update2, map2) {
|
|
|
67427
67427
|
}
|
|
67428
67428
|
}
|
|
67429
67429
|
}
|
|
67430
|
-
var
|
|
67430
|
+
var import_promises3, import_path2, import_yaml, import_lockfile_file, PnpmFixingManager;
|
|
67431
67431
|
var init_pnpm_fixing_manager = __esm({
|
|
67432
67432
|
"../fixing-management/src/fixing-management/npm/pnpm-fixing-manager.ts"() {
|
|
67433
67433
|
"use strict";
|
|
67434
|
+
import_promises3 = require("fs/promises");
|
|
67434
67435
|
import_path2 = require("path");
|
|
67435
|
-
init_npm_utils();
|
|
67436
67436
|
init_command_utils();
|
|
67437
|
+
init_npm_utils();
|
|
67437
67438
|
init_logger_singleton();
|
|
67438
|
-
import_promises3 = require("fs/promises");
|
|
67439
67439
|
import_yaml = __toESM(require_dist());
|
|
67440
67440
|
import_lockfile_file = __toESM(require_lib16());
|
|
67441
67441
|
init_npm_ecosystem_fixing_manager();
|
|
@@ -84521,21 +84521,21 @@ var require_yarnlock_parse_raw = __commonJS({
|
|
|
84521
84521
|
});
|
|
84522
84522
|
|
|
84523
84523
|
// ../fixing-management/src/fixing-management/npm/yarn-fixing-manager.ts
|
|
84524
|
-
var import_promises4, import_path4, import_yarnlock_parse_raw,
|
|
84524
|
+
var import_fs3, import_promises4, import_path4, import_yarnlock_parse_raw, YarnFixingManager;
|
|
84525
84525
|
var init_yarn_fixing_manager = __esm({
|
|
84526
84526
|
"../fixing-management/src/fixing-management/npm/yarn-fixing-manager.ts"() {
|
|
84527
84527
|
"use strict";
|
|
84528
|
+
import_fs3 = require("fs");
|
|
84528
84529
|
import_promises4 = require("fs/promises");
|
|
84529
84530
|
import_path4 = require("path");
|
|
84530
84531
|
init_command_utils();
|
|
84532
|
+
init_npm_utils();
|
|
84531
84533
|
init_package_utils();
|
|
84534
|
+
init_async();
|
|
84532
84535
|
init_logger_singleton();
|
|
84533
84536
|
init_package_utils2();
|
|
84534
84537
|
import_yarnlock_parse_raw = __toESM(require_yarnlock_parse_raw());
|
|
84535
|
-
init_npm_utils();
|
|
84536
84538
|
init_npm_ecosystem_fixing_manager();
|
|
84537
|
-
init_async();
|
|
84538
|
-
import_fs3 = require("fs");
|
|
84539
84539
|
YarnFixingManager = class extends NpmEcosystemFixingManager {
|
|
84540
84540
|
yarnType = this.getYarnType();
|
|
84541
84541
|
getYarnType() {
|
|
@@ -88831,8 +88831,8 @@ var init_go_fixing_manager = __esm({
|
|
|
88831
88831
|
"../fixing-management/src/fixing-management/go/go-fixing-manager.ts"() {
|
|
88832
88832
|
"use strict";
|
|
88833
88833
|
import_path9 = require("path");
|
|
88834
|
-
init_command_utils();
|
|
88835
88834
|
import_semver2 = __toESM(require_semver2());
|
|
88835
|
+
init_command_utils();
|
|
88836
88836
|
init_async();
|
|
88837
88837
|
GoFixingManager = class {
|
|
88838
88838
|
constructor(rootDir, subprojectPath) {
|
|
@@ -95526,6 +95526,38 @@ var init_docker_manager = __esm({
|
|
|
95526
95526
|
}
|
|
95527
95527
|
});
|
|
95528
95528
|
|
|
95529
|
+
// ../utils/src/file-utils.ts
|
|
95530
|
+
function findParent(dir, predicate, wholePath) {
|
|
95531
|
+
let curr = dir;
|
|
95532
|
+
let last2 = dir;
|
|
95533
|
+
do {
|
|
95534
|
+
const name = wholePath ? curr : (0, import_path16.basename)(curr);
|
|
95535
|
+
if (predicate(name)) return curr;
|
|
95536
|
+
last2 = curr;
|
|
95537
|
+
curr = (0, import_path16.resolve)(curr, "..");
|
|
95538
|
+
} while (curr !== last2);
|
|
95539
|
+
return void 0;
|
|
95540
|
+
}
|
|
95541
|
+
async function exists(path2, mode) {
|
|
95542
|
+
try {
|
|
95543
|
+
await (0, import_promises10.access)(path2, mode);
|
|
95544
|
+
return true;
|
|
95545
|
+
} catch {
|
|
95546
|
+
return false;
|
|
95547
|
+
}
|
|
95548
|
+
}
|
|
95549
|
+
var import_promises10, import_lodash4, import_micromatch, import_path16;
|
|
95550
|
+
var init_file_utils = __esm({
|
|
95551
|
+
"../utils/src/file-utils.ts"() {
|
|
95552
|
+
"use strict";
|
|
95553
|
+
import_promises10 = require("fs/promises");
|
|
95554
|
+
import_lodash4 = __toESM(require_lodash());
|
|
95555
|
+
import_micromatch = __toESM(require_micromatch());
|
|
95556
|
+
import_path16 = require("path");
|
|
95557
|
+
init_async();
|
|
95558
|
+
}
|
|
95559
|
+
});
|
|
95560
|
+
|
|
95529
95561
|
// ../utils/src/tmp-file.ts
|
|
95530
95562
|
var tmp_file_exports = {};
|
|
95531
95563
|
__export(tmp_file_exports, {
|
|
@@ -95534,7 +95566,7 @@ __export(tmp_file_exports, {
|
|
|
95534
95566
|
});
|
|
95535
95567
|
async function createTmpDirectory(prefix) {
|
|
95536
95568
|
try {
|
|
95537
|
-
const tmpDir = await (0,
|
|
95569
|
+
const tmpDir = await (0, import_promises11.mkdtemp)((0, import_path17.join)((0, import_os2.tmpdir)(), prefix));
|
|
95538
95570
|
return tmpDir;
|
|
95539
95571
|
} catch (err) {
|
|
95540
95572
|
console.log("Error creating tmp directory", err);
|
|
@@ -95546,16 +95578,16 @@ async function withTmpDirectory(prefix, fn2) {
|
|
|
95546
95578
|
try {
|
|
95547
95579
|
return await fn2(tmpDir);
|
|
95548
95580
|
} finally {
|
|
95549
|
-
await (0,
|
|
95581
|
+
await (0, import_promises11.rm)(tmpDir, { recursive: true, force: true });
|
|
95550
95582
|
}
|
|
95551
95583
|
}
|
|
95552
|
-
var
|
|
95584
|
+
var import_promises11, import_os2, import_path17;
|
|
95553
95585
|
var init_tmp_file = __esm({
|
|
95554
95586
|
"../utils/src/tmp-file.ts"() {
|
|
95555
95587
|
"use strict";
|
|
95556
|
-
|
|
95588
|
+
import_promises11 = require("fs/promises");
|
|
95557
95589
|
import_os2 = require("os");
|
|
95558
|
-
|
|
95590
|
+
import_path17 = require("path");
|
|
95559
95591
|
}
|
|
95560
95592
|
});
|
|
95561
95593
|
|
|
@@ -95636,86 +95668,6 @@ var init_esm_node = __esm({
|
|
|
95636
95668
|
}
|
|
95637
95669
|
});
|
|
95638
95670
|
|
|
95639
|
-
// ../utils/src/file-utils.ts
|
|
95640
|
-
function findParent(dir, predicate, wholePath) {
|
|
95641
|
-
let curr = dir;
|
|
95642
|
-
let last2 = dir;
|
|
95643
|
-
do {
|
|
95644
|
-
const name = wholePath ? curr : (0, import_path17.basename)(curr);
|
|
95645
|
-
if (predicate(name)) return curr;
|
|
95646
|
-
last2 = curr;
|
|
95647
|
-
curr = (0, import_path17.resolve)(curr, "..");
|
|
95648
|
-
} while (curr !== last2);
|
|
95649
|
-
return void 0;
|
|
95650
|
-
}
|
|
95651
|
-
async function exists(path2, mode) {
|
|
95652
|
-
try {
|
|
95653
|
-
await (0, import_promises11.access)(path2, mode);
|
|
95654
|
-
return true;
|
|
95655
|
-
} catch {
|
|
95656
|
-
return false;
|
|
95657
|
-
}
|
|
95658
|
-
}
|
|
95659
|
-
var import_promises11, import_lodash4, import_micromatch, import_path17;
|
|
95660
|
-
var init_file_utils = __esm({
|
|
95661
|
-
"../utils/src/file-utils.ts"() {
|
|
95662
|
-
"use strict";
|
|
95663
|
-
import_promises11 = require("fs/promises");
|
|
95664
|
-
import_lodash4 = __toESM(require_lodash());
|
|
95665
|
-
import_micromatch = __toESM(require_micromatch());
|
|
95666
|
-
import_path17 = require("path");
|
|
95667
|
-
init_async();
|
|
95668
|
-
}
|
|
95669
|
-
});
|
|
95670
|
-
|
|
95671
|
-
// ../utils/src/constants.ts
|
|
95672
|
-
var import_path18, import_lodash5, COANA_ROOT2, COANA_REPOS_PATH, REQUIREMENTS_FILES_SEARCH_DEPTH;
|
|
95673
|
-
var init_constants2 = __esm({
|
|
95674
|
-
"../utils/src/constants.ts"() {
|
|
95675
|
-
"use strict";
|
|
95676
|
-
import_path18 = require("path");
|
|
95677
|
-
init_file_utils();
|
|
95678
|
-
import_lodash5 = __toESM(require_lodash());
|
|
95679
|
-
COANA_ROOT2 = (0, import_lodash5.once)(() => {
|
|
95680
|
-
const coanaRoot = process.env.COANA_ROOT ?? findParent(__dirname, (d2) => ["coana-package-manager", "coana"].includes(d2));
|
|
95681
|
-
if (!coanaRoot) {
|
|
95682
|
-
throw new Error("COANA_ROOT not set and could not be found");
|
|
95683
|
-
}
|
|
95684
|
-
return coanaRoot;
|
|
95685
|
-
});
|
|
95686
|
-
COANA_REPOS_PATH = (0, import_lodash5.once)(() => {
|
|
95687
|
-
return process.env.COANA_REPOS_PATH ?? (0, import_path18.resolve)(COANA_ROOT2(), "coana-repos");
|
|
95688
|
-
});
|
|
95689
|
-
REQUIREMENTS_FILES_SEARCH_DEPTH = 2;
|
|
95690
|
-
}
|
|
95691
|
-
});
|
|
95692
|
-
|
|
95693
|
-
// ../other-modules-communicator/src/constants.ts
|
|
95694
|
-
var import_lodash6, import_path19, PACKAGE_MANAGER_SCRIPT_PATH, REACHABILITY_ANALYZERS_SCRIPT_PATH, DOCKER_ENV_WHITE_LIST;
|
|
95695
|
-
var init_constants3 = __esm({
|
|
95696
|
-
"../other-modules-communicator/src/constants.ts"() {
|
|
95697
|
-
"use strict";
|
|
95698
|
-
import_lodash6 = __toESM(require_lodash());
|
|
95699
|
-
import_path19 = require("path");
|
|
95700
|
-
init_constants2();
|
|
95701
|
-
PACKAGE_MANAGER_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
95702
|
-
return process.env.PACKAGE_MANAGER_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "package-management", "dist", "package-management-cli.js");
|
|
95703
|
-
});
|
|
95704
|
-
REACHABILITY_ANALYZERS_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
95705
|
-
return process.env.REACHABILITY_ANALYZERS_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "reachability-analyzers", "dist", "reachability-analyzers-cli.js");
|
|
95706
|
-
});
|
|
95707
|
-
DOCKER_ENV_WHITE_LIST = [
|
|
95708
|
-
"GITHUB_",
|
|
95709
|
-
"GH_",
|
|
95710
|
-
"SSH_",
|
|
95711
|
-
"_PASSWORD",
|
|
95712
|
-
"_USER",
|
|
95713
|
-
"COANA_REPORT_ID",
|
|
95714
|
-
"COANA_API_KEY"
|
|
95715
|
-
];
|
|
95716
|
-
}
|
|
95717
|
-
});
|
|
95718
|
-
|
|
95719
95671
|
// ../../node_modules/.pnpm/remeda@2.17.4/node_modules/remeda/dist/chunk-SUASHYJW.cjs
|
|
95720
95672
|
var require_chunk_SUASHYJW = __commonJS({
|
|
95721
95673
|
"../../node_modules/.pnpm/remeda@2.17.4/node_modules/remeda/dist/chunk-SUASHYJW.cjs"(exports2) {
|
|
@@ -99289,6 +99241,54 @@ var require_ecosystem_support = __commonJS({
|
|
|
99289
99241
|
}
|
|
99290
99242
|
});
|
|
99291
99243
|
|
|
99244
|
+
// ../utils/src/constants.ts
|
|
99245
|
+
var import_path18, import_lodash5, COANA_ROOT2, COANA_REPOS_PATH, REQUIREMENTS_FILES_SEARCH_DEPTH;
|
|
99246
|
+
var init_constants2 = __esm({
|
|
99247
|
+
"../utils/src/constants.ts"() {
|
|
99248
|
+
"use strict";
|
|
99249
|
+
import_path18 = require("path");
|
|
99250
|
+
init_file_utils();
|
|
99251
|
+
import_lodash5 = __toESM(require_lodash());
|
|
99252
|
+
COANA_ROOT2 = (0, import_lodash5.once)(() => {
|
|
99253
|
+
const coanaRoot = process.env.COANA_ROOT ?? findParent(__dirname, (d2) => ["coana-package-manager", "coana"].includes(d2));
|
|
99254
|
+
if (!coanaRoot) {
|
|
99255
|
+
throw new Error("COANA_ROOT not set and could not be found");
|
|
99256
|
+
}
|
|
99257
|
+
return coanaRoot;
|
|
99258
|
+
});
|
|
99259
|
+
COANA_REPOS_PATH = (0, import_lodash5.once)(() => {
|
|
99260
|
+
return process.env.COANA_REPOS_PATH ?? (0, import_path18.resolve)(COANA_ROOT2(), "coana-repos");
|
|
99261
|
+
});
|
|
99262
|
+
REQUIREMENTS_FILES_SEARCH_DEPTH = 2;
|
|
99263
|
+
}
|
|
99264
|
+
});
|
|
99265
|
+
|
|
99266
|
+
// ../other-modules-communicator/src/constants.ts
|
|
99267
|
+
var import_lodash6, import_path19, PACKAGE_MANAGER_SCRIPT_PATH, REACHABILITY_ANALYZERS_SCRIPT_PATH, DOCKER_ENV_WHITE_LIST;
|
|
99268
|
+
var init_constants3 = __esm({
|
|
99269
|
+
"../other-modules-communicator/src/constants.ts"() {
|
|
99270
|
+
"use strict";
|
|
99271
|
+
import_lodash6 = __toESM(require_lodash());
|
|
99272
|
+
import_path19 = require("path");
|
|
99273
|
+
init_constants2();
|
|
99274
|
+
PACKAGE_MANAGER_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
99275
|
+
return process.env.PACKAGE_MANAGER_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "package-management", "dist", "package-management-cli.js");
|
|
99276
|
+
});
|
|
99277
|
+
REACHABILITY_ANALYZERS_SCRIPT_PATH = (0, import_lodash6.once)(() => {
|
|
99278
|
+
return process.env.REACHABILITY_ANALYZERS_SCRIPT_PATH ?? (0, import_path19.resolve)(COANA_ROOT2(), "packages", "reachability-analyzers", "dist", "reachability-analyzers-cli.js");
|
|
99279
|
+
});
|
|
99280
|
+
DOCKER_ENV_WHITE_LIST = [
|
|
99281
|
+
"GITHUB_",
|
|
99282
|
+
"GH_",
|
|
99283
|
+
"SSH_",
|
|
99284
|
+
"_PASSWORD",
|
|
99285
|
+
"_USER",
|
|
99286
|
+
"COANA_REPORT_ID",
|
|
99287
|
+
"COANA_API_KEY"
|
|
99288
|
+
];
|
|
99289
|
+
}
|
|
99290
|
+
});
|
|
99291
|
+
|
|
99292
99292
|
// ../other-modules-communicator/src/other-modules-communicator.ts
|
|
99293
99293
|
var other_modules_communicator_exports = {};
|
|
99294
99294
|
__export(other_modules_communicator_exports, {
|
|
@@ -99304,30 +99304,31 @@ async function getEcosystemSpecificDockerArgs(ecosystem) {
|
|
|
99304
99304
|
}
|
|
99305
99305
|
return [];
|
|
99306
99306
|
}
|
|
99307
|
-
var import_promises12, import_lodash7, import_os3, import_path20,
|
|
99307
|
+
var import_child_process2, import_fs10, import_promises12, import_lodash7, import_os3, import_path20, import_ecosystem_support2, import_logger_singleton7, pullDockerImage, OtherModulesCommunicator, setUpGoModuleCache;
|
|
99308
99308
|
var init_other_modules_communicator = __esm({
|
|
99309
99309
|
"../other-modules-communicator/src/other-modules-communicator.ts"() {
|
|
99310
99310
|
"use strict";
|
|
99311
|
+
import_child_process2 = require("child_process");
|
|
99311
99312
|
init_docker_manager();
|
|
99313
|
+
import_fs10 = require("fs");
|
|
99312
99314
|
import_promises12 = require("fs/promises");
|
|
99313
99315
|
import_lodash7 = __toESM(require_lodash());
|
|
99314
99316
|
import_os3 = require("os");
|
|
99315
99317
|
import_path20 = require("path");
|
|
99316
99318
|
init_command_utils();
|
|
99319
|
+
init_file_utils();
|
|
99320
|
+
init_spinner();
|
|
99317
99321
|
init_tmp_file();
|
|
99318
99322
|
init_esm_node();
|
|
99323
|
+
import_ecosystem_support2 = __toESM(require_ecosystem_support());
|
|
99319
99324
|
import_logger_singleton7 = __toESM(require_logger_singleton());
|
|
99320
99325
|
init_constants3();
|
|
99321
|
-
init_spinner();
|
|
99322
|
-
init_file_utils();
|
|
99323
|
-
import_fs10 = require("fs");
|
|
99324
|
-
import_child_process2 = require("child_process");
|
|
99325
|
-
import_ecosystem_support2 = __toESM(require_ecosystem_support());
|
|
99326
99326
|
pullDockerImage = (0, import_lodash7.memoize)(async (image) => execPipeAndLogOnFailure(["docker", "pull", image]));
|
|
99327
99327
|
OtherModulesCommunicator = class {
|
|
99328
|
-
constructor(rootWorkingDir, options) {
|
|
99328
|
+
constructor(rootWorkingDir, options, apiKey) {
|
|
99329
99329
|
this.rootWorkingDir = rootWorkingDir;
|
|
99330
99330
|
this.options = options;
|
|
99331
|
+
this.apiKey = apiKey;
|
|
99331
99332
|
}
|
|
99332
99333
|
// Memoize temporary directory per subprojectPath
|
|
99333
99334
|
getTmpDirForSubproject = (0, import_lodash7.memoize)(
|
|
@@ -99415,7 +99416,11 @@ var init_other_modules_communicator = __esm({
|
|
|
99415
99416
|
subprojectPath,
|
|
99416
99417
|
[...args2, "-o", outputFilePath],
|
|
99417
99418
|
extraDockerArgs,
|
|
99418
|
-
{
|
|
99419
|
+
{
|
|
99420
|
+
...env ?? process.env,
|
|
99421
|
+
COANA_REPORT_ID: this.options.reportId,
|
|
99422
|
+
COANA_API_KEY: this.apiKey.type === "present" ? this.apiKey.value : ""
|
|
99423
|
+
}
|
|
99419
99424
|
);
|
|
99420
99425
|
return JSON.parse(await (0, import_promises12.readFile)(outputFilePath, "utf-8")).result;
|
|
99421
99426
|
}
|
|
@@ -99474,7 +99479,7 @@ var init_other_modules_communicator = __esm({
|
|
|
99474
99479
|
}
|
|
99475
99480
|
async runInDocker(ecosystem, image, entryPoint, commandName, args2, subprojectPath, tmpDir, env = process.env) {
|
|
99476
99481
|
if (!await pullDockerImage(image)) return false;
|
|
99477
|
-
const envArgs = Object.keys(
|
|
99482
|
+
const envArgs = Object.keys(env).filter((key) => DOCKER_ENV_WHITE_LIST.some((whiteListedKey) => key.includes(whiteListedKey))).flatMap((key) => ["-e", key]);
|
|
99478
99483
|
const cmd = cmdt`docker run --pull=never --rm -v ${this.rootWorkingDir}:/project -v ${tmpDir}:${tmpDir}
|
|
99479
99484
|
-v=${this.options.coanaLogPath}:${this.options.coanaLogPath}
|
|
99480
99485
|
${await getEcosystemSpecificDockerArgs(ecosystem)}
|
|
@@ -99550,7 +99555,11 @@ var init_other_modules_communicator = __esm({
|
|
|
99550
99555
|
subprojectPath,
|
|
99551
99556
|
workspacePath,
|
|
99552
99557
|
argt`-i ${inputFile}`,
|
|
99553
|
-
{
|
|
99558
|
+
{
|
|
99559
|
+
...process.env,
|
|
99560
|
+
COANA_REPORT_ID: this.options.reportId,
|
|
99561
|
+
COANA_API_KEY: this.apiKey.type === "present" ? this.apiKey.value : ""
|
|
99562
|
+
}
|
|
99554
99563
|
);
|
|
99555
99564
|
}
|
|
99556
99565
|
};
|
|
@@ -127077,8 +127086,9 @@ __export(dashboard_integration_exports, {
|
|
|
127077
127086
|
submitSubprojects: () => submitSubprojects
|
|
127078
127087
|
});
|
|
127079
127088
|
async function createReport(repoUrl, projectName, cliVersion, commitSha, branchName, cliOptions, apiKey, cliRunEnv) {
|
|
127089
|
+
if (apiKey.type === "missing") throw new Error("Don't call createReport with a missing apiKey");
|
|
127080
127090
|
try {
|
|
127081
|
-
return (await sendPostRequest(coanaAPIUrls.CREATE_REPORT, apiKey, { repoUrl, projectName }, {
|
|
127091
|
+
return (await sendPostRequest(coanaAPIUrls.CREATE_REPORT, apiKey.value, { repoUrl, projectName }, {
|
|
127082
127092
|
reportType: "v6",
|
|
127083
127093
|
cliVersion,
|
|
127084
127094
|
commitSha,
|
|
@@ -127092,20 +127102,25 @@ async function createReport(repoUrl, projectName, cliVersion, commitSha, branchN
|
|
|
127092
127102
|
}
|
|
127093
127103
|
}
|
|
127094
127104
|
async function submitSubprojects(subprojects, reportId, apiKey) {
|
|
127095
|
-
if (!reportId) return;
|
|
127105
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127096
127106
|
try {
|
|
127097
|
-
await sendPostRequest(
|
|
127107
|
+
await sendPostRequest(
|
|
127108
|
+
`${coanaAPIUrls.REPORT_SUBPROJECTS.replace(":reportId", reportId)}`,
|
|
127109
|
+
apiKey.value,
|
|
127110
|
+
{},
|
|
127111
|
+
subprojects
|
|
127112
|
+
);
|
|
127098
127113
|
} catch (e) {
|
|
127099
127114
|
sendWarningToDashboard("Unable to submit subprojects", { reportId }, subprojects, reportId, apiKey);
|
|
127100
127115
|
logger.warn("Unable to submit subprojects:", e.message);
|
|
127101
127116
|
}
|
|
127102
127117
|
}
|
|
127103
127118
|
async function createAnalysisMetadata(subprojectPath, workspacePath, ecosystem, analysisMetadata, reportId, apiKey) {
|
|
127104
|
-
if (!reportId) return;
|
|
127119
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127105
127120
|
try {
|
|
127106
127121
|
await sendPostRequest(
|
|
127107
127122
|
coanaAPIUrls.CREATE_ANALYSIS_METADATA.replace(":reportId", reportId),
|
|
127108
|
-
apiKey,
|
|
127123
|
+
apiKey.value,
|
|
127109
127124
|
{},
|
|
127110
127125
|
{ subprojectPath, workspacePath, ecosystem, ...analysisMetadata }
|
|
127111
127126
|
);
|
|
@@ -127114,12 +127129,12 @@ async function createAnalysisMetadata(subprojectPath, workspacePath, ecosystem,
|
|
|
127114
127129
|
}
|
|
127115
127130
|
}
|
|
127116
127131
|
async function getBucketsForLastReport(subprojectPath, workspacePath, ecosystem, newReportId, apiKey) {
|
|
127117
|
-
if (!newReportId) return;
|
|
127132
|
+
if (!newReportId || apiKey.type === "missing") return;
|
|
127118
127133
|
try {
|
|
127119
127134
|
return (await axios_default.get(coanaAPIUrls.GET_LATEST_BUCKETS, {
|
|
127120
127135
|
headers: {
|
|
127121
127136
|
"Content-Type": "application/json",
|
|
127122
|
-
apiKey
|
|
127137
|
+
apiKey: apiKey.value
|
|
127123
127138
|
},
|
|
127124
127139
|
params: { newReportId, subprojectPath, workspacePath, ecosystem }
|
|
127125
127140
|
})).data;
|
|
@@ -127136,12 +127151,12 @@ async function getBucketsForLastReport(subprojectPath, workspacePath, ecosystem,
|
|
|
127136
127151
|
}
|
|
127137
127152
|
}
|
|
127138
127153
|
async function getPreviousAnalysisResults(subprojectPath, workspacePath, newReportId, apiKey) {
|
|
127139
|
-
if (!newReportId) return;
|
|
127154
|
+
if (!newReportId || apiKey.type === "missing") return;
|
|
127140
127155
|
try {
|
|
127141
127156
|
return (await axios_default.get(coanaAPIUrls.GET_LATEST_RESULTS, {
|
|
127142
127157
|
headers: {
|
|
127143
127158
|
"Content-Type": "application/json",
|
|
127144
|
-
apiKey
|
|
127159
|
+
apiKey: apiKey.value
|
|
127145
127160
|
},
|
|
127146
127161
|
params: { newReportId, subprojectPath, workspacePath }
|
|
127147
127162
|
})).data;
|
|
@@ -127160,11 +127175,11 @@ async function getPreviousAnalysisResults(subprojectPath, workspacePath, newRepo
|
|
|
127160
127175
|
}
|
|
127161
127176
|
}
|
|
127162
127177
|
async function sendRegressionsToDashboard(regressions, subprojectPath, workspacePath, reportId, apiKey) {
|
|
127163
|
-
if (!reportId) return;
|
|
127178
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127164
127179
|
try {
|
|
127165
127180
|
await sendPostRequest(
|
|
127166
127181
|
coanaAPIUrls.CREATE_REGRESSIONS.replace(":reportId", reportId),
|
|
127167
|
-
apiKey,
|
|
127182
|
+
apiKey.value,
|
|
127168
127183
|
{ subprojectPath, workspacePath },
|
|
127169
127184
|
regressions
|
|
127170
127185
|
);
|
|
@@ -127183,12 +127198,12 @@ async function sendRegressionsToDashboard(regressions, subprojectPath, workspace
|
|
|
127183
127198
|
}
|
|
127184
127199
|
}
|
|
127185
127200
|
async function getExperimentName(subprojectPath, workspacePath, ecosystem, reportId, apiKey) {
|
|
127186
|
-
if (!reportId) return;
|
|
127201
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127187
127202
|
try {
|
|
127188
127203
|
return (await axios_default.get(coanaAPIUrls.GET_EXPERIMENT_NAME, {
|
|
127189
127204
|
headers: {
|
|
127190
127205
|
"Content-Type": "application/json",
|
|
127191
|
-
apiKey
|
|
127206
|
+
apiKey: apiKey.value
|
|
127192
127207
|
},
|
|
127193
127208
|
params: { subprojectPath, workspacePath, ecosystem, reportId }
|
|
127194
127209
|
})).data;
|
|
@@ -127203,11 +127218,11 @@ async function getExperimentName(subprojectPath, workspacePath, ecosystem, repor
|
|
|
127203
127218
|
}
|
|
127204
127219
|
}
|
|
127205
127220
|
async function sendCLIProgressToDashboard(cliProgressEvent, isStartEvent, reportId, apiKey) {
|
|
127206
|
-
if (!reportId) return;
|
|
127221
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127207
127222
|
try {
|
|
127208
127223
|
await sendPostRequest(
|
|
127209
127224
|
coanaAPIUrls.REPORT_CLI_PROGRESS.replace(":reportId", reportId),
|
|
127210
|
-
apiKey,
|
|
127225
|
+
apiKey.value,
|
|
127211
127226
|
{ isStartEvent, time: (/* @__PURE__ */ new Date()).toISOString() },
|
|
127212
127227
|
cliProgressEvent
|
|
127213
127228
|
);
|
|
@@ -127216,18 +127231,24 @@ async function sendCLIProgressToDashboard(cliProgressEvent, isStartEvent, report
|
|
|
127216
127231
|
}
|
|
127217
127232
|
}
|
|
127218
127233
|
async function sendWarningToDashboard(message2, data2, additionalData, reportId, apiKey) {
|
|
127219
|
-
if (!reportId) return;
|
|
127234
|
+
if (!reportId || apiKey.type === "missing") return;
|
|
127220
127235
|
try {
|
|
127221
|
-
await sendPostRequest(
|
|
127236
|
+
await sendPostRequest(
|
|
127237
|
+
coanaAPIUrls.SUBMIT_REPORT_WARNING,
|
|
127238
|
+
apiKey.value,
|
|
127239
|
+
{ reportId },
|
|
127240
|
+
{ message: message2, data: data2, additionalData }
|
|
127241
|
+
);
|
|
127222
127242
|
} catch (error) {
|
|
127223
127243
|
handleError(error, "Error sending warning to dashboard", false);
|
|
127224
127244
|
}
|
|
127225
127245
|
}
|
|
127226
127246
|
async function sendDependencyTreesToDashboard(dependencyTrees, reportId, apiKey) {
|
|
127247
|
+
if (apiKey.type === "missing") return;
|
|
127227
127248
|
try {
|
|
127228
127249
|
await sendPostRequest(
|
|
127229
127250
|
coanaAPIUrls.SEND_DEPENDENCY_TREES.replace(":reportId", reportId),
|
|
127230
|
-
apiKey,
|
|
127251
|
+
apiKey.value,
|
|
127231
127252
|
{},
|
|
127232
127253
|
dependencyTrees
|
|
127233
127254
|
);
|
|
@@ -127237,6 +127258,7 @@ async function sendDependencyTreesToDashboard(dependencyTrees, reportId, apiKey)
|
|
|
127237
127258
|
}
|
|
127238
127259
|
}
|
|
127239
127260
|
async function sendToDashboard(report, writeReportToFile, reportId, apiKey) {
|
|
127261
|
+
if (apiKey.type === "missing") return;
|
|
127240
127262
|
try {
|
|
127241
127263
|
if (writeReportToFile) {
|
|
127242
127264
|
logger.info("Writing report to dashboard-report.json");
|
|
@@ -127246,13 +127268,14 @@ async function sendToDashboard(report, writeReportToFile, reportId, apiKey) {
|
|
|
127246
127268
|
(0, import_artifact.create)().uploadArtifact("dashboard-report", ["dashboard-report.json"], process.cwd());
|
|
127247
127269
|
}
|
|
127248
127270
|
}
|
|
127249
|
-
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT, apiKey, { reportId }, report);
|
|
127271
|
+
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT, apiKey.value, { reportId }, report);
|
|
127250
127272
|
logger.info("Report submitted to dashboard successfully");
|
|
127251
127273
|
} catch (error) {
|
|
127252
127274
|
handleError(error, "Error submitting report to dashboard");
|
|
127253
127275
|
}
|
|
127254
127276
|
}
|
|
127255
127277
|
async function sendErrorReportToDashboard(apiKey, stackTrace, shouldLogSharing, reportId, repoUrl, projectName, logContent) {
|
|
127278
|
+
if (apiKey.type === "missing") return;
|
|
127256
127279
|
if (shouldLogSharing) {
|
|
127257
127280
|
console.log("Sending crash report to Coana");
|
|
127258
127281
|
console.log("The report will help team Coana debug the crash");
|
|
@@ -127263,7 +127286,7 @@ async function sendErrorReportToDashboard(apiKey, stackTrace, shouldLogSharing,
|
|
|
127263
127286
|
stackTrace,
|
|
127264
127287
|
logContent
|
|
127265
127288
|
};
|
|
127266
|
-
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT_ERROR, apiKey, { repoUrl, projectName, reportId }, report);
|
|
127289
|
+
await sendPostRequest(coanaAPIUrls.SUBMIT_REPORT_ERROR, apiKey.value, { repoUrl, projectName, reportId }, report);
|
|
127267
127290
|
if (shouldLogSharing) {
|
|
127268
127291
|
console.log("Crash report submitted to dashboard successfully");
|
|
127269
127292
|
}
|
|
@@ -127299,10 +127322,11 @@ function GET_AXIOS_CLIENT_TESTING_ONLY() {
|
|
|
127299
127322
|
return axiosClient;
|
|
127300
127323
|
}
|
|
127301
127324
|
async function sendLogToDashboard(logContent, reportId, apiKey) {
|
|
127325
|
+
if (apiKey.type === "missing") return;
|
|
127302
127326
|
if (!logContent) return;
|
|
127303
127327
|
logger.info("Sending log to Coana");
|
|
127304
127328
|
try {
|
|
127305
|
-
await sendPostRequest(coanaAPIUrls.SEND_LOG.replace(":reportId", reportId), apiKey, { reportId }, {
|
|
127329
|
+
await sendPostRequest(coanaAPIUrls.SEND_LOG.replace(":reportId", reportId), apiKey.value, { reportId }, {
|
|
127306
127330
|
logContent
|
|
127307
127331
|
});
|
|
127308
127332
|
} catch (error) {
|
|
@@ -127387,10 +127411,15 @@ async function disableRetryOnErrors() {
|
|
|
127387
127411
|
}
|
|
127388
127412
|
async function getVulnerabilities(dependencyTree, apiKey, timeout) {
|
|
127389
127413
|
try {
|
|
127414
|
+
const headers = {
|
|
127415
|
+
"Content-Type": "application/json",
|
|
127416
|
+
...apiKey.type === "present" ? { authorization: `api-key ${apiKey.value}` } : {}
|
|
127417
|
+
};
|
|
127418
|
+
const url2 = apiKey.type === "present" ? ApiUrls.post.fetchVulnerabilities : ApiUrls.post.fetchVulnerabilitiesPublic;
|
|
127390
127419
|
const axiosResponse = await axiosClient2.post(
|
|
127391
|
-
|
|
127420
|
+
url2,
|
|
127392
127421
|
{ dependencyTree: await dependencyTree, version: SECURITY_AUDITOR_VERSION },
|
|
127393
|
-
{ timeout, headers
|
|
127422
|
+
{ timeout, headers }
|
|
127394
127423
|
);
|
|
127395
127424
|
return axiosResponse.data;
|
|
127396
127425
|
} catch (e) {
|
|
@@ -127415,11 +127444,12 @@ async function getFixesFromId(dependencyTree, fixId, timeout) {
|
|
|
127415
127444
|
}
|
|
127416
127445
|
async function getVulnerabilityMetadata(data2, apiKey, timeout) {
|
|
127417
127446
|
try {
|
|
127418
|
-
const
|
|
127419
|
-
|
|
127420
|
-
|
|
127421
|
-
|
|
127422
|
-
|
|
127447
|
+
const url2 = apiKey.type === "present" ? ApiUrls.post.getVulnerabilityMetadata : ApiUrls.post.getVulnerabilityMetadataPublic;
|
|
127448
|
+
const headers = {
|
|
127449
|
+
"Content-Type": "application/json",
|
|
127450
|
+
...apiKey.type === "present" ? { authorization: `api-key ${apiKey.value}` } : {}
|
|
127451
|
+
};
|
|
127452
|
+
const response = await axiosClient2.post(url2, { packages: data2.packages }, { headers, timeout: timeout ?? 2e4 });
|
|
127423
127453
|
return response.data;
|
|
127424
127454
|
} catch (e) {
|
|
127425
127455
|
handleError2(e, "Failed to fetch vulnerability metadata", true);
|
|
@@ -127474,8 +127504,10 @@ var init_security_auditor_api = __esm({
|
|
|
127474
127504
|
ApiUrls = {
|
|
127475
127505
|
post: {
|
|
127476
127506
|
fetchVulnerabilities: `${securityAuditorURL}/security-auditor/audit-dependency-tree`,
|
|
127507
|
+
fetchVulnerabilitiesPublic: `${securityAuditorURL}/security-auditor/audit-dependency-tree-public`,
|
|
127477
127508
|
getFixFromId: `${securityAuditorURL}/security-auditor/get-fix-from-id`,
|
|
127478
|
-
getVulnerabilityMetadata: `${securityAuditorURL}/security-auditor/vulnerability-metadata-with-names
|
|
127509
|
+
getVulnerabilityMetadata: `${securityAuditorURL}/security-auditor/vulnerability-metadata-with-names`,
|
|
127510
|
+
getVulnerabilityMetadataPublic: `${securityAuditorURL}/security-auditor/vulnerability-metadata-with-names-public`
|
|
127479
127511
|
}
|
|
127480
127512
|
};
|
|
127481
127513
|
}
|
|
@@ -127523,7 +127555,9 @@ var require_cli_apply_fix = __commonJS({
|
|
|
127523
127555
|
async function applyFix(path2, fixIds, options) {
|
|
127524
127556
|
logger_singleton_1.logger.initWinstonLogger(options.debug);
|
|
127525
127557
|
logger_singleton_1.logger.silent = options.silent;
|
|
127526
|
-
const otherModulesCommunicator = new other_modules_communicator_1.OtherModulesCommunicator(path2, options
|
|
127558
|
+
const otherModulesCommunicator = new other_modules_communicator_1.OtherModulesCommunicator(path2, options, {
|
|
127559
|
+
type: "missing"
|
|
127560
|
+
});
|
|
127527
127561
|
logger_singleton_1.logger.info(`Applying fixes for ${fixIds.length} fix ${fixIds.length > 1 ? "IDs" : "ID"}`);
|
|
127528
127562
|
const parsedFixIds = fixIds.map((fixId) => {
|
|
127529
127563
|
if (!fixId.startsWith("fix_")) {
|
|
@@ -127929,6 +127963,9 @@ var init_dependency_types = __esm({
|
|
|
127929
127963
|
});
|
|
127930
127964
|
|
|
127931
127965
|
// ../web-compat-utils/src/vulnerability-grouping.ts
|
|
127966
|
+
function getVulnerabilityIdentifier(packageName, vulnerabilityUrl) {
|
|
127967
|
+
return `${packageName}-${extractGHSAIdFromUrl(vulnerabilityUrl)}`;
|
|
127968
|
+
}
|
|
127932
127969
|
function getVulnerabilityAggregates(vulns) {
|
|
127933
127970
|
const grouped = groupVulnsByUrlAndReachability(vulns, (byVulnInstances) => {
|
|
127934
127971
|
const dependencyTypes = byVulnInstances.map((res) => res.dependencyType);
|
|
@@ -127936,7 +127973,7 @@ function getVulnerabilityAggregates(vulns) {
|
|
|
127936
127973
|
const first2 = byVulnInstances[0];
|
|
127937
127974
|
return {
|
|
127938
127975
|
ecosystem: first2.ecosystem,
|
|
127939
|
-
identifier:
|
|
127976
|
+
identifier: getVulnerabilityIdentifier(first2.packageName ?? "", first2.vulnerabilityUrl),
|
|
127940
127977
|
packageName: first2.packageName,
|
|
127941
127978
|
reachability: first2.reachability,
|
|
127942
127979
|
reportId: first2.reportId,
|
|
@@ -132266,9 +132303,6 @@ var require_github_pr_tools = __commonJS({
|
|
|
132266
132303
|
if (!token) {
|
|
132267
132304
|
throw new Error("No GitHub token provided. Can't add a comment to the pull request.");
|
|
132268
132305
|
}
|
|
132269
|
-
if (!this.apiKey) {
|
|
132270
|
-
throw new Error("No Coana API key provided. Can't add a comment to the pull request.");
|
|
132271
|
-
}
|
|
132272
132306
|
const pullRequest = githubContext.payload.pull_request;
|
|
132273
132307
|
if (!pullRequest) {
|
|
132274
132308
|
this.context = { enabled: false };
|
|
@@ -132508,7 +132542,8 @@ var require_cli_compare_reports = __commonJS({
|
|
|
132508
132542
|
await compareReportsWithDiff(diff, options, newReport);
|
|
132509
132543
|
}
|
|
132510
132544
|
async function compareReportsWithDiff(diff, options, newReport) {
|
|
132511
|
-
const
|
|
132545
|
+
const apiKey = options.apiKey ? { type: "present", value: options.apiKey } : { type: "missing" };
|
|
132546
|
+
const ghPRTools = new github_pr_tools_1.GitHubPRTools(apiKey, options.prComment);
|
|
132512
132547
|
const ignoredGHSAs = await ghPRTools.getIgnoredGHSAs();
|
|
132513
132548
|
console.log(`Ignoring the following GHSA IDs: ${ignoredGHSAs.join(", ")}`);
|
|
132514
132549
|
const nonIgnoredDiff = diff.filter((vuln) => !ignoredGHSAs.includes((0, ghsa_1.extractGHSAIdFromUrl)(vuln.vulnerabilityUrl) ?? ""));
|
|
@@ -133771,9 +133806,9 @@ var init_project_manager = __esm({
|
|
|
133771
133806
|
"../project-management/src/project-management/project-manager.ts"() {
|
|
133772
133807
|
"use strict";
|
|
133773
133808
|
import_path23 = require("path");
|
|
133809
|
+
init_ecosystem_support();
|
|
133774
133810
|
init_ecosystem_manager();
|
|
133775
133811
|
init_ecosystem_specs();
|
|
133776
|
-
init_ecosystem_support();
|
|
133777
133812
|
ProjectManager = class _ProjectManager {
|
|
133778
133813
|
constructor(ecosystemToEcosystemManager, projectDir, otherModulesCommunicator) {
|
|
133779
133814
|
this.ecosystemToEcosystemManager = ecosystemToEcosystemManager;
|
|
@@ -133949,7 +133984,7 @@ function mkTrie() {
|
|
|
133949
133984
|
return { children: {}, leaf: false };
|
|
133950
133985
|
}
|
|
133951
133986
|
function addPathToTrie(root3, vulnPath) {
|
|
133952
|
-
if (!vulnPath.length) return;
|
|
133987
|
+
if (!vulnPath.length) return root3;
|
|
133953
133988
|
let curr = root3;
|
|
133954
133989
|
let i6 = vulnPath.length - 1;
|
|
133955
133990
|
while (i6 >= 0) {
|
|
@@ -133957,6 +133992,7 @@ function addPathToTrie(root3, vulnPath) {
|
|
|
133957
133992
|
--i6;
|
|
133958
133993
|
}
|
|
133959
133994
|
curr.leaf = true;
|
|
133995
|
+
return curr;
|
|
133960
133996
|
}
|
|
133961
133997
|
function isShortestPath(root3, vulnPath) {
|
|
133962
133998
|
let curr = root3;
|
|
@@ -193953,8 +193989,8 @@ var require_vulnerability_scanning = __commonJS({
|
|
|
193953
193989
|
if (offlineVulnerabilityScannerDBPath) {
|
|
193954
193990
|
return await offlineScan(dependencyTree, offlineVulnerabilityScannerDBPath);
|
|
193955
193991
|
} else {
|
|
193956
|
-
if (!
|
|
193957
|
-
throw new Error("
|
|
193992
|
+
if (!timeout) {
|
|
193993
|
+
throw new Error("A timeout value is required for online vulnerability scanning");
|
|
193958
193994
|
}
|
|
193959
193995
|
return await onlineScan(dependencyTree, apiKey, timeout);
|
|
193960
193996
|
}
|
|
@@ -193990,7 +194026,7 @@ var require_version = __commonJS({
|
|
|
193990
194026
|
"use strict";
|
|
193991
194027
|
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
193992
194028
|
exports2.version = void 0;
|
|
193993
|
-
exports2.version = "14.0
|
|
194029
|
+
exports2.version = "14.1.0";
|
|
193994
194030
|
}
|
|
193995
194031
|
});
|
|
193996
194032
|
|
|
@@ -194036,6 +194072,9 @@ var require_cli_core = __commonJS({
|
|
|
194036
194072
|
coanaLogPath = "";
|
|
194037
194073
|
shareWithDashboard;
|
|
194038
194074
|
reportId;
|
|
194075
|
+
apiKey = {
|
|
194076
|
+
type: "missing"
|
|
194077
|
+
};
|
|
194039
194078
|
constructor(rootWorkingDirectory, options) {
|
|
194040
194079
|
this.options = options;
|
|
194041
194080
|
this.analysisMemoryLimitInMb = +this.options.memoryLimit;
|
|
@@ -194049,20 +194088,42 @@ var require_cli_core = __commonJS({
|
|
|
194049
194088
|
this.spinner = spinner_1.Spinner.instance({ text: "Running Coana CLI", isSilent: this.options.silent });
|
|
194050
194089
|
this.shareWithDashboard = !!(this.options.apiKey && !this.options.disableReportSubmission && (this.options.repoUrl ?? this.options.projectName));
|
|
194051
194090
|
}
|
|
194091
|
+
verifyApiKey(key) {
|
|
194092
|
+
const checkIfApiKeyIsEmptyMessage = "You may be trying to provide the API key through an environment variable or CI secret which is either undefined or empty.";
|
|
194093
|
+
if (key === "api-key-unavailable") {
|
|
194094
|
+
throw new Error("API key is is 'api-key-unavailable'. This is likely a default value assigned because you forgot to provide the API key as a secret in your CI environment.");
|
|
194095
|
+
}
|
|
194096
|
+
if (key.length < 15 && key.startsWith("-")) {
|
|
194097
|
+
throw new Error(`The provided API key '${key}' is invalid. ${checkIfApiKeyIsEmptyMessage}`);
|
|
194098
|
+
}
|
|
194099
|
+
if (key.length < 20 || key.length > 21) {
|
|
194100
|
+
throw new Error(`The provided API key is invalid. ${checkIfApiKeyIsEmptyMessage}`);
|
|
194101
|
+
}
|
|
194102
|
+
}
|
|
194052
194103
|
verifyOptions() {
|
|
194053
194104
|
if (this.options.writeReportToFile) {
|
|
194054
194105
|
logger_singleton_1.logger.warn("--write-report-to-file is deprecated. Please use --output json instead");
|
|
194055
194106
|
}
|
|
194056
|
-
if (!this.options.offlineDatabase && !this.options.apiKey) {
|
|
194107
|
+
if (!this.options.offlineDatabase && !this.options.apiKey && !this.options.guardrailMode) {
|
|
194057
194108
|
throw new Error("An API key is required to run the Coana CLI");
|
|
194058
194109
|
}
|
|
194110
|
+
if (this.options.guardrailMode) {
|
|
194111
|
+
this.options.disableReportSubmission = true;
|
|
194112
|
+
}
|
|
194059
194113
|
if (this.options.apiKey) {
|
|
194060
|
-
|
|
194061
|
-
|
|
194062
|
-
|
|
194063
|
-
|
|
194064
|
-
|
|
194065
|
-
|
|
194114
|
+
try {
|
|
194115
|
+
this.verifyApiKey(this.options.apiKey);
|
|
194116
|
+
this.apiKey = {
|
|
194117
|
+
type: "present",
|
|
194118
|
+
value: this.options.apiKey
|
|
194119
|
+
};
|
|
194120
|
+
} catch (e) {
|
|
194121
|
+
if (this.options.guardrailMode) {
|
|
194122
|
+
logger_singleton_1.logger.warn("API key is missing or invalid. Continuing in unauthenticated guardrail mode.");
|
|
194123
|
+
this.apiKey = { type: "missing" };
|
|
194124
|
+
} else {
|
|
194125
|
+
throw e;
|
|
194126
|
+
}
|
|
194066
194127
|
}
|
|
194067
194128
|
}
|
|
194068
194129
|
if (!this.options.repoUrl && !this.options.projectName && !this.options.disableReportSubmission) {
|
|
@@ -194090,9 +194151,9 @@ var require_cli_core = __commonJS({
|
|
|
194090
194151
|
}
|
|
194091
194152
|
this.spinner.start();
|
|
194092
194153
|
try {
|
|
194093
|
-
if (this.shareWithDashboard) {
|
|
194154
|
+
if (this.shareWithDashboard && this.apiKey.type === "present") {
|
|
194094
194155
|
const gitData = await getGitDataToMetadataIfAvailable(this.rootWorkingDirectory);
|
|
194095
|
-
this.reportId = await (0, dashboard_integration_1.createReport)(this.options.repoUrl, this.options.projectName, version_12.version, gitData?.sha, gitData?.branchName, (0, lodash_1.omit)(this.options, "apiKey", "print-report", "repoUrl", "projectName", "writeReportToFile"), this.
|
|
194156
|
+
this.reportId = await (0, dashboard_integration_1.createReport)(this.options.repoUrl, this.options.projectName, version_12.version, gitData?.sha, gitData?.branchName, (0, lodash_1.omit)(this.options, "apiKey", "print-report", "repoUrl", "projectName", "writeReportToFile"), this.apiKey, this.options.runEnv);
|
|
194096
194157
|
}
|
|
194097
194158
|
const report = await this.computeReport();
|
|
194098
194159
|
logger_singleton_1.logger.info("Report computed successfully");
|
|
@@ -194119,13 +194180,11 @@ var require_cli_core = __commonJS({
|
|
|
194119
194180
|
return logContent;
|
|
194120
194181
|
}
|
|
194121
194182
|
async shareErrorLogWithDashboard(e, shouldLogSharing) {
|
|
194122
|
-
|
|
194123
|
-
await (0, dashboard_integration_1.sendErrorReportToDashboard)(this.options.apiKey, e.stack ?? e.message ?? "Unknown stack trace", shouldLogSharing, this.reportId, this.options.repoUrl, this.options.projectName, await this.getLogContent());
|
|
194124
|
-
}
|
|
194183
|
+
await (0, dashboard_integration_1.sendErrorReportToDashboard)(this.apiKey, e.stack ?? e.message ?? "Unknown stack trace", shouldLogSharing, this.reportId, this.options.repoUrl, this.options.projectName, await this.getLogContent());
|
|
194125
194184
|
}
|
|
194126
194185
|
async shareLogWithDashboard() {
|
|
194127
|
-
if (this.
|
|
194128
|
-
await (0, dashboard_integration_1.sendLogToDashboard)(await this.getLogContent(), this.reportId, this.
|
|
194186
|
+
if (this.reportId)
|
|
194187
|
+
await (0, dashboard_integration_1.sendLogToDashboard)(await this.getLogContent(), this.reportId, this.apiKey);
|
|
194129
194188
|
}
|
|
194130
194189
|
async outputAndShareReport(report) {
|
|
194131
194190
|
const outputDir = this.options.outputDir;
|
|
@@ -194135,7 +194194,7 @@ var require_cli_core = __commonJS({
|
|
|
194135
194194
|
(0, fs_1.writeFileSync)(jsonReportPath, JSON.stringify(report, null, 2));
|
|
194136
194195
|
logger_singleton_1.logger.info(kleur_1.default.green(`JSON report written to: ${jsonReportPath}`));
|
|
194137
194196
|
}
|
|
194138
|
-
const shareWithDashboard = this.
|
|
194197
|
+
const shareWithDashboard = this.apiKey.type === "present" && !this.options.disableReportSubmission && (this.options.repoUrl ?? this.options.projectName);
|
|
194139
194198
|
if (!shareWithDashboard) {
|
|
194140
194199
|
if (this.options.offlineDatabase) {
|
|
194141
194200
|
logger_singleton_1.logger.info("Running in offline mode. Skipping report submission to the dashboard");
|
|
@@ -194146,7 +194205,7 @@ var require_cli_core = __commonJS({
|
|
|
194146
194205
|
}
|
|
194147
194206
|
if (shareWithDashboard) {
|
|
194148
194207
|
logger_singleton_1.logger.info("Submitting report to the dashboard");
|
|
194149
|
-
await (0, dashboard_integration_1.sendToDashboard)(report, this.options.writeReportToFile, this.reportId, this.
|
|
194208
|
+
await (0, dashboard_integration_1.sendToDashboard)(report, this.options.writeReportToFile, this.reportId, this.apiKey);
|
|
194150
194209
|
}
|
|
194151
194210
|
if (report.vulnerabilities.some((v) => v.codeAwareScanResult.type === "analysisError")) {
|
|
194152
194211
|
logger_singleton_1.logger.warn("Analysis error detected in the report - sharing log with Coana to help debug the issue");
|
|
@@ -194165,9 +194224,8 @@ var require_cli_core = __commonJS({
|
|
|
194165
194224
|
debug: this.options.debug,
|
|
194166
194225
|
silent: this.options.silent,
|
|
194167
194226
|
coanaLogPath: this.coanaLogPath,
|
|
194168
|
-
reportId: this.reportId
|
|
194169
|
-
|
|
194170
|
-
});
|
|
194227
|
+
reportId: this.reportId
|
|
194228
|
+
}, this.apiKey);
|
|
194171
194229
|
const startTime = (/* @__PURE__ */ new Date()).toISOString();
|
|
194172
194230
|
this.sendProgress("CREATE_PROJECT_MANAGER", true);
|
|
194173
194231
|
const manager = await project_manager_1.ProjectManager.create(this.rootWorkingDirectory, otherModulesCommunicator, this.options.ecosystems, this.options.includeDirs, this.options.excludeDirs, this.options.changedFiles);
|
|
@@ -194176,7 +194234,7 @@ var require_cli_core = __commonJS({
|
|
|
194176
194234
|
(0, dashboard_integration_1.submitSubprojects)([...reachabilitySupport, ...traditionalScaSupport, ...noSupport].map((sp) => ({
|
|
194177
194235
|
...sp,
|
|
194178
194236
|
subprojectPath: (0, path_1.relative)(this.rootWorkingDirectory, sp.subprojectPath) || "."
|
|
194179
|
-
})), this.reportId, this.
|
|
194237
|
+
})), this.reportId, this.apiKey);
|
|
194180
194238
|
for (const unsupported of noSupport)
|
|
194181
194239
|
logger_singleton_1.logger.warn(unsupported.unsupportedMsg);
|
|
194182
194240
|
const includeScaOnlyMsg = `Coana found some projects where it supports traditional SCA, but the reachability analysis is not yet supported. Use --include-projects-with-no-reachability-support to conduct traditional SCA on these projects`;
|
|
@@ -194267,7 +194325,7 @@ var require_cli_core = __commonJS({
|
|
|
194267
194325
|
debug: this.options.debug,
|
|
194268
194326
|
silent: this.options.silent,
|
|
194269
194327
|
coanaLogPath: this.coanaLogPath
|
|
194270
|
-
});
|
|
194328
|
+
}, this.apiKey);
|
|
194271
194329
|
const providerManager = await project_manager_1.ProjectManager.create(providerProject, providerOtherModulesCommunicator, ["MAVEN"]);
|
|
194272
194330
|
const providerSubproject = providerManager.getSubproject("MAVEN", ".");
|
|
194273
194331
|
if (!providerSubproject) {
|
|
@@ -194354,14 +194412,14 @@ var require_cli_core = __commonJS({
|
|
|
194354
194412
|
subprojectPath: (0, path_1.relative)(rootWorkingDirectory, subprojectPath) || "."
|
|
194355
194413
|
}));
|
|
194356
194414
|
if (this.shareWithDashboard)
|
|
194357
|
-
(0, dashboard_integration_1.sendDependencyTreesToDashboard)(dependencyTrees, this.reportId, this.
|
|
194415
|
+
(0, dashboard_integration_1.sendDependencyTreesToDashboard)(dependencyTrees, this.reportId, this.apiKey);
|
|
194358
194416
|
const workspaceToVulnerabilities = Object.fromEntries(await (0, async_1.asyncMap)(workspacePaths, async (workspacePath) => this.spinner.wrap(`Scanning for vulnerabilities: (${subProjAndWsPath.packageManagerName}) ${(0, path_1.join)(subProjAndWsPath.subprojectPath, workspacePath)}`, async () => {
|
|
194359
194417
|
const dependencyTree = projectInfo[workspacePath].dataForAnalysis.dependencyTree;
|
|
194360
194418
|
this.sendProgress("SCAN_FOR_VULNERABILITIES", true, subprojectPath, workspacePath);
|
|
194361
194419
|
try {
|
|
194362
194420
|
return [
|
|
194363
194421
|
workspacePath,
|
|
194364
|
-
(await (0, vulnerability_scanning_1.scanForVulnerabilities)(dependencyTree, this.options.offlineDatabase, this.
|
|
194422
|
+
(await (0, vulnerability_scanning_1.scanForVulnerabilities)(dependencyTree, this.options.offlineDatabase, this.apiKey, Number(this.options.timeout))).vulnerabilities
|
|
194365
194423
|
];
|
|
194366
194424
|
} catch (e) {
|
|
194367
194425
|
logger_singleton_1.logger.error(`Scanning for vulnerabilities failed for subproject ${subprojectPath} in workspace ${workspacePath}`);
|
|
@@ -194432,7 +194490,7 @@ var require_cli_core = __commonJS({
|
|
|
194432
194490
|
type,
|
|
194433
194491
|
...subprojectPath ? { subprojectPath: (0, path_1.relative)(this.rootWorkingDirectory, subprojectPath) || "." } : {},
|
|
194434
194492
|
...workspacePath ? { workspacePath } : {}
|
|
194435
|
-
}, isStartEvent, this.reportId, this.
|
|
194493
|
+
}, isStartEvent, this.reportId, this.apiKey);
|
|
194436
194494
|
}
|
|
194437
194495
|
/**
|
|
194438
194496
|
* Augment the results field of the `vulns` with metadata.
|
|
@@ -194447,9 +194505,7 @@ var require_cli_core = __commonJS({
|
|
|
194447
194505
|
let dependencyType = getDependencyType(v.vulnChainDetails, v.results, directDependencies, reachability);
|
|
194448
194506
|
if (!dependencyType || dependencyType === "unknown") {
|
|
194449
194507
|
dependencyType = "prod&dev";
|
|
194450
|
-
|
|
194451
|
-
(0, dashboard_integration_1.sendWarningToDashboard)("Unable to determine dependency type", { subprojectPath, workspacePath }, { vulnChainDetails: v.vulnChainDetails, results: v.results, directDependencies, reachability }, this.reportId, this.options.apiKey);
|
|
194452
|
-
}
|
|
194508
|
+
(0, dashboard_integration_1.sendWarningToDashboard)("Unable to determine dependency type", { subprojectPath, workspacePath }, { vulnChainDetails: v.vulnChainDetails, results: v.results, directDependencies, reachability }, this.reportId, this.apiKey);
|
|
194453
194509
|
}
|
|
194454
194510
|
return {
|
|
194455
194511
|
vulnerabilityUrl: v.url,
|
|
@@ -194528,7 +194584,7 @@ var cli_core_1 = require_cli_core();
|
|
|
194528
194584
|
var version_1 = require_version();
|
|
194529
194585
|
var program = new commander_1.Command();
|
|
194530
194586
|
var run = new commander_1.Command();
|
|
194531
|
-
run.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new commander_1.Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <dirs...>", "globs for directories to include from the detection of subprojects (space-separated). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <dirs...>", "globs for directories to exclude from the detection of subprojects (space-separated). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze. Currently NPM, PIP, MAVEN and GO are supported. Default is all supported ecosystems.", (ecosystems) => ecosystems.split(" ").map((e) => e.toUpperCase())).option("--changed-files <files...>", "List of files that have changed. If provided, Coana only analyzes workspaces and modules that contain changed files.").option("--disable-report-submission", "Disable the submission of the report to the Coana dashboard. Used by the pipeline blocking feature.", false).option("--provider-project <path>", "File system path to folder containing the provider project (Only supported for Maven, Gradle, and SBT)").option("--provider-workspaces <dirs...>", "List of workspaces that build the provided runtime environment (Only supported for Maven, Gradle, and SBT)", (paths) => paths.split(" ")).option("--lightweight-reachability", "Runs Coana in lightweight mode. This increases analysis speed but also raises the risk of Coana misclassifying the reachability of certain complex vulnerabilities. Recommended only for use with Coana Guardrails mode.", false).addOption(new commander_1.Option("--run-without-docker", "Run package managers and reachability analyzers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new commander_1.Option("--run-env <env>", "Specifies the environment in which the CLI is run. So far only MANAGED_SCAN and UNKNOWN are supported.").default("UNKNOWN").choices(["UNKNOWN", "MANAGED_SCAN"]).hideHelp()).version(version_1.version).configureHelp({ sortOptions: true }).action(async (path2, options) => {
|
|
194587
|
+
run.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new commander_1.Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <dirs...>", "globs for directories to include from the detection of subprojects (space-separated). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <dirs...>", "globs for directories to exclude from the detection of subprojects (space-separated). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze. Currently NPM, PIP, MAVEN and GO are supported. Default is all supported ecosystems.", (ecosystems) => ecosystems.split(" ").map((e) => e.toUpperCase())).option("--changed-files <files...>", "List of files that have changed. If provided, Coana only analyzes workspaces and modules that contain changed files.").option("--disable-report-submission", "Disable the submission of the report to the Coana dashboard. Used by the pipeline blocking feature.", false).option("--provider-project <path>", "File system path to folder containing the provider project (Only supported for Maven, Gradle, and SBT)").option("--provider-workspaces <dirs...>", "List of workspaces that build the provided runtime environment (Only supported for Maven, Gradle, and SBT)", (paths) => paths.split(" ")).option("--lightweight-reachability", "Runs Coana in lightweight mode. This increases analysis speed but also raises the risk of Coana misclassifying the reachability of certain complex vulnerabilities. Recommended only for use with Coana Guardrails mode.", false).addOption(new commander_1.Option("--run-without-docker", "Run package managers and reachability analyzers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new commander_1.Option("--run-env <env>", "Specifies the environment in which the CLI is run. So far only MANAGED_SCAN and UNKNOWN are supported.").default("UNKNOWN").choices(["UNKNOWN", "MANAGED_SCAN"]).hideHelp()).addOption(new commander_1.Option("--guardrail-mode", "Run Coana in guardrail mode. This mode is used to prevent new reachable vulnerabilities from being introduced into the codebase. Usually run as a CI check when pushing new commits to a pull request.").default(false)).version(version_1.version).configureHelp({ sortOptions: true }).action(async (path2, options) => {
|
|
194532
194588
|
process.env.DOCKER_IMAGE_TAG ??= version_1.version;
|
|
194533
194589
|
await new cli_core_1.CliCore(path2, options).main();
|
|
194534
194590
|
});
|