@coana-tech/cli 14.11.14 → 14.11.15

package/cli.mjs

@@ -205338,7 +205338,7 @@ var getNpmBin = once(async () => {
   return npmBin;
 });
 async function actuallyRunInstall(specificPackagesArgs = [], dir) {
-  const installationCommand = cmdt2`${await getNpmBin()} install -f --ignore-scripts --no-fund --no-audit ${specificPackagesArgs}`;
+  const installationCommand = cmdt2`${await getNpmBin()} install -f --ignore-scripts --no-fund --no-audit --no-progress ${specificPackagesArgs}`;
   logger.info(`running installation command: ${installationCommand}`);
   return execAndLogOnFailure2(installationCommand, dir);
 }
@@ -205446,6 +205446,8 @@ var NpmFixingManager = class extends NpmEcosystemFixingManager {
     }
   }
   async finalizeFixes() {
+    logger.info(`Adjusting lock file changes by running a npm install command`);
+    await actuallyRunInstall(void 0, resolve9(this.rootDir, this.subprojectPath));
   }
 };
 
@@ -205454,7 +205456,16 @@ import { readFile as readFile12, writeFile as writeFile4 } from "fs/promises";
 import { resolve as resolve10 } from "path";
 var import_yaml = __toESM(require_dist10(), 1);
 var import_lockfile_file2 = __toESM(require_lib25(), 1);
+import { existsSync as existsSync9 } from "fs";
 var PnpmFixingManager = class extends NpmEcosystemFixingManager {
+  pnpmMajorVersion;
+  async getPnpmMajorVersion() {
+    if (!this.pnpmMajorVersion) {
+      const pnpmVersion = await runCommandResolveStdOut(cmdt`pnpm -v`);
+      this.pnpmMajorVersion = parseInt(pnpmVersion.trim().split(".")[0]);
+    }
+    return this.pnpmMajorVersion;
+  }
   async installSpecificPackages(workspacePath, isDev, packagesToInstall) {
     try {
       const isInstallingInRootOfWorkspace = workspacePath === "." && (await getWorkspacePathsFromPnpmLockFile(this.rootDir, false)).length > 1;
@@ -205473,7 +205484,7 @@ var PnpmFixingManager = class extends NpmEcosystemFixingManager {
     }
   }
   async actuallyRunInstall(specificPackagesCmd = [], workspacePath = ".") {
-    const installationCommand = cmdt`pnpm install --ignore-scripts ${specificPackagesCmd}`;
+    const installationCommand = cmdt`pnpm install --ignore-scripts${await this.getPnpmMajorVersion() >= 9 && specificPackagesCmd.length === 0 ? "--no-frozen-lockfile" : ""} --config.confirmModulesPurge=false ${specificPackagesCmd}`;
     logger.info(`running installation command: ${installationCommand}`);
     await exec(installationCommand, resolve10(this.rootDir, this.subprojectPath, workspacePath));
   }
@@ -205556,6 +205567,11 @@ var PnpmFixingManager = class extends NpmEcosystemFixingManager {
           ])
         );
         const pnpmWorkspaceYamlFile = resolve10(this.rootDir, this.subprojectPath, "pnpm-workspace.yaml");
+        if (!existsSync9(pnpmWorkspaceYamlFile)) {
+          throw new Error(
+            `pnpm-workspace.yaml could not be found in ${pnpmWorkspaceYamlFile}. The lockfile indicates that pnpm catalogs are used and they must be updated, which is not possible without a pnpm-workspace.yaml file`
+          );
+        }
         const yamlAST = await readYamlFile(pnpmWorkspaceYamlFile);
         fixCatalogVersions(yamlAST, catalogFixes);
         await writeYamlFile(yamlAST, pnpmWorkspaceYamlFile);
@@ -205567,7 +205583,7 @@ var PnpmFixingManager = class extends NpmEcosystemFixingManager {
     }
   }
   async finalizeFixes() {
-    const cmd = cmdt`pnpm install --ignore-scripts --fix-lockfile`;
+    const cmd = cmdt`pnpm install --ignore-scripts --fix-lockfile --config.confirmModulesPurge=false `;
     logger.info(`Adjusting lock file changes by running '${cmd}'`);
     await exec(cmd, resolve10(this.rootDir, this.subprojectPath));
   }
@@ -205621,7 +205637,7 @@ import { resolve as resolve12 } from "path";
 
 // ../utils/src/package-utils.ts
 import { parse as parse2, join as join7, resolve as resolve11, normalize as normalize3, dirname as dirname4, basename as basename3, relative as relative4 } from "path";
-import { existsSync as existsSync9, readFileSync as readFileSync2, readdirSync as readdirSync3, statSync as statSync3, writeFileSync as writeFileSync2 } from "fs";
+import { existsSync as existsSync10, readFileSync as readFileSync2, readdirSync as readdirSync3, statSync as statSync3, writeFileSync as writeFileSync2 } from "fs";
 function setFieldInPackageJson(workspaceRoot, field, value) {
   const packageJSONContentObj = getPackageJsonObject2(workspaceRoot);
   if (!packageJSONContentObj) return void 0;
@@ -205638,7 +205654,7 @@ function writePackageJsonContent(workspaceRoot, packageJsonContent) {
 }
 function getPackageJsonContent2(workspaceRoot) {
   const packageJsonPath = getPackageJSONPath2(workspaceRoot);
-  if (existsSync9(packageJsonPath)) return readFileSync2(packageJsonPath, "utf8");
+  if (existsSync10(packageJsonPath)) return readFileSync2(packageJsonPath, "utf8");
   return void 0;
 }
 function getPackageJSONPath2(workspaceRoot) {
@@ -205771,9 +205787,10 @@ var YarnFixingManager = class extends NpmEcosystemFixingManager {
       logger.info(`Failed to install packages: ${installResult.error.message}`);
       logger.info(`stdout`, installResult.stdout);
       logger.info(`stderr`, installResult.stderr);
-      logger.info("yarn version", await runCommandResolveStdOut("yarn -v", installDir));
+      logger.info("yarn version", await this.runYarnCommand(cmdt`yarn -v`, installDir));
       throw new Error(`Failed to install packages: ${installResult.error.message}`);
     }
+    logger.info("Installation completed.");
   }
   async getYarnLockObj(filePath) {
     const fileString = await readFile13(filePath, "utf8");
@@ -205875,7 +205892,7 @@ var YarnFixingManager = class extends NpmEcosystemFixingManager {
 
 // ../fixing-management/src/fixing-management/npm/npm-ecosystem-socket-fixing-manager.ts
 import { dirname as dirname5, join as join8, relative as relative5 } from "path";
-import { existsSync as existsSync10 } from "fs";
+import { existsSync as existsSync11 } from "fs";
 var NpmSocketUpgradeManager = class {
   constructor(rootDir) {
     this.rootDir = rootDir;
@@ -205909,7 +205926,13 @@ var NpmSocketUpgradeManager = class {
           workspaceToSubproject.set(join8(subprojectDir, workspace), subprojectDir);
         }
       }
-      const packageJsonFiles = artifact.manifestFiles?.filter((a4) => a4.file.endsWith("package.json"));
+      const packageJsonFiles = artifact.manifestFiles?.filter((a4) => a4.file.endsWith("package.json")) ?? [];
+      for (const lockFile of lockFiles ?? []) {
+        const correspondingPackageJsonFile = join8(dirname5(lockFile.file), "package.json");
+        if (!packageJsonFiles.some((p3) => p3.file === correspondingPackageJsonFile) && existsSync11(correspondingPackageJsonFile)) {
+          packageJsonFiles.push({ file: correspondingPackageJsonFile });
+        }
+      }
       for (const packageJsonFile of packageJsonFiles ?? []) {
         const packageJsonDir = dirname5(packageJsonFile.file);
         const subprojectDir = workspaceToSubproject.get(packageJsonDir) ?? packageJsonDir;
@@ -205961,13 +205984,14 @@ function getFixingManagerFromPackageManager(packageManager, rootDir, subprojectP
   }
 }
 function getPackageMangerForDirectory(directory) {
-  if (existsSync10(join8(directory, "pnpm-lock.yaml")) || existsSync10(join8(directory, "pnpm-lock.yml"))) {
+  if (existsSync11(join8(directory, "pnpm-lock.yaml")) || existsSync11(join8(directory, "pnpm-lock.yml"))) {
     return "PNPM";
-  } else if (existsSync10(join8(directory, "yarn.lock"))) {
+  } else if (existsSync11(join8(directory, "yarn.lock"))) {
     return "YARN";
-  } else {
+  } else if (existsSync11(join8(directory, "package-lock.json"))) {
     return "NPM";
   }
+  throw new Error("Upgrading packages is currently only supported for NPM projects using a lock file.");
 }
 
 // ../fixing-management/src/fixing-management/npm/rush-fixing-manager.ts
@@ -206329,7 +206353,7 @@ async function applySocketUpgrades(ecosystem, rootDir, upgrades, artifacts) {
 
 // dist/cli-apply-fix.js
 var import_lodash12 = __toESM(require_lodash(), 1);
-import { existsSync as existsSync15 } from "fs";
+import { existsSync as existsSync16 } from "fs";
 
 // ../other-modules-communicator/src/other-modules-communicator.ts
 import { execFileSync } from "child_process";
@@ -206346,7 +206370,7 @@ import { fileURLToPath as fileURLToPath3 } from "node:url";
 // ../utils/dist/file-utils.js
 var import_lodash5 = __toESM(require_lodash(), 1);
 var import_micromatch = __toESM(require_micromatch(), 1);
-import { existsSync as existsSync11 } from "fs";
+import { existsSync as existsSync12 } from "fs";
 import { access as access2, cp, readdir as readdir3, stat as stat2 } from "fs/promises";
 import { basename as basename4, join as join11, relative as relative6, resolve as resolve13 } from "path";
 var { uniq } = import_lodash5.default;
@@ -207076,7 +207100,7 @@ async function detectVariantMaven(projectDir) {
 }
 
 // ../docker-management/src/maven/gradle-version-detector.ts
-import { existsSync as existsSync12 } from "fs";
+import { existsSync as existsSync13 } from "fs";
 import { join as join13 } from "path";
 import { readFile as readFile15 } from "fs/promises";
 async function detectVariantGradle(projectDir) {
@@ -207084,7 +207108,7 @@ async function detectVariantGradle(projectDir) {
 }
 async function detect(projectDir) {
   const gradleWrapperPropertiesPath = join13(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
-  const gradleWrapperProperties = existsSync12(gradleWrapperPropertiesPath) ? (await readFile15(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const gradleWrapperProperties = existsSync13(gradleWrapperPropertiesPath) ? (await readFile15(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!gradleWrapperProperties) return void 0;
   const distributionUrlRegex = /.*gradle-(\d+(\.\d+(\.\d+)?)?)/;
   for (const prop2 of gradleWrapperProperties) {
@@ -207098,7 +207122,7 @@ async function detect(projectDir) {
 }
 
 // ../docker-management/src/maven/sbt-version-detector.ts
-import { existsSync as existsSync13 } from "fs";
+import { existsSync as existsSync14 } from "fs";
 import { join as join14 } from "path";
 import { readFile as readFile16 } from "fs/promises";
 async function detectVariantSbt(projectDir) {
@@ -207106,7 +207130,7 @@ async function detectVariantSbt(projectDir) {
 }
 async function detect2(projectDir) {
   const sbtBuildPropertiesPath = join14(projectDir, "project", "build.properties");
-  const sbtBuildProperties = existsSync13(sbtBuildPropertiesPath) ? (await readFile16(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const sbtBuildProperties = existsSync14(sbtBuildPropertiesPath) ? (await readFile16(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!sbtBuildProperties) return void 0;
   for (const prop2 of sbtBuildProperties) {
     const [key, value] = prop2.split("=");
@@ -207227,7 +207251,7 @@ import { join as join17, posix as posix2, relative as relative8, sep as sep3 } f
 // ../utils/src/file-utils.ts
 var import_lodash8 = __toESM(require_lodash(), 1);
 var import_micromatch2 = __toESM(require_micromatch(), 1);
-import { existsSync as existsSync14 } from "fs";
+import { existsSync as existsSync15 } from "fs";
 import { access as access3, cp as cp2, readdir as readdir4, stat as stat3 } from "fs/promises";
 import { basename as basename5, join as join15, relative as relative7, resolve as resolve16 } from "path";
 var { uniq: uniq2 } = import_lodash8.default;
@@ -208344,7 +208368,7 @@ async function verifyFixes(fixes, otherModulesCommunicator, rootPath) {
   if (pathsForEachFixIdData.length !== new Set(pathsForEachFixIdData).size) {
     throw new Error("Multiple fix IDs found for the same subproject, workspace and ecosystem");
   }
-  const subprojectsNotFound = uniq3(fixes.filter(({ vulnerabilityInstance: v }) => !existsSync15(resolve19(rootPath, v.subprojectPath))).map(({ vulnerabilityInstance: v }) => `${v.subprojectPath}:${v.ecosystem}`));
+  const subprojectsNotFound = uniq3(fixes.filter(({ vulnerabilityInstance: v }) => !existsSync16(resolve19(rootPath, v.subprojectPath))).map(({ vulnerabilityInstance: v }) => `${v.subprojectPath}:${v.ecosystem}`));
   if (subprojectsNotFound.length > 0) {
     throw new Error(`Cannot find the following subprojects: ${subprojectsNotFound.join(", ")}`);
   }
@@ -209150,12 +209174,12 @@ import { readdir as readdir6 } from "fs/promises";
 import { join as join20, relative as relative9, resolve as resolve22 } from "path";
 
 // ../project-management/src/project-management/ecosystem-management/ecosystem-specs.ts
-import { existsSync as existsSync17 } from "fs";
+import { existsSync as existsSync18 } from "fs";
 import { readdir as readdir5, readFile as readFile20 } from "fs/promises";
 import { join as join19, sep as sep4 } from "path";
 
 // ../utils/src/pip-utils.ts
-import { existsSync as existsSync16 } from "fs";
+import { existsSync as existsSync17 } from "fs";
 import { readFile as readFile19 } from "fs/promises";
 import { resolve as resolve21 } from "path";
 import util4 from "util";
@@ -209252,7 +209276,7 @@ function getEcosystemSpecs(ecosystems) {
 }
 function packageManagerIfPackageJSONExistsAndValid(packageManager) {
   return async (projectDir) => {
-    if (!existsSync17(join19(projectDir, "package.json"))) return void 0;
+    if (!existsSync18(join19(projectDir, "package.json"))) return void 0;
     const packageJSONPath = join19(projectDir, "package.json");
     try {
       JSON.parse(await readFile20(packageJSONPath, "utf-8"));
@@ -209927,16 +209951,16 @@ function isVulnChainWithParentsMap(v) {
 var DEFAULT_REPORT_FILENAME_BASE = "coana-report";
 
 // dist/internal/exclude-dirs-from-configuration-files.js
-import { existsSync as existsSync18 } from "fs";
+import { existsSync as existsSync19 } from "fs";
 import { readFile as readFile21 } from "fs/promises";
 import { basename as basename6, resolve as resolve24 } from "path";
 var import_yaml2 = __toESM(require_dist11(), 1);
 async function inferExcludeDirsFromConfigurationFiles(rootWorkingDir) {
   const socketYmlConfigFile = resolve24(rootWorkingDir, "socket.yml");
-  if (existsSync18(socketYmlConfigFile))
+  if (existsSync19(socketYmlConfigFile))
     return inferExcludeDirsFromSocketConfig(socketYmlConfigFile);
   const socketYamlConfigFile = resolve24(rootWorkingDir, "socket.yaml");
-  if (existsSync18(socketYamlConfigFile))
+  if (existsSync19(socketYamlConfigFile))
     return inferExcludeDirsFromSocketConfig(socketYamlConfigFile);
   return void 0;
 }
@@ -224025,7 +224049,7 @@ var { root: root2 } = static_exports;
 
 // ../utils/src/maven-utils.ts
 var import_lodash14 = __toESM(require_lodash(), 1);
-import { existsSync as existsSync19, readdirSync as readdirSync4, statSync as statSync4 } from "fs";
+import { existsSync as existsSync20, readdirSync as readdirSync4, statSync as statSync4 } from "fs";
 import { join as join21 } from "path";
 var { memoize: memoize3 } = import_lodash14.default;
 var memoizedParseShellArgs = memoize3(parseShellArgs);
@@ -225397,7 +225421,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version2 = "14.11.14";
+var version2 = "14.11.15";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.11.14",
+  "version": "14.11.15",
   "description": "Coana CLI",
   "type": "module",
   "bin": {