npm - @coana-tech/cli - Versions diffs - 14.11.7 → 14.11.8 - Mend

@coana-tech/cli 14.11.7 → 14.11.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/cli.mjs CHANGED Viewed

@@ -225338,7 +225338,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 // dist/version.js
-var version2 = "14.11.7";
+var version2 = "14.11.8";
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;

package/coana-repos/mambalade/dist/mambalade-0.3.11-py3-none-any.whl ADDED Viewed

Binary file

package/coana-repos/mambalade/dist/networkx-3.5-py3-none-any.whl ADDED Viewed

Binary file

package/coana-repos/mambalade/dist/typing_extensions-4.14.1-py3-none-any.whl ADDED Viewed

Binary file

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.11.7",
+  "version": "14.11.8",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/reachability-analyzers-cli.mjs CHANGED Viewed

@@ -64950,7 +64950,7 @@ var require_comparator = __commonJS({
 var require_satisfies = __commonJS({
   "../../node_modules/.pnpm/semver@7.7.1/node_modules/semver/functions/satisfies.js"(exports, module) {
     var Range = require_range2();
-    var satisfies2 = (version3, range, options) => {
+    var satisfies3 = (version3, range, options) => {
       try {
         range = new Range(range, options);
       } catch (er) {
@@ -64958,7 +64958,7 @@ var require_satisfies = __commonJS({
       }
       return range.test(version3);
     };
-    module.exports = satisfies2;
+    module.exports = satisfies3;
   }
 });
@@ -65107,7 +65107,7 @@ var require_outside = __commonJS({
     var Comparator = require_comparator();
     var { ANY } = Comparator;
     var Range = require_range2();
-    var satisfies2 = require_satisfies();
+    var satisfies3 = require_satisfies();
     var gt = require_gt();
     var lt2 = require_lt();
     var lte = require_lte();
@@ -65134,7 +65134,7 @@ var require_outside = __commonJS({
         default:
           throw new TypeError('Must provide a hilo val of "<" or ">"');
       }
-      if (satisfies2(version3, range, options)) {
+      if (satisfies3(version3, range, options)) {
         return false;
       }
       for (let i2 = 0; i2 < range.set.length; ++i2) {
@@ -65202,7 +65202,7 @@ var require_intersects = __commonJS({
 // ../../node_modules/.pnpm/semver@7.7.1/node_modules/semver/ranges/simplify.js
 var require_simplify = __commonJS({
   "../../node_modules/.pnpm/semver@7.7.1/node_modules/semver/ranges/simplify.js"(exports, module) {
-    var satisfies2 = require_satisfies();
+    var satisfies3 = require_satisfies();
     var compare = require_compare();
     module.exports = (versions, range, options) => {
       const set = [];
@@ -65210,7 +65210,7 @@ var require_simplify = __commonJS({
       let prev2 = null;
       const v = versions.sort((a2, b) => compare(a2, b, options));
       for (const version3 of v) {
-        const included = satisfies2(version3, range, options);
+        const included = satisfies3(version3, range, options);
         if (included) {
           prev2 = version3;
           if (!first2) {
@@ -65254,7 +65254,7 @@ var require_subset = __commonJS({
     var Range = require_range2();
     var Comparator = require_comparator();
     var { ANY } = Comparator;
-    var satisfies2 = require_satisfies();
+    var satisfies3 = require_satisfies();
     var compare = require_compare();
     var subset = (sub, dom, options = {}) => {
       if (sub === dom) {
@@ -65323,14 +65323,14 @@ var require_subset = __commonJS({
         }
       }
       for (const eq2 of eqSet) {
-        if (gt && !satisfies2(eq2, String(gt), options)) {
+        if (gt && !satisfies3(eq2, String(gt), options)) {
           return null;
         }
-        if (lt2 && !satisfies2(eq2, String(lt2), options)) {
+        if (lt2 && !satisfies3(eq2, String(lt2), options)) {
           return null;
         }
         for (const c of dom) {
-          if (!satisfies2(eq2, String(c), options)) {
+          if (!satisfies3(eq2, String(c), options)) {
             return false;
           }
         }
@@ -65357,7 +65357,7 @@ var require_subset = __commonJS({
             if (higher === c && higher !== gt) {
               return false;
             }
-          } else if (gt.operator === ">=" && !satisfies2(gt.semver, String(c), options)) {
+          } else if (gt.operator === ">=" && !satisfies3(gt.semver, String(c), options)) {
             return false;
           }
         }
@@ -65372,7 +65372,7 @@ var require_subset = __commonJS({
             if (lower === c && lower !== lt2) {
               return false;
             }
-          } else if (lt2.operator === "<=" && !satisfies2(lt2.semver, String(c), options)) {
+          } else if (lt2.operator === "<=" && !satisfies3(lt2.semver, String(c), options)) {
             return false;
           }
         }
@@ -65441,7 +65441,7 @@ var require_semver2 = __commonJS({
     var coerce = require_coerce();
     var Comparator = require_comparator();
     var Range = require_range2();
-    var satisfies2 = require_satisfies();
+    var satisfies3 = require_satisfies();
     var toComparators = require_to_comparators();
     var maxSatisfying = require_max_satisfying();
     var minSatisfying = require_min_satisfying();
@@ -65479,7 +65479,7 @@ var require_semver2 = __commonJS({
       coerce,
       Comparator,
       Range,
-      satisfies: satisfies2,
+      satisfies: satisfies3,
       toComparators,
       maxSatisfying,
       minSatisfying,
@@ -73697,7 +73697,7 @@ ${error.message}`);
 // dist/whole-program-code-aware-vulnerability-scanner/analyze-in-buckets.js
 var import_lodash17 = __toESM(require_lodash(), 1);
-var import_semver2 = __toESM(require_semver2(), 1);
+var import_semver3 = __toESM(require_semver2(), 1);
 import assert8 from "assert";
 import { relative as relative5 } from "path";
@@ -96268,6 +96268,7 @@ async function getVersion(analysisName) {
 }
 // dist/whole-program-code-aware-vulnerability-scanner/python/python-code-aware-vulnerability-scanner.js
+var import_semver2 = __toESM(require_semver2(), 1);
 var { omit, once: once3, pick, sortedUniq, uniqBy } = import_lodash14.default;
 var PythonCodeAwareVulnerabilityScanner = class _PythonCodeAwareVulnerabilityScanner {
   state;
@@ -96276,6 +96277,7 @@ var PythonCodeAwareVulnerabilityScanner = class _PythonCodeAwareVulnerabilitySca
   numberAnalysesRun = 0;
   virtualEnvInfo;
   vm;
+  mambaladeVenvPath;
   constructor(state, projectDir, _statusUpdater) {
     this.state = state;
     this.projectDir = projectDir;
@@ -96293,6 +96295,9 @@ var PythonCodeAwareVulnerabilityScanner = class _PythonCodeAwareVulnerabilitySca
   async runAnalysis(vulns, heuristic, analyzesAllVulns) {
     if (!this.virtualEnvInfo)
       throw new Error("Virtual environment not set up");
+    if (!this.mambaladeVenvPath) {
+      await this.setupMambalade();
+    }
     logger.info("Started instantiating Python code-aware analysis");
     logger.debug(`Trying to find files to analyze from projectDir: ${this.projectDir}`);
     const { rootWorkingDir, reachabilityAnalysisOptions } = this.state;
@@ -96326,7 +96331,7 @@ runpy.run_module("mambalade", alter_sys=True)
     const excludeDistributionsOption = packagesToExclude?.size ? ["--exclude-distributions", ...packagesToExclude] : [];
     const timeout = reachabilityAnalysisOptions.timeoutInSeconds ?? // 10 minutes for the first analysis, 1 minute for subsequent analyses
     (analyzesAllVulns ? 60 * 10 : 60);
-    const pythonExecutable = resolve12(COANA_REPOS_PATH(), "mambalade", ".venv", "bin", "python");
+    const pythonExecutable = join15(this.mambaladeVenvPath, "bin", "python");
     const mambaladeArgs = [
       pythonExecutable,
       wrapperPath,
@@ -96603,12 +96608,34 @@ ${msg}`;
   getVirtualEnvInfo() {
     return this.virtualEnvInfo;
   }
+  async setupMambalade() {
+    const venvDir = await createTmpDirectory("mambalade-venv");
+    logger.info("Creating Mambalade virtual environment");
+    const pythonInterpreter = await getPythonInterpreter();
+    await exec(cmdt`${pythonInterpreter} -SIm venv ${venvDir}`);
+    const mambaladeWheelsPath = join15(COANA_REPOS_PATH(), "mambalade", "dist");
+    const wheelFiles = await readdir3(mambaladeWheelsPath);
+    const mambaladeWheels = wheelFiles.filter((f2) => f2.endsWith(".whl")).map((f2) => join15(mambaladeWheelsPath, f2));
+    if (mambaladeWheels.length === 0) {
+      throw new Error(`No mambalade wheel files found in ${mambaladeWheelsPath}`);
+    }
+    logger.info(`Installing mambalade wheels: ${mambaladeWheels.join(", ")}`);
+    await exec(cmdt`${venvDir}/bin/pip install --no-deps ${mambaladeWheels}`);
+    this.mambaladeVenvPath = venvDir;
+    logger.info("Mambalade virtual environment setup complete");
+  }
   // async [Symbol.asyncDispose]() {
   async cleanup() {
     if (this.virtualEnvInfo?.temporary) {
-      await rm5(this.virtualEnvInfo.virtualEnvFolder, { recursive: true, force: true });
+      await rm5(this.virtualEnvInfo.virtualEnvFolder, { recursive: true, force: true }).catch(() => {
+      });
       this.virtualEnvInfo = void 0;
     }
+    if (this.mambaladeVenvPath) {
+      await rm5(this.mambaladeVenvPath, { recursive: true, force: true }).catch(() => {
+      });
+      this.mambaladeVenvPath = void 0;
+    }
   }
 };
 async function findFilesToAnalyze(projectDir) {
@@ -96647,6 +96674,16 @@ function transformSourceLocations2(appPath, fileMappings, detectedOccurrences) {
     }
   return detectedOccurrences;
 }
+async function getPythonInterpreter() {
+  const pythonVersionRequired = ">=3.11.0";
+  const pypyVersion = await getPythonVersion("pypy3").catch(() => void 0);
+  if (pypyVersion && (0, import_semver2.satisfies)(pypyVersion, pythonVersionRequired))
+    return "pypy3";
+  const pythonVersion = await getPythonVersion("python3").catch(() => void 0);
+  if (pythonVersion && (0, import_semver2.satisfies)(pythonVersion, pythonVersionRequired))
+    return "python3";
+  throw new Error(`No Python ${pythonVersionRequired} interpreter found`);
+}
 // dist/whole-program-code-aware-vulnerability-scanner/python/phantom-deps.js
 var { uniq: uniq8 } = import_lodash15.default;
@@ -96890,7 +96927,7 @@ async function analyzeWithHeuristics(state, vulns, heuristicsInOrder, doNotRecom
     if (bucketsFromLastAnalysis.some((b) => b.heuristicName === heuristics.IGNORE_DEPENDENCIES_AND_MAX_ROUNDS_3.name))
       return;
     try {
-      if ((0, import_semver2.lt)(cliVersion, CLI_VERSION_TO_USE_CACHING_FROM[ecosystem] ?? CLI_VERSION_TO_USE_CACHING_FROM_DEFAULT))
+      if ((0, import_semver3.lt)(cliVersion, CLI_VERSION_TO_USE_CACHING_FROM[ecosystem] ?? CLI_VERSION_TO_USE_CACHING_FROM_DEFAULT))
         return void 0;
     } catch (e) {
       return void 0;