npm - @coana-tech/cli - Versions diffs - 14.12.10 → 14.12.11 - Mend

@coana-tech/cli 14.12.10 → 14.12.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/cli.mjs +127 -67
package/package.json +1 -1
package/repos/coana-tech/alucard/alucard.jar +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0

package/cli.mjs CHANGED Viewed

@@ -52321,7 +52321,7 @@ var require_cjs2 = __commonJS({
 var require_lib12 = __commonJS({
   "../../node_modules/.pnpm/write-file-atomic@5.0.1/node_modules/write-file-atomic/lib/index.js"(exports2, module2) {
     "use strict";
-    module2.exports = writeFile10;
+    module2.exports = writeFile11;
     module2.exports.sync = writeFileSync4;
     module2.exports._getTmpname = getTmpname;
     module2.exports._cleanupOnExit = cleanupOnExit;
@@ -52446,7 +52446,7 @@ var require_lib12 = __commonJS({
         }
       }
     }
-    async function writeFile10(filename, data2, options, callback) {
+    async function writeFile11(filename, data2, options, callback) {
       if (options instanceof Function) {
         callback = options;
         options = {};
@@ -83615,7 +83615,7 @@ var require_lockfile = __commonJS({
               }
               const file = _ref22;
               if (yield exists2(file)) {
-                return readFile26(file);
+                return readFile27(file);
               }
             }
             return null;
@@ -83634,7 +83634,7 @@ var require_lockfile = __commonJS({
         })();
         let readJsonAndFile = exports3.readJsonAndFile = (() => {
           var _ref24 = (0, (_asyncToGenerator2 || _load_asyncToGenerator()).default)(function* (loc) {
-            const file = yield readFile26(loc);
+            const file = yield readFile27(loc);
             try {
               return {
                 object: (0, (_map || _load_map()).default)(JSON.parse(stripBOM2(file))),
@@ -83776,7 +83776,7 @@ var require_lockfile = __commonJS({
             if (eol !== "\n") {
               data2 = data2.replace(/\n/g, eol);
             }
-            yield writeFile10(path2, data2);
+            yield writeFile11(path2, data2);
           });
           return function writeFilePreservingEol2(_x30, _x31) {
             return _ref31.apply(this, arguments);
@@ -83788,7 +83788,7 @@ var require_lockfile = __commonJS({
             const file = (_path || _load_path()).default.join(dir, filename);
             const fileLink = (_path || _load_path()).default.join(dir, filename + "-link");
             try {
-              yield writeFile10(file, "test");
+              yield writeFile11(file, "test");
               yield link(file, fileLink);
             } catch (err) {
               return false;
@@ -83874,7 +83874,7 @@ var require_lockfile = __commonJS({
           };
         })();
         exports3.copy = copy;
-        exports3.readFile = readFile26;
+        exports3.readFile = readFile27;
         exports3.readFileRaw = readFileRaw;
         exports3.normalizeOS = normalizeOS;
         var _fs;
@@ -83938,7 +83938,7 @@ var require_lockfile = __commonJS({
         const lockQueue = exports3.lockQueue = new (_blockingQueue || _load_blockingQueue()).default("fs lock");
         const readFileBuffer = exports3.readFileBuffer = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.readFile);
         const open = exports3.open = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.open);
-        const writeFile10 = exports3.writeFile = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.writeFile);
+        const writeFile11 = exports3.writeFile = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.writeFile);
         const readlink2 = exports3.readlink = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.readlink);
         const realpath2 = exports3.realpath = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.realpath);
         const readdir7 = exports3.readdir = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.readdir);
@@ -83972,7 +83972,7 @@ var require_lockfile = __commonJS({
             });
           });
         }
-        function readFile26(loc) {
+        function readFile27(loc) {
           return _readFile(loc, "utf8").then(normalizeOS);
         }
         function readFileRaw(loc) {
@@ -111894,7 +111894,7 @@ var require_summary = __commonJS({
     exports2.summary = exports2.markdownSummary = exports2.SUMMARY_DOCS_URL = exports2.SUMMARY_ENV_VAR = void 0;
     var os_1 = __require("os");
     var fs_1 = __require("fs");
-    var { access: access5, appendFile, writeFile: writeFile10 } = fs_1.promises;
+    var { access: access5, appendFile, writeFile: writeFile11 } = fs_1.promises;
     exports2.SUMMARY_ENV_VAR = "GITHUB_STEP_SUMMARY";
     exports2.SUMMARY_DOCS_URL = "https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary";
     var Summary = class {
@@ -111952,7 +111952,7 @@ var require_summary = __commonJS({
         return __awaiter(this, void 0, void 0, function* () {
           const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite);
           const filePath = yield this.filePath();
-          const writeFunc = overwrite ? writeFile10 : appendFile;
+          const writeFunc = overwrite ? writeFile11 : appendFile;
           yield writeFunc(filePath, this._buffer, { encoding: "utf8" });
           return this.emptyBuffer();
         });
@@ -190082,7 +190082,7 @@ var {
 } = import_index.default;
 // dist/index.js
-import { readFile as readFile25 } from "fs/promises";
+import { readFile as readFile26 } from "fs/promises";
 // ../../node_modules/.pnpm/remeda@2.21.2/node_modules/remeda/dist/chunk-ANXBDSUI.js
 var s = { done: false, hasNext: false };
@@ -206007,11 +206007,47 @@ var YarnFixingManager = class extends NpmEcosystemFixingManager {
 // ../fixing-management/src/fixing-management/npm/npm-ecosystem-socket-fixing-manager.ts
 import { dirname as dirname5, join as join8, relative as relative5 } from "path";
 import { existsSync as existsSync11 } from "fs";
+import { readFile as readFile15, writeFile as writeFile6 } from "fs/promises";
+function applyUpgradesToPackageJson(packageJsonContent, upgrades, rangeStyle) {
+  let modifiedContent = packageJsonContent;
+  for (const upgrade of upgrades) {
+    const escapedPackageName = upgrade.packageName.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+    const depSection = upgrade.isDev ? "devDependencies" : "dependencies";
+    const pattern = new RegExp(`("${escapedPackageName}"\\s*:\\s*")([^"]*)"`, "g");
+    const sectionPattern = new RegExp(`"${depSection}"\\s*:\\s*\\{[^}]*"${escapedPackageName}"\\s*:`, "s");
+    if (!sectionPattern.test(modifiedContent)) {
+      continue;
+    }
+    modifiedContent = modifiedContent.replace(pattern, (match2, prefix, currentVersion, offset) => {
+      const beforeMatch = modifiedContent.substring(0, offset);
+      const lastDepSection = beforeMatch.lastIndexOf(`"${depSection}"`);
+      const lastOtherSection = Math.max(
+        beforeMatch.lastIndexOf('"dependencies"'),
+        beforeMatch.lastIndexOf('"devDependencies"'),
+        beforeMatch.lastIndexOf('"peerDependencies"'),
+        beforeMatch.lastIndexOf('"optionalDependencies"')
+      );
+      if (lastOtherSection > lastDepSection && beforeMatch.substring(lastOtherSection).includes(depSection === "dependencies" ? "devDependencies" : "dependencies")) {
+        return match2;
+      }
+      let versionString;
+      if (rangeStyle === "pin") {
+        versionString = upgrade.upgradeVersion;
+      } else {
+        const specifierMatch = currentVersion.match(/^([^\d]*)/);
+        const specifier = specifierMatch ? specifierMatch[1] : "";
+        versionString = specifier + upgrade.upgradeVersion;
+      }
+      return `${prefix}${versionString}"`;
+    });
+  }
+  return modifiedContent;
+}
 var NpmSocketUpgradeManager = class {
   constructor(rootDir) {
     this.rootDir = rootDir;
   }
-  async applySocketArtifactUpgrades(upgrades, artifacts) {
+  async applySocketArtifactUpgrades(upgrades, artifacts, rangeStyle) {
     const subprojectToUpgrade = await this.groupUpgradesBySubprojectAndWorkspace(upgrades, artifacts);
     for (const [subprojectDir, workspaceToUpgrade] of subprojectToUpgrade) {
       const fixingManager = getFixingManagerFromPackageManager(
@@ -206019,7 +206055,13 @@ var NpmSocketUpgradeManager = class {
         this.rootDir,
         subprojectDir
       );
-      this.applySecurityFixesForSocketArtifacts(fixingManager, artifacts, workspaceToUpgrade);
+      this.applySecurityFixesForSocketArtifacts(
+        subprojectDir,
+        fixingManager,
+        artifacts,
+        workspaceToUpgrade,
+        rangeStyle
+      );
     }
   }
   async groupUpgradesBySubprojectAndWorkspace(upgrades, artifacts) {
@@ -206062,7 +206104,7 @@ var NpmSocketUpgradeManager = class {
     }
     return subprojectToUpgrade;
   }
-  async applySecurityFixesForSocketArtifacts(fixingManager, artifacts, workspaceTofixes) {
+  async applySecurityFixesForSocketArtifacts(subprojectDir, fixingManager, artifacts, workspaceTofixes, rangeStyle) {
     for (const [workspacePath, upgrades] of workspaceTofixes.entries()) {
       const upgradesTransformed = upgrades.map((upgrade) => ({
         dependencyName: getNameFromNamespaceAndName(
@@ -206077,13 +206119,20 @@ var NpmSocketUpgradeManager = class {
       await fixingManager.applySecurityFixesSpecificPackageManager(upgradesTransformed);
       const upgradesToDirectDependencies = upgrades.filter((upgrade) => artifacts[upgrade.idx].direct);
       if (upgradesToDirectDependencies.length === 0) continue;
-      for (const isDev of [false, true]) {
-        const upgradesOfDirectDependenciesOfType = upgradesToDirectDependencies.filter((upgrade) => artifacts[upgrade.idx].dev === isDev).map(
-          ({ idx, upgradeVersion }) => `${artifacts[idx].namespace ? `${artifacts[idx].namespace}/` : ""}${artifacts[idx].name}@${upgradeVersion}`
-        );
-        if (upgradesOfDirectDependenciesOfType.length === 0) continue;
-        await fixingManager.installSpecificPackages(workspacePath, isDev, upgradesOfDirectDependenciesOfType);
-      }
+      const packageJsonPath = join8(subprojectDir, workspacePath, "package.json");
+      const packageJsonContent = await readFile15(packageJsonPath, "utf-8");
+      const upgradesWithPackageNames = upgradesToDirectDependencies.map(
+        (upgrade) => {
+          const artifact = artifacts[upgrade.idx];
+          return {
+            packageName: artifact.namespace ? `${artifact.namespace}/${artifact.name}` : artifact.name,
+            upgradeVersion: upgrade.upgradeVersion,
+            isDev: artifact.dev ?? false
+          };
+        }
+      );
+      const modifiedContent = applyUpgradesToPackageJson(packageJsonContent, upgradesWithPackageNames, rangeStyle);
+      await writeFile6(packageJsonPath, modifiedContent, "utf-8");
     }
     await fixingManager.finalizeFixes();
   }
@@ -206116,7 +206165,7 @@ var RushFixingManager = class {
 };
 // ../fixing-management/src/fixing-management/nuget/nuget-fixing-manager.ts
-import { readFile as readFile15, writeFile as writeFile6 } from "fs/promises";
+import { readFile as readFile16, writeFile as writeFile7 } from "fs/promises";
 import { join as join9 } from "path";
 // ../utils/src/nuget-utils.ts
@@ -206219,16 +206268,16 @@ var NugetFixingManager = class {
         if (projectFiles.length !== 1)
           throw new Error("Applying fixes to workspaces with more than 1 project file currently not supported");
         const projectFilePath = join9(this.getAbsWsPath(wsPath), projectFiles[0]);
-        const initialProjectFile = await readFile15(projectFilePath, "utf-8");
+        const initialProjectFile = await readFile16(projectFilePath, "utf-8");
         const initialLockFile = await this.restoreWorkspaceAndParseLockFile(wsPath);
         await applySeries(fixesWithId, async ({ fixId, vulnerabilityFixes }) => {
           await this.applySecurityFixesForWorkspace(wsPath, projectFilePath, vulnerabilityFixes, dependencyTree);
           signalFixApplied2?.(fixId, this.subprojectPath, wsPath, vulnerabilityFixes);
         });
-        const finalProjectFile = await readFile15(projectFilePath, "utf-8");
-        const finalLockFile = JSON.parse(await readFile15(this.getLockFilePath(wsPath), "utf-8"));
-        await writeFile6(projectFilePath, initialProjectFile);
-        await writeFile6(this.getLockFilePath(wsPath), JSON.stringify(initialLockFile, null, 2));
+        const finalProjectFile = await readFile16(projectFilePath, "utf-8");
+        const finalLockFile = JSON.parse(await readFile16(this.getLockFilePath(wsPath), "utf-8"));
+        await writeFile7(projectFilePath, initialProjectFile);
+        await writeFile7(this.getLockFilePath(wsPath), JSON.stringify(initialLockFile, null, 2));
         return { projectFile: finalProjectFile, lockFile: finalLockFile };
       }
     );
@@ -206238,8 +206287,8 @@ var NugetFixingManager = class {
       const projectFiles = fixingInfo.projectFiles[wsPath];
       if (projectFiles.length !== 1)
         throw new Error("Applying fixes to workspaces with more than 1 project file currently not supported");
-      await writeFile6(join9(this.getAbsWsPath(wsPath), projectFiles[0]), finalProjectFile);
-      await writeFile6(this.getLockFilePath(wsPath), JSON.stringify(finalLockFile, null, 2));
+      await writeFile7(join9(this.getAbsWsPath(wsPath), projectFiles[0]), finalProjectFile);
+      await writeFile7(this.getLockFilePath(wsPath), JSON.stringify(finalLockFile, null, 2));
     });
     if (solutionFiles) {
       for (const solutionFile of solutionFiles) {
@@ -206258,7 +206307,7 @@ var NugetFixingManager = class {
     }
   }
   async applySecurityFixesForWorkspace(wsPath, projectFilePath, vulnFixes, dependencyTree) {
-    const initialProjectFile = await readFile15(projectFilePath, "utf-8");
+    const initialProjectFile = await readFile16(projectFilePath, "utf-8");
     const initialLockFile = await this.restoreWorkspaceAndParseLockFile(wsPath);
     const typeCache = new Cache();
     const requestedCache = new Cache();
@@ -206305,7 +206354,7 @@ var NugetFixingManager = class {
         details.requested = requestedRange;
       });
     });
-    await writeFile6(projectFilePath, initialProjectFile);
+    await writeFile7(projectFilePath, initialProjectFile);
     await applySeries(vulnFixes, async ({ dependencyIdentifier, dependencyName }) => {
       await applySeries(
         dependencyTree.transitiveDependencies[dependencyIdentifier].frameworks?.filter(
@@ -206331,7 +206380,7 @@ var NugetFixingManager = class {
         }
       );
     });
-    await writeFile6(this.getLockFilePath(wsPath), JSON.stringify(lockFileWithFixes, null, 2));
+    await writeFile7(this.getLockFilePath(wsPath), JSON.stringify(lockFileWithFixes, null, 2));
   }
   async addPackage(packageName, version3, framework, wsPath) {
     const dir = join9(this.rootDir, this.subprojectPath, wsPath);
@@ -206348,7 +206397,7 @@ var NugetFixingManager = class {
   async restoreWorkspaceAndParseLockFile(wsPath) {
     const succeeded = await execAndLogOnFailure("dotnet restore --use-lock-file", this.getAbsWsPath(wsPath));
     if (!succeeded) throw new Error(`Error applying fix - could not restore project ${this.subprojectPath}/${wsPath}`);
-    return JSON.parse(await readFile15(this.getLockFilePath(wsPath), "utf-8"));
+    return JSON.parse(await readFile16(this.getLockFilePath(wsPath), "utf-8"));
   }
   getLockFilePath(wsPath, lockFileName = "packages.lock.json") {
     return join9(this.getAbsWsPath(wsPath), lockFileName);
@@ -206459,10 +206508,10 @@ async function applySecurityFixes(packageManagerName, rootDir, subprojectPath, o
     otherModulesCommunicator
   ).applySecurityFixes(fixes, fixingInfo, signalFixApplied2);
 }
-async function applySocketUpgrades(ecosystem, rootDir, upgrades, artifacts) {
+async function applySocketUpgrades(ecosystem, rootDir, upgrades, artifacts, rangeStyle) {
   const C2 = socketUpgradeManagerConstructors[ecosystem];
   if (!C2) return;
-  await new C2(rootDir).applySocketArtifactUpgrades(upgrades, artifacts);
+  await new C2(rootDir).applySocketArtifactUpgrades(upgrades, artifacts, rangeStyle);
 }
 // dist/cli-apply-fix.js
@@ -207106,7 +207155,7 @@ function utilFormatter2() {
 }
 // ../web-compat-utils/dist/logger-singleton.js
-import { readFile as readFile16 } from "fs/promises";
+import { readFile as readFile17 } from "fs/promises";
 var CLILogger2 = class {
   logger = console;
   writeStream;
@@ -207186,7 +207235,7 @@ var CLILogger2 = class {
     await this.finish();
     let logContent;
     try {
-      logContent = await readFile16(logFilePath, "utf-8");
+      logContent = await readFile17(logFilePath, "utf-8");
     } catch (e) {
       console.error("Error reading log file", e);
     }
@@ -207231,13 +207280,13 @@ async function detectVariantMaven(projectDir) {
 // ../docker-management/src/maven/gradle-version-detector.ts
 import { existsSync as existsSync13 } from "fs";
 import { join as join14 } from "path";
-import { readFile as readFile17 } from "fs/promises";
+import { readFile as readFile18 } from "fs/promises";
 async function detectVariantGradle(projectDir) {
   return sanitizeJvmVariant("GRADLE", projectDir, await detect(projectDir));
 }
 async function detect(projectDir) {
   const gradleWrapperPropertiesPath = join14(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
-  const gradleWrapperProperties = existsSync13(gradleWrapperPropertiesPath) ? (await readFile17(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const gradleWrapperProperties = existsSync13(gradleWrapperPropertiesPath) ? (await readFile18(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!gradleWrapperProperties) return void 0;
   const distributionUrlRegex = /.*gradle-(\d+(\.\d+(\.\d+)?)?)/;
   for (const prop2 of gradleWrapperProperties) {
@@ -207253,13 +207302,13 @@ async function detect(projectDir) {
 // ../docker-management/src/maven/sbt-version-detector.ts
 import { existsSync as existsSync14 } from "fs";
 import { join as join15 } from "path";
-import { readFile as readFile18 } from "fs/promises";
+import { readFile as readFile19 } from "fs/promises";
 async function detectVariantSbt(projectDir) {
   return sanitizeJvmVariant("SBT", projectDir, await detect2(projectDir));
 }
 async function detect2(projectDir) {
   const sbtBuildPropertiesPath = join15(projectDir, "project", "build.properties");
-  const sbtBuildProperties = existsSync14(sbtBuildPropertiesPath) ? (await readFile18(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const sbtBuildProperties = existsSync14(sbtBuildPropertiesPath) ? (await readFile19(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!sbtBuildProperties) return void 0;
   for (const prop2 of sbtBuildProperties) {
     const [key, value] = prop2.split("=");
@@ -207373,7 +207422,7 @@ async function findReachabilityAnalyzersDockerImage(ecosystem) {
 // ../other-modules-communicator/src/other-modules-communicator.ts
 var import_lodash11 = __toESM(require_lodash(), 1);
 import { rmSync } from "fs";
-import { mkdir, readFile as readFile19, writeFile as writeFile7 } from "fs/promises";
+import { mkdir, readFile as readFile20, writeFile as writeFile8 } from "fs/promises";
 import { platform } from "os";
 import { join as join19, posix as posix2, relative as relative8, sep as sep3 } from "path";
@@ -207824,7 +207873,7 @@ var OtherModulesCommunicator = class {
         COANA_API_KEY: this.apiKey.type === "present" ? this.apiKey.value : ""
       }
     );
-    return JSON.parse(await readFile19(outputFilePathThisProcess, "utf-8")).result;
+    return JSON.parse(await readFile20(outputFilePathThisProcess, "utf-8")).result;
   }
   async runReachabilityAnalyzerCommand(commandName, ecosystem, subprojectPath, workspacePath, args2, env) {
     const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
@@ -207885,7 +207934,7 @@ var OtherModulesCommunicator = class {
       [...args2, "-o", outputFilePathOtherProcess],
       env
     );
-    return JSON.parse(await readFile19(outputFilePathThisProcess, "utf-8")).result;
+    return JSON.parse(await readFile20(outputFilePathThisProcess, "utf-8")).result;
   }
   async runInDocker(ecosystem, image, entryPoint, commandName, args2, subprojectPath, tmpDir, env = process.env) {
     if (!await pullDockerImage(image)) return false;
@@ -207914,7 +207963,7 @@ var OtherModulesCommunicator = class {
         const providerFileName = "provider.json";
         const providerFileThisProcess = join19(tmpDir, providerFileName);
         const providerFileOtherProcess = this.options.runWithoutDocker ? providerFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, providerFileName);
-        await writeFile7(providerFileThisProcess, JSON.stringify(providedOptions.provider));
+        await writeFile8(providerFileThisProcess, JSON.stringify(providedOptions.provider));
         return ["--provider", providerFileOtherProcess];
       } else {
         return ["--as-provider"];
@@ -207958,7 +208007,7 @@ var OtherModulesCommunicator = class {
     const inputFileName = `${v4_default()}-runReachabilityAnalysis-input.json`;
     const inputFileThisProcess = join19(tmpDir, inputFileName);
     const inputFileOtherProcess = this.options.runWithoutDocker ? inputFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, inputFileName);
-    await writeFile7(
+    await writeFile8(
       inputFileThisProcess,
       JSON.stringify({
         workspaceData,
@@ -208135,7 +208184,7 @@ function t3(...r2) {
 }
 // ../utils/src/dashboard-api/coana-api.ts
-import { writeFile as writeFile8 } from "fs/promises";
+import { writeFile as writeFile9 } from "fs/promises";
 var import_artifact = __toESM(require_artifact_client2(), 1);
 var coanaAPI = process.env.PUBLIC_API_URL ?? "https://app.coana.tech/api/v1";
 var axiosClient2 = getAxiosClient();
@@ -208265,7 +208314,7 @@ async function sendToDashboard(report, writeReportToFile, reportId, apiKey) {
   try {
     if (writeReportToFile) {
       logger.info("Writing report to dashboard-report.json");
-      await writeFile8("dashboard-report.json", JSON.stringify(report, null, 2));
+      await writeFile9("dashboard-report.json", JSON.stringify(report, null, 2));
       if (process.env.GITHUB_ACTIONS === "true") {
         logger.info("uploading dashboard-report.json as an artifact");
         (0, import_artifact.create)().uploadArtifact("dashboard-report", ["dashboard-report.json"], process.cwd());
@@ -209343,12 +209392,12 @@ import { join as join22, relative as relative9, resolve as resolve20 } from "pat
 // ../project-management/src/project-management/ecosystem-management/ecosystem-specs.ts
 import { existsSync as existsSync18 } from "fs";
-import { readdir as readdir5, readFile as readFile22 } from "fs/promises";
+import { readdir as readdir5, readFile as readFile23 } from "fs/promises";
 import { join as join21, sep as sep4 } from "path";
 // ../utils/src/pip-utils.ts
 import { existsSync as existsSync17 } from "fs";
-import { readFile as readFile21 } from "fs/promises";
+import { readFile as readFile22 } from "fs/promises";
 import { resolve as resolve19 } from "path";
 import util4 from "util";
@@ -209357,7 +209406,7 @@ var import_lodash13 = __toESM(require_lodash(), 1);
 var import_semver4 = __toESM(require_semver2(), 1);
 import { execFileSync as execFileSync2 } from "child_process";
 import { constants as constants2 } from "fs";
-import { access as access4, readFile as readFile20 } from "fs/promises";
+import { access as access4, readFile as readFile21 } from "fs/promises";
 import { join as join20, resolve as resolve18 } from "path";
 import util3 from "util";
 var { once: once7 } = import_lodash13.default;
@@ -209366,7 +209415,7 @@ var hasPyenv = once7(async () => !(await execNeverFail("which pyenv")).error);
 // ../utils/src/pip-utils.ts
 async function isSetupPySetuptools(file) {
-  const content = await readFile21(file, "utf-8");
+  const content = await readFile22(file, "utf-8");
   return content.includes("setup(") && (/^\s*from\s+(?:setuptools|distutils\.core)\s+import\s+.*setup/m.test(content) || /^\s*import\s+(?:setuptools|distutils\.core)/m.test(content));
 }
@@ -209448,7 +209497,7 @@ function packageManagerIfPackageJSONExistsAndValid(packageManager) {
     if (!existsSync18(join21(projectDir, "package.json"))) return void 0;
     const packageJSONPath = join21(projectDir, "package.json");
     try {
-      JSON.parse(await readFile22(packageJSONPath, "utf-8"));
+      JSON.parse(await readFile23(packageJSONPath, "utf-8"));
       return packageManager;
     } catch (e) {
       throw new InvalidProjectFileError(projectDir, "package.json");
@@ -209709,7 +209758,7 @@ ${detailsString}` : ""}`;
 // dist/cli-core.js
 import { writeFileSync as writeFileSync3 } from "fs";
-import { mkdir as mkdir2, writeFile as writeFile9 } from "fs/promises";
+import { mkdir as mkdir2, writeFile as writeFile10 } from "fs/promises";
 // ../../node_modules/.pnpm/kleur@4.1.5/node_modules/kleur/index.mjs
 var FORCE_COLOR;
@@ -210134,7 +210183,7 @@ var DEFAULT_REPORT_FILENAME_BASE = "coana-report";
 // dist/internal/exclude-dirs-from-configuration-files.js
 import { existsSync as existsSync19 } from "fs";
-import { readFile as readFile23 } from "fs/promises";
+import { readFile as readFile24 } from "fs/promises";
 import { basename as basename6, resolve as resolve22 } from "path";
 var import_yaml2 = __toESM(require_dist11(), 1);
 async function inferExcludeDirsFromConfigurationFiles(rootWorkingDir) {
@@ -210148,7 +210197,7 @@ async function inferExcludeDirsFromConfigurationFiles(rootWorkingDir) {
 }
 async function inferExcludeDirsFromSocketConfig(socketConfigFile) {
   try {
-    const config3 = (0, import_yaml2.parse)(await readFile23(socketConfigFile, "utf8"));
+    const config3 = (0, import_yaml2.parse)(await readFile24(socketConfigFile, "utf8"));
     const version3 = config3.version;
     const ignorePaths = config3[version3 === 1 ? "ignore" : "projectIgnorePaths"];
     if (!ignorePaths)
@@ -210723,7 +210772,7 @@ function toSocketFactsSocketDependencyTree(artifacts, vulnerabilities, tier1Reac
 }
 // dist/internal/vulnerability-scanning.js
-import { readFile as readFile24 } from "fs/promises";
+import { readFile as readFile25 } from "fs/promises";
 // ../security-auditor/security-auditor-builder/src/mongo-connection.ts
 var import_mongodb = __toESM(require_lib30(), 1);
@@ -225592,7 +225641,7 @@ async function scanForVulnerabilities(dependencyTree, offlineVulnerabilityScanne
 }
 async function offlineScan(dependencyTree, offlineVulnerabilityScannerDBPath) {
   logger.info("using offline vulnerability scanner db");
-  const offlineVulnerabilityScannerDB = JSON.parse(await readFile24(offlineVulnerabilityScannerDBPath, "utf-8"));
+  const offlineVulnerabilityScannerDB = JSON.parse(await readFile25(offlineVulnerabilityScannerDBPath, "utf-8"));
   const { ecosystemToUrlToVulnerabilityDetails, vulnerabilityDatabase } = offlineVulnerabilityScannerDB;
   const coanaSupportedVulnerabilitiesLoader = CoanaSupportedVulnerabilitiesLoader.create(ecosystemToUrlToVulnerabilityDetails);
   const vulnerabilityAccessPathLoader = CoanaSupportedVulnerabilitiesLoader.create(ecosystemToUrlToVulnerabilityDetails);
@@ -225610,7 +225659,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 // dist/version.js
-var version2 = "14.12.10";
+var version2 = "14.12.11";
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;
@@ -225796,7 +225845,7 @@ var CliCore = class {
     }
     const socketReport = toSocketFactsSocketDependencyTree(artifacts, vulnsWithResults, this.reportId);
     const outputFile = resolve23(this.options.socketMode);
-    await writeFile9(outputFile, JSON.stringify(socketReport, null, 2));
+    await writeFile10(outputFile, JSON.stringify(socketReport, null, 2));
     logger.info(kleur_default.green(`Socket report written to: ${outputFile}`));
   }
   async shareErrorLogWithBackend(e, shouldLogSharing) {
@@ -225814,7 +225863,7 @@ var CliCore = class {
       }
       const socketReport = toSocketFacts(report, this.reportDependencyTrees, subPjToWsPathToDirectDependencies);
       const outputFile = resolve23(this.options.socketMode);
-      await writeFile9(outputFile, JSON.stringify(socketReport, null, 2));
+      await writeFile10(outputFile, JSON.stringify(socketReport, null, 2));
       logger.info(kleur_default.green(`Socket report written to: ${outputFile}`));
       return;
     }
@@ -226297,6 +226346,9 @@ import { join as join26, relative as relative12 } from "node:path";
 var import_packageurl_js2 = __toESM(require_packageurl_js(), 1);
 var ECOSYSTEMS_WITH_SOCKET_UPGRADES = ["NPM", "MAVEN"];
 async function upgradePurl(path2, upgrades, options, logFile, cliFixRunId) {
+  if (options.rangeStyle && options.rangeStyle !== "pin") {
+    throw new Error('Range style must be "pin"');
+  }
   logger.initWinstonLogger(options.debug);
   logger.silent = options.silent;
   let cliRunId = cliFixRunId;
@@ -226342,7 +226394,11 @@ ${upgrades.map((upgrade) => `	${upgrade.purl} -> ${upgrade.upgradeVersion}`).joi
           });
         });
         for (const [ecosystem, upgrades2] of Object.entries(ecosystemToSocketArtifactUpgrades)) {
-          await applySocketUpgrades(ecosystem, path2, upgrades2, artifacts);
+          if (options.rangeStyle && ecosystem !== "NPM") {
+            logger.warn(`Range style is only supported for npm, skipping upgrades for ${ecosystem}`);
+            continue;
+          }
+          await applySocketUpgrades(ecosystem, path2, upgrades2, artifacts, options.rangeStyle);
         }
         if (upgradePurlRunId) {
           await getSocketAPI().finalizeUpgradePurlRun(upgradePurlRunId, "success");
@@ -226475,7 +226531,8 @@ async function computeFixesAndUpgradePurls(path2, options, logFile) {
       runWithoutDocker: options.runWithoutDocker,
       manifestsTarHash: options.manifestsTarHash,
       concurrency: "1",
-      globPattern: options.globPattern
+      globPattern: options.globPattern,
+      rangeStyle: options.rangeStyle
     }, autofixRunId) ?? "fixed-all";
     if (autofixRunId) {
       await getSocketAPI().finalizeAutofixRun(autofixRunId, ghsasFailedToFix.length === 0 && applyFixesStatus === "fixed-all" ? "fixed-all" : ghsasFailedToFix.length === Object.keys(ghsaToVulnerableArtifactIdsToApply).length || applyFixesStatus === "fixed-none" ? "fixed-none" : "fixed-some");
@@ -226596,7 +226653,7 @@ applyFixes.name("apply-fixes").argument("<path>", "File system path to the folde
   await applyFix(path2, fixIds, options);
 }).configureHelp({ sortOptions: true });
 var upgradePurls = new Command();
-upgradePurls.name("upgrade-purls").argument("<path>", "File system path to the folder containing the project").argument("<specs...>", "Package upgrade specifications in the format 'purl -> newVersion' (e.g., 'pkg:maven/io.micrometer/micrometer-core@1.10.9 -> 1.15.0')").option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--socket-mode", "Use Socket for computing dependency trees").default(process.env.SOCKET_MODE === "true").hideHelp()).version(version2).action(async (path2, specs2, options) => {
+upgradePurls.name("upgrade-purls").argument("<path>", "File system path to the folder containing the project").argument("<specs...>", "Package upgrade specifications in the format 'purl -> newVersion' (e.g., 'pkg:maven/io.micrometer/micrometer-core@1.10.9 -> 1.15.0')").option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("--range-style <style>", 'Range style to use for the output. Currently only "pin" is supported and it only works for npm.').addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--socket-mode", "Use Socket for computing dependency trees").default(process.env.SOCKET_MODE === "true").hideHelp()).version(version2).action(async (path2, specs2, options) => {
   process.env.DOCKER_IMAGE_TAG ??= version2;
   await withTmpDirectory("upgrade-purls", async (tmpDir) => {
     const logFile = join27(tmpDir, "upgrade-purls.log");
@@ -226614,8 +226671,11 @@ upgradePurls.name("upgrade-purls").argument("<path>", "File system path to the f
   });
 }).configureHelp({ sortOptions: true });
 var computeFixesAndUpgradePurlsCmd = new Command();
-computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument("<path>", "File system path to the folder containing the project").option("-a, --apply-fixes-to <ghsas...>", 'GHSA IDs to compute fixes for. Use "all" to compute fixes for all vulnerabilities.', []).option("--dry-run", "Show what changes would be made without actually making them", false).option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--manifests-tar-hash <hash>", "Hash of the tarball containing all manifest files already uploaded to Socket. If provided, Socket will be used for computing dependency trees.").hideHelp()).version(version2).action(async (path2, options) => {
+computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument("<path>", "File system path to the folder containing the project").option("-a, --apply-fixes-to <ghsas...>", 'GHSA IDs to compute fixes for. Use "all" to compute fixes for all vulnerabilities.', []).option("--dry-run", "Show what changes would be made without actually making them", false).option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("--range-style <style>", 'Range style to use for the output. Currently only "pin" is supported and it only works for npm.').addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--manifests-tar-hash <hash>", "Hash of the tarball containing all manifest files already uploaded to Socket. If provided, Socket will be used for computing dependency trees.").hideHelp()).version(version2).action(async (path2, options) => {
   process.env.DOCKER_IMAGE_TAG ??= version2;
+  if (options.rangeStyle && options.rangeStyle !== "pin") {
+    throw new Error('Range style must be "pin"');
+  }
   await withTmpDirectory("compute-fixes-and-upgrade-purls", async (tmpDir) => {
     const logFile = join27(tmpDir, "compute-fixes-and-upgrade-purls.log");
     logger.initWinstonLogger(options.debug, logFile);
@@ -226625,7 +226685,7 @@ computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument(
 var compareReportsCommand = new Command();
 compareReportsCommand.name("compare-reports").argument("<baselineReportPath>", "Path to the baseline report").argument("<newReportPath>", "Path to the new report").option("--api-key <key>", "Set the Coana dashboard API key.").option("-d, --debug", "Enable debug logging", false).option("--no-pr-comment", "Disable pull request comments (only relevant when run from a PR)", true).option("--no-block", "Do not fail with a non-zero exit code when new reachable vulnerabilities are detected", true).option("--ignore-undeterminable-reachability", "Ignore vulnerabilities with undeterminable reachability", false).action(async (baselineReportPath, newReportPath, options) => {
   async function readReport(reportPath) {
-    return JSON.parse(await readFile25(reportPath, "utf-8"));
+    return JSON.parse(await readFile26(reportPath, "utf-8"));
   }
   const baselineReport = await readReport(baselineReportPath);
   const newReport = await readReport(newReportPath);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.10",
+  "version": "14.12.11",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/repos/coana-tech/alucard/alucard.jar CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-arm64.gz CHANGED Viewed

Binary file