@coana-tech/cli 14.12.103 → 14.12.104

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/cli.mjs +441 -465
  2. package/package.json +1 -1
  3. package/reachability-analyzers-cli.mjs +14 -11
  4. package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
  5. package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
  6. package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
  7. package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
  8. package/repos/coana-tech/javap-service/javap-service.jar +0 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@coana-tech/cli",
3
- "version": "14.12.103",
3
+ "version": "14.12.104",
4
4
  "description": "Coana CLI",
5
5
  "type": "module",
6
6
  "bin": {
package/reachability-analyzers-cli.mjs CHANGED
@@ -111651,7 +111651,7 @@ async function getCurrentCommitHash(project) {
111651
111651
  }
111652
111652
  function detectedOccurrencesFromAPMatches(matches, pathPrefixToRemove) {
111653
111653
  for (const match2 of Object.values(matches))
111654
- for (const stack of Array.isArray(match2) ? match2 : match2.stacks)
111654
+ for (const stack of match2.stacks)
111655
111655
  for (const cl of stack) {
111656
111656
  if (cl.package === "<app>")
111657
111657
  cl.package = ROOT_NODE_STR;
@@ -111661,8 +111661,8 @@ function detectedOccurrencesFromAPMatches(matches, pathPrefixToRemove) {
111661
111661
  return ({ vulnerabilityAccessPaths }) => getStacksFromAccPaths(matches, { vulnerabilityAccessPaths });
111662
111662
  }
111663
111663
  function detectedOccurrencesFromAPMatchesRuby(matches, pathPrefixToPackage) {
111664
- for (const match2 of Object.values(matches))
111665
- for (const stack of Array.isArray(match2) ? match2 : match2.stacks)
111664
+ for (const stacks of Object.values(matches))
111665
+ for (const stack of stacks)
111666
111666
  for (const cl of stack) {
111667
111667
  if (cl.package === "<app>")
111668
111668
  cl.package = ROOT_NODE_STR;
@@ -111739,7 +111739,11 @@ var PythonCodeAwareVulnerabilityScanner = class {
111739
111739
  reachedDependencies: false,
111740
111740
  terminatedEarly: false,
111741
111741
  diagnostics: { timeout: false, aborted: false },
111742
- computeDetectedOccurrences: () => []
111742
+ computeDetectedOccurrences: import_lodash14.default.constant({
111743
+ analysisLevel: "function-level",
111744
+ affectedPackages: [],
111745
+ stacks: []
111746
+ })
111743
111747
  };
111744
111748
  const packagesToExclude = heuristic.getPackagesToExcludeFromAnalysis?.(vulns);
111745
111749
  const vulnAccPaths = sortedUniq(vulns.flatMap((v) => v.vulnerabilityAccessPaths).sort());
@@ -112667,7 +112671,7 @@ function augmentVulnsWithDetectedOccurrences(vulns, codeAwareScanner, heuristic,
112667
112671
  const packagesFailedToInstall = codeAwareScanner.getPackagesExcludedUnrelatedToHeuristic();
112668
112672
  for (const v of vulns) {
112669
112673
  const detectedOccurrences = result.computeDetectedOccurrences(v);
112670
- if (Array.isArray(detectedOccurrences) ? detectedOccurrences.length === 0 : detectedOccurrences.stacks.length === 0) {
112674
+ if (detectedOccurrences.stacks.length === 0) {
112671
112675
  if (SOCKET_MODE && result.terminatedEarly && !result.reachedDependencies && Object.keys(v.vulnChainDetails.transitiveDependencies).length > 1) {
112672
112676
  v.results = {
112673
112677
  type: "analysisError",
@@ -112745,16 +112749,15 @@ var GoAnalyzer = class {
112745
112749
  const res = otherVulns.length ? await analyzeWithHeuristics(this.state, otherVulns, [GoanaHeuristics.DEFAULT], false, new GoCodeAwareVulnerabilityScanner(this.projectDir, this.state.reachabilityAnalysisOptions), analysisMetadataCollector, statusUpdater) : [];
112746
112750
  if (unreachableVulns.length) {
112747
112751
  const heuristicName = GoanaHeuristics.IMPORT_REACHABILITY.name;
112748
- const detectedOccurrences = {
112749
- analysisLevel: "function-level",
112750
- affectedPackages: [],
112751
- stacks: []
112752
- };
112753
112752
  const scanResult = {
112754
112753
  type: "success",
112755
112754
  heuristicName,
112756
112755
  terminatedEarly: false,
112757
- detectedOccurrences
112756
+ detectedOccurrences: {
112757
+ analysisLevel: "function-level",
112758
+ affectedPackages: [],
112759
+ stacks: []
112760
+ }
112758
112761
  };
112759
112762
  analysisMetadataCollector?.({
112760
112763
  vulnUrls: unreachableVulns.map((v) => v.url),