npm - @coana-tech/cli - Versions diffs - 14.12.124 → 14.12.126 - Mend

@coana-tech/cli 14.12.124 → 14.12.126

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/cli.mjs +101 -1
package/package.json +1 -1
package/reachability-analyzers-cli.mjs +66 -8
package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
package/repos/coana-tech/javap-service/javap-service.jar +0 -0

package/cli.mjs CHANGED Viewed

@@ -205058,6 +205058,9 @@ var CLILogger = class {
   // Spinner registers itself as wrapper in order to suspend spinning when logging -- default to the empty wrapper
   wrapper = (cb) => cb();
   finished = false;
+  // Buffer for storing logs before MainProcessTransport is added (used in socket mode)
+  streamBuffer = [];
+  bufferingForStream = false;
   initWinstonLogger(debug, logFilePath) {
     if (this.logger instanceof import_winston.Logger) {
       return;
@@ -205124,20 +205127,43 @@ var CLILogger = class {
   setWrapper(wrapper) {
     this.wrapper = wrapper;
   }
+  /**
+   * Enable buffering of logs for later streaming via MainProcessTransport.
+   * Call this early (before initialize()) when in socket mode.
+   * Buffered logs will be flushed when addTransport() is called.
+   */
+  enableStreamBuffering() {
+    this.bufferingForStream = true;
+  }
+  bufferLog(level, message2, meta) {
+    if (this.bufferingForStream) {
+      this.streamBuffer.push({
+        level,
+        message: message2,
+        meta,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    }
+  }
   info(message2, ...meta) {
+    this.bufferLog("info", message2, meta);
     this.wrapper(() => this.logger.info(message2, ...meta));
   }
   file(message2, ...meta) {
     if (this.logger instanceof Console) return;
+    this.bufferLog("file", message2, meta);
     this.wrapper(() => this.logger.log("file", message2, ...meta));
   }
   debug(message2, ...meta) {
+    this.bufferLog("debug", message2, meta);
     this.wrapper(() => this.logger.debug(message2, ...meta));
   }
   warn(message2, ...meta) {
+    this.bufferLog("warn", message2, meta);
     this.wrapper(() => this.logger.warn(message2, ...meta));
   }
   error(message2, ...meta) {
+    this.bufferLog("error", message2, meta);
     this.wrapper(() => this.logger.error(message2, ...meta));
   }
   isDebugEnabled() {
@@ -205155,13 +205181,37 @@ var CLILogger = class {
   /**
    * Add a transport to the main process logger.
    * Used to add the MainProcessTransport so main process logs are sent to backend.
+   * If buffering was enabled, buffered logs will be flushed to the new transport.
    *
    * @param transport - The transport to add
    */
   addTransport(transport) {
     if (this.logger instanceof import_winston.Logger) {
       this.logger.add(transport);
+      if (this.bufferingForStream) {
+        this.flushBufferToTransport(transport);
+      }
+    }
+  }
+  flushBufferToTransport(transport) {
+    for (const entry of this.streamBuffer) {
+      try {
+        const fullMessage = entry.meta.length > 0 ? `${entry.message} ${entry.meta.map((m4) => typeof m4 === "object" ? JSON.stringify(m4) : String(m4)).join(" ")}` : entry.message;
+        transport.log?.(
+          {
+            level: entry.level,
+            message: fullMessage,
+            timestamp: entry.timestamp
+          },
+          () => {
+          }
+        );
+      } catch (error) {
+        console.error("Error flushing buffered log entry:", error);
+      }
     }
+    this.streamBuffer = [];
+    this.bufferingForStream = false;
   }
   /**
    * End the logger instance and return a promise
@@ -231701,6 +231751,9 @@ var CLILogger2 = class {
   // Spinner registers itself as wrapper in order to suspend spinning when logging -- default to the empty wrapper
   wrapper = (cb) => cb();
   finished = false;
+  // Buffer for storing logs before MainProcessTransport is added (used in socket mode)
+  streamBuffer = [];
+  bufferingForStream = false;
   initWinstonLogger(debug, logFilePath) {
     if (this.logger instanceof import_winston2.Logger) {
       return;
@@ -231757,21 +231810,44 @@ var CLILogger2 = class {
   setWrapper(wrapper) {
     this.wrapper = wrapper;
   }
+  /**
+   * Enable buffering of logs for later streaming via MainProcessTransport.
+   * Call this early (before initialize()) when in socket mode.
+   * Buffered logs will be flushed when addTransport() is called.
+   */
+  enableStreamBuffering() {
+    this.bufferingForStream = true;
+  }
+  bufferLog(level, message2, meta) {
+    if (this.bufferingForStream) {
+      this.streamBuffer.push({
+        level,
+        message: message2,
+        meta,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    }
+  }
   info(message2, ...meta) {
+    this.bufferLog("info", message2, meta);
     this.wrapper(() => this.logger.info(message2, ...meta));
   }
   file(message2, ...meta) {
     if (this.logger instanceof Console2)
       return;
+    this.bufferLog("file", message2, meta);
     this.wrapper(() => this.logger.log("file", message2, ...meta));
   }
   debug(message2, ...meta) {
+    this.bufferLog("debug", message2, meta);
     this.wrapper(() => this.logger.debug(message2, ...meta));
   }
   warn(message2, ...meta) {
+    this.bufferLog("warn", message2, meta);
     this.wrapper(() => this.logger.warn(message2, ...meta));
   }
   error(message2, ...meta) {
+    this.bufferLog("error", message2, meta);
     this.wrapper(() => this.logger.error(message2, ...meta));
   }
   isDebugEnabled() {
@@ -231789,14 +231865,35 @@ var CLILogger2 = class {
   /**
    * Add a transport to the main process logger.
    * Used to add the MainProcessTransport so main process logs are sent to backend.
+   * If buffering was enabled, buffered logs will be flushed to the new transport.
    *
    * @param transport - The transport to add
    */
   addTransport(transport) {
     if (this.logger instanceof import_winston2.Logger) {
       this.logger.add(transport);
+      if (this.bufferingForStream) {
+        this.flushBufferToTransport(transport);
+      }
     }
   }
+  flushBufferToTransport(transport) {
+    for (const entry of this.streamBuffer) {
+      try {
+        const fullMessage = entry.meta.length > 0 ? `${entry.message} ${entry.meta.map((m4) => typeof m4 === "object" ? JSON.stringify(m4) : String(m4)).join(" ")}` : entry.message;
+        transport.log?.({
+          level: entry.level,
+          message: fullMessage,
+          timestamp: entry.timestamp
+        }, () => {
+        });
+      } catch (error) {
+        console.error("Error flushing buffered log entry:", error);
+      }
+    }
+    this.streamBuffer = [];
+    this.bufferingForStream = false;
+  }
   /**
    * End the logger instance and return a promise
    * that resolves when the logger is finished.
@@ -251019,7 +251116,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 // dist/version.js
-var version3 = "14.12.124";
+var version3 = "14.12.126";
 // dist/cli-core.js
 var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
@@ -251142,6 +251239,9 @@ var CliCore = class {
     const tmpDir = await createTmpDirectory("coana-cli-");
     this.coanaLogPath = join30(tmpDir, "coana-log.txt");
     this.coanaSocketPath = join30(tmpDir, "coana.sock");
+    if (this.options.socketMode) {
+      logger.enableStreamBuffering();
+    }
     logger.initWinstonLogger(this.options.debug, this.coanaLogPath);
     logger.silent = this.options.silent;
     try {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.124",
+  "version": "14.12.126",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/reachability-analyzers-cli.mjs CHANGED Viewed

@@ -75753,6 +75753,9 @@ var CLILogger = class {
   // Spinner registers itself as wrapper in order to suspend spinning when logging -- default to the empty wrapper
   wrapper = (cb) => cb();
   finished = false;
+  // Buffer for storing logs before MainProcessTransport is added (used in socket mode)
+  streamBuffer = [];
+  bufferingForStream = false;
   initWinstonLogger(debug, logFilePath) {
     if (this.logger instanceof import_winston.Logger) {
       return;
@@ -75819,20 +75822,43 @@ var CLILogger = class {
   setWrapper(wrapper) {
     this.wrapper = wrapper;
   }
+  /**
+   * Enable buffering of logs for later streaming via MainProcessTransport.
+   * Call this early (before initialize()) when in socket mode.
+   * Buffered logs will be flushed when addTransport() is called.
+   */
+  enableStreamBuffering() {
+    this.bufferingForStream = true;
+  }
+  bufferLog(level, message, meta) {
+    if (this.bufferingForStream) {
+      this.streamBuffer.push({
+        level,
+        message,
+        meta,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    }
+  }
   info(message, ...meta) {
+    this.bufferLog("info", message, meta);
     this.wrapper(() => this.logger.info(message, ...meta));
   }
   file(message, ...meta) {
     if (this.logger instanceof Console) return;
+    this.bufferLog("file", message, meta);
     this.wrapper(() => this.logger.log("file", message, ...meta));
   }
   debug(message, ...meta) {
+    this.bufferLog("debug", message, meta);
     this.wrapper(() => this.logger.debug(message, ...meta));
   }
   warn(message, ...meta) {
+    this.bufferLog("warn", message, meta);
     this.wrapper(() => this.logger.warn(message, ...meta));
   }
   error(message, ...meta) {
+    this.bufferLog("error", message, meta);
     this.wrapper(() => this.logger.error(message, ...meta));
   }
   isDebugEnabled() {
@@ -75850,14 +75876,38 @@ var CLILogger = class {
   /**
    * Add a transport to the main process logger.
    * Used to add the MainProcessTransport so main process logs are sent to backend.
+   * If buffering was enabled, buffered logs will be flushed to the new transport.
    *
    * @param transport - The transport to add
    */
   addTransport(transport) {
     if (this.logger instanceof import_winston.Logger) {
       this.logger.add(transport);
+      if (this.bufferingForStream) {
+        this.flushBufferToTransport(transport);
+      }
     }
   }
+  flushBufferToTransport(transport) {
+    for (const entry of this.streamBuffer) {
+      try {
+        const fullMessage = entry.meta.length > 0 ? `${entry.message} ${entry.meta.map((m) => typeof m === "object" ? JSON.stringify(m) : String(m)).join(" ")}` : entry.message;
+        transport.log?.(
+          {
+            level: entry.level,
+            message: fullMessage,
+            timestamp: entry.timestamp
+          },
+          () => {
+          }
+        );
+      } catch (error) {
+        console.error("Error flushing buffered log entry:", error);
+      }
+    }
+    this.streamBuffer = [];
+    this.bufferingForStream = false;
+  }
   /**
    * End the logger instance and return a promise
    * that resolves when the logger is finished.
@@ -88276,6 +88326,7 @@ var ToolPathResolver = class {
 // dist/whole-program-code-aware-vulnerability-scanner/code-aware-vulnerability-scanner.js
 var import_lodash13 = __toESM(require_lodash(), 1);
+import { readFileSync as readFileSync3 } from "fs";
 import { resolve as resolve17 } from "path";
 // dist/whole-program-code-aware-vulnerability-scanner/dotnet/dotnet-code-aware-vulnerability-scanner.js
@@ -110415,7 +110466,7 @@ async function runJellyAnalysis(mainProjectRoot, projectRoot, jellyOptions, reac
         ${getExcludes(mainProjectRoot, projectRoot, reachabilityAnalysisOptions)}
         --diagnostics-json ${diagnosticsFile}
         --max-indirections=${jellyOptions.maxIndirections}
-        ${!!jellyOptions.includePackages?.length && ["--include-packages", ...jellyOptions.includePackages]}
+        ${!!jellyOptions.includePackages && jellyOptions.includePackages.length ? ["--include-packages", ...jellyOptions.includePackages] : ["--ignore-dependencies"]}
         ${jellyOptions.approx && "--approx"}
         ${logFile ? ["--logfile", logFile] : []}
         --callstacks-json ${callStackFile}
@@ -110484,7 +110535,7 @@ async function runJellyImportReachabilityAnalysis(mainProjectRoot, projectRoot,
     const reachableModulesFile = resolve14(tmpFolder, "reachable-modules.json");
     const jellyCmd = cmdt`${await getNodeExecutable(ToolPathResolver.nodeExecutablePath)} --max-old-space-size=${options.memoryLimitInMB}
       ${ToolPathResolver.jellyPath} --basedir ${mainProjectRoot} --modules-only
-        ${!!includePackages.length && ["--include-packages", ...includePackages]}
+        ${includePackages.length ? ["--include-packages", ...includePackages] : ["--ignore-dependencies"]}
         ${getExcludes(mainProjectRoot, projectRoot, options)}
         --reachable-json ${reachableModulesFile}
         ${options.entryPoints ?? projectRoot}`;
@@ -111524,7 +111575,7 @@ async function analyzePackages(ecosystem, packages, vulnerability, options) {
     default:
       throw new Error(`Analyze dependency chain not implemented for ${ecosystem}.`);
   }
-  return { analysis: { name: analysisName, version: await getVersion(analysisName) }, result };
+  return { analysis: { name: analysisName, version: getVersion(analysisName) }, result };
 }
 async function analyzeAlreadyInstalledPackages(ecosystem, packages, vulnerability, options) {
   let analysisName;
@@ -111557,7 +111608,7 @@ async function analyzeAlreadyInstalledPackages(ecosystem, packages, vulnerabilit
     default:
       throw new Error(`analyzePackageRegistryPackage is not implemented for ${ecosystem}.`);
   }
-  return { analysis: { name: analysisName, version: await getCurrentCommitHash(analysisName.toLowerCase()) }, result };
+  return { analysis: { name: analysisName, version: getCurrentCommitHash(analysisName.toLowerCase()) }, result };
 }
 async function runWithJSHeuristics(cb) {
   const orderedHeuristics = [heuristics.ALL_PACKAGES];
@@ -111569,8 +111620,15 @@ async function runWithJSHeuristics(cb) {
   }
   return result;
 }
-async function getCurrentCommitHash(project) {
-  return (await runCommandResolveStdOut2("git rev-parse HEAD", resolve17(COANA_REPOS_PATH(), project))).trim();
+function getCurrentCommitHash(project) {
+  const headShaPath = resolve17(COANA_REPOS_PATH(), project, "HEAD_SHA");
+  try {
+    const content = readFileSync3(headShaPath, "utf-8").trim();
+    const colonIndex = content.indexOf(":");
+    return colonIndex !== -1 ? content.slice(colonIndex + 1) : content;
+  } catch {
+    return "unknown";
+  }
 }
 function detectedOccurrencesFromAPMatches(matches, pathPrefixToRemove) {
   for (const match2 of Object.values(matches))
@@ -111606,9 +111664,9 @@ function getStacksFromAccPaths(matches, { vulnerabilityAccessPaths }) {
     stacks: relevantStacks
   };
 }
-async function getVersion(analysisName) {
+function getVersion(analysisName) {
   if (analysisName === "Jelly")
-    return await getCurrentCommitHash(analysisName.toLowerCase());
+    return getCurrentCommitHash(analysisName.toLowerCase());
   return "N/A";
 }

package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/javap-service/javap-service.jar CHANGED Viewed

Binary file