@coana-tech/cli 14.12.13 → 14.12.14

package/cli.mjs

@@ -225660,7 +225660,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version2 = "14.12.13";
+var version2 = "14.12.14";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;
@@ -226674,6 +226674,9 @@ upgradePurls.name("upgrade-purls").argument("<path>", "File system path to the f
 var computeFixesAndUpgradePurlsCmd = new Command();
 computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument("<path>", "File system path to the folder containing the project").option("-a, --apply-fixes-to <ghsas...>", 'GHSA IDs to compute fixes for. Use "all" to compute fixes for all vulnerabilities.', []).option("--dry-run", "Show what changes would be made without actually making them", false).option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("--range-style <style>", 'Range style to use for the output. Currently only "pin" is supported and it only works for npm.').addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--manifests-tar-hash <hash>", "Hash of the tarball containing all manifest files already uploaded to Socket. If provided, Socket will be used for computing dependency trees.").hideHelp()).version(version2).action(async (path2, options) => {
   process.env.DOCKER_IMAGE_TAG ??= version2;
+  if (options.rangeStyle && options.rangeStyle === "preserve") {
+    options.rangeStyle = void 0;
+  }
   if (options.rangeStyle && options.rangeStyle !== "pin") {
     throw new Error('Range style must be "pin"');
   }
@@ -226692,7 +226695,12 @@ compareReportsCommand.name("compare-reports").argument("<baselineReportPath>", "
   const newReport = await readReport(newReportPath);
   await compareReports(baselineReport, newReport, options);
 });
-program2.name("coana-cli").addCommand(run2, { isDefault: true }).addCommand(applyFixes).addCommand(upgradePurls, { hidden: true }).addCommand(compareReportsCommand).addCommand(computeFixesAndUpgradePurlsCmd, { hidden: true }).configureHelp({ sortSubcommands: true }).version(version2);
+var findVulnerabilities = new Command();
+findVulnerabilities.name("find-vulnerabilities").requiredOption("--manifests-tar-hash <hash>", "Hash of the tarball containing all manifest files already uploaded to Socket.").action(async (options) => {
+  const { artifacts } = await fetchArtifactsFromManifestsTarHash(options.manifestsTarHash);
+  console.log(i5(artifacts.flatMap((a4) => a4.vulnerabilities?.map((v) => v.ghsaId) ?? [])));
+});
+program2.name("coana-cli").addCommand(run2, { isDefault: true }).addCommand(findVulnerabilities).addCommand(applyFixes).addCommand(upgradePurls, { hidden: true }).addCommand(compareReportsCommand).addCommand(computeFixesAndUpgradePurlsCmd, { hidden: true }).configureHelp({ sortSubcommands: true }).version(version2);
 program2.parseAsync();
 var defaultCliOptions = {
   debug: false,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.13",
+  "version": "14.12.14",
   "description": "Coana CLI",
   "type": "module",
   "bin": {