@coana-tech/cli 14.12.157 → 14.12.158
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +3 -2
- package/package.json +1 -1
- package/reachability-analyzers-cli.mjs +5 -3
- package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
- package/repos/coana-tech/javap-service/javap-service.jar +0 -0
- package/repos/coana-tech/mambalade/dist/mambalade-0.3.20-py3-none-any.whl +0 -0
package/cli.mjs
CHANGED
|
@@ -234633,6 +234633,7 @@ function isShortestPath(root3, vulnPath) {
|
|
|
234633
234633
|
}
|
|
234634
234634
|
|
|
234635
234635
|
// ../web-compat-utils/src/analysis-error-keys.ts
|
|
234636
|
+
var FAILED_TO_INSTALL_PACKAGE_KEY = "[UNABLE_TO_INSTALL_PACKAGE_ERROR]: ";
|
|
234636
234637
|
var CLI_ANALYSIS_ERROR_MESSAGE = "Sharing log due to analysis error";
|
|
234637
234638
|
var ANALYSIS_LOW_CONFIDENCE_MESSAGE = "Analysis had low confidence in result";
|
|
234638
234639
|
|
|
@@ -235788,7 +235789,7 @@ function displayWorkspaceDiagnosticsSummaryInternal(diagnosticsEntries, vulns) {
|
|
|
235788
235789
|
let category = "general";
|
|
235789
235790
|
if (errorMessageLower.includes(ANALYSIS_LOW_CONFIDENCE_MESSAGE.toLowerCase())) {
|
|
235790
235791
|
category = "lowConfidence";
|
|
235791
|
-
} else if (
|
|
235792
|
+
} else if (errorMessage.startsWith(FAILED_TO_INSTALL_PACKAGE_KEY)) {
|
|
235792
235793
|
category = "install";
|
|
235793
235794
|
} else if (errorMessageLower.includes("timeout") || errorMessageLower.includes("timed out")) {
|
|
235794
235795
|
category = "timeout";
|
|
@@ -250902,7 +250903,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
250902
250903
|
}
|
|
250903
250904
|
|
|
250904
250905
|
// dist/version.js
|
|
250905
|
-
var version3 = "14.12.
|
|
250906
|
+
var version3 = "14.12.158";
|
|
250906
250907
|
|
|
250907
250908
|
// dist/cli-core.js
|
|
250908
250909
|
var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
|
package/package.json
CHANGED
|
@@ -110952,14 +110952,16 @@ var JSCodeAwareVulnerabilityScanner = class _JSCodeAwareVulnerabilityScanner {
|
|
|
110952
110952
|
analysisOptionsFromHeuristic.approx = process.env.JELLY_APPROX === "true" || experiment === "JELLY_APPROX";
|
|
110953
110953
|
const analysisRes = await runJellyAnalysis(this.mainProjectDir, this.projectDir, analysisOptionsFromHeuristic, this.options, timeoutInSeconds, vulnerabilities, experiment, telemetryHandler, analyzerTelemetryHandler);
|
|
110954
110954
|
const { analysisDiagnostics: diagnostics, matches } = analysisRes;
|
|
110955
|
-
const
|
|
110955
|
+
const terminatedEarly = diagnostics.aborted || diagnostics.timeout || diagnostics.lowmemory;
|
|
110956
110956
|
return {
|
|
110957
110957
|
type: "success",
|
|
110958
110958
|
diagnostics,
|
|
110959
|
-
terminatedEarly
|
|
110959
|
+
terminatedEarly,
|
|
110960
110960
|
reachedDependencies: diagnostics.packages > 0,
|
|
110961
110961
|
affectedPurls: analysisRes.affectedPurls,
|
|
110962
|
-
|
|
110962
|
+
// A round of 0 or 1 indicates that at most 1 level of indirections in the calls was resolved,
|
|
110963
|
+
// which is too few for us to confidently trust the results.
|
|
110964
|
+
lowConfidence: diagnostics.round < 2 && terminatedEarly,
|
|
110963
110965
|
computeDetectedOccurrences: ({ url: url2 }) => this.transformSourceLocations(matches[url2] ?? { analysisLevel: "function-level", affectedPackages: [], stacks: [] })
|
|
110964
110966
|
};
|
|
110965
110967
|
} catch (e) {
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|