@coana-tech/cli 14.12.165 → 14.12.167
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +1 -1
- package/package.json +1 -1
- package/reachability-analyzers-cli.mjs +24 -1
- package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
- package/repos/coana-tech/javap-service/javap-service.jar +0 -0
package/cli.mjs
CHANGED
|
@@ -251307,7 +251307,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
251307
251307
|
}
|
|
251308
251308
|
|
|
251309
251309
|
// dist/version.js
|
|
251310
|
-
var version3 = "14.12.
|
|
251310
|
+
var version3 = "14.12.167";
|
|
251311
251311
|
|
|
251312
251312
|
// dist/cli-core.js
|
|
251313
251313
|
var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
|
package/package.json
CHANGED
|
@@ -81317,6 +81317,10 @@ async function execNeverFail(cmd, dir, options) {
|
|
|
81317
81317
|
await analyzerTelemetryServer?.close();
|
|
81318
81318
|
}
|
|
81319
81319
|
}
|
|
81320
|
+
async function execAndResolveSucceeded(cmd, dir, options) {
|
|
81321
|
+
const { error } = await execNeverFail(cmd, dir, options);
|
|
81322
|
+
return !error;
|
|
81323
|
+
}
|
|
81320
81324
|
async function exec(cmd, dir, options) {
|
|
81321
81325
|
const { error, stdout, stderr } = await execNeverFail(cmd, dir, options);
|
|
81322
81326
|
if (!error) return { stdout, stderr };
|
|
@@ -81396,6 +81400,12 @@ async function execNeverFail2(cmd, dir, options) {
|
|
|
81396
81400
|
logger.debug(`Command ${formatCmd(cmd, dir)} finished ${result.error ? "with error" : "successfully"}`);
|
|
81397
81401
|
return result;
|
|
81398
81402
|
}
|
|
81403
|
+
async function execAndResolveSucceeded2(cmd, dir, options) {
|
|
81404
|
+
logger.debug(`Running command: ${formatCmd(cmd, dir)}`);
|
|
81405
|
+
const result = await execAndResolveSucceeded(cmd, dir, options);
|
|
81406
|
+
logger.debug(`Command ${formatCmd(cmd, dir)} finished ${result ? "successfully" : "with error"}`);
|
|
81407
|
+
return result;
|
|
81408
|
+
}
|
|
81399
81409
|
async function exec2(cmd, dir, options) {
|
|
81400
81410
|
logger.debug(`Running command: ${formatCmd(cmd, dir)}`);
|
|
81401
81411
|
try {
|
|
@@ -110970,6 +110980,7 @@ import { readFile as readFile9, realpath as realpath2, rm as rm2, writeFile as w
|
|
|
110970
110980
|
import { relative as relative6, resolve as resolve13 } from "path";
|
|
110971
110981
|
var { map: map2, uniq: uniq4 } = import_lodash10.default;
|
|
110972
110982
|
var PRINT_JELLY_COMMAND = false;
|
|
110983
|
+
var STRACE_MAX_LINES = 1e4;
|
|
110973
110984
|
async function runJellyAnalysis(mainProjectRoot, projectRoot, jellyOptions, reachabilityAnalysisOptions, timeoutInSeconds, vulnerabilities, experiment, telemetryHandler, analyzerTelemetryHandler) {
|
|
110974
110985
|
const tmpFolder = await createTmpDirectory("jelly-analysis");
|
|
110975
110986
|
try {
|
|
@@ -110994,6 +111005,8 @@ async function runJellyAnalysis(mainProjectRoot, projectRoot, jellyOptions, reac
|
|
|
110994
111005
|
const additionalFlags = process.env.JELLY_ADDITIONAL_FLAGS?.split(/\s+/).filter(Boolean) ?? [];
|
|
110995
111006
|
const jellyCmd = cmdt`
|
|
110996
111007
|
${await getNodeExecutable(ToolPathResolver.nodeExecutablePath)} --max-old-space-size=${reachabilityAnalysisOptions.memoryLimitInMB ?? 8192}
|
|
111008
|
+
${logFile && // Enable verbose GC tracing if log file is requested
|
|
111009
|
+
["--trace-gc", "--trace-gc-verbose", "--trace-gc-ignore-scavenger", "--trace-mutator-utilization"]}
|
|
110997
111010
|
${jellyExecutable}
|
|
110998
111011
|
--basedir ${mainProjectRoot}
|
|
110999
111012
|
--timeout ${timeoutInSeconds}
|
|
@@ -111011,8 +111024,15 @@ async function runJellyAnalysis(mainProjectRoot, projectRoot, jellyOptions, reac
|
|
|
111011
111024
|
`;
|
|
111012
111025
|
if (PRINT_JELLY_COMMAND)
|
|
111013
111026
|
logger.info("Jelly command:", jellyCmd.join(" "));
|
|
111027
|
+
const straceEnabled = process.env.COANA_ANALYSIS_ENABLE_STRACE === "true";
|
|
111028
|
+
const straceOutputFile = resolve13(mainProjectRoot, "strace-output.txt");
|
|
111029
|
+
const useStrace = straceEnabled && await isStraceAvailable();
|
|
111030
|
+
if (straceEnabled && !useStrace) {
|
|
111031
|
+
logger.info("COANA_ANALYSIS_ENABLE_STRACE is enabled but strace is not available on this system");
|
|
111032
|
+
}
|
|
111033
|
+
const cmdToRun = useStrace ? ["strace", "-f", "-o", `|tail -n ${STRACE_MAX_LINES} > ${straceOutputFile}`, ...jellyCmd] : jellyCmd;
|
|
111014
111034
|
await runCommandResolveStdOut2(
|
|
111015
|
-
|
|
111035
|
+
cmdToRun,
|
|
111016
111036
|
void 0,
|
|
111017
111037
|
// Use SIGKILL to ensure termination even if the process is unresponsive 50% above the timeout (e.g., due to GC pressure).
|
|
111018
111038
|
{
|
|
@@ -111120,6 +111140,9 @@ function transformJellyCallStacks(projectRoot, paths) {
|
|
|
111120
111140
|
affectedPackages: uniq4(paths.stacks.flatMap((stack) => map2(stack, "package")))
|
|
111121
111141
|
};
|
|
111122
111142
|
}
|
|
111143
|
+
async function isStraceAvailable() {
|
|
111144
|
+
return execAndResolveSucceeded2(["which", "strace"]);
|
|
111145
|
+
}
|
|
111123
111146
|
|
|
111124
111147
|
// dist/whole-program-code-aware-vulnerability-scanner/js/js-code-aware-vulnerability-scanner.js
|
|
111125
111148
|
var JSCodeAwareVulnerabilityScanner = class _JSCodeAwareVulnerabilityScanner {
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|