@coana-tech/cli 14.12.183 → 14.12.185

package/cli.mjs

@@ -204870,7 +204870,7 @@ function getSocketAPI() {
 
 // ../utils/src/tool-extractor.ts
 import { createHash } from "node:crypto";
-import { createReadStream, createWriteStream as createWriteStream3, readFileSync as readFileSync2, statSync as statSync2 } from "node:fs";
+import { createReadStream, createWriteStream as createWriteStream3, readFileSync, statSync as statSync2 } from "node:fs";
 import { copyFile, cp as cp2, mkdir as mkdir4, writeFile as writeFile2 } from "node:fs/promises";
 import { tmpdir as tmpdir2 } from "node:os";
 import { basename as basename3, dirname as dirname5, join as join5 } from "node:path";
@@ -205430,7 +205430,7 @@ var TelemetryCollector = class _TelemetryCollector {
 };
 
 // ../utils/src/telemetry/analyzer-telemetry-server.ts
-import { existsSync, readFileSync, watchFile, unwatchFile } from "fs";
+import { existsSync, openSync, fstatSync, readSync, closeSync, watchFile, unwatchFile } from "fs";
 import { unlink, writeFile } from "fs/promises";
 import { tmpdir } from "os";
 import { join as join2 } from "path";
@@ -205444,11 +205444,14 @@ var AnalyzerTelemetryServer = class {
   filePath;
   lastReadPosition = 0;
   watching = false;
+  fd;
+  trailingBytes = Buffer.alloc(0);
   /**
    * Starts the server and returns the file path that analyzers should write to.
    */
   async start() {
     await writeFile(this.filePath, "");
+    this.fd = openSync(this.filePath, "r");
     this.watching = true;
     watchFile(this.filePath, { interval: 1e3 }, () => {
       this.processNewEvents();
@@ -205456,13 +205459,22 @@ var AnalyzerTelemetryServer = class {
     return this.filePath;
   }
   processNewEvents() {
-    if (!existsSync(this.filePath)) return;
+    if (this.fd === void 0) return;
     try {
-      const content = readFileSync(this.filePath, "utf-8");
-      const newContent = content.substring(this.lastReadPosition);
-      this.lastReadPosition = content.length;
-      if (!newContent) return;
-      const lines = newContent.split("\n");
+      const stat5 = fstatSync(this.fd);
+      const bytesToRead = stat5.size - this.lastReadPosition;
+      if (bytesToRead <= 0) return;
+      const buffer = Buffer.alloc(bytesToRead);
+      const bytesRead = readSync(this.fd, buffer, 0, bytesToRead, this.lastReadPosition);
+      this.lastReadPosition += bytesRead;
+      const combined = Buffer.concat([this.trailingBytes, buffer.subarray(0, bytesRead)]);
+      const lastNewline = combined.lastIndexOf(10);
+      if (lastNewline === -1) {
+        this.trailingBytes = combined;
+        return;
+      }
+      this.trailingBytes = combined.subarray(lastNewline + 1);
+      const lines = combined.toString("utf-8", 0, lastNewline).split("\n");
       for (const line of lines) {
         if (line.trim()) {
           try {
@@ -205481,11 +205493,16 @@ var AnalyzerTelemetryServer = class {
    */
   async close() {
     this.processNewEvents();
+    this.trailingBytes = Buffer.alloc(0);
     this.handler.close?.();
     if (this.watching) {
       unwatchFile(this.filePath);
       this.watching = false;
     }
+    if (this.fd !== void 0) {
+      closeSync(this.fd);
+      this.fd = void 0;
+    }
     if (existsSync(this.filePath)) {
       try {
         await unlink(this.filePath);
@@ -211845,7 +211862,7 @@ function getCliVersion() {
   if (cliVersion) return cliVersion;
   try {
     const packageJsonPath = isNexeMode() ? join5(NEXE_VIRTUAL_FS_ROOT, "package.json") : join5(dirname5(dirname5(dirname5(dirname5(__filename)))), "npm-package-cli", "package.json");
-    const packageJson = JSON.parse(readFileSync2(packageJsonPath, "utf-8"));
+    const packageJson = JSON.parse(readFileSync(packageJsonPath, "utf-8"));
     if (process.env.ALWAYS_REEXTRACT_TOOLS === "true") {
       logger.info("ALWAYS_REEXTRACT_TOOLS is set to true, re-extracting tools");
       const randomVersion = Math.random().toString().slice(2, 8);
@@ -211874,7 +211891,7 @@ function loadChecksums() {
       throw new Error("Tool extraction is only supported in nexe mode");
     }
     const checksumsPath = join5(NEXE_VIRTUAL_FS_ROOT, "checksums.json");
-    return JSON.parse(readFileSync2(checksumsPath, "utf-8"));
+    return JSON.parse(readFileSync(checksumsPath, "utf-8"));
   } catch (error) {
     logger.warn("Failed to load checksums.json:", error);
     throw new Error(
@@ -224733,7 +224750,7 @@ var TelemetryCollector2 = class _TelemetryCollector {
 };
 
 // ../utils/dist/telemetry/analyzer-telemetry-server.js
-import { existsSync as existsSync10, readFileSync as readFileSync3, watchFile as watchFile2, unwatchFile as unwatchFile2 } from "fs";
+import { existsSync as existsSync10, openSync as openSync2, fstatSync as fstatSync2, readSync as readSync2, closeSync as closeSync2, watchFile as watchFile2, unwatchFile as unwatchFile2 } from "fs";
 import { unlink as unlink2, writeFile as writeFile5 } from "fs/promises";
 import { tmpdir as tmpdir3 } from "os";
 import { join as join10 } from "path";
@@ -224743,6 +224760,8 @@ var AnalyzerTelemetryServer2 = class {
   filePath;
   lastReadPosition = 0;
   watching = false;
+  fd;
+  trailingBytes = Buffer.alloc(0);
   constructor(handler) {
     this.handler = handler;
     const fileId = randomBytes3(8).toString("hex");
@@ -224753,6 +224772,7 @@ var AnalyzerTelemetryServer2 = class {
    */
   async start() {
     await writeFile5(this.filePath, "");
+    this.fd = openSync2(this.filePath, "r");
     this.watching = true;
     watchFile2(this.filePath, { interval: 1e3 }, () => {
       this.processNewEvents();
@@ -224760,15 +224780,24 @@ var AnalyzerTelemetryServer2 = class {
     return this.filePath;
   }
   processNewEvents() {
-    if (!existsSync10(this.filePath))
+    if (this.fd === void 0)
       return;
     try {
-      const content = readFileSync3(this.filePath, "utf-8");
-      const newContent = content.substring(this.lastReadPosition);
-      this.lastReadPosition = content.length;
-      if (!newContent)
+      const stat5 = fstatSync2(this.fd);
+      const bytesToRead = stat5.size - this.lastReadPosition;
+      if (bytesToRead <= 0)
+        return;
+      const buffer = Buffer.alloc(bytesToRead);
+      const bytesRead = readSync2(this.fd, buffer, 0, bytesToRead, this.lastReadPosition);
+      this.lastReadPosition += bytesRead;
+      const combined = Buffer.concat([this.trailingBytes, buffer.subarray(0, bytesRead)]);
+      const lastNewline = combined.lastIndexOf(10);
+      if (lastNewline === -1) {
+        this.trailingBytes = combined;
         return;
-      const lines = newContent.split("\n");
+      }
+      this.trailingBytes = combined.subarray(lastNewline + 1);
+      const lines = combined.toString("utf-8", 0, lastNewline).split("\n");
       for (const line of lines) {
         if (line.trim()) {
           try {
@@ -224787,11 +224816,16 @@ var AnalyzerTelemetryServer2 = class {
    */
   async close() {
     this.processNewEvents();
+    this.trailingBytes = Buffer.alloc(0);
     this.handler.close?.();
     if (this.watching) {
       unwatchFile2(this.filePath);
       this.watching = false;
     }
+    if (this.fd !== void 0) {
+      closeSync2(this.fd);
+      this.fd = void 0;
+    }
     if (existsSync10(this.filePath)) {
       try {
         await unlink2(this.filePath);
@@ -225026,7 +225060,7 @@ async function runCommandResolveStdOut4(cmd, dir, options) {
 
 // ../utils/dist/package-utils.js
 import { parse as parse5, join as join11, resolve as resolve17, normalize as normalize2, dirname as dirname12, basename as basename5, relative as relative4 } from "path";
-import { existsSync as existsSync11, readFileSync as readFileSync4, readdirSync as readdirSync2, statSync as statSync3, writeFileSync } from "fs";
+import { existsSync as existsSync11, readFileSync as readFileSync2, readdirSync as readdirSync2, statSync as statSync3, writeFileSync } from "fs";
 function getPackageJsonObject(workspaceRoot) {
   const packageJSONContent = getPackageJsonContent(workspaceRoot);
   if (!packageJSONContent)
@@ -225036,7 +225070,7 @@ function getPackageJsonObject(workspaceRoot) {
 function getPackageJsonContent(workspaceRoot) {
   const packageJsonPath = getPackageJSONPath(workspaceRoot);
   if (existsSync11(packageJsonPath))
-    return readFileSync4(packageJsonPath, "utf8");
+    return readFileSync2(packageJsonPath, "utf8");
   return void 0;
 }
 function getPackageJSONPath(workspaceRoot) {
@@ -225455,7 +225489,7 @@ import { relative as relative8, resolve as resolve23 } from "path";
 
 // ../utils/src/package-utils.ts
 import { parse as parse7, join as join13, resolve as resolve22, normalize as normalize3, dirname as dirname13, basename as basename6, relative as relative7 } from "path";
-import { existsSync as existsSync14, readFileSync as readFileSync5, readdirSync as readdirSync3, statSync as statSync4, writeFileSync as writeFileSync2 } from "fs";
+import { existsSync as existsSync14, readFileSync as readFileSync3, readdirSync as readdirSync3, statSync as statSync4, writeFileSync as writeFileSync2 } from "fs";
 function setFieldInPackageJson(workspaceRoot, field, value2) {
   const packageJSONContentObj = getPackageJsonObject2(workspaceRoot);
   if (!packageJSONContentObj) return void 0;
@@ -225472,7 +225506,7 @@ function writePackageJsonContent(workspaceRoot, packageJsonContent) {
 }
 function getPackageJsonContent2(workspaceRoot) {
   const packageJsonPath = getPackageJSONPath2(workspaceRoot);
-  if (existsSync14(packageJsonPath)) return readFileSync5(packageJsonPath, "utf8");
+  if (existsSync14(packageJsonPath)) return readFileSync3(packageJsonPath, "utf8");
   return void 0;
 }
 function getPackageJSONPath2(workspaceRoot) {
@@ -230264,7 +230298,7 @@ import assert14 from "node:assert";
 var import_good_enough_parser4 = __toESM(require_cjs(), 1);
 init_ruby_lang();
 import { resolve as resolve32, dirname as dirname21, relative as relative13 } from "node:path";
-import { existsSync as existsSync18, readFileSync as readFileSync6, readdirSync as readdirSync4 } from "node:fs";
+import { existsSync as existsSync18, readFileSync as readFileSync4, readdirSync as readdirSync4 } from "node:fs";
 init_gemspec_utils();
 var booleanQuery2 = import_good_enough_parser4.query.alt(
   import_good_enough_parser4.query.sym(/^true|false$/, (ctx, { value: value2, offset }) => {
@@ -230380,7 +230414,7 @@ var evalGemfileQuery = import_good_enough_parser4.query.sym("eval_gemfile").join
   const rootDir = ctx.gemfile.rootDir;
   const file = relative13(rootDir, resolve32(rootDir, dirname21(ctx.gemfile.file), pathEvaluated));
   if (!existsSync18(resolve32(rootDir, file))) return ctx;
-  const sourceText = readFileSync6(resolve32(rootDir, file), "utf-8");
+  const sourceText = readFileSync4(resolve32(rootDir, file), "utf-8");
   const parser2 = import_good_enough_parser4.lang.createLang(lang3);
   const cursor = parser2.parse(sourceText);
   const otherCtx = parser2.query(cursor, treeQuery4, {
@@ -230472,7 +230506,7 @@ var gemspecQuery = import_good_enough_parser4.query.sym("gemspec").opt(
   const gemspecFullPath = resolve32(searchDir, gemspecFile);
   const gemspecRelativePath = relative13(rootDir, gemspecFullPath);
   try {
-    const sourceText = readFileSync6(gemspecFullPath, "utf-8");
+    const sourceText = readFileSync4(gemspecFullPath, "utf-8");
     const gemspec = parseGemspec(rootDir, gemspecRelativePath, sourceText);
     ctx.gemspecs.push(gemspec);
     ctx.gems.push(...gemspec.dependencies);
@@ -251427,7 +251461,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version3 = "14.12.183";
+var version3 = "14.12.185";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.183",
+  "version": "14.12.185",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/reachability-analyzers-cli.mjs

@@ -81110,7 +81110,7 @@ var TelemetryCollector = class _TelemetryCollector {
 };
 
 // ../utils/src/telemetry/analyzer-telemetry-server.ts
-import { existsSync, readFileSync, watchFile, unwatchFile } from "fs";
+import { existsSync, openSync, fstatSync, readSync, closeSync, watchFile, unwatchFile } from "fs";
 import { unlink, writeFile as writeFile2 } from "fs/promises";
 import { tmpdir } from "os";
 import { join as join2 } from "path";
@@ -81124,11 +81124,14 @@ var AnalyzerTelemetryServer = class {
   filePath;
   lastReadPosition = 0;
   watching = false;
+  fd;
+  trailingBytes = Buffer.alloc(0);
   /**
    * Starts the server and returns the file path that analyzers should write to.
    */
   async start() {
     await writeFile2(this.filePath, "");
+    this.fd = openSync(this.filePath, "r");
     this.watching = true;
     watchFile(this.filePath, { interval: 1e3 }, () => {
       this.processNewEvents();
@@ -81136,13 +81139,22 @@ var AnalyzerTelemetryServer = class {
     return this.filePath;
   }
   processNewEvents() {
-    if (!existsSync(this.filePath)) return;
+    if (this.fd === void 0) return;
     try {
-      const content = readFileSync(this.filePath, "utf-8");
-      const newContent = content.substring(this.lastReadPosition);
-      this.lastReadPosition = content.length;
-      if (!newContent) return;
-      const lines = newContent.split("\n");
+      const stat3 = fstatSync(this.fd);
+      const bytesToRead = stat3.size - this.lastReadPosition;
+      if (bytesToRead <= 0) return;
+      const buffer = Buffer.alloc(bytesToRead);
+      const bytesRead = readSync(this.fd, buffer, 0, bytesToRead, this.lastReadPosition);
+      this.lastReadPosition += bytesRead;
+      const combined = Buffer.concat([this.trailingBytes, buffer.subarray(0, bytesRead)]);
+      const lastNewline = combined.lastIndexOf(10);
+      if (lastNewline === -1) {
+        this.trailingBytes = combined;
+        return;
+      }
+      this.trailingBytes = combined.subarray(lastNewline + 1);
+      const lines = combined.toString("utf-8", 0, lastNewline).split("\n");
       for (const line of lines) {
         if (line.trim()) {
           try {
@@ -81161,11 +81173,16 @@ var AnalyzerTelemetryServer = class {
    */
   async close() {
     this.processNewEvents();
+    this.trailingBytes = Buffer.alloc(0);
     this.handler.close?.();
     if (this.watching) {
       unwatchFile(this.filePath);
       this.watching = false;
     }
+    if (this.fd !== void 0) {
+      closeSync(this.fd);
+      this.fd = void 0;
+    }
     if (existsSync(this.filePath)) {
       try {
         await unlink(this.filePath);
@@ -88604,13 +88621,13 @@ async function downloadFile(fileUrl, outputFile) {
 }
 
 // ../utils/src/file-tree-utils.ts
-import { closeSync, lstatSync as lstatSync2, openSync, readdirSync as readdirSync3, readSync } from "fs";
+import { closeSync as closeSync2, lstatSync as lstatSync2, openSync as openSync2, readdirSync as readdirSync3, readSync as readSync2 } from "fs";
 import { readdir as readdir3 } from "fs/promises";
 import { basename as basename3, join as join8, relative as relative3, resolve as resolve5 } from "path";
 
 // ../utils/src/package-utils.ts
 import { parse as parse2, join as join7, resolve as resolve4, normalize as normalize2, dirname as dirname3, basename as basename2, relative as relative2 } from "path";
-import { existsSync as existsSync5, readFileSync as readFileSync2, readdirSync as readdirSync2, statSync, writeFileSync } from "fs";
+import { existsSync as existsSync5, readFileSync, readdirSync as readdirSync2, statSync, writeFileSync } from "fs";
 function getPackageJsonObject(workspaceRoot) {
   const packageJSONContent = getPackageJsonContent(workspaceRoot);
   if (!packageJSONContent) return void 0;
@@ -88618,7 +88635,7 @@ function getPackageJsonObject(workspaceRoot) {
 }
 function getPackageJsonContent(workspaceRoot) {
   const packageJsonPath = getPackageJSONPath(workspaceRoot);
-  if (existsSync5(packageJsonPath)) return readFileSync2(packageJsonPath, "utf8");
+  if (existsSync5(packageJsonPath)) return readFileSync(packageJsonPath, "utf8");
   return void 0;
 }
 function getPackageJSONPath(workspaceRoot) {
@@ -88901,7 +88918,7 @@ var ToolPathResolver = class {
 
 // dist/whole-program-code-aware-vulnerability-scanner/code-aware-vulnerability-scanner.js
 var import_lodash13 = __toESM(require_lodash(), 1);
-import { readFileSync as readFileSync4 } from "fs";
+import { readFileSync as readFileSync3 } from "fs";
 import { resolve as resolve16 } from "path";
 
 // dist/whole-program-code-aware-vulnerability-scanner/dotnet/dotnet-code-aware-vulnerability-scanner.js
@@ -88918,7 +88935,7 @@ function getUrlForPackage(packageName, version3) {
 
 // ../utils/src/tool-extractor.ts
 import { createHash } from "node:crypto";
-import { createReadStream, createWriteStream as createWriteStream3, readFileSync as readFileSync3, statSync as statSync3 } from "node:fs";
+import { createReadStream, createWriteStream as createWriteStream3, readFileSync as readFileSync2, statSync as statSync3 } from "node:fs";
 import { copyFile as copyFile2, cp as cp4, mkdir as mkdir4, writeFile as writeFile4 } from "node:fs/promises";
 import { tmpdir as tmpdir3 } from "node:os";
 import { basename as basename5, dirname as dirname8, join as join11 } from "node:path";
@@ -94082,7 +94099,7 @@ function getCliVersion() {
   if (cliVersion) return cliVersion;
   try {
     const packageJsonPath = isNexeMode() ? join11(NEXE_VIRTUAL_FS_ROOT, "package.json") : join11(dirname8(dirname8(dirname8(dirname8(__filename)))), "npm-package-cli", "package.json");
-    const packageJson = JSON.parse(readFileSync3(packageJsonPath, "utf-8"));
+    const packageJson = JSON.parse(readFileSync2(packageJsonPath, "utf-8"));
     if (process.env.ALWAYS_REEXTRACT_TOOLS === "true") {
       logger.info("ALWAYS_REEXTRACT_TOOLS is set to true, re-extracting tools");
       const randomVersion = Math.random().toString().slice(2, 8);
@@ -94111,7 +94128,7 @@ function loadChecksums() {
       throw new Error("Tool extraction is only supported in nexe mode");
     }
     const checksumsPath = join11(NEXE_VIRTUAL_FS_ROOT, "checksums.json");
-    return JSON.parse(readFileSync3(checksumsPath, "utf-8"));
+    return JSON.parse(readFileSync2(checksumsPath, "utf-8"));
   } catch (error) {
     logger.warn("Failed to load checksums.json:", error);
     throw new Error(
@@ -111445,6 +111462,11 @@ ${stderr}`);
       logger.debug("Analysis results", result);
       const reachedModules = JSON.parse(await readFile10(reachedModulesOutputFile, "utf8"));
       logger.debug("Reached modules", reachedModules);
+      let [vulnAnalysisTime, vulnPathsTime] = [0, 0];
+      for (const run of diagnostics.runs) {
+        vulnAnalysisTime += run.vulnAnalysisTime;
+        vulnPathsTime += run.vulnPathsTime;
+      }
       return {
         type: "success",
         diagnostics: {
@@ -111452,9 +111474,9 @@ ${stderr}`);
           timeout: false,
           aborted: false,
           timings: {
-            analysisTime: diagnostics.loadTime + diagnostics.buildTime + diagnostics.inlineTime + diagnostics.analyzeTime,
-            patternMatchingTime: diagnostics.vulnAnalysisTime,
-            vulnerablePathDetectionTime: diagnostics.vulnPathsTime
+            analysisTime: diagnostics.time - vulnAnalysisTime - vulnPathsTime,
+            patternMatchingTime: vulnAnalysisTime,
+            vulnerablePathDetectionTime: vulnPathsTime
           }
         },
         reachedDependencies: true,
@@ -112250,7 +112272,7 @@ async function runWithJSHeuristics(cb) {
 function getCurrentCommitHash(project) {
   const headShaPath = resolve16(COANA_REPOS_PATH(), project, "HEAD_SHA");
   try {
-    const content = readFileSync4(headShaPath, "utf-8").trim();
+    const content = readFileSync3(headShaPath, "utf-8").trim();
     const colonIndex = content.indexOf(":");
     return colonIndex !== -1 ? content.slice(colonIndex + 1) : content;
   } catch {