@coana-tech/cli 14.12.187 → 14.12.189

package/cli.mjs

@@ -212096,6 +212096,106 @@ function handleNexeBinaryMode() {
   }
 }
 
+// ../../node_modules/.pnpm/kleur@4.1.5/node_modules/kleur/index.mjs
+var FORCE_COLOR;
+var NODE_DISABLE_COLORS;
+var NO_COLOR;
+var TERM;
+var isTTY = true;
+if (typeof process !== "undefined") {
+  ({ FORCE_COLOR, NODE_DISABLE_COLORS, NO_COLOR, TERM } = process.env || {});
+  isTTY = process.stdout && process.stdout.isTTY;
+}
+var $ = {
+  enabled: !NODE_DISABLE_COLORS && NO_COLOR == null && TERM !== "dumb" && (FORCE_COLOR != null && FORCE_COLOR !== "0" || isTTY),
+  // modifiers
+  reset: init(0, 0),
+  bold: init(1, 22),
+  dim: init(2, 22),
+  italic: init(3, 23),
+  underline: init(4, 24),
+  inverse: init(7, 27),
+  hidden: init(8, 28),
+  strikethrough: init(9, 29),
+  // colors
+  black: init(30, 39),
+  red: init(31, 39),
+  green: init(32, 39),
+  yellow: init(33, 39),
+  blue: init(34, 39),
+  magenta: init(35, 39),
+  cyan: init(36, 39),
+  white: init(37, 39),
+  gray: init(90, 39),
+  grey: init(90, 39),
+  // background colors
+  bgBlack: init(40, 49),
+  bgRed: init(41, 49),
+  bgGreen: init(42, 49),
+  bgYellow: init(43, 49),
+  bgBlue: init(44, 49),
+  bgMagenta: init(45, 49),
+  bgCyan: init(46, 49),
+  bgWhite: init(47, 49)
+};
+function run(arr, str) {
+  let i7 = 0, tmp, beg = "", end2 = "";
+  for (; i7 < arr.length; i7++) {
+    tmp = arr[i7];
+    beg += tmp.open;
+    end2 += tmp.close;
+    if (!!~str.indexOf(tmp.close)) {
+      str = str.replace(tmp.rgx, tmp.close + tmp.open);
+    }
+  }
+  return beg + str + end2;
+}
+function chain(has2, keys) {
+  let ctx = { has: has2, keys };
+  ctx.reset = $.reset.bind(ctx);
+  ctx.bold = $.bold.bind(ctx);
+  ctx.dim = $.dim.bind(ctx);
+  ctx.italic = $.italic.bind(ctx);
+  ctx.underline = $.underline.bind(ctx);
+  ctx.inverse = $.inverse.bind(ctx);
+  ctx.hidden = $.hidden.bind(ctx);
+  ctx.strikethrough = $.strikethrough.bind(ctx);
+  ctx.black = $.black.bind(ctx);
+  ctx.red = $.red.bind(ctx);
+  ctx.green = $.green.bind(ctx);
+  ctx.yellow = $.yellow.bind(ctx);
+  ctx.blue = $.blue.bind(ctx);
+  ctx.magenta = $.magenta.bind(ctx);
+  ctx.cyan = $.cyan.bind(ctx);
+  ctx.white = $.white.bind(ctx);
+  ctx.gray = $.gray.bind(ctx);
+  ctx.grey = $.grey.bind(ctx);
+  ctx.bgBlack = $.bgBlack.bind(ctx);
+  ctx.bgRed = $.bgRed.bind(ctx);
+  ctx.bgGreen = $.bgGreen.bind(ctx);
+  ctx.bgYellow = $.bgYellow.bind(ctx);
+  ctx.bgBlue = $.bgBlue.bind(ctx);
+  ctx.bgMagenta = $.bgMagenta.bind(ctx);
+  ctx.bgCyan = $.bgCyan.bind(ctx);
+  ctx.bgWhite = $.bgWhite.bind(ctx);
+  return ctx;
+}
+function init(open, close) {
+  let blk = {
+    open: `\x1B[${open}m`,
+    close: `\x1B[${close}m`,
+    rgx: new RegExp(`\\x1b\\[${close}m`, "g")
+  };
+  return function(txt) {
+    if (this !== void 0 && this.has !== void 0) {
+      !!~this.has.indexOf(open) || (this.has.push(open), this.keys.push(blk));
+      return txt === void 0 ? this : $.enabled ? run(this.keys, txt + "") : txt + "";
+    }
+    return txt === void 0 ? chain([open], [blk]) : $.enabled ? run([blk], txt + "") : txt + "";
+  };
+}
+var kleur_default = $;
+
 // ../web-compat-utils/src/ecosystem-support.ts
 var ecosystemToSupport = {
   NPM: {
@@ -234177,6 +234277,14 @@ function assertDefined(value2) {
 }
 
 // dist/cli-upgrade-purl.js
+var UpgradePurlPartialError = class extends Error {
+  subprojectResults;
+  constructor(message2, subprojectResults) {
+    super(message2);
+    this.subprojectResults = subprojectResults;
+    this.name = "UpgradePurlPartialError";
+  }
+};
 var ECOSYSTEMS_WITH_SOCKET_UPGRADES = ["NPM", "MAVEN", "NUGET", "GO", "RUST", "PIP", "RUBYGEMS"];
 async function upgradePurl(rootDir, upgrades, artifacts, options, cliFixRunId) {
   if (options.rangeStyle && options.rangeStyle !== "pin") {
@@ -234226,6 +234334,7 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => `	${prettyPrintPurlUpgrade
       }
       let anyErrors = false;
       let anySkipped = false;
+      const subprojectResults = /* @__PURE__ */ new Map();
       for (const [ecosystem, upgrades2] of ecosystemToSocketArtifactUpgrades) {
         if (options.rangeStyle && !["NPM", "MAVEN", "NUGET", "GO", "RUST", "PIP", "RUBYGEMS"].includes(ecosystem)) {
           logger.warn(`Range style is not supported for ${ecosystem}, skipping upgrades`);
@@ -234251,6 +234360,11 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => `	${prettyPrintPurlUpgrade
             anyErrors = true;
           if (update3.status === "skipped")
             anySkipped = true;
+          if (update3.status === "error") {
+            subprojectResults.set(update3.file, "error");
+          } else if (update3.status === "success" && subprojectResults.get(update3.file) !== "error") {
+            subprojectResults.set(update3.file, "success");
+          }
         };
         const ctxt = {
           manifestFiles,
@@ -234263,13 +234377,22 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => `	${prettyPrintPurlUpgrade
           }),
           statusUpdater
         };
-        await applySocketUpgrades(ecosystem, rootDir, ctxt);
+        try {
+          await applySocketUpgrades(ecosystem, rootDir, ctxt);
+        } catch (e) {
+          anyErrors = true;
+          logger.debug(`Error during ${ecosystem} upgrade: ${e.message}`);
+        }
       }
       if (upgradePurlRunId) {
         await getSocketAPI().finalizeUpgradePurlRun(upgradePurlRunId, "succeeded");
       }
       if (anyErrors) {
-        throw new Error("Failed to upgrade purls - consult logs for more details");
+        throw new UpgradePurlPartialError("Some workspaces failed to upgrade", subprojectResults);
+      } else if (subprojectResults.size > 0) {
+        const total = subprojectResults.size;
+        console.error(kleur_default.green(`
+${total}/${total} workspaces were upgraded successfully.`));
       }
       return unsupportedUpgrades.size === 0 && !anySkipped ? "fixed-all" : "fixed-some";
     }
@@ -234558,108 +234681,6 @@ function prettyApplyFixesTo(applyFixesToOption) {
 import assert16 from "node:assert";
 import { existsSync as existsSync28, writeFileSync as writeFileSync3 } from "fs";
 import { mkdir as mkdir6, writeFile as writeFile15 } from "fs/promises";
-
-// ../../node_modules/.pnpm/kleur@4.1.5/node_modules/kleur/index.mjs
-var FORCE_COLOR;
-var NODE_DISABLE_COLORS;
-var NO_COLOR;
-var TERM;
-var isTTY = true;
-if (typeof process !== "undefined") {
-  ({ FORCE_COLOR, NODE_DISABLE_COLORS, NO_COLOR, TERM } = process.env || {});
-  isTTY = process.stdout && process.stdout.isTTY;
-}
-var $ = {
-  enabled: !NODE_DISABLE_COLORS && NO_COLOR == null && TERM !== "dumb" && (FORCE_COLOR != null && FORCE_COLOR !== "0" || isTTY),
-  // modifiers
-  reset: init(0, 0),
-  bold: init(1, 22),
-  dim: init(2, 22),
-  italic: init(3, 23),
-  underline: init(4, 24),
-  inverse: init(7, 27),
-  hidden: init(8, 28),
-  strikethrough: init(9, 29),
-  // colors
-  black: init(30, 39),
-  red: init(31, 39),
-  green: init(32, 39),
-  yellow: init(33, 39),
-  blue: init(34, 39),
-  magenta: init(35, 39),
-  cyan: init(36, 39),
-  white: init(37, 39),
-  gray: init(90, 39),
-  grey: init(90, 39),
-  // background colors
-  bgBlack: init(40, 49),
-  bgRed: init(41, 49),
-  bgGreen: init(42, 49),
-  bgYellow: init(43, 49),
-  bgBlue: init(44, 49),
-  bgMagenta: init(45, 49),
-  bgCyan: init(46, 49),
-  bgWhite: init(47, 49)
-};
-function run(arr, str) {
-  let i7 = 0, tmp, beg = "", end2 = "";
-  for (; i7 < arr.length; i7++) {
-    tmp = arr[i7];
-    beg += tmp.open;
-    end2 += tmp.close;
-    if (!!~str.indexOf(tmp.close)) {
-      str = str.replace(tmp.rgx, tmp.close + tmp.open);
-    }
-  }
-  return beg + str + end2;
-}
-function chain(has2, keys) {
-  let ctx = { has: has2, keys };
-  ctx.reset = $.reset.bind(ctx);
-  ctx.bold = $.bold.bind(ctx);
-  ctx.dim = $.dim.bind(ctx);
-  ctx.italic = $.italic.bind(ctx);
-  ctx.underline = $.underline.bind(ctx);
-  ctx.inverse = $.inverse.bind(ctx);
-  ctx.hidden = $.hidden.bind(ctx);
-  ctx.strikethrough = $.strikethrough.bind(ctx);
-  ctx.black = $.black.bind(ctx);
-  ctx.red = $.red.bind(ctx);
-  ctx.green = $.green.bind(ctx);
-  ctx.yellow = $.yellow.bind(ctx);
-  ctx.blue = $.blue.bind(ctx);
-  ctx.magenta = $.magenta.bind(ctx);
-  ctx.cyan = $.cyan.bind(ctx);
-  ctx.white = $.white.bind(ctx);
-  ctx.gray = $.gray.bind(ctx);
-  ctx.grey = $.grey.bind(ctx);
-  ctx.bgBlack = $.bgBlack.bind(ctx);
-  ctx.bgRed = $.bgRed.bind(ctx);
-  ctx.bgGreen = $.bgGreen.bind(ctx);
-  ctx.bgYellow = $.bgYellow.bind(ctx);
-  ctx.bgBlue = $.bgBlue.bind(ctx);
-  ctx.bgMagenta = $.bgMagenta.bind(ctx);
-  ctx.bgCyan = $.bgCyan.bind(ctx);
-  ctx.bgWhite = $.bgWhite.bind(ctx);
-  return ctx;
-}
-function init(open, close) {
-  let blk = {
-    open: `\x1B[${open}m`,
-    close: `\x1B[${close}m`,
-    rgx: new RegExp(`\\x1b\\[${close}m`, "g")
-  };
-  return function(txt) {
-    if (this !== void 0 && this.has !== void 0) {
-      !!~this.has.indexOf(open) || (this.has.push(open), this.keys.push(blk));
-      return txt === void 0 ? this : $.enabled ? run(this.keys, txt + "") : txt + "";
-    }
-    return txt === void 0 ? chain([open], [blk]) : $.enabled ? run([blk], txt + "") : txt + "";
-  };
-}
-var kleur_default = $;
-
-// dist/cli-core.js
 var import_lodash15 = __toESM(require_lodash(), 1);
 import os2 from "os";
 import { join as join34, relative as relative21, resolve as resolve42 } from "path";
@@ -236529,9 +236550,45 @@ function displayWorkspaceDiagnosticsSummaryInternal(diagnosticsEntries, vulns) {
 }
 
 // dist/internal/socket-report-socket-dependency-tree.js
+function filterOrphanedArtifacts(artifacts) {
+  const reachable = /* @__PURE__ */ new Set();
+  const queue = [];
+  for (const artifact of artifacts) {
+    if (artifact.direct) {
+      reachable.add(artifact.id);
+      queue.push(artifact.id);
+    }
+  }
+  const depsById = new Map(artifacts.map((a4) => [a4.id, a4.dependencies ?? []]));
+  while (queue.length > 0) {
+    const id = queue.pop();
+    for (const dep of depsById.get(id) ?? []) {
+      if (!reachable.has(dep)) {
+        reachable.add(dep);
+        queue.push(dep);
+      }
+    }
+  }
+  const removedIds = /* @__PURE__ */ new Set();
+  const filtered = artifacts.filter((a4) => {
+    if (a4.direct || reachable.has(a4.id))
+      return true;
+    removedIds.add(a4.id);
+    return false;
+  });
+  if (removedIds.size > 0) {
+    logger.debug(`Filtered out ${removedIds.size} orphaned component(s) not reachable from any direct dependency`);
+  }
+  return { filtered, removedIds };
+}
 function toSocketFactsSocketDependencyTree(artifacts, vulnerabilities, tier1ReachabilityScanId, workspaceDiagnostics) {
+  const { filtered: filteredArtifacts, removedIds: orphanedArtifactIds } = filterOrphanedArtifacts(artifacts);
+  artifacts = filteredArtifacts;
   const artifactIdToArtifact = Object.fromEntries(artifacts.map((artifact) => [artifact.id, artifact]));
   for (const vulnerability of vulnerabilities) {
+    if (vulnerability.artifactId && orphanedArtifactIds.has(vulnerability.artifactId)) {
+      continue;
+    }
     const component = artifactIdToArtifact[vulnerability.artifactId];
     if (!component) {
       throw new Error(`Component not found for vulnerability ${vulnerability.purl}`);
@@ -251462,7 +251519,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version3 = "14.12.187";
+var version3 = "14.12.189";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
@@ -252515,10 +252572,7 @@ computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument(
     }
     await rm3(tmpDir, { recursive: true, force: true });
   } catch (error) {
-    console.error(`Failed with error: ${error instanceof Error ? error.message : String(error)}`);
-    console.error(`Notice, the updates may have partially succeeded so check your manifest files for changes`);
-    console.error(`More details available in log file: ${logFile}`);
-    process.exit(1);
+    handleUpgradeError(error, logFile);
   }
 }).configureHelp({ sortOptions: true });
 async function initializeComputeFixesAndUpgradePurls(path9, options) {
@@ -252587,6 +252641,30 @@ var defaultCliOptions = {
   disableAnalyticsSharing: false,
   skipCacheUsage: false
 };
+function handleUpgradeError(error, logFile) {
+  if (error instanceof UpgradePurlPartialError && error.subprojectResults.size > 0) {
+    const succeeded = [...error.subprojectResults.values()].filter((s6) => s6 === "success").length;
+    const failed = [...error.subprojectResults.entries()].filter(([, s6]) => s6 === "error");
+    const total = error.subprojectResults.size;
+    if (succeeded === 0) {
+      console.error(kleur_default.red(`
+${succeeded}/${total} workspaces were upgraded successfully.`));
+    } else {
+      console.error(kleur_default.yellow(`
+${succeeded}/${total} workspaces were upgraded successfully.`));
+    }
+    console.error("Failed workspaces:");
+    for (const [path9] of failed) {
+      console.error(`  - ${path9 === "." ? ". (root)" : path9}`);
+    }
+  } else {
+    console.error(`Failed with error: ${error instanceof Error ? error.message : String(error)}`);
+    console.error(`Notice, the updates may have partially succeeded so check your manifest files for changes`);
+  }
+  console.error(`
+More details available in log file: ${logFile}`);
+  process.exit(1);
+}
 function parseMinimumReleaseAgeToMinutes(minimumReleaseAge) {
   const match2 = minimumReleaseAge.match(/^(\d+)([mhdw])$/);
   if (!match2)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.187",
+  "version": "14.12.189",
   "description": "Coana CLI",
   "type": "module",
   "bin": {