@coana-tech/cli 14.12.188 → 14.12.189
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +37 -1
- package/package.json +1 -1
- package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
- package/repos/coana-tech/javap-service/javap-service.jar +0 -0
package/cli.mjs
CHANGED
|
@@ -236550,9 +236550,45 @@ function displayWorkspaceDiagnosticsSummaryInternal(diagnosticsEntries, vulns) {
|
|
|
236550
236550
|
}
|
|
236551
236551
|
|
|
236552
236552
|
// dist/internal/socket-report-socket-dependency-tree.js
|
|
236553
|
+
function filterOrphanedArtifacts(artifacts) {
|
|
236554
|
+
const reachable = /* @__PURE__ */ new Set();
|
|
236555
|
+
const queue = [];
|
|
236556
|
+
for (const artifact of artifacts) {
|
|
236557
|
+
if (artifact.direct) {
|
|
236558
|
+
reachable.add(artifact.id);
|
|
236559
|
+
queue.push(artifact.id);
|
|
236560
|
+
}
|
|
236561
|
+
}
|
|
236562
|
+
const depsById = new Map(artifacts.map((a4) => [a4.id, a4.dependencies ?? []]));
|
|
236563
|
+
while (queue.length > 0) {
|
|
236564
|
+
const id = queue.pop();
|
|
236565
|
+
for (const dep of depsById.get(id) ?? []) {
|
|
236566
|
+
if (!reachable.has(dep)) {
|
|
236567
|
+
reachable.add(dep);
|
|
236568
|
+
queue.push(dep);
|
|
236569
|
+
}
|
|
236570
|
+
}
|
|
236571
|
+
}
|
|
236572
|
+
const removedIds = /* @__PURE__ */ new Set();
|
|
236573
|
+
const filtered = artifacts.filter((a4) => {
|
|
236574
|
+
if (a4.direct || reachable.has(a4.id))
|
|
236575
|
+
return true;
|
|
236576
|
+
removedIds.add(a4.id);
|
|
236577
|
+
return false;
|
|
236578
|
+
});
|
|
236579
|
+
if (removedIds.size > 0) {
|
|
236580
|
+
logger.debug(`Filtered out ${removedIds.size} orphaned component(s) not reachable from any direct dependency`);
|
|
236581
|
+
}
|
|
236582
|
+
return { filtered, removedIds };
|
|
236583
|
+
}
|
|
236553
236584
|
function toSocketFactsSocketDependencyTree(artifacts, vulnerabilities, tier1ReachabilityScanId, workspaceDiagnostics) {
|
|
236585
|
+
const { filtered: filteredArtifacts, removedIds: orphanedArtifactIds } = filterOrphanedArtifacts(artifacts);
|
|
236586
|
+
artifacts = filteredArtifacts;
|
|
236554
236587
|
const artifactIdToArtifact = Object.fromEntries(artifacts.map((artifact) => [artifact.id, artifact]));
|
|
236555
236588
|
for (const vulnerability of vulnerabilities) {
|
|
236589
|
+
if (vulnerability.artifactId && orphanedArtifactIds.has(vulnerability.artifactId)) {
|
|
236590
|
+
continue;
|
|
236591
|
+
}
|
|
236556
236592
|
const component = artifactIdToArtifact[vulnerability.artifactId];
|
|
236557
236593
|
if (!component) {
|
|
236558
236594
|
throw new Error(`Component not found for vulnerability ${vulnerability.purl}`);
|
|
@@ -251483,7 +251519,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
251483
251519
|
}
|
|
251484
251520
|
|
|
251485
251521
|
// dist/version.js
|
|
251486
|
-
var version3 = "14.12.
|
|
251522
|
+
var version3 = "14.12.189";
|
|
251487
251523
|
|
|
251488
251524
|
// dist/cli-core.js
|
|
251489
251525
|
var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
|
package/package.json
CHANGED
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|