@coana-tech/cli 14.12.188 → 14.12.190
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +45 -4
- package/package.json +1 -1
- package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
- package/repos/coana-tech/javap-service/javap-service.jar +0 -0
package/cli.mjs
CHANGED
|
@@ -235872,7 +235872,8 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
|
|
|
235872
235872
|
vulnerabilityAccessPaths: vuln.reachabilityData?.undeterminableReachability ? vuln.reachabilityData.publicComment ?? "" : vuln.reachabilityData?.pattern ?? null,
|
|
235873
235873
|
ecosystem,
|
|
235874
235874
|
artifactId: artifact.id,
|
|
235875
|
-
precomputedReachabilityResult: vuln.reachabilityData?.precomputedReachabilityResult ?? null
|
|
235875
|
+
precomputedReachabilityResult: vuln.reachabilityData?.precomputedReachabilityResult ?? null,
|
|
235876
|
+
activationStatus: vuln.reachabilityData?.activationStatus ?? null
|
|
235876
235877
|
};
|
|
235877
235878
|
const vulnId = `${ecosystem}-${workspace}-${artifact.namespace}-${artifact.name}-${artifact.version}-${vulnerability.url}`;
|
|
235878
235879
|
if (!ecosystemWorkspaceVulnIds.has(vulnId)) {
|
|
@@ -236550,9 +236551,45 @@ function displayWorkspaceDiagnosticsSummaryInternal(diagnosticsEntries, vulns) {
|
|
|
236550
236551
|
}
|
|
236551
236552
|
|
|
236552
236553
|
// dist/internal/socket-report-socket-dependency-tree.js
|
|
236554
|
+
function filterOrphanedArtifacts(artifacts) {
|
|
236555
|
+
const reachable = /* @__PURE__ */ new Set();
|
|
236556
|
+
const queue = [];
|
|
236557
|
+
for (const artifact of artifacts) {
|
|
236558
|
+
if (artifact.direct) {
|
|
236559
|
+
reachable.add(artifact.id);
|
|
236560
|
+
queue.push(artifact.id);
|
|
236561
|
+
}
|
|
236562
|
+
}
|
|
236563
|
+
const depsById = new Map(artifacts.map((a4) => [a4.id, a4.dependencies ?? []]));
|
|
236564
|
+
while (queue.length > 0) {
|
|
236565
|
+
const id = queue.pop();
|
|
236566
|
+
for (const dep of depsById.get(id) ?? []) {
|
|
236567
|
+
if (!reachable.has(dep)) {
|
|
236568
|
+
reachable.add(dep);
|
|
236569
|
+
queue.push(dep);
|
|
236570
|
+
}
|
|
236571
|
+
}
|
|
236572
|
+
}
|
|
236573
|
+
const removedIds = /* @__PURE__ */ new Set();
|
|
236574
|
+
const filtered = artifacts.filter((a4) => {
|
|
236575
|
+
if (a4.direct || reachable.has(a4.id))
|
|
236576
|
+
return true;
|
|
236577
|
+
removedIds.add(a4.id);
|
|
236578
|
+
return false;
|
|
236579
|
+
});
|
|
236580
|
+
if (removedIds.size > 0) {
|
|
236581
|
+
logger.debug(`Filtered out ${removedIds.size} orphaned component(s) not reachable from any direct dependency`);
|
|
236582
|
+
}
|
|
236583
|
+
return { filtered, removedIds };
|
|
236584
|
+
}
|
|
236553
236585
|
function toSocketFactsSocketDependencyTree(artifacts, vulnerabilities, tier1ReachabilityScanId, workspaceDiagnostics) {
|
|
236586
|
+
const { filtered: filteredArtifacts, removedIds: orphanedArtifactIds } = filterOrphanedArtifacts(artifacts);
|
|
236587
|
+
artifacts = filteredArtifacts;
|
|
236554
236588
|
const artifactIdToArtifact = Object.fromEntries(artifacts.map((artifact) => [artifact.id, artifact]));
|
|
236555
236589
|
for (const vulnerability of vulnerabilities) {
|
|
236590
|
+
if (vulnerability.artifactId && orphanedArtifactIds.has(vulnerability.artifactId)) {
|
|
236591
|
+
continue;
|
|
236592
|
+
}
|
|
236556
236593
|
const component = artifactIdToArtifact[vulnerability.artifactId];
|
|
236557
236594
|
if (!component) {
|
|
236558
236595
|
throw new Error(`Component not found for vulnerability ${vulnerability.purl}`);
|
|
@@ -236562,9 +236599,12 @@ function toSocketFactsSocketDependencyTree(artifacts, vulnerabilities, tier1Reac
|
|
|
236562
236599
|
if (!reachabilityForGHSA) {
|
|
236563
236600
|
reachabilityForGHSA = {
|
|
236564
236601
|
ghsa_id: vulnerability.vulnerabilityUrl.replace("https://github.com/advisories/", ""),
|
|
236565
|
-
reachability: []
|
|
236602
|
+
reachability: [],
|
|
236603
|
+
...vulnerability.activationStatus ? { activation_status: vulnerability.activationStatus } : {}
|
|
236566
236604
|
};
|
|
236567
236605
|
component.reachability.push(reachabilityForGHSA);
|
|
236606
|
+
} else if (vulnerability.activationStatus && !reachabilityForGHSA.activation_status) {
|
|
236607
|
+
reachabilityForGHSA.activation_status = vulnerability.activationStatus;
|
|
236568
236608
|
}
|
|
236569
236609
|
if (vulnerability.codeAwareScanResult.type === "precomputed") {
|
|
236570
236610
|
reachabilityForGHSA.reachability.push(vulnerability.codeAwareScanResult);
|
|
@@ -251483,7 +251523,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
251483
251523
|
}
|
|
251484
251524
|
|
|
251485
251525
|
// dist/version.js
|
|
251486
|
-
var version3 = "14.12.
|
|
251526
|
+
var version3 = "14.12.190";
|
|
251487
251527
|
|
|
251488
251528
|
// dist/cli-core.js
|
|
251489
251529
|
var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
|
|
@@ -252275,7 +252315,8 @@ Subproject: ${subproject}`);
|
|
|
252275
252315
|
reachability,
|
|
252276
252316
|
purl: v.purl,
|
|
252277
252317
|
purlType: v.purlType,
|
|
252278
|
-
artifactId: v.artifactId
|
|
252318
|
+
artifactId: v.artifactId,
|
|
252319
|
+
activationStatus: v.activationStatus
|
|
252279
252320
|
};
|
|
252280
252321
|
});
|
|
252281
252322
|
}
|
package/package.json
CHANGED
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|