npm - @coana-tech/cli - Versions diffs - 14.12.20 → 14.12.21 - Mend

@coana-tech/cli 14.12.20 → 14.12.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/cli.mjs +203 -135
package/package.json +1 -1
package/repos/coana-tech/alucard/alucard.jar +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
package/repos/coana-tech/mambalade/dist/mambalade-0.3.12-py3-none-any.whl +0 -0

package/cli.mjs CHANGED Viewed

@@ -191180,12 +191180,18 @@ var GoFixingManager = class {
     await applySeries(Object.entries(fixes), async ([workspacePath, fixesWithId]) => {
       const dependencyTree = fixingInfo.dependencyTrees[workspacePath];
       await applySeries(fixesWithId, async ({ fixId, vulnerabilityFixes }) => {
-        await this.applySecurityFixesForWorkspace(workspacePath, vulnerabilityFixes, dependencyTree);
+        await this.applySecurityFixesForWorkspace(
+          workspacePath,
+          vulnerabilityFixes,
+          Object.fromEntries(
+            Object.entries(dependencyTree.transitiveDependencies).map(([key, value]) => [key, value.version])
+          )
+        );
         signalFixApplied2?.(fixId, this.subprojectPath, workspacePath, vulnerabilityFixes);
       });
     });
   }
-  async applySecurityFixesForWorkspace(workspacePath, fixes, dependencyTree) {
+  async applySecurityFixesForWorkspace(workspacePath, fixes, dependencyNameToVersion) {
     const subprojectPath = resolve(this.rootDir, this.subprojectPath, workspacePath);
     const runGoGetCmd = async (projectPath, oldModule, newModule) => {
       const success = await execAndLogOnFailure(["go", "get", newModule], projectPath);
@@ -191204,14 +191210,171 @@ var GoFixingManager = class {
     for (const fix of fixes) {
       const fixedRelease = `${fix.dependencyName}@v${fix.fixedVersion}`;
       const currentRelease = `${fix.dependencyName}@v${fix.currentVersion}`;
-      const moduleInDepTree = dependencyTree.transitiveDependencies[fix.dependencyName];
-      if (!moduleInDepTree || moduleInDepTree.version !== fix.currentVersion) return;
+      const version3 = dependencyNameToVersion[fix.dependencyName];
+      if (version3 !== fix.currentVersion) return;
       await runGoGetCmd(subprojectPath, currentRelease, fixedRelease);
       await excludeDowngraded(subprojectPath, fix);
     }
   }
 };
+// ../fixing-management/src/fixing-management/go/go-socket-upgrade-manager.ts
+import { dirname } from "path";
+// ../web-compat-utils/src/purl-utils.ts
+function getPurlType(ecosystem) {
+  switch (ecosystem) {
+    case "NPM":
+      return "npm" /* NPM */;
+    case "MAVEN":
+      return "maven" /* MAVEN */;
+    case "PIP":
+      return "pypi" /* PYPI */;
+    case "NUGET":
+      return "nuget" /* NUGET */;
+    case "GO":
+      return "golang" /* GOLANG */;
+    case "RUST":
+      return "cargo" /* CARGO */;
+    case "RUBYGEMS":
+      return "gem" /* GEM */;
+    default:
+      throw Error(`Unsupported ecosystem: ${ecosystem}`);
+  }
+}
+function getAdvisoryEcosystemFromPurl(purl) {
+  const [purlSceme, rest] = purl.split(":");
+  if (purlSceme !== "pkg") throw Error(`Upsupported purl scheme: ${purlSceme}`);
+  const [purlType] = rest.split("/");
+  return getAdvisoryEcosystemFromPurlType(purlType);
+}
+function getAdvisoryEcosystemFromPurlType(purlType) {
+  switch (purlType) {
+    case "npm" /* NPM */:
+      return "NPM";
+    case "maven" /* MAVEN */:
+      return "MAVEN";
+    case "pypi" /* PYPI */:
+      return "PIP";
+    case "nuget" /* NUGET */:
+      return "NUGET";
+    case "golang" /* GOLANG */:
+      return "GO";
+    case "cargo" /* CARGO */:
+      return "RUST";
+    case "gem" /* GEM */:
+      return "RUBYGEMS";
+    default:
+      throw Error(`Unsupported purl type: ${purlType}`);
+  }
+}
+function getPurlStrings(dependencyTree) {
+  const res = {};
+  for (const [depId, node] of Object.entries(dependencyTree.transitiveDependencies)) {
+    const type = getPurlType(dependencyTree.ecosystem ?? "NPM");
+    const { namespace: namespace2, name } = getNamespaceAndName(dependencyTree.ecosystem, node.packageName);
+    const version3 = node.version;
+    const purl = simplePurl(type, namespace2, name, version3);
+    if (!res[purl]) res[purl] = /* @__PURE__ */ new Set();
+    res[purl].add(depId);
+  }
+  return res;
+}
+function simplePurl(type, namespace2, name, version3) {
+  return `pkg:${type}${namespace2 ? `/${namespace2}` : ""}/${name}${version3 ? `@${version3}` : ""}`;
+}
+function getNamespaceAndName(ecosystem, packageName) {
+  let namespace2 = "";
+  let name = "";
+  switch (ecosystem) {
+    case "NPM":
+      if (packageName.includes("/")) [namespace2, name] = packageName.split("/", 2);
+      else name = packageName;
+      break;
+    case "MAVEN":
+      if (packageName.includes(":")) [namespace2, name] = packageName.split(":", 2);
+      else name = packageName;
+      break;
+    case "PIP":
+      name = packageName;
+      break;
+    default:
+      name = packageName;
+  }
+  return { namespace: namespace2, name };
+}
+function getNameFromNamespaceAndName(purlType, namespace2, name) {
+  if (!name) return "";
+  switch (purlType) {
+    case "npm" /* NPM */:
+      return namespace2 ? `${namespace2}/${name}` : name;
+    case "maven" /* MAVEN */:
+      return namespace2 ? `${namespace2}:${name}` : name;
+    case "pypi" /* PYPI */:
+      return name;
+    case "golang" /* GOLANG */:
+      return namespace2 ? `${namespace2}/${name}` : name;
+    default:
+      return name;
+  }
+}
+// ../fixing-management/src/fixing-management/go/go-socket-upgrade-manager.ts
+var GoSocketUpgradeManager = class {
+  constructor(rootDir) {
+    this.rootDir = rootDir;
+  }
+  async applySocketArtifactUpgrades(_manifestFiles, upgrades, artifacts, rangeStyle) {
+    const subprojectsToUpgrade = await this.groupUpgradesBySubproject(upgrades, artifacts);
+    for (const [subprojectDir, upgradesForSubproject] of subprojectsToUpgrade) {
+      const fixingManager = new GoFixingManager(this.rootDir, subprojectDir);
+      await this.applySecurityFixesForSocketArtifacts(fixingManager, artifacts, upgradesForSubproject, rangeStyle);
+    }
+  }
+  async groupUpgradesBySubproject(upgrades, artifacts) {
+    const subprojectToUpgrade = /* @__PURE__ */ new Map();
+    for (const upgrade of upgrades) {
+      const artifact = artifacts[upgrade.idx];
+      const goModFiles = artifact.manifestFiles?.filter((a5) => a5.file.endsWith("go.mod")) ?? [];
+      artifact.toplevelAncestors?.forEach((ancestorId) => {
+        const ancestor = artifacts.find((a5) => a5.id === ancestorId);
+        if (ancestor) {
+          const ancestorGoModFiles = ancestor.manifestFiles?.filter((a5) => a5.file.endsWith("go.mod")) ?? [];
+          goModFiles.push(...ancestorGoModFiles);
+        }
+      });
+      if (goModFiles.length === 0) {
+        throw new Error("Failed to find go.mod file for artifact");
+      }
+      for (const goModFile of goModFiles) {
+        const subprojectDir = dirname(goModFile.file);
+        if (!subprojectToUpgrade.has(subprojectDir)) {
+          subprojectToUpgrade.set(subprojectDir, []);
+        }
+        subprojectToUpgrade.get(subprojectDir).push(upgrade);
+      }
+    }
+    return subprojectToUpgrade;
+  }
+  async applySecurityFixesForSocketArtifacts(fixingManager, artifacts, upgrades, _rangeStyle) {
+    const normalizeVersion = (version3) => version3.startsWith("v") ? version3.slice(1) : version3;
+    const upgradesTransformed = upgrades.map((upgrade) => ({
+      dependencyName: getNameFromNamespaceAndName(
+        "golang" /* GOLANG */,
+        artifacts[upgrade.idx].namespace,
+        artifacts[upgrade.idx].name
+      ),
+      currentVersion: normalizeVersion(artifacts[upgrade.idx].version ?? ""),
+      dependencyIdentifier: "" + upgrade.idx,
+      fixedVersion: normalizeVersion(upgrade.upgradeVersion)
+    }));
+    const dependencies = Object.fromEntries(
+      upgradesTransformed.map((fix) => [fix.dependencyName, fix.currentVersion])
+    );
+    await fixingManager.applySecurityFixesForWorkspace(".", upgradesTransformed, dependencies);
+  }
+};
 // ../fixing-management/src/fixing-management/maven/gradle-fixing-manager.ts
 import { existsSync as existsSync3 } from "node:fs";
 import { readFile as readFile5 } from "node:fs/promises";
@@ -193615,7 +193778,7 @@ import { resolve as resolve6 } from "node:path";
 var import_parse_xml2 = __toESM(require_dist(), 1);
 import { readFile as readFile6 } from "node:fs/promises";
 import { existsSync as existsSync4 } from "node:fs";
-import { resolve as resolve5, join as join4, relative as relative2, dirname } from "node:path";
+import { resolve as resolve5, join as join4, relative as relative2, dirname as dirname2 } from "node:path";
 // ../fixing-management/src/fixing-management/utils/xml-utils.ts
 var import_parse_xml = __toESM(require_dist(), 1);
@@ -194103,7 +194266,7 @@ function getParentPomPath(pom) {
   if (!parentElement) return void 0;
   const relativePathElement = parentElement.children.filter((child) => child instanceof import_parse_xml2.XmlElement).find((child) => child.name === "relativePath");
   const relativePath = relativePathElement?.text ?? join4("..", "pom.xml");
-  return relativePath ? resolve5(dirname(pom.validatedPomFile), relativePath) : void 0;
+  return relativePath ? resolve5(dirname2(pom.validatedPomFile), relativePath) : void 0;
 }
 // ../fixing-management/src/fixing-management/maven/maven-fixing-manager.ts
@@ -194455,7 +194618,7 @@ var MavenFixingManager = class {
 // ../fixing-management/src/fixing-management/maven/maven-socket-upgrade-manager.ts
 var import_picomatch = __toESM(require_picomatch2(), 1);
-import { basename, dirname as dirname2, relative as relative4, resolve as resolve10 } from "node:path";
+import { basename, dirname as dirname3, relative as relative4, resolve as resolve10 } from "node:path";
 // ../fixing-management/src/fixing-management/utils/socket-patch-application.ts
 import { existsSync as existsSync5 } from "node:fs";
@@ -194549,102 +194712,6 @@ async function applySocketPatchResults(ecosystem, rootDir, patchResults) {
   }
 }
-// ../web-compat-utils/src/purl-utils.ts
-function getPurlType(ecosystem) {
-  switch (ecosystem) {
-    case "NPM":
-      return "npm" /* NPM */;
-    case "MAVEN":
-      return "maven" /* MAVEN */;
-    case "PIP":
-      return "pypi" /* PYPI */;
-    case "NUGET":
-      return "nuget" /* NUGET */;
-    case "GO":
-      return "golang" /* GOLANG */;
-    case "RUST":
-      return "cargo" /* CARGO */;
-    case "RUBYGEMS":
-      return "gem" /* GEM */;
-    default:
-      throw Error(`Unsupported ecosystem: ${ecosystem}`);
-  }
-}
-function getAdvisoryEcosystemFromPurl(purl) {
-  const [purlSceme, rest] = purl.split(":");
-  if (purlSceme !== "pkg") throw Error(`Upsupported purl scheme: ${purlSceme}`);
-  const [purlType] = rest.split("/");
-  return getAdvisoryEcosystemFromPurlType(purlType);
-}
-function getAdvisoryEcosystemFromPurlType(purlType) {
-  switch (purlType) {
-    case "npm" /* NPM */:
-      return "NPM";
-    case "maven" /* MAVEN */:
-      return "MAVEN";
-    case "pypi" /* PYPI */:
-      return "PIP";
-    case "nuget" /* NUGET */:
-      return "NUGET";
-    case "golang" /* GOLANG */:
-      return "GO";
-    case "cargo" /* CARGO */:
-      return "RUST";
-    case "gem" /* GEM */:
-      return "RUBYGEMS";
-    default:
-      throw Error(`Unsupported purl type: ${purlType}`);
-  }
-}
-function getPurlStrings(dependencyTree) {
-  const res = {};
-  for (const [depId, node] of Object.entries(dependencyTree.transitiveDependencies)) {
-    const type = getPurlType(dependencyTree.ecosystem ?? "NPM");
-    const { namespace: namespace2, name } = getNamespaceAndName(dependencyTree.ecosystem, node.packageName);
-    const version3 = node.version;
-    const purl = simplePurl(type, namespace2, name, version3);
-    if (!res[purl]) res[purl] = /* @__PURE__ */ new Set();
-    res[purl].add(depId);
-  }
-  return res;
-}
-function simplePurl(type, namespace2, name, version3) {
-  return `pkg:${type}${namespace2 ? `/${namespace2}` : ""}/${name}${version3 ? `@${version3}` : ""}`;
-}
-function getNamespaceAndName(ecosystem, packageName) {
-  let namespace2 = "";
-  let name = "";
-  switch (ecosystem) {
-    case "NPM":
-      if (packageName.includes("/")) [namespace2, name] = packageName.split("/", 2);
-      else name = packageName;
-      break;
-    case "MAVEN":
-      if (packageName.includes(":")) [namespace2, name] = packageName.split(":", 2);
-      else name = packageName;
-      break;
-    case "PIP":
-      name = packageName;
-      break;
-    default:
-      name = packageName;
-  }
-  return { namespace: namespace2, name };
-}
-function getNameFromNamespaceAndName(purlType, namespace2, name) {
-  if (!name) return "";
-  switch (purlType) {
-    case "npm" /* NPM */:
-      return namespace2 ? `${namespace2}/${name}` : name;
-    case "maven" /* MAVEN */:
-      return namespace2 ? `${namespace2}:${name}` : name;
-    case "pypi" /* PYPI */:
-      return name;
-    default:
-      return name;
-  }
-}
 // ../fixing-management/src/fixing-management/utils/socket-required-upgrade-helper.ts
 function collectRequiredSocketUpgradesByIndex(ecosystem, upgrades, originalArtifacts, recomputedArtifacts) {
   const requiredUpgrades = [];
@@ -198567,8 +198634,8 @@ var MavenSocketUpgradeManager = class {
     const manifestFileSet = /* @__PURE__ */ new Set();
     for (const manifestFile of manifestFiles) {
       let shouldAdd = true;
-      let curr = dirname2(manifestFile);
-      while (shouldAdd && curr !== dirname2(curr)) {
+      let curr = dirname3(manifestFile);
+      while (shouldAdd && curr !== dirname3(curr)) {
         const dirName3 = basename(curr);
         if (dirName3 === "target" || dirName3 === "build") {
           shouldAdd = false;
@@ -198577,7 +198644,7 @@ var MavenSocketUpgradeManager = class {
             `Skipping manifest file ${manifestFile} - appears to be generated by ${buildSystem} (found in ${dirName3}/)`
           );
         }
-        curr = dirname2(curr);
+        curr = dirname3(curr);
       }
       if (shouldAdd) manifestFileSet.add(resolve10(this.rootDir, manifestFile));
     }
@@ -205797,7 +205864,7 @@ glob.glob = glob;
 // ../utils/src/npm-utils.ts
 var import_lodash4 = __toESM(require_lodash(), 1);
 var import_lockfile_file = __toESM(require_lib25(), 1);
-import { dirname as dirname4, relative as relative6, resolve as resolve12, sep as sep2 } from "path";
+import { dirname as dirname5, relative as relative6, resolve as resolve12, sep as sep2 } from "path";
 // ../utils/dist/command-utils.js
 import assert4 from "assert";
@@ -206030,7 +206097,7 @@ function argt2(statics, ...values) {
 }
 // ../utils/dist/package-utils.js
-import { parse, join as join7, resolve as resolve11, normalize as normalize2, dirname as dirname3, basename as basename2, relative as relative5 } from "path";
+import { parse, join as join7, resolve as resolve11, normalize as normalize2, dirname as dirname4, basename as basename2, relative as relative5 } from "path";
 import { existsSync as existsSync7, readFileSync, readdirSync as readdirSync2, statSync, writeFileSync } from "fs";
 function getPackageJsonObject(workspaceRoot) {
   const packageJSONContent = getPackageJsonContent(workspaceRoot);
@@ -206098,7 +206165,7 @@ async function getWorkspacePathsFromPackageJSON(projectFolder, useDotWhenNoWorks
   const workspacePaths = [];
   await asyncForEach(workspaceGlobPatternsArray, async (workspace) => {
     workspacePaths.push(
-      ...(await glob(resolve12(projectFolder, workspace, "package.json"))).map((path2) => relative6(projectFolder, dirname4(path2))).filter((path2) => !path2.includes(`${sep2}node_modules${sep2}`))
+      ...(await glob(resolve12(projectFolder, workspace, "package.json"))).map((path2) => relative6(projectFolder, dirname5(path2))).filter((path2) => !path2.includes(`${sep2}node_modules${sep2}`))
     );
   });
   return workspacePaths;
@@ -206378,7 +206445,7 @@ import { readFile as readFile14, writeFile as writeFile5 } from "fs/promises";
 import { resolve as resolve16 } from "path";
 // ../utils/src/package-utils.ts
-import { parse as parse2, join as join8, resolve as resolve15, normalize as normalize3, dirname as dirname5, basename as basename3, relative as relative7 } from "path";
+import { parse as parse2, join as join8, resolve as resolve15, normalize as normalize3, dirname as dirname6, basename as basename3, relative as relative7 } from "path";
 import { existsSync as existsSync9, readFileSync as readFileSync2, readdirSync as readdirSync3, statSync as statSync2, writeFileSync as writeFileSync2 } from "fs";
 function setFieldInPackageJson(workspaceRoot, field, value) {
   const packageJSONContentObj = getPackageJsonObject2(workspaceRoot);
@@ -206633,7 +206700,7 @@ var YarnFixingManager = class extends NpmEcosystemFixingManager {
 };
 // ../fixing-management/src/fixing-management/npm/npm-ecosystem-socket-fixing-manager.ts
-import { dirname as dirname6, join as join9, relative as relative8 } from "path";
+import { dirname as dirname7, join as join9, relative as relative8 } from "path";
 import { existsSync as existsSync10 } from "fs";
 import { readFile as readFile15, writeFile as writeFile6 } from "fs/promises";
 function applyUpgradesToPackageJson(packageJsonContent, upgrades, rangeStyle) {
@@ -206703,7 +206770,7 @@ var NpmSocketUpgradeManager = class {
         )
       );
       for (const lockFile of lockFiles ?? []) {
-        const subprojectDir = dirname6(lockFile.file);
+        const subprojectDir = dirname7(lockFile.file);
         const isPnpmLockFile = lockFile.file.endsWith("pnpm-lock.yaml") || lockFile.file.endsWith("pnpm-lock.yml");
         const workspaces = isPnpmLockFile ? await getWorkspacePathsFromPnpmLockFile(subprojectDir, true) : await getWorkspacePathsFromPackageJSON(subprojectDir, true);
         for (const workspace of workspaces) {
@@ -206712,13 +206779,13 @@ var NpmSocketUpgradeManager = class {
       }
       const packageJsonFiles = artifact.manifestFiles?.filter((a5) => a5.file.endsWith("package.json")) ?? [];
       for (const lockFile of lockFiles ?? []) {
-        const correspondingPackageJsonFile = join9(dirname6(lockFile.file), "package.json");
+        const correspondingPackageJsonFile = join9(dirname7(lockFile.file), "package.json");
         if (!packageJsonFiles.some((p3) => p3.file === correspondingPackageJsonFile) && existsSync10(correspondingPackageJsonFile)) {
           packageJsonFiles.push({ file: correspondingPackageJsonFile });
         }
       }
       for (const packageJsonFile of packageJsonFiles ?? []) {
-        const packageJsonDir = dirname6(packageJsonFile.file);
+        const packageJsonDir = dirname7(packageJsonFile.file);
         const subprojectDir = workspaceToSubproject.get(packageJsonDir) ?? packageJsonDir;
         if (!subprojectToUpgrade.has(subprojectDir)) {
           subprojectToUpgrade.set(subprojectDir, /* @__PURE__ */ new Map());
@@ -207104,7 +207171,7 @@ import { basename as basename4, relative as relative10, resolve as resolve18 } f
 // ../fixing-management/src/fixing-management/nuget/nuget-project-utils.ts
 var import_parse_xml3 = __toESM(require_dist(), 1);
 import { readFile as readFile17 } from "node:fs/promises";
-import { dirname as dirname7, join as join12, relative as relative9, resolve as resolve17 } from "node:path";
+import { dirname as dirname8, join as join12, relative as relative9, resolve as resolve17 } from "node:path";
 import { existsSync as existsSync11 } from "node:fs";
 function normalizeMSBuildPath(path2) {
   return path2.replace(/\\/g, "/");
@@ -207196,8 +207263,8 @@ function extractPackagesFromXml(xmlDoc, fileContent) {
 }
 async function findDirectoryBuildPropsProjects(project, validateFile) {
   const projectsReverse = [];
-  let currentDir = dirname7(project.validatedProjectPath);
-  while (currentDir.startsWith(project.rootDir) && currentDir !== dirname7(currentDir)) {
+  let currentDir = dirname8(project.validatedProjectPath);
+  while (currentDir.startsWith(project.rootDir) && currentDir !== dirname8(currentDir)) {
     const unvalidatedPath = join12(currentDir, "Directory.Build.props");
     const validatedPath = validateFile(unvalidatedPath);
     if (validatedPath && validatedPath !== project.validatedProjectPath) {
@@ -207211,19 +207278,19 @@ async function findDirectoryBuildPropsProjects(project, validateFile) {
         projectsReverse.push(directoryBuildPropsProject);
       }
     }
-    currentDir = dirname7(currentDir);
+    currentDir = dirname8(currentDir);
   }
   return projectsReverse.reverse();
 }
 async function findDirectoryPackagesPropsProjects(project, validateFile) {
-  let currentDir = dirname7(project.validatedProjectPath);
-  while (currentDir.startsWith(project.rootDir) && currentDir !== dirname7(currentDir)) {
+  let currentDir = dirname8(project.validatedProjectPath);
+  while (currentDir.startsWith(project.rootDir) && currentDir !== dirname8(currentDir)) {
     const unvalidatedPath = join12(currentDir, "Directory.Packages.props");
     const validatedPath = validateFile(unvalidatedPath);
     if (validatedPath) {
       return validatedPath !== project.validatedProjectPath ? await loadNuGetProject(project.rootDir, unvalidatedPath, validateFile, project.visited) : void 0;
     }
-    currentDir = dirname7(currentDir);
+    currentDir = dirname8(currentDir);
   }
   return void 0;
 }
@@ -207249,7 +207316,7 @@ async function handleImportElement(project, importElement, validateFile) {
   if (!projectValue) return;
   const importPath = evaluate2(projectValue.text, project);
   if (!importPath) return;
-  const resolvedPath = resolve17(dirname7(project.validatedProjectPath), normalizeMSBuildPath(importPath));
+  const resolvedPath = resolve17(dirname8(project.validatedProjectPath), normalizeMSBuildPath(importPath));
   const validatedPath = validateFile(resolvedPath);
   if (!validatedPath || !existsSync11(validatedPath)) return;
   const importedProject = await loadNuGetProject(project.rootDir, resolvedPath, validateFile, project.visited);
@@ -207990,6 +208057,7 @@ var fixingManagerConstructors = {
   }
 };
 var socketUpgradeManagerConstructors = {
+  GO: GoSocketUpgradeManager,
   MAVEN: MavenSocketUpgradeManager,
   NPM: NpmSocketUpgradeManager,
   NUGET: NuGetSocketUpgradeManager
@@ -208027,7 +208095,7 @@ import { resolve as resolve20 } from "path";
 // ../utils/dist/constants.js
 var import_lodash6 = __toESM(require_lodash(), 1);
-import { dirname as dirname8, join as join14 } from "node:path";
+import { dirname as dirname9, join as join14 } from "node:path";
 import { fileURLToPath as fileURLToPath3 } from "node:url";
 // ../utils/dist/file-utils.js
@@ -208055,7 +208123,7 @@ function findParent(dir, predicate, wholePath) {
 // ../utils/dist/constants.js
 var { once: once2 } = import_lodash6.default;
 var fileName = fileURLToPath3(import.meta.url);
-var dirName = dirname8(fileName);
+var dirName = dirname9(fileName);
 var COANA_ROOT = once2(() => {
   const coanaRoot = process.env.COANA_ROOT ?? findParent(dirName, (d3) => ["coana-package-manager", "coana"].includes(d3));
   if (!coanaRoot) {
@@ -209179,11 +209247,11 @@ import { resolve as resolve22 } from "path";
 // ../utils/src/constants.ts
 var import_lodash9 = __toESM(require_lodash(), 1);
-import { dirname as dirname9, join as join19 } from "node:path";
+import { dirname as dirname10, join as join19 } from "node:path";
 import { fileURLToPath as fileURLToPath4 } from "node:url";
 var { once: once4 } = import_lodash9.default;
 var fileName2 = fileURLToPath4(import.meta.url);
-var dirName2 = dirname9(fileName2);
+var dirName2 = dirname10(fileName2);
 var COANA_ROOT2 = once4(() => {
   const coanaRoot = process.env.COANA_ROOT ?? findParent2(dirName2, (d3) => ["coana-package-manager", "coana"].includes(d3));
   if (!coanaRoot) {
@@ -211799,13 +211867,13 @@ function transformToVulnChainNode(dependencyTree) {
 // dist/internal/socket-mode-helpers-socket-dependency-trees.js
 var import_packageurl_js = __toESM(require_packageurl_js(), 1);
 var import_picomatch3 = __toESM(require_picomatch2(), 1);
-import { basename as basename8, dirname as dirname10, join as join24, sep as sep5 } from "path";
+import { basename as basename8, dirname as dirname11, join as join24, sep as sep5 } from "path";
 var REQUIREMENTS_FILES_SEARCH_DEPTH2 = 3;
 function inferWorkspaceFromManifestPath(ecosystem, manifestPath, properPythonProjects) {
   switch (ecosystem) {
     case "NPM": {
       const base = basename8(manifestPath);
-      const dir = dirname10(manifestPath);
+      const dir = dirname11(manifestPath);
       return base === "package.json" ? dir || "." : void 0;
     }
     case "MAVEN": {
@@ -211813,7 +211881,7 @@ function inferWorkspaceFromManifestPath(ecosystem, manifestPath, properPythonPro
     }
     case "PIP": {
       const base = basename8(manifestPath);
-      const dir = dirname10(manifestPath);
+      const dir = dirname11(manifestPath);
       const workspaceDir = dir === "" ? "." : dir;
       if (properPythonProjects.includes(workspaceDir)) {
         return workspaceDir;
@@ -211835,11 +211903,11 @@ function inferWorkspaceFromManifestPath(ecosystem, manifestPath, properPythonPro
       return ".";
     }
     case "RUST": {
-      return dirname10(manifestPath) || ".";
+      return dirname11(manifestPath) || ".";
     }
     case "GO": {
       const base = basename8(manifestPath);
-      const dir = dirname10(manifestPath);
+      const dir = dirname11(manifestPath);
       return base === "go.mod" ? dir || "." : void 0;
     }
     default: {
@@ -211852,7 +211920,7 @@ function inferProjectFromManifestPath(ecosystem, manifestPath) {
     case "NPM": {
       const filename = basename8(manifestPath);
       if (["package-lock.json", "pnpm-lock.yaml", "pnpm-lock.yml", "yarn.lock"].includes(filename)) {
-        return dirname10(manifestPath) || ".";
+        return dirname11(manifestPath) || ".";
       }
       return void 0;
     }
@@ -211917,7 +211985,7 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
     const allFiles = await getFilesRelative(rootWorkingDirectory, venvExcludes);
     for (const file of allFiles) {
       const base = basename8(file);
-      const workspaceDir = dirname10(file) || ".";
+      const workspaceDir = dirname11(file) || ".";
       if (base === "pyproject.toml" || base === "setup.py" && await isSetupPySetuptools(join24(rootWorkingDirectory, file))) {
         if (!properPythonProjects.includes(workspaceDir)) {
           properPythonProjects.push(workspaceDir);
@@ -227145,7 +227213,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 // dist/version.js
-var version2 = "14.12.20";
+var version2 = "14.12.21";
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;
@@ -227831,7 +227899,7 @@ async function getGitDataToMetadataIfAvailable(rootWorkingDirectory) {
 // dist/cli-upgrade-purl.js
 import { join as join27, relative as relative17 } from "node:path";
 var import_packageurl_js2 = __toESM(require_packageurl_js(), 1);
-var ECOSYSTEMS_WITH_SOCKET_UPGRADES = ["NPM", "MAVEN", "NUGET"];
+var ECOSYSTEMS_WITH_SOCKET_UPGRADES = ["NPM", "MAVEN", "NUGET", "GO"];
 async function upgradePurl(path2, upgrades, options, logFile, cliFixRunId) {
   if (options.rangeStyle && options.rangeStyle !== "pin") {
     throw new Error('Range style must be "pin"');

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.20",
+  "version": "14.12.21",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/repos/coana-tech/alucard/alucard.jar CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/mambalade/dist/mambalade-0.3.12-py3-none-any.whl CHANGED Viewed

Binary file