@coana-tech/cli 14.12.21 → 14.12.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +8 -5
- package/package.json +1 -1
- package/repos/coana-tech/alucard/alucard.jar +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
- package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
package/cli.mjs
CHANGED
|
@@ -198475,13 +198475,14 @@ async function getLatestBucketsSocket(subprojectPath, workspacePath) {
|
|
|
198475
198475
|
return void 0;
|
|
198476
198476
|
}
|
|
198477
198477
|
}
|
|
198478
|
-
async function useSocketComputeFixEndpoint(autofixRunId, artifacts, vulnerableArtifactIdsForGhsas) {
|
|
198478
|
+
async function useSocketComputeFixEndpoint(autofixRunId, artifacts, vulnerableArtifactIdsForGhsas, config3) {
|
|
198479
198479
|
try {
|
|
198480
198480
|
const url2 = getSocketApiUrl("fixes/compute-fixes");
|
|
198481
198481
|
const data2 = {
|
|
198482
198482
|
autofixRunId,
|
|
198483
198483
|
artifacts,
|
|
198484
|
-
vulnerableArtifactIndexes: vulnerableArtifactIdsForGhsas
|
|
198484
|
+
vulnerableArtifactIndexes: vulnerableArtifactIdsForGhsas,
|
|
198485
|
+
config: config3
|
|
198485
198486
|
};
|
|
198486
198487
|
return (await axios2.post(url2, data2, { headers: getAuthHeaders() })).data;
|
|
198487
198488
|
} catch (error) {
|
|
@@ -227213,7 +227214,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
227213
227214
|
}
|
|
227214
227215
|
|
|
227215
227216
|
// dist/version.js
|
|
227216
|
-
var version2 = "14.12.
|
|
227217
|
+
var version2 = "14.12.22";
|
|
227217
227218
|
|
|
227218
227219
|
// dist/cli-core.js
|
|
227219
227220
|
var { mapValues, omit, partition, pick } = import_lodash15.default;
|
|
@@ -228057,7 +228058,9 @@ async function computeFixesAndUpgradePurls(path2, options, logFile) {
|
|
|
228057
228058
|
return;
|
|
228058
228059
|
}
|
|
228059
228060
|
const ghsaToVulnerableArtifactIdsToApply = options.applyFixesTo.includes("all") ? ghsaToVulnerableArtifactIds : Object.fromEntries(Object.entries(ghsaToVulnerableArtifactIds).filter(([ghsa]) => options.applyFixesTo.includes(ghsa)));
|
|
228060
|
-
const computedFix = await useSocketComputeFixEndpoint(autofixRunId, artifacts, ghsaToVulnerableArtifactIdsToApply
|
|
228061
|
+
const computedFix = await useSocketComputeFixEndpoint(autofixRunId, artifacts, ghsaToVulnerableArtifactIdsToApply, {
|
|
228062
|
+
noMajorUpdates: options.disableMajorUpdates
|
|
228063
|
+
});
|
|
228061
228064
|
if (computedFix.type !== "success") {
|
|
228062
228065
|
throw new Error(`No fix found for the given vulnerabilities`);
|
|
228063
228066
|
}
|
|
@@ -228231,7 +228234,7 @@ upgradePurls.name("upgrade-purls").argument("<path>", "File system path to the f
|
|
|
228231
228234
|
});
|
|
228232
228235
|
}).configureHelp({ sortOptions: true });
|
|
228233
228236
|
var computeFixesAndUpgradePurlsCmd = new Command();
|
|
228234
|
-
computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument("<path>", "File system path to the folder containing the project").option("-a, --apply-fixes-to <ghsas...>", 'GHSA IDs to compute fixes for. Use "all" to compute fixes for all vulnerabilities.', []).option("--dry-run", "Show what changes would be made without actually making them", false).option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("--range-style <style>", 'Range style to use for the output. Currently only "pin" is supported and it only works for npm.').addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--manifests-tar-hash <hash>", "Hash of the tarball containing all manifest files already uploaded to Socket. If provided, Socket will be used for computing dependency trees.").hideHelp()).version(version2).action(async (path2, options) => {
|
|
228237
|
+
computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument("<path>", "File system path to the folder containing the project").option("-a, --apply-fixes-to <ghsas...>", 'GHSA IDs to compute fixes for. Use "all" to compute fixes for all vulnerabilities.', []).option("--dry-run", "Show what changes would be made without actually making them", false).option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("--range-style <style>", 'Range style to use for the output. Currently only "pin" is supported and it only works for npm.').option("--disable-major-updates", "Do not suggest major updates. If only major update are available, the fix will not be applied.", false).addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--manifests-tar-hash <hash>", "Hash of the tarball containing all manifest files already uploaded to Socket. If provided, Socket will be used for computing dependency trees.").hideHelp()).version(version2).action(async (path2, options) => {
|
|
228235
228238
|
process.env.DOCKER_IMAGE_TAG ??= version2;
|
|
228236
228239
|
if (options.rangeStyle && options.rangeStyle === "preserve") {
|
|
228237
228240
|
options.rangeStyle = void 0;
|
package/package.json
CHANGED
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|
|
Binary file
|