@coana-tech/cli 14.12.210 → 14.12.213

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/cli.mjs +3 -3
  2. package/package.json +1 -1
  3. package/reachability-analyzers-cli.mjs +10 -9
  4. package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
  5. package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
  6. package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
  7. package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
  8. package/repos/coana-tech/javap-service/javap-service.jar +0 -0
package/cli.mjs CHANGED
@@ -234796,7 +234796,7 @@ async function computeFixesAndUpgradePurls(path9, options, logFile) {
234796
234796
  }
234797
234797
  if (upgrades.size === 0) {
234798
234798
  if (autofixRunId) {
234799
- await getSocketAPI().finalizeAutofixRun(autofixRunId, "fixed-none");
234799
+ await getSocketAPI().finalizeAutofixRun(autofixRunId, "fixed-none", void 0, await logger.getLogContent(logFile));
234800
234800
  }
234801
234801
  throw new Error(`Unable to compute fixes for any of the requested vulnerabilities: ${prettyApplyFixesTo(options.applyFixesTo)}`);
234802
234802
  }
@@ -234814,7 +234814,7 @@ async function computeFixesAndUpgradePurls(path9, options, logFile) {
234814
234814
  }, autofixRunId) ?? "fixed-all";
234815
234815
  if (autofixRunId) {
234816
234816
  const allGhsasFailed = fixesFound.length === 0;
234817
- await getSocketAPI().finalizeAutofixRun(autofixRunId, ghsasWithFailedArtifacts.length === 0 && applyFixesStatus === "fixed-all" ? "fixed-all" : allGhsasFailed || applyFixesStatus === "fixed-none" ? "fixed-none" : "fixed-some");
234817
+ await getSocketAPI().finalizeAutofixRun(autofixRunId, ghsasWithFailedArtifacts.length === 0 && applyFixesStatus === "fixed-all" ? "fixed-all" : allGhsasFailed || applyFixesStatus === "fixed-none" ? "fixed-none" : "fixed-some", void 0, await logger.getLogContent(logFile));
234818
234818
  }
234819
234819
  return {
234820
234820
  type: "applied-fixes",
@@ -251742,7 +251742,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
251742
251742
  }
251743
251743
 
251744
251744
  // dist/version.js
251745
- var version3 = "14.12.210";
251745
+ var version3 = "14.12.213";
251746
251746
 
251747
251747
  // dist/cli-core.js
251748
251748
  var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@coana-tech/cli",
3
- "version": "14.12.210",
3
+ "version": "14.12.213",
4
4
  "description": "Coana CLI",
5
5
  "type": "module",
6
6
  "bin": {
package/reachability-analyzers-cli.mjs CHANGED
@@ -110898,7 +110898,7 @@ function tarjanAndCondensation(packageMetadatas) {
110898
110898
 
110899
110899
  // dist/whole-program-code-aware-vulnerability-scanner/js/dependency-preparation.js
110900
110900
  async function prepareNpmDependencies(subprojectDir, workspaceDir, artifactIdToArtifact, directDependencies, packageNamesToInstall) {
110901
- if (existsSync10(resolve12(subprojectDir, "node_modules")))
110901
+ if (existsSync10(resolve12(subprojectDir, "node_modules")) || existsSync10(resolve12(workspaceDir, "node_modules")))
110902
110902
  return { failedPackages: [], installedPackages: [] };
110903
110903
  const artifactToOriginal = /* @__PURE__ */ new Map();
110904
110904
  const transitiveDependenciesToInstall = Object.fromEntries(Object.entries(artifactIdToArtifact).filter(([_, dep]) => packageNamesToInstall.includes(getPackageName(dep))).map(([depId, dep]) => {
@@ -112039,7 +112039,7 @@ var JSCodeAwareVulnerabilityScanner = class _JSCodeAwareVulnerabilityScanner {
112039
112039
  ...new Set(state.vulnerabilities.flatMap((v) => Object.values(v.vulnChainDetails?.transitiveDependencies ?? {}).filter((d) => d.vulnerable === true).map((d) => d.packageName)))
112040
112040
  ];
112041
112041
  const packagesToInstall = !includePackages ? state.workspaceData.type === "coana" ? Object.values(state.workspaceData.data.dependencyTree.transitiveDependencies).map((dep) => getPackageName(dep)) : state.workspaceData.data.artifacts.map((dep) => getPackageName(dep)) : [.../* @__PURE__ */ new Set([...includePackages, ...vulnerablePackageNames])];
112042
- const { failedPackages } = await prepareNpmDependencies(state.rootWorkingDir, this.projectDir, state.workspaceData.type === "coana" ? state.workspaceData.data.dependencyTree.transitiveDependencies : Object.fromEntries(state.workspaceData.data.artifacts.map((d) => [d.id, d])), state.workspaceData.type === "coana" ? state.workspaceData.data.dependencyTree.dependencies ?? [] : state.workspaceData.data.artifacts.filter((a2) => a2.direct).map((a2) => a2.id), packagesToInstall);
112042
+ const { failedPackages } = await prepareNpmDependencies(state.subprojectDir, this.projectDir, state.workspaceData.type === "coana" ? state.workspaceData.data.dependencyTree.transitiveDependencies : Object.fromEntries(state.workspaceData.data.artifacts.map((d) => [d.id, d])), state.workspaceData.type === "coana" ? state.workspaceData.data.dependencyTree.dependencies ?? [] : state.workspaceData.data.artifacts.filter((a2) => a2.direct).map((a2) => a2.id), packagesToInstall);
112043
112043
  this.packagesExcludedUnrelatedToHeuristic = failedPackages.map((p) => getPackageName(p));
112044
112044
  }
112045
112045
  async runAnalysis(vulnerabilities, heuristic, timeoutInSeconds, experiment, telemetryHandler, analyzerTelemetryHandler) {
@@ -114393,8 +114393,9 @@ var NpmAnalyzer = class {
114393
114393
  }
114394
114394
  async runReachabilityAnalysis(vulns, analysisMetadataCollector, statusUpdater) {
114395
114395
  const heuristicsInOrder = this.state.otherAnalysisOptions.lightweightReachability ? [heuristics.IGNORE_DEPENDENCIES_AND_MAX_ROUNDS_3] : [heuristics.ONLY_VULN_PATH_PACKAGES_EXCEPT_VULNERABLE_PACKAGE];
114396
- const nodeModulesAlreadyExisted = existsSync14(resolve22(this.state.subprojectDir, "node_modules"));
114397
- this.preinstalledDependencies = nodeModulesAlreadyExisted ? "YES" : "NO";
114396
+ const nodeModulesAlreadyExistedInSubprojectDir = existsSync14(resolve22(this.state.subprojectDir, "node_modules"));
114397
+ const nodeModulesAlreadyExistedInProjectDir = existsSync14(resolve22(this.projectDir, "node_modules"));
114398
+ this.preinstalledDependencies = nodeModulesAlreadyExistedInSubprojectDir || nodeModulesAlreadyExistedInProjectDir ? "YES" : "NO";
114398
114399
  const wrappedCollector = (metadata) => {
114399
114400
  const jellyDiagnostics = metadata.analysisDiagnostics;
114400
114401
  if (jellyDiagnostics?.modules !== void 0) {
@@ -114518,11 +114519,11 @@ ${e.stack}` : String(e),
114518
114519
  return res;
114519
114520
  } finally {
114520
114521
  await Promise.all([this.engine.cleanup(), vulnerabilityScanner.cleanup()]);
114521
- if (!nodeModulesAlreadyExisted) {
114522
- if (existsSync14(resolve22(this.state.subprojectDir, "node_modules")))
114523
- await rm8(resolve22(this.state.subprojectDir, "node_modules"), { recursive: true });
114524
- if (existsSync14(resolve22(this.projectDir, "node_modules")))
114525
- await rm8(resolve22(this.projectDir, "node_modules"), { recursive: true });
114522
+ if (!nodeModulesAlreadyExistedInSubprojectDir) {
114523
+ await rm8(resolve22(this.state.subprojectDir, "node_modules"), { recursive: true, force: true });
114524
+ }
114525
+ if (!nodeModulesAlreadyExistedInProjectDir) {
114526
+ await rm8(resolve22(this.projectDir, "node_modules"), { recursive: true, force: true });
114526
114527
  }
114527
114528
  }
114528
114529
  }