npm - @coana-tech/cli - Versions diffs - 14.12.211 → 14.12.214 - Mend

@coana-tech/cli 14.12.211 → 14.12.214

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/cli.mjs CHANGED Viewed

@@ -234796,7 +234796,7 @@ async function computeFixesAndUpgradePurls(path9, options, logFile) {
   }
   if (upgrades.size === 0) {
     if (autofixRunId) {
-      await getSocketAPI().finalizeAutofixRun(autofixRunId, "fixed-none");
+      await getSocketAPI().finalizeAutofixRun(autofixRunId, "fixed-none", void 0, await logger.getLogContent(logFile));
     }
     throw new Error(`Unable to compute fixes for any of the requested vulnerabilities: ${prettyApplyFixesTo(options.applyFixesTo)}`);
   }
@@ -234814,7 +234814,7 @@ async function computeFixesAndUpgradePurls(path9, options, logFile) {
     }, autofixRunId) ?? "fixed-all";
     if (autofixRunId) {
       const allGhsasFailed = fixesFound.length === 0;
-      await getSocketAPI().finalizeAutofixRun(autofixRunId, ghsasWithFailedArtifacts.length === 0 && applyFixesStatus === "fixed-all" ? "fixed-all" : allGhsasFailed || applyFixesStatus === "fixed-none" ? "fixed-none" : "fixed-some");
+      await getSocketAPI().finalizeAutofixRun(autofixRunId, ghsasWithFailedArtifacts.length === 0 && applyFixesStatus === "fixed-all" ? "fixed-all" : allGhsasFailed || applyFixesStatus === "fixed-none" ? "fixed-none" : "fixed-some", void 0, await logger.getLogContent(logFile));
     }
     return {
       type: "applied-fixes",
@@ -251742,7 +251742,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 // dist/version.js
-var version3 = "14.12.211";
+var version3 = "14.12.214";
 // dist/cli-core.js
 var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.211",
+  "version": "14.12.214",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/reachability-analyzers-cli.mjs CHANGED Viewed

@@ -110898,7 +110898,7 @@ function tarjanAndCondensation(packageMetadatas) {
 // dist/whole-program-code-aware-vulnerability-scanner/js/dependency-preparation.js
 async function prepareNpmDependencies(subprojectDir, workspaceDir, artifactIdToArtifact, directDependencies, packageNamesToInstall) {
-  if (existsSync10(resolve12(subprojectDir, "node_modules")))
+  if (existsSync10(resolve12(subprojectDir, "node_modules")) || existsSync10(resolve12(workspaceDir, "node_modules")))
     return { failedPackages: [], installedPackages: [] };
   const artifactToOriginal = /* @__PURE__ */ new Map();
   const transitiveDependenciesToInstall = Object.fromEntries(Object.entries(artifactIdToArtifact).filter(([_, dep]) => packageNamesToInstall.includes(getPackageName(dep))).map(([depId, dep]) => {
@@ -111873,6 +111873,7 @@ var SparJSAnalysisEngine = class extends JSAnalysisEngine {
           ${/* XXX: Requires Node 22+ */
       approx && "--approx"}
           --callstacks-json ${callStackFile}
+          --escape-patch-resolved-reads
           --unresolved-non-vulnerable
           ${parseShellArgs(process.env.COANA_SPARJS_ADDITIONAL_FLAGS ?? "")}
           ${filesToAnalyze}
@@ -114393,8 +114394,9 @@ var NpmAnalyzer = class {
   }
   async runReachabilityAnalysis(vulns, analysisMetadataCollector, statusUpdater) {
     const heuristicsInOrder = this.state.otherAnalysisOptions.lightweightReachability ? [heuristics.IGNORE_DEPENDENCIES_AND_MAX_ROUNDS_3] : [heuristics.ONLY_VULN_PATH_PACKAGES_EXCEPT_VULNERABLE_PACKAGE];
-    const nodeModulesAlreadyExisted = existsSync14(resolve22(this.state.subprojectDir, "node_modules"));
-    this.preinstalledDependencies = nodeModulesAlreadyExisted ? "YES" : "NO";
+    const nodeModulesAlreadyExistedInSubprojectDir = existsSync14(resolve22(this.state.subprojectDir, "node_modules"));
+    const nodeModulesAlreadyExistedInProjectDir = existsSync14(resolve22(this.projectDir, "node_modules"));
+    this.preinstalledDependencies = nodeModulesAlreadyExistedInSubprojectDir || nodeModulesAlreadyExistedInProjectDir ? "YES" : "NO";
     const wrappedCollector = (metadata) => {
       const jellyDiagnostics = metadata.analysisDiagnostics;
       if (jellyDiagnostics?.modules !== void 0) {
@@ -114518,11 +114520,11 @@ ${e.stack}` : String(e),
       return res;
     } finally {
       await Promise.all([this.engine.cleanup(), vulnerabilityScanner.cleanup()]);
-      if (!nodeModulesAlreadyExisted) {
-        if (existsSync14(resolve22(this.state.subprojectDir, "node_modules")))
-          await rm8(resolve22(this.state.subprojectDir, "node_modules"), { recursive: true });
-        if (existsSync14(resolve22(this.projectDir, "node_modules")))
-          await rm8(resolve22(this.projectDir, "node_modules"), { recursive: true });
+      if (!nodeModulesAlreadyExistedInSubprojectDir) {
+        await rm8(resolve22(this.state.subprojectDir, "node_modules"), { recursive: true, force: true });
+      }
+      if (!nodeModulesAlreadyExistedInProjectDir) {
+        await rm8(resolve22(this.projectDir, "node_modules"), { recursive: true, force: true });
       }
     }
   }