npm - @coana-tech/cli - Versions diffs - 14.12.36 → 14.12.38 - Mend

@coana-tech/cli 14.12.36 → 14.12.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/cli.mjs +138 -162
package/package.json +1 -1
package/reachability-analyzers-cli.mjs +24 -23
package/repos/coana-tech/alucard/alucard.jar +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
package/repos/coana-tech/mambalade/dist/mambalade-0.3.12-py3-none-any.whl +0 -0

package/cli.mjs CHANGED Viewed

@@ -4287,7 +4287,7 @@ var require_safe_stable_stringify = __commonJS({
               return circularValue;
             }
             let res = "";
-            let join30 = ",";
+            let join29 = ",";
             const originalIndentation = indentation;
             if (Array.isArray(value)) {
               if (value.length === 0) {
@@ -4301,7 +4301,7 @@ var require_safe_stable_stringify = __commonJS({
                 indentation += spacer;
                 res += `
 ${indentation}`;
-                join30 = `,
+                join29 = `,
 ${indentation}`;
               }
               const maximumValuesToStringify = Math.min(value.length, maximumBreadth);
@@ -4309,13 +4309,13 @@ ${indentation}`;
               for (; i7 < maximumValuesToStringify - 1; i7++) {
                 const tmp2 = stringifyFnReplacer(String(i7), value, stack2, replacer, spacer, indentation);
                 res += tmp2 !== void 0 ? tmp2 : "null";
-                res += join30;
+                res += join29;
               }
               const tmp = stringifyFnReplacer(String(i7), value, stack2, replacer, spacer, indentation);
               res += tmp !== void 0 ? tmp : "null";
               if (value.length - 1 > maximumBreadth) {
                 const removedKeys = value.length - maximumBreadth - 1;
-                res += `${join30}"... ${getItemCount(removedKeys)} not stringified"`;
+                res += `${join29}"... ${getItemCount(removedKeys)} not stringified"`;
               }
               if (spacer !== "") {
                 res += `
@@ -4336,7 +4336,7 @@ ${originalIndentation}`;
             let separator = "";
             if (spacer !== "") {
               indentation += spacer;
-              join30 = `,
+              join29 = `,
 ${indentation}`;
               whitespace2 = " ";
             }
@@ -4350,13 +4350,13 @@ ${indentation}`;
               const tmp = stringifyFnReplacer(key2, value, stack2, replacer, spacer, indentation);
               if (tmp !== void 0) {
                 res += `${separator}${strEscape(key2)}:${whitespace2}${tmp}`;
-                separator = join30;
+                separator = join29;
               }
             }
             if (keyLength > maximumBreadth) {
               const removedKeys = keyLength - maximumBreadth;
               res += `${separator}"...":${whitespace2}"${getItemCount(removedKeys)} not stringified"`;
-              separator = join30;
+              separator = join29;
             }
             if (spacer !== "" && separator.length > 1) {
               res = `
@@ -4397,7 +4397,7 @@ ${originalIndentation}`;
             }
             const originalIndentation = indentation;
             let res = "";
-            let join30 = ",";
+            let join29 = ",";
             if (Array.isArray(value)) {
               if (value.length === 0) {
                 return "[]";
@@ -4410,7 +4410,7 @@ ${originalIndentation}`;
                 indentation += spacer;
                 res += `
 ${indentation}`;
-                join30 = `,
+                join29 = `,
 ${indentation}`;
               }
               const maximumValuesToStringify = Math.min(value.length, maximumBreadth);
@@ -4418,13 +4418,13 @@ ${indentation}`;
               for (; i7 < maximumValuesToStringify - 1; i7++) {
                 const tmp2 = stringifyArrayReplacer(String(i7), value[i7], stack2, replacer, spacer, indentation);
                 res += tmp2 !== void 0 ? tmp2 : "null";
-                res += join30;
+                res += join29;
               }
               const tmp = stringifyArrayReplacer(String(i7), value[i7], stack2, replacer, spacer, indentation);
               res += tmp !== void 0 ? tmp : "null";
               if (value.length - 1 > maximumBreadth) {
                 const removedKeys = value.length - maximumBreadth - 1;
-                res += `${join30}"... ${getItemCount(removedKeys)} not stringified"`;
+                res += `${join29}"... ${getItemCount(removedKeys)} not stringified"`;
               }
               if (spacer !== "") {
                 res += `
@@ -4437,7 +4437,7 @@ ${originalIndentation}`;
             let whitespace2 = "";
             if (spacer !== "") {
               indentation += spacer;
-              join30 = `,
+              join29 = `,
 ${indentation}`;
               whitespace2 = " ";
             }
@@ -4446,7 +4446,7 @@ ${indentation}`;
               const tmp = stringifyArrayReplacer(key2, value[key2], stack2, replacer, spacer, indentation);
               if (tmp !== void 0) {
                 res += `${separator}${strEscape(key2)}:${whitespace2}${tmp}`;
-                separator = join30;
+                separator = join29;
               }
             }
             if (spacer !== "" && separator.length > 1) {
@@ -4504,20 +4504,20 @@ ${originalIndentation}`;
               indentation += spacer;
               let res2 = `
 ${indentation}`;
-              const join31 = `,
+              const join30 = `,
 ${indentation}`;
               const maximumValuesToStringify = Math.min(value.length, maximumBreadth);
               let i7 = 0;
               for (; i7 < maximumValuesToStringify - 1; i7++) {
                 const tmp2 = stringifyIndent(String(i7), value[i7], stack2, spacer, indentation);
                 res2 += tmp2 !== void 0 ? tmp2 : "null";
-                res2 += join31;
+                res2 += join30;
               }
               const tmp = stringifyIndent(String(i7), value[i7], stack2, spacer, indentation);
               res2 += tmp !== void 0 ? tmp : "null";
               if (value.length - 1 > maximumBreadth) {
                 const removedKeys = value.length - maximumBreadth - 1;
-                res2 += `${join31}"... ${getItemCount(removedKeys)} not stringified"`;
+                res2 += `${join30}"... ${getItemCount(removedKeys)} not stringified"`;
               }
               res2 += `
 ${originalIndentation}`;
@@ -4533,16 +4533,16 @@ ${originalIndentation}`;
               return '"[Object]"';
             }
             indentation += spacer;
-            const join30 = `,
+            const join29 = `,
 ${indentation}`;
             let res = "";
             let separator = "";
             let maximumPropertiesToStringify = Math.min(keyLength, maximumBreadth);
             if (isTypedArrayWithEntries(value)) {
-              res += stringifyTypedArray(value, join30, maximumBreadth);
+              res += stringifyTypedArray(value, join29, maximumBreadth);
               keys = keys.slice(value.length);
               maximumPropertiesToStringify -= value.length;
-              separator = join30;
+              separator = join29;
             }
             if (deterministic) {
               keys = insertSort(keys);
@@ -4553,13 +4553,13 @@ ${indentation}`;
               const tmp = stringifyIndent(key2, value[key2], stack2, spacer, indentation);
               if (tmp !== void 0) {
                 res += `${separator}${strEscape(key2)}: ${tmp}`;
-                separator = join30;
+                separator = join29;
               }
             }
             if (keyLength > maximumBreadth) {
               const removedKeys = keyLength - maximumBreadth;
               res += `${separator}"...": "${getItemCount(removedKeys)} not stringified"`;
-              separator = join30;
+              separator = join29;
             }
             if (separator !== "") {
               res = `
@@ -6126,7 +6126,7 @@ var require_buffer_list = __commonJS({
         }
       }, {
         key: "join",
-        value: function join30(s6) {
+        value: function join29(s6) {
           if (this.length === 0) return "";
           var p3 = this.head;
           var ret = "" + p3.data;
@@ -19073,7 +19073,7 @@ var require_lodash = __commonJS({
           }
           return mapped.length && mapped[0] === arrays[0] ? baseIntersection(mapped, undefined2, comparator) : [];
         });
-        function join30(array, separator) {
+        function join29(array, separator) {
           return array == null ? "" : nativeJoin.call(array, separator);
         }
         function last2(array) {
@@ -20992,7 +20992,7 @@ var require_lodash = __commonJS({
         lodash16.isUndefined = isUndefined2;
         lodash16.isWeakMap = isWeakMap;
         lodash16.isWeakSet = isWeakSet;
-        lodash16.join = join30;
+        lodash16.join = join29;
         lodash16.kebabCase = kebabCase;
         lodash16.last = last2;
         lodash16.lastIndexOf = lastIndexOf;
@@ -29988,7 +29988,7 @@ var require_builder = __commonJS({
       }
     };
     exports2.SeqBuilder = SeqBuilder;
-    function join30(first2, second, ...others) {
+    function join29(first2, second, ...others) {
       const seq = new SeqBuilder(first2, second);
       if (!others.length) {
         return seq;
@@ -29997,7 +29997,7 @@ var require_builder = __commonJS({
         return res.join(query);
       }, seq);
     }
-    exports2.join = join30;
+    exports2.join = join29;
     var SymBuilder = class extends AbstractBuilder {
       constructor(opts) {
         super();
@@ -190192,7 +190192,7 @@ var {
 // dist/index.js
 import { mkdir as mkdir3, readFile as readFile28, writeFile as writeFile11 } from "fs/promises";
-import { dirname as dirname13, join as join29, resolve as resolve31 } from "path";
+import { dirname as dirname13, join as join28, resolve as resolve31 } from "path";
 // ../utils/src/tmp-file.ts
 import { rm, mkdtemp } from "fs/promises";
@@ -208005,22 +208005,36 @@ var NuGetSocketUpgradeManager = class {
 };
 // ../fixing-management/src/fixing-management/rust/cargo-socket-upgrade-manager.ts
-import { basename as basename6, dirname as dirname9, join as join13, resolve as resolve19 } from "node:path";
+import { basename as basename6, dirname as dirname9, resolve as resolve19 } from "node:path";
 var import_toml_eslint_parser2 = __toESM(require_lib10(), 1);
 var import_picomatch3 = __toESM(require_picomatch2(), 1);
 var import_semver3 = __toESM(require_semver2(), 1);
 import assert6 from "node:assert";
 import { readFile as readFile18 } from "node:fs/promises";
-import { existsSync as existsSync12 } from "node:fs";
 var CargoSocketUpgradeManager = class {
   constructor(rootDir) {
     this.rootDir = rootDir;
   }
   cargoTomlMatcher = (0, import_picomatch3.default)("Cargo.toml");
   cargoLockMatcher = (0, import_picomatch3.default)("Cargo.lock");
-  async applySocketArtifactUpgrades(_manifestFiles, upgrades, artifacts, rangeStyle) {
-    const tomlPatches = await this.collectCargoTomlPatches(upgrades, artifacts, rangeStyle);
-    const lockPatches = await this.collectCargoLockPatches(upgrades, artifacts);
+  async applySocketArtifactUpgrades(manifestFiles, upgrades, artifacts, rangeStyle) {
+    const tomlPatches = await asyncFlatMap(upgrades, async (upgrade) => {
+      const artifact = artifacts[upgrade.idx];
+      assert6(artifact.name);
+      assert6(artifact.version);
+      const directManifestFiles = i(artifact.manifestFiles?.map((ref) => ref.file) ?? []);
+      return await asyncFlatMap(
+        directManifestFiles.filter((manifestFile) => this.cargoTomlMatcher(basename6(manifestFile))),
+        async (manifestFile) => this.handleCargoToml(manifestFile, upgrade, artifact, rangeStyle)
+      );
+    });
+    const lockPatches = await asyncFlatMap(
+      manifestFiles.filter((mf) => this.cargoLockMatcher(basename6(mf))),
+      async (lockFile) => await asyncFlatMap(
+        upgrades,
+        async (upgrade) => this.handleCargoLock(lockFile, upgrade, artifacts[upgrade.idx])
+      )
+    );
     const successfulPatches = extractSuccessfulPatches(tomlPatches.concat(lockPatches));
     await applySocketPatchResults("RUST", this.rootDir, successfulPatches);
     await asyncForEach(
@@ -208033,42 +208047,6 @@ var CargoSocketUpgradeManager = class {
       }
     );
   }
-  /**
-   * Collect patches for Cargo.toml files (direct dependencies only)
-   */
-  async collectCargoTomlPatches(upgrades, artifacts, rangeStyle) {
-    return await asyncFlatMap(upgrades, async (upgrade) => {
-      const artifact = artifacts[upgrade.idx];
-      assert6(artifact.name);
-      assert6(artifact.version);
-      const directManifestFiles = i(artifact.manifestFiles?.map((ref) => ref.file) ?? []);
-      return await asyncFlatMap(
-        directManifestFiles.filter((manifestFile) => this.cargoTomlMatcher(basename6(manifestFile))),
-        async (manifestFile) => this.handleCargoToml(manifestFile, upgrade, artifact, rangeStyle)
-      );
-    });
-  }
-  /**
-   * Collect patches for Cargo.lock files (all dependencies)
-   */
-  async collectCargoLockPatches(upgrades, artifacts) {
-    return asyncFlatMap(upgrades, async (upgrade) => {
-      const artifact = artifacts[upgrade.idx];
-      assert6(artifact.name);
-      assert6(artifact.version);
-      const ancestorManifestFiles = i(
-        (artifact.manifestFiles?.map((ref) => ref.file) ?? []).concat(
-          artifact.toplevelAncestors?.flatMap(
-            (ancestorId) => artifacts.find((a5) => a5.id === ancestorId)?.manifestFiles?.map((ref) => ref.file) ?? []
-          ) ?? []
-        )
-      );
-      return asyncFlatMap(
-        ancestorManifestFiles.filter((manifestFile) => this.cargoTomlMatcher(basename6(manifestFile))).map((tomlFile) => join13(dirname9(tomlFile), "Cargo.lock")).filter((lockFile) => existsSync12(resolve19(this.rootDir, lockFile))),
-        async (lockFile) => this.handleCargoLock(lockFile, upgrade, artifact)
-      );
-    });
-  }
   /**
    * Handle Cargo.toml file updates for direct dependencies
    */
@@ -208193,13 +208171,6 @@ var CargoSocketUpgradeManager = class {
         }
       }
     }
-    if (patches.length === 0) {
-      patches.push({
-        success: false,
-        upgrades: [upgrade],
-        reason: `Could not find ${artifact.name} version ${artifact.version} in lock file ${lockFile}`
-      });
-    }
     return patches;
   }
   /**
@@ -208329,7 +208300,7 @@ async function applySocketUpgrades(ecosystem, rootDir, manifestFiles, upgrades,
 // dist/cli-apply-fix.js
 var import_lodash12 = __toESM(require_lodash(), 1);
-import { existsSync as existsSync17 } from "fs";
+import { existsSync as existsSync16 } from "fs";
 // ../other-modules-communicator/src/other-modules-communicator.ts
 import { execFileSync } from "child_process";
@@ -208340,15 +208311,15 @@ import { resolve as resolve21 } from "path";
 // ../utils/dist/constants.js
 var import_lodash6 = __toESM(require_lodash(), 1);
-import { dirname as dirname10, join as join15 } from "node:path";
+import { dirname as dirname10, join as join14 } from "node:path";
 import { fileURLToPath as fileURLToPath3 } from "node:url";
 // ../utils/dist/file-utils.js
 var import_lodash5 = __toESM(require_lodash(), 1);
 var import_micromatch = __toESM(require_micromatch(), 1);
-import { existsSync as existsSync13 } from "fs";
+import { existsSync as existsSync12 } from "fs";
 import { access as access2, cp, readdir as readdir3, stat as stat2 } from "fs/promises";
-import { basename as basename7, join as join14, relative as relative11, resolve as resolve20 } from "path";
+import { basename as basename7, join as join13, relative as relative11, resolve as resolve20 } from "path";
 var { uniq } = import_lodash5.default;
 var { isMatch } = import_micromatch.default;
 function* parents(dir) {
@@ -208377,10 +208348,10 @@ var COANA_ROOT = once2(() => {
   return coanaRoot;
 });
 var REPOS_PATH = once2(() => {
-  return process.env.REPOS_PATH ?? join15(COANA_ROOT(), "repos");
+  return process.env.REPOS_PATH ?? join14(COANA_ROOT(), "repos");
 });
 var COANA_REPOS_PATH = once2(() => {
-  return process.env.COANA_REPOS_PATH ?? join15(REPOS_PATH(), "coana-tech");
+  return process.env.COANA_REPOS_PATH ?? join14(REPOS_PATH(), "coana-tech");
 });
 // ../docker-management/src/constants.ts
@@ -208394,32 +208365,32 @@ var getImageTag = () => {
 };
 // ../docker-management/src/docker-spec.ts
-import { join as join16 } from "path";
+import { join as join15 } from "path";
 var builderSpecs = [
   {
     name: "maven-builder",
-    file: join16("builders", "maven", "Dockerfile"),
+    file: join15("builders", "maven", "Dockerfile"),
     isBuilder: true
   },
   {
     name: "python-builder",
-    file: join16("builders", "python", "Dockerfile"),
+    file: join15("builders", "python", "Dockerfile"),
     isBuilder: true
   },
   {
     name: "go-builder",
-    file: join16("builders", "go", "Dockerfile"),
+    file: join15("builders", "go", "Dockerfile"),
     isBuilder: true
   }
 ];
 var packageManagerDockerSpecs = [
   {
     name: "npm-package-managers",
-    file: join16("package-management", "npm", "Dockerfile")
+    file: join15("package-management", "npm", "Dockerfile")
   },
   {
     name: "maven-package-managers",
-    file: join16("package-management", "maven", "Dockerfile"),
+    file: join15("package-management", "maven", "Dockerfile"),
     variants: {
       jdk8: {
         JDK_URL_AMD64: "https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u442-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u442b06.tar.gz",
@@ -208444,57 +208415,57 @@ var packageManagerDockerSpecs = [
   },
   {
     name: "pip-package-managers",
-    file: join16("package-management", "pip", "Dockerfile"),
+    file: join15("package-management", "pip", "Dockerfile"),
     from: {
       name: "python-builder"
     }
   },
   {
     name: "go-package-manager",
-    file: join16("package-management", "go", "Dockerfile"),
+    file: join15("package-management", "go", "Dockerfile"),
     from: {
       name: "go-builder"
     }
   },
   {
     name: "nuget-package-manager",
-    file: join16("package-management", "nuget", "Dockerfile")
+    file: join15("package-management", "nuget", "Dockerfile")
   },
   {
     name: "cargo-package-manager",
-    file: join16("package-management", "cargo", "Dockerfile")
+    file: join15("package-management", "cargo", "Dockerfile")
   }
 ];
 var reachabilityAnalyzerDockerSpecs = [
   {
     name: "jelly-analyzer",
-    file: join16("reachability-analyzers", "jelly", "Dockerfile")
+    file: join15("reachability-analyzers", "jelly", "Dockerfile")
   },
   {
     name: "alucard-analyzer",
-    file: join16("reachability-analyzers", "alucard", "Dockerfile")
+    file: join15("reachability-analyzers", "alucard", "Dockerfile")
   },
   {
     name: "mambalade-analyzer",
-    file: join16("reachability-analyzers", "mambalade", "Dockerfile"),
+    file: join15("reachability-analyzers", "mambalade", "Dockerfile"),
     from: {
       name: "python-builder"
     }
   },
   {
     name: "goana-analyzer",
-    file: join16("reachability-analyzers", "goana", "Dockerfile"),
+    file: join15("reachability-analyzers", "goana", "Dockerfile"),
     from: {
       name: "go-builder"
     }
   },
   {
     name: "cocoa-analyzer",
-    file: join16("reachability-analyzers", "cocoa", "Dockerfile")
+    file: join15("reachability-analyzers", "cocoa", "Dockerfile")
   },
   {
     name: "rustica-analyzer",
-    file: join16("reachability-analyzers", "rustica", "Dockerfile")
+    file: join15("reachability-analyzers", "rustica", "Dockerfile")
   }
 ];
 function getAllPackageManagerSpecs() {
@@ -209091,15 +209062,15 @@ async function detectVariantMaven(projectDir) {
 }
 // ../docker-management/src/maven/gradle-version-detector.ts
-import { existsSync as existsSync14 } from "fs";
-import { join as join17 } from "path";
+import { existsSync as existsSync13 } from "fs";
+import { join as join16 } from "path";
 import { readFile as readFile20 } from "fs/promises";
 async function detectVariantGradle(projectDir) {
   return sanitizeJvmVariant("GRADLE", projectDir, await detect(projectDir));
 }
 async function detect(projectDir) {
-  const gradleWrapperPropertiesPath = join17(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
-  const gradleWrapperProperties = existsSync14(gradleWrapperPropertiesPath) ? (await readFile20(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const gradleWrapperPropertiesPath = join16(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
+  const gradleWrapperProperties = existsSync13(gradleWrapperPropertiesPath) ? (await readFile20(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!gradleWrapperProperties) return void 0;
   const distributionUrlRegex = /.*gradle-(\d+(\.\d+(\.\d+)?)?)/;
   for (const prop2 of gradleWrapperProperties) {
@@ -209113,15 +209084,15 @@ async function detect(projectDir) {
 }
 // ../docker-management/src/maven/sbt-version-detector.ts
-import { existsSync as existsSync15 } from "fs";
-import { join as join18 } from "path";
+import { existsSync as existsSync14 } from "fs";
+import { join as join17 } from "path";
 import { readFile as readFile21 } from "fs/promises";
 async function detectVariantSbt(projectDir) {
   return sanitizeJvmVariant("SBT", projectDir, await detect2(projectDir));
 }
 async function detect2(projectDir) {
-  const sbtBuildPropertiesPath = join18(projectDir, "project", "build.properties");
-  const sbtBuildProperties = existsSync15(sbtBuildPropertiesPath) ? (await readFile21(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const sbtBuildPropertiesPath = join17(projectDir, "project", "build.properties");
+  const sbtBuildProperties = existsSync14(sbtBuildPropertiesPath) ? (await readFile21(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!sbtBuildProperties) return void 0;
   for (const prop2 of sbtBuildProperties) {
     const [key, value] = prop2.split("=");
@@ -209237,14 +209208,14 @@ var import_lodash11 = __toESM(require_lodash(), 1);
 import { rmSync } from "fs";
 import { mkdir, readFile as readFile22, writeFile as writeFile8 } from "fs/promises";
 import { platform } from "os";
-import { join as join21, posix as posix2, relative as relative13, sep as sep3 } from "path";
+import { join as join20, posix as posix2, relative as relative13, sep as sep3 } from "path";
 // ../utils/src/file-utils.ts
 var import_lodash8 = __toESM(require_lodash(), 1);
 var import_micromatch2 = __toESM(require_micromatch(), 1);
-import { existsSync as existsSync16 } from "fs";
+import { existsSync as existsSync15 } from "fs";
 import { access as access3, cp as cp2, readdir as readdir4, stat as stat3 } from "fs/promises";
-import { basename as basename8, join as join19, relative as relative12, resolve as resolve22 } from "path";
+import { basename as basename8, join as join18, relative as relative12, resolve as resolve22 } from "path";
 var { uniq: uniq2 } = import_lodash8.default;
 var { isMatch: isMatch2 } = import_micromatch2.default;
 function* parents2(dir) {
@@ -209261,8 +209232,8 @@ function findParent2(dir, predicate, wholePath) {
 }
 async function getFilesRelative(dir, excludeDirs) {
   async function helper(subDir, arrayOfFiles) {
-    for (const item of await readdir4(join19(dir, subDir), { withFileTypes: true })) {
-      const itemPath = join19(subDir, item.name);
+    for (const item of await readdir4(join18(dir, subDir), { withFileTypes: true })) {
+      const itemPath = join18(subDir, item.name);
       if (item.isDirectory()) {
         if (!excludeDirs?.includes(item.name)) await helper(itemPath, arrayOfFiles);
       } else if (item.isFile()) {
@@ -209492,7 +209463,7 @@ import { resolve as resolve23 } from "path";
 // ../utils/src/constants.ts
 var import_lodash9 = __toESM(require_lodash(), 1);
-import { dirname as dirname11, join as join20 } from "node:path";
+import { dirname as dirname11, join as join19 } from "node:path";
 import { fileURLToPath as fileURLToPath4 } from "node:url";
 var { once: once4 } = import_lodash9.default;
 var fileName2 = fileURLToPath4(import.meta.url);
@@ -209505,10 +209476,10 @@ var COANA_ROOT2 = once4(() => {
   return coanaRoot;
 });
 var REPOS_PATH2 = once4(() => {
-  return process.env.REPOS_PATH ?? join20(COANA_ROOT2(), "repos");
+  return process.env.REPOS_PATH ?? join19(COANA_ROOT2(), "repos");
 });
 var COANA_REPOS_PATH2 = once4(() => {
-  return process.env.COANA_REPOS_PATH ?? join20(REPOS_PATH2(), "coana-tech");
+  return process.env.COANA_REPOS_PATH ?? join19(REPOS_PATH2(), "coana-tech");
 });
 var REQUIREMENTS_FILES_SEARCH_DEPTH = 2;
@@ -209597,7 +209568,7 @@ var OtherModulesCommunicator = class {
           return "Running reachability analysis on package registry package";
       }
     }
-    return `${_cmdStr()}: (${ecosystem}) ${relative13(this.rootWorkingDir, join21(subprojectPath, workspacePath)) || "."}`;
+    return `${_cmdStr()}: (${ecosystem}) ${relative13(this.rootWorkingDir, join20(subprojectPath, workspacePath)) || "."}`;
   }
   getProjectPath(subprojectPath) {
     return this.options.runWithoutDocker ? subprojectPath : posix2.resolve("/project", relative13(this.rootWorkingDir, subprojectPath).replaceAll(sep3, posix2.sep));
@@ -209646,7 +209617,7 @@ var OtherModulesCommunicator = class {
   async runPackageManagerCommandWithOutput(commandName, packageManagerName, subprojectPath, args2 = [], extraDockerArgs, env) {
     const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
     const outputFileName = `${v4_default()}-${commandName}-output.json`;
-    const outputFilePathThisProcess = join21(tmpDir, outputFileName);
+    const outputFilePathThisProcess = join20(tmpDir, outputFileName);
     const outputFilePathOtherProcess = this.options.runWithoutDocker ? outputFilePathThisProcess : posix2.join(TMP_DIR_IN_DOCKER, outputFileName);
     await this.runPackageManagerCommand(
       commandName,
@@ -209711,7 +209682,7 @@ var OtherModulesCommunicator = class {
   async runReachabilityAnalyzerCommandWithOutput(commandName, ecosystem, subprojectPath, workspacePath, args2, env) {
     const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
     const outputFileName = `${v4_default()}-${commandName}-output.json`;
-    const outputFilePathThisProcess = join21(tmpDir, outputFileName);
+    const outputFilePathThisProcess = join20(tmpDir, outputFileName);
     const outputFilePathOtherProcess = this.options.runWithoutDocker ? outputFilePathThisProcess : posix2.join(TMP_DIR_IN_DOCKER, outputFileName);
     await this.runReachabilityAnalyzerCommand(
       commandName,
@@ -209748,7 +209719,7 @@ var OtherModulesCommunicator = class {
       if (providedOptions.type === "providee") {
         const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
         const providerFileName = "provider.json";
-        const providerFileThisProcess = join21(tmpDir, providerFileName);
+        const providerFileThisProcess = join20(tmpDir, providerFileName);
         const providerFileOtherProcess = this.options.runWithoutDocker ? providerFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, providerFileName);
         await writeFile8(providerFileThisProcess, JSON.stringify(providedOptions.provider));
         return ["--provider", providerFileOtherProcess];
@@ -209792,7 +209763,7 @@ var OtherModulesCommunicator = class {
   async runReachabilityAnalysis(subprojectPath, workspacePath, workspaceData, ecosystem, vulnerabilities, reachabilityAnalysisOptions, otherAnalysisOptions) {
     const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
     const inputFileName = `${v4_default()}-runReachabilityAnalysis-input.json`;
-    const inputFileThisProcess = join21(tmpDir, inputFileName);
+    const inputFileThisProcess = join20(tmpDir, inputFileName);
     const inputFileOtherProcess = this.options.runWithoutDocker ? inputFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, inputFileName);
     await writeFile8(
       inputFileThisProcess,
@@ -209834,7 +209805,7 @@ var setUpGoModuleCache = once6(async () => {
     execFileSync("chmod", ["--recursive", "+rw", tmpDir]);
     rmSync(tmpDir, { recursive: true, force: true });
   });
-  const [upper, work] = [join21(tmpDir, "upper"), join21(tmpDir, "work")];
+  const [upper, work] = [join20(tmpDir, "upper"), join20(tmpDir, "work")];
   for (const dir of [upper, work]) await mkdir(dir);
   const o7 = await execNeverFail(
     cmdt`docker volume create --driver local --opt type=overlay
@@ -210427,7 +210398,7 @@ async function verifyFixes(fixes, otherModulesCommunicator, rootPath) {
   if (pathsForEachFixIdData.length !== new Set(pathsForEachFixIdData).size) {
     throw new Error("Multiple fix IDs found for the same subproject, workspace and ecosystem");
   }
-  const subprojectsNotFound = uniq3(fixes.filter(({ vulnerabilityInstance: v }) => !existsSync17(resolve24(rootPath, v.subprojectPath))).map(({ vulnerabilityInstance: v }) => `${v.subprojectPath}:${v.ecosystem}`));
+  const subprojectsNotFound = uniq3(fixes.filter(({ vulnerabilityInstance: v }) => !existsSync16(resolve24(rootPath, v.subprojectPath))).map(({ vulnerabilityInstance: v }) => `${v.subprojectPath}:${v.ecosystem}`));
   if (subprojectsNotFound.length > 0) {
     throw new Error(`Cannot find the following subprojects: ${subprojectsNotFound.join(", ")}`);
   }
@@ -211230,15 +211201,15 @@ import { relative as relative15, resolve as resolve28 } from "path";
 // ../project-management/src/project-management/ecosystem-management/ecosystem-manager.ts
 var import_micromatch3 = __toESM(require_micromatch2(), 1);
 import { readdir as readdir6 } from "fs/promises";
-import { join as join24, relative as relative14, resolve as resolve27 } from "path";
+import { join as join23, relative as relative14, resolve as resolve27 } from "path";
 // ../project-management/src/project-management/ecosystem-management/ecosystem-specs.ts
-import { existsSync as existsSync19 } from "fs";
+import { existsSync as existsSync18 } from "fs";
 import { readdir as readdir5, readFile as readFile25 } from "fs/promises";
-import { join as join23, sep as sep4 } from "path";
+import { join as join22, sep as sep4 } from "path";
 // ../utils/src/pip-utils.ts
-import { existsSync as existsSync18 } from "fs";
+import { existsSync as existsSync17 } from "fs";
 import { readFile as readFile24 } from "fs/promises";
 import { resolve as resolve26 } from "path";
 import util4 from "util";
@@ -211249,7 +211220,7 @@ var import_semver5 = __toESM(require_semver2(), 1);
 import { execFileSync as execFileSync2 } from "child_process";
 import { constants as constants2 } from "fs";
 import { access as access4, readFile as readFile23 } from "fs/promises";
-import { join as join22, resolve as resolve25 } from "path";
+import { join as join21, resolve as resolve25 } from "path";
 import util3 from "util";
 var { once: once7 } = import_lodash13.default;
 var systemPython = once7(() => {
@@ -211302,7 +211273,7 @@ var specs = {
         [
           /^(pyproject.toml|setup.py|requirements.*\.txt)/,
           async (projectDir) => {
-            const isPythonProject = await exists(join23(projectDir, "pyproject.toml")) || await exists(join23(projectDir, "setup.py")) && await isSetupPySetuptools(join23(projectDir, "setup.py"));
+            const isPythonProject = await exists(join22(projectDir, "pyproject.toml")) || await exists(join22(projectDir, "setup.py")) && await isSetupPySetuptools(join22(projectDir, "setup.py"));
             if (isPythonProject) {
               properPythonProjects.push(projectDir + sep4);
               return "PIP_REQUIREMENTS";
@@ -211325,7 +211296,7 @@ var specs = {
         [
           "uv.lock",
           async (projectDir) => {
-            if (await exists(join23(projectDir, "pyproject.toml"))) {
+            if (await exists(join22(projectDir, "pyproject.toml"))) {
               logger.warn("uv is not supported yet, using plain pyproject.toml as a fallback");
               return "PIP_REQUIREMENTS";
             } else logger.error("uv.lock found without pyproject.toml");
@@ -211346,8 +211317,8 @@ function getEcosystemSpecs(ecosystems) {
 }
 function packageManagerIfPackageJSONExistsAndValid(packageManager) {
   return async (projectDir) => {
-    if (!existsSync19(join23(projectDir, "package.json"))) return void 0;
-    const packageJSONPath = join23(projectDir, "package.json");
+    if (!existsSync18(join22(projectDir, "package.json"))) return void 0;
+    const packageJSONPath = join22(projectDir, "package.json");
     try {
       JSON.parse(await readFile25(packageJSONPath, "utf-8"));
       return packageManager;
@@ -211404,7 +211375,7 @@ var EcosystemManager = class _EcosystemManager {
           const resolvedProjectDir = resolve27(mainProjectDir, relativeProjectDir);
           if (config3.includeDirs.length > 0)
             workspacePaths = workspacePaths.filter(
-              (workspacePath) => isMatch3(relative14(mainProjectDir, join24(resolvedProjectDir, workspacePath)), config3.includeDirs)
+              (workspacePath) => isMatch3(relative14(mainProjectDir, join23(resolvedProjectDir, workspacePath)), config3.includeDirs)
             );
           workspacePaths.filter((workspacePath) => workspacePath !== ".").forEach((workspacePath) => projectDirsAlreadyCovered.push(resolve27(resolvedProjectDir, workspacePath)));
           if (workspacePaths.length > 0)
@@ -211432,7 +211403,7 @@ var EcosystemManager = class _EcosystemManager {
         }
       }
       for (const dir of directoriesToTraverse) {
-        await recHelper(join24(projectDir, dir), true);
+        await recHelper(join23(projectDir, dir), true);
       }
     }
     async function getPackageManagerName(projectDir, foundProjectFiles, foundLockFiles) {
@@ -211461,7 +211432,7 @@ var EcosystemManager = class _EcosystemManager {
       const filesAndDirectories = await readdir6(projectDir, { withFileTypes: true });
       for (const dirent of filesAndDirectories) {
         const fileOrDirectory = dirent.name;
-        const fullPath = join24(projectDir, fileOrDirectory);
+        const fullPath = join23(projectDir, fileOrDirectory);
         if (dirent.isDirectory()) {
           if (shouldIgnoreDir(fileOrDirectory) || shouldIgnoreDueToExcludeDirsOrChangedFiles(config3, fullPath))
             continue;
@@ -211488,7 +211459,7 @@ var EcosystemManager = class _EcosystemManager {
       packageManagerName,
       subprojectPath,
       workspacePaths: workspacePaths.filter(
-        (workspacePath) => !shouldIgnoreDueToExcludeDirsOrChangedFiles(this.config, join24(subprojectPath, workspacePath))
+        (workspacePath) => !shouldIgnoreDueToExcludeDirsOrChangedFiles(this.config, join23(subprojectPath, workspacePath))
       )
     }));
   }
@@ -211715,7 +211686,7 @@ var kleur_default = $;
 // dist/cli-core.js
 var import_lodash15 = __toESM(require_lodash(), 1);
 import os from "os";
-import { join as join27, relative as relative16, resolve as resolve30 } from "path";
+import { join as join26, relative as relative16, resolve as resolve30 } from "path";
 // ../utils/src/dashboard-api/shared-api.ts
 var DashboardAPI = class {
@@ -212034,16 +212005,16 @@ function isVulnChainWithParentsMap(v) {
 var DEFAULT_REPORT_FILENAME_BASE = "coana-report";
 // dist/internal/exclude-dirs-from-configuration-files.js
-import { existsSync as existsSync20 } from "fs";
+import { existsSync as existsSync19 } from "fs";
 import { readFile as readFile26 } from "fs/promises";
 import { basename as basename9, resolve as resolve29 } from "path";
 var import_yaml2 = __toESM(require_dist11(), 1);
 async function inferExcludeDirsFromConfigurationFiles(rootWorkingDir) {
   const socketYmlConfigFile = resolve29(rootWorkingDir, "socket.yml");
-  if (existsSync20(socketYmlConfigFile))
+  if (existsSync19(socketYmlConfigFile))
     return inferExcludeDirsFromSocketConfig(socketYmlConfigFile);
   const socketYamlConfigFile = resolve29(rootWorkingDir, "socket.yaml");
-  if (existsSync20(socketYamlConfigFile))
+  if (existsSync19(socketYamlConfigFile))
     return inferExcludeDirsFromSocketConfig(socketYamlConfigFile);
   return void 0;
 }
@@ -212165,7 +212136,7 @@ function transformToVulnChainNode(dependencyTree) {
 // dist/internal/socket-mode-helpers-socket-dependency-trees.js
 var import_packageurl_js = __toESM(require_packageurl_js(), 1);
 var import_picomatch4 = __toESM(require_picomatch2(), 1);
-import { basename as basename10, dirname as dirname12, join as join25, sep as sep5 } from "path";
+import { basename as basename10, dirname as dirname12, join as join24, sep as sep5 } from "path";
 var REQUIREMENTS_FILES_SEARCH_DEPTH2 = 3;
 function inferWorkspaceFromManifestPath(ecosystem, manifestPath, properPythonProjects) {
   switch (ecosystem) {
@@ -212285,7 +212256,7 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
     for (const file of allFiles) {
       const base = basename10(file);
       const workspaceDir = dirname12(file) || ".";
-      if (base === "pyproject.toml" || base === "setup.py" && await isSetupPySetuptools(join25(rootWorkingDirectory, file))) {
+      if (base === "pyproject.toml" || base === "setup.py" && await isSetupPySetuptools(join24(rootWorkingDirectory, file))) {
         if (!properPythonProjects.includes(workspaceDir)) {
           properPythonProjects.push(workspaceDir);
         }
@@ -212328,18 +212299,26 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
           break;
         }
       }
-      let manifestAndWorkspace = manifestFiles.map((manifestFile) => [
-        manifestFile,
-        inferWorkspaceFromManifestPath(ecosystem, manifestFile, properPythonProjects)
-      ]).filter(([, workspace]) => workspace !== void 0);
-      if (manifestAndWorkspace.length === 0) {
-        manifestAndWorkspace = manifestFiles.map((manifestFile) => [manifestFile, inferProjectFromManifestPath(ecosystem, manifestFile)]).filter(([, workspace]) => workspace !== void 0);
+      const workspaceToManifestFiles = {};
+      manifestFiles.forEach((manifestFile) => {
+        const workspace = inferWorkspaceFromManifestPath(ecosystem, manifestFile, properPythonProjects);
+        if (!workspace)
+          return;
+        (workspaceToManifestFiles[workspace] ??= []).push(manifestFile);
+      });
+      if (Object.keys(workspaceToManifestFiles).length === 0) {
+        manifestFiles.forEach((manifestFile) => {
+          const workspace = inferProjectFromManifestPath(ecosystem, manifestFile);
+          if (!workspace)
+            return;
+          (workspaceToManifestFiles[workspace] ??= []).push(manifestFile);
+        });
       }
-      if (manifestAndWorkspace.length === 0 && artifact.vulnerabilities && artifact.vulnerabilities.length > 0) {
+      if (Object.keys(workspaceToManifestFiles).length === 0 && artifact.vulnerabilities && artifact.vulnerabilities.length > 0) {
         const purl = new import_packageurl_js.PackageURL(artifact.type, artifact.namespace, artifact.name, artifact.version, artifact.qualifiers).toString();
         purlsFailedToFindWorkspace.add(purl);
       }
-      for (const [manifestFile, workspace] of manifestAndWorkspace) {
+      for (const [workspace, manifestFiles2] of Object.entries(workspaceToManifestFiles)) {
         if (!ecosystemToWorkspaceToAnalysisData[ecosystem]) {
           ecosystemToWorkspaceToAnalysisData[ecosystem] = {};
         }
@@ -212348,21 +212327,18 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
             type: "socket",
             data: {
               type: ecosystem,
-              manifestFiles: [],
+              manifestFiles: manifestFiles2,
               artifacts: []
             }
           };
         }
         const workspaceData = ecosystemToWorkspaceToAnalysisData[ecosystem][workspace];
         if (workspaceData.type === "socket") {
-          if (!workspaceData.data.manifestFiles.includes(manifestFile)) {
-            workspaceData.data.manifestFiles.push(manifestFile);
-          }
           workspaceData.data.artifacts.push(artifact);
         }
       }
       if (artifact.vulnerabilities && artifact.vulnerabilities.length > 0) {
-        for (const workspace of i5(manifestAndWorkspace.map(([, workspace2]) => workspace2))) {
+        for (const workspace of Object.keys(workspaceToManifestFiles)) {
           for (const vuln of artifact.vulnerabilities) {
             const vulnerability = {
               url: vuln.ghsaId,
@@ -226140,8 +226116,8 @@ var { root: root2 } = static_exports;
 // ../utils/src/maven-utils.ts
 var import_lodash14 = __toESM(require_lodash(), 1);
-import { existsSync as existsSync21, readdirSync as readdirSync4, statSync as statSync3 } from "fs";
-import { join as join26 } from "path";
+import { existsSync as existsSync20, readdirSync as readdirSync4, statSync as statSync3 } from "fs";
+import { join as join25 } from "path";
 var { memoize: memoize3 } = import_lodash14.default;
 var memoizedParseShellArgs = memoize3(parseShellArgs);
 var MAVEN_PUBLIC_REPOSITORIES = [
@@ -227512,7 +227488,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 // dist/version.js
-var version2 = "14.12.36";
+var version2 = "14.12.38";
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;
@@ -227617,7 +227593,7 @@ var CliCore = class {
     }
   }
   async main() {
-    this.coanaLogPath = join27(await createTmpDirectory("coana-cli-"), "coana-log.txt");
+    this.coanaLogPath = join26(await createTmpDirectory("coana-cli-"), "coana-log.txt");
     logger.initWinstonLogger(this.options.debug, this.coanaLogPath);
     logger.silent = this.options.silent;
     try {
@@ -228199,7 +228175,7 @@ async function getGitDataToMetadataIfAvailable(rootWorkingDirectory) {
 }
 // dist/cli-upgrade-purl.js
-import { join as join28, relative as relative17 } from "node:path";
+import { join as join27, relative as relative17 } from "node:path";
 var import_packageurl_js2 = __toESM(require_packageurl_js(), 1);
 var ECOSYSTEMS_WITH_SOCKET_UPGRADES = ["NPM", "MAVEN", "NUGET", "GO", "RUST"];
 async function upgradePurl(path2, upgrades, options, logFile, cliFixRunId) {
@@ -228293,7 +228269,7 @@ ${upgrades.map((upgrade) => `	${upgrade.purl} -> ${upgrade.upgradeVersion}`).joi
     const subprojectPromiseQueue = new PromiseQueue(Number(options.concurrency));
     supportedSubprojects.forEach((subproject) => {
       subprojectPromiseQueue.enqueueTask(async () => {
-        const workspacePathsMatchingGlob = subproject.workspacePaths.filter((wsPath) => minimatch(join28(subproject.subprojectPath, wsPath), options.globPattern ?? "**"));
+        const workspacePathsMatchingGlob = subproject.workspacePaths.filter((wsPath) => minimatch(join27(subproject.subprojectPath, wsPath), options.globPattern ?? "**"));
         if (workspacePathsMatchingGlob.length === 0)
           return;
         logger.info(`Found workspaces for subproject ${subproject.subprojectPath}${options.globPattern ? `matching glob ${options.globPattern}` : ""}:
@@ -228322,7 +228298,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => `	${wsPath}`).join("\n")}`);
           });
           if (vulnerabilityFixes.length === 0)
             return;
-          logger.info(`Found ${vulnerabilityFixes.length} ${vulnerabilityFixes.length === 1 ? "dependency" : "dependencies"} matching upgrade specs for ${join28(subproject.subprojectPath, wsPath)}`);
+          logger.info(`Found ${vulnerabilityFixes.length} ${vulnerabilityFixes.length === 1 ? "dependency" : "dependencies"} matching upgrade specs for ${join27(subproject.subprojectPath, wsPath)}`);
           workspaceToFixes[wsPath] = [
             {
               fixId: "dummy",
@@ -228343,7 +228319,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => `	${wsPath}`).join("\n")}`);
   }
 }
 var signalFixApplied = (_fixId, subprojectPath, workspacePath, vulnerabilityFixes) => {
-  logger.info(`Successfully upgraded purls for: ${join28(subprojectPath, workspacePath)}`);
+  logger.info(`Successfully upgraded purls for: ${join27(subprojectPath, workspacePath)}`);
   logger.info(`Upgraded:
 ${vulnerabilityFixes.map((fix) => `	${fix.dependencyName} from ${fix.currentVersion} to ${fix.fixedVersion}`).join("\n")}`);
 };
@@ -228540,7 +228516,7 @@ var upgradePurls = new Command();
 upgradePurls.name("upgrade-purls").argument("<path>", "File system path to the folder containing the project").argument("<specs...>", "Package upgrade specifications in the format 'purl -> newVersion' (e.g., 'pkg:maven/io.micrometer/micrometer-core@1.10.9 -> 1.15.0')").option("-g, --glob <pattern>", "Glob pattern to filter workspaces by absolute file path").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("--silent-spinner", "Silence spinner", "CI" in process.env || !process.stdin.isTTY).option("--range-style <style>", 'Range style to use for the output. Currently only "pin" is supported and it only works for npm.').addOption(new Option("--run-without-docker", "Run package managers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--socket-mode", "Use Socket for computing dependency trees").default(process.env.SOCKET_MODE === "true").hideHelp()).version(version2).action(async (path2, specs2, options) => {
   process.env.DOCKER_IMAGE_TAG ??= version2;
   await withTmpDirectory("upgrade-purls", async (tmpDir) => {
-    const logFile = join29(tmpDir, "upgrade-purls.log");
+    const logFile = join28(tmpDir, "upgrade-purls.log");
     logger.initWinstonLogger(options.debug, logFile);
     const upgradeSpecs = specs2.map((spec) => {
       const [purl, upgradeVersion] = spec.split("->").map((s6) => s6.trim());
@@ -228567,7 +228543,7 @@ computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument(
     throw new Error('Range style must be "pin"');
   }
   await withTmpDirectory("compute-fixes-and-upgrade-purls", async (tmpDir) => {
-    const logFile = join29(tmpDir, "compute-fixes-and-upgrade-purls.log");
+    const logFile = join28(tmpDir, "compute-fixes-and-upgrade-purls.log");
     logger.initWinstonLogger(options.debug, logFile);
     const output = await computeFixesAndUpgradePurls(path2, options, logFile);
     if (options.outputFile) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.36",
+  "version": "14.12.38",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/reachability-analyzers-cli.mjs CHANGED Viewed

@@ -74735,8 +74735,6 @@ var DotnetCodeAwareVulnerabilityScanner = class _DotnetCodeAwareVulnerabilitySca
       if (!vulnerablePathsForClass)
         continue;
       classStacks.push(...vulnerablePathsForClass.map((vulnPath) => {
-        if (vulnPath.length < 2)
-          throw new Error("The path should always have length at least two.");
         return vulnPath.map(({ fullyQualifiedName, confidence, packageId }) => ({
           package: appPackageIds.has(packageId) ? "<app>" : prettyPrintNugetDependency(parsePackageUrlToNugetDependency(packageId)),
           class: fullyQualifiedName,
@@ -88595,8 +88593,6 @@ var JavaCodeAwareVulnerabilityScanner = class _JavaCodeAwareVulnerabilityScanner
       if (!vulnerablePathsForClass)
         continue;
       classStacks.push(...vulnerablePathsForClass.map((vulnPath) => {
-        if (vulnPath.length < 2)
-          throw new Error("The path should always have length at least two.");
         return vulnPath.map(({ fullyQualifiedName, confidence, packageId }) => ({
           package: appPackageIds.has(packageId) ? "<app>" : prettyPrintMavenDependency(parsePackageUrlToMavenDependency(packageId)),
           class: fullyQualifiedName,
@@ -88630,25 +88626,24 @@ function inferWorkspaceFromManifestPath(manifestFile) {
 }
 async function convertDependencyChain2(dependencyChain, tmpDir) {
   async function downloadMavenArtifacts(groupId, artifactId, version3) {
-    const artifactPaths = [];
     const packageDir = getPathToPackage(tmpDir, groupId, artifactId, version3);
     await mkdir2(packageDir, { recursive: true });
     const repositories = await findRepositoriesForMavenPackageAndVersion(groupId, artifactId, version3);
-    if (!repositories?.length)
-      throw Error("No repository found for package");
-    for (const repository of repositories) {
+    for (const repository of repositories ?? []) {
       const packageUrl = getUrlForPackage2(repository, groupId, artifactId, version3);
       const artifacts = await findArtifactsForPackageInRemoteRepository(repository, groupId, artifactId, version3);
       if (!artifacts)
         continue;
-      await asyncForEach(artifacts, async (artifact) => {
+      const artifactPaths = await asyncMap(artifacts, async (artifact) => {
         const artifactUrl = `${packageUrl.endsWith("/") ? packageUrl.slice(0, -1) : packageUrl}/${artifact}`;
         const artifactFile = join14(packageDir, artifact);
-        await downloadFile(artifactUrl, artifactFile);
-        artifactPaths.push(artifactFile);
+        const success = await downloadFile(artifactUrl, artifactFile);
+        return success ? artifactFile : void 0;
       }, 4);
+      if (artifactPaths.every((f2) => f2 !== void 0))
+        return artifactPaths;
     }
-    return artifactPaths;
+    return void 0;
   }
   const mavenDependencyChain = await asyncMap(dependencyChain, async (dep) => {
     const [groupId, artifactId] = dep.packageName.split(":");
@@ -88664,8 +88659,10 @@ async function convertSocketArtifacts2(artifacts, tmpDir) {
     const artifactFile = getPathToArtifact(tmpDir, groupId, artifactId, type, classifier, version3);
     await mkdir2(dirname4(artifactFile), { recursive: true });
     const repositories = await findRepositoriesForMavenPackageAndVersion(groupId, artifactId, version3);
-    if (!repositories?.length)
-      throw Error("No repository found for package");
+    if (!repositories?.length) {
+      logger.warn(`Failed to find repository for maven package ${[groupId, artifactId, type, classifier, version3].filter(Boolean).join(":")}`);
+      return void 0;
+    }
     for (const repository of repositories) {
       const artifactUrl = getUrlForArtifact(repository, groupId, artifactId, type, classifier, version3);
       if (!artifactUrl)
@@ -88674,6 +88671,7 @@ async function convertSocketArtifacts2(artifacts, tmpDir) {
       if (succeeded)
         return [artifactFile];
     }
+    logger.warn(`Failed to download maven package ${[groupId, artifactId, type, classifier, version3].filter(Boolean).join(":")}, repositories tried: ${repositories}`);
     return void 0;
   }
   const deps = {};
@@ -96279,8 +96277,6 @@ var RustCodeAwareVulnerabilityScanner = class _RustCodeAwareVulnerabilityScanner
       if (!vulnerablePathsForClass)
         continue;
       classStacks.push(...vulnerablePathsForClass.map((vulnPath) => {
-        if (vulnPath.length < 2)
-          throw new Error("The path should always have length at least two.");
         return vulnPath.map(({ fullyQualifiedName, confidence, packageId }) => ({
           package: appPackageIds.has(packageId) ? "<app>" : prettyPrintRustDependency(parsePackageUrlToRustDependency(packageId)),
           class: fullyQualifiedName,
@@ -96328,14 +96324,19 @@ async function convertSocketArtifacts3(artifacts, tmpDir) {
     const packageFile = join19(tmpDir, `${packageName.toLocaleLowerCase()}-${version3.toLocaleLowerCase()}.crate`);
     const success = await downloadFile(packageUrl, packageFile);
     if (!success) {
-      logger.error(`Could not download crate ${packageName}@${version3} from crates.io`);
-      throw Error("Failed to download crate");
+      logger.warn(`Could not download crate ${packageName}@${version3} from crates.io`);
+      return void 0;
+    }
+    try {
+      await execAndLogOnFailure(["tar", "-xzf", packageFile], tmpDir);
+      const packageDir = join19(tmpDir, `${packageName.toLocaleLowerCase()}-${version3.toLocaleLowerCase()}`);
+      const cargoTomlPath = join19(packageDir, "Cargo.toml");
+      const depCrateInfo = await getCrateInfo(cargoTomlPath);
+      return [depCrateInfo.lib];
+    } catch (e) {
+      logger.warn(`Error extracting crate ${packageName}@${version3}: ${e.message ?? "Unknown error"}`);
+      return void 0;
     }
-    await execAndLogOnFailure(["tar", "-xzf", packageFile], tmpDir);
-    const packageDir = join19(tmpDir, `${packageName.toLocaleLowerCase()}-${version3.toLocaleLowerCase()}`);
-    const cargoTomlPath = join19(packageDir, "Cargo.toml");
-    const depCrateInfo = await getCrateInfo(cargoTomlPath);
-    return [depCrateInfo.lib];
   }
   const deps = {};
   await asyncForEach(artifacts, async (artifact) => {

package/repos/coana-tech/alucard/alucard.jar CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/mambalade/dist/mambalade-0.3.12-py3-none-any.whl CHANGED Viewed

Binary file