npm - @coana-tech/cli - Versions diffs - 14.12.48 → 14.12.49 - Mend

@coana-tech/cli 14.12.48 → 14.12.49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.48",
+  "version": "14.12.49",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/reachability-analyzers-cli.mjs CHANGED Viewed

@@ -54009,7 +54009,7 @@ var require_summary = __commonJS({
     exports.summary = exports.markdownSummary = exports.SUMMARY_DOCS_URL = exports.SUMMARY_ENV_VAR = void 0;
     var os_1 = __require("os");
     var fs_1 = __require("fs");
-    var { access: access3, appendFile, writeFile: writeFile10 } = fs_1.promises;
+    var { access: access3, appendFile, writeFile: writeFile9 } = fs_1.promises;
     exports.SUMMARY_ENV_VAR = "GITHUB_STEP_SUMMARY";
     exports.SUMMARY_DOCS_URL = "https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary";
     var Summary = class {
@@ -54067,7 +54067,7 @@ var require_summary = __commonJS({
         return __awaiter(this, void 0, void 0, function* () {
           const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite);
           const filePath = yield this.filePath();
-          const writeFunc = overwrite ? writeFile10 : appendFile;
+          const writeFunc = overwrite ? writeFile9 : appendFile;
           yield writeFunc(filePath, this._buffer, { encoding: "utf8" });
           return this.emptyBuffer();
         });
@@ -69249,7 +69249,7 @@ var {
 } = import_index.default;
 // dist/reachability-analyzers-cli.js
-import { readFile as readFile12, writeFile as writeFile9 } from "fs/promises";
+import { readFile as readFile12, writeFile as writeFile8 } from "fs/promises";
 // ../web-compat-utils/src/logger-singleton.ts
 var import_winston = __toESM(require_winston(), 1);
@@ -74698,7 +74698,7 @@ function addPathToTrie(root3, vulnPath) {
 var import_lodash14 = __toESM(require_lodash(), 1);
 import assert5 from "assert";
 import { existsSync as existsSync11 } from "fs";
-import { cp as cp5, readdir as readdir3, readFile as readFile10, rm as rm5, writeFile as writeFile8 } from "fs/promises";
+import { cp as cp5, readdir as readdir3, readFile as readFile10, rm as rm5 } from "fs/promises";
 import { basename as basename9, dirname as dirname12, join as join17, resolve as resolve15, sep as sep3 } from "path";
 import util5 from "util";
@@ -97175,6 +97175,14 @@ async function getVersion(analysisName) {
 // dist/whole-program-code-aware-vulnerability-scanner/python/python-code-aware-vulnerability-scanner.js
 var import_semver2 = __toESM(require_semver2(), 1);
 var { omit, once: once3, pick, sortedUniq, uniqBy } = import_lodash14.default;
+var memlimitWrapper = `import sys, runpy, resource
+if memory_limit := int(sys.argv.pop(1)):
+  try:
+    resource.setrlimit(resource.RLIMIT_AS, (memory_limit * 1024 ** 2, -1))
+  except ValueError as e:
+    print("ERROR: Failed to set memory limit", e, file=sys.stderr)
+runpy.run_module("mambalade", alter_sys=True)
+`;
 var PythonCodeAwareVulnerabilityScanner = class {
   state;
   projectDir;
@@ -97220,15 +97228,6 @@ var PythonCodeAwareVulnerabilityScanner = class {
     const packagesToExclude = heuristic.getPackagesToExcludeFromAnalysis?.(vulns);
     const vulnAccPaths = sortedUniq(vulns.flatMap((v) => v.vulnerabilityAccessPaths).sort());
     const tmpDir = await createTmpDirectory("coana-mambalade-output");
-    const wrapperPath = join17(tmpDir, "wrapper.py");
-    await writeFile8(wrapperPath, `import sys, runpy, resource
-if memory_limit := int(sys.argv.pop(1)):
-  try:
-    resource.setrlimit(resource.RLIMIT_AS, (memory_limit * 1024 ** 2, -1))
-  except ValueError as e:
-    print("ERROR: Failed to set memory limit", e, file=sys.stderr)
-runpy.run_module("mambalade", alter_sys=True)
-`);
     const vulnsOutputFile = join17(tmpDir, "vulns.json");
     const diagnosticsOutputFile = join17(tmpDir, "diagnostics.json");
     const excludeDistributionsOption = packagesToExclude?.size ? ["--exclude-distributions", ...packagesToExclude] : [];
@@ -97237,7 +97236,7 @@ runpy.run_module("mambalade", alter_sys=True)
     const pythonExecutable = join17(this.mambaladeVenvPath, "bin", "python");
     const mambaladeArgs = [
       pythonExecutable,
-      wrapperPath,
+      "-",
       `${reachabilityAnalysisOptions.memoryLimitInMB ?? 0}`,
       "--vulnerabilities",
       ...vulnAccPaths,
@@ -97261,7 +97260,7 @@ ${vulnAccPaths.join("\n")}`);
     logger.debug(`Running python executable: ${pythonExecutable}`);
     logger.debug(`With args: ${mambaladeArgs.slice(1).join(" ")}`);
     try {
-      const { stderr } = await exec(mambaladeArgs, this.projectDir);
+      const { stderr } = await exec(mambaladeArgs, this.projectDir, { stdin: memlimitWrapper });
       logger.debug("Done running mambalade");
       const errors = stderr.split("\n").filter((line) => line.startsWith("ERROR:") && !/^ERROR: Excluded distribution/.test(line));
       if (errors.length > 0)
@@ -98311,7 +98310,7 @@ var runReachabilityAnalysisCmd = new Command().name("runReachabilityAnalysis").a
   const result = await runReachabilityAnalysis(state);
   if (options.outputFile) {
     logger.debug("Writing result to file", options.outputFile);
-    await writeFile9(options.outputFile, JSON.stringify({ result }));
+    await writeFile8(options.outputFile, JSON.stringify({ result }));
   } else {
     logger.info("Result:", JSON.stringify(result, null, 2));
   }
@@ -98321,7 +98320,7 @@ var runOnDependencyChainCmd = new Command().name("runOnDependencyChain").option(
   const result = await analyzePackages(ecosystem, deserializeDependencyChain(ecosystem, dependencyChain), vulnerability);
   if (options.outputFile) {
     logger.debug("Writing result to file", options.outputFile);
-    await writeFile9(options.outputFile, JSON.stringify({ result }));
+    await writeFile8(options.outputFile, JSON.stringify({ result }));
   } else {
     logger.info("Result:", JSON.stringify(result, null, 2));
   }
@@ -98349,7 +98348,7 @@ var runOnPackageRegistryPackageCmd = new Command().name("runOnPackageRegistryPac
     const result = isFile3 ? await analyzeAlreadyInstalledPackages(options.ecosystem, [mainPackage, ...options.dependencies].map((p) => p.replace("file://", "")), vulnerability, { timeoutInSeconds: +options.analysisTimeout, memoryLimitInMB: +options.memoryLimit }) : await analyzePackages(options.ecosystem, deserializeDependencyChain(options.ecosystem, `${mainPackage}${options.dependencies.length > 0 ? ` > ${options.dependencies.join(" > ")}` : ""}`), vulnerability, { timeoutInSeconds: +options.analysisTimeout, memoryLimitInMB: +options.memoryLimit });
     if (options.outputFile) {
       logger.info("Writing result to file", options.outputFile);
-      await writeFile9(options.outputFile, JSON.stringify(result, null, 2));
+      await writeFile8(options.outputFile, JSON.stringify(result, null, 2));
     } else {
       logger.info("Result:", JSON.stringify(result, null, 2));
     }

package/repos/coana-tech/alucard/alucard.jar CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-amd64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/goana/bin/goana-linux-arm64.gz CHANGED Viewed

Binary file

package/repos/coana-tech/mambalade/dist/{mambalade-0.3.12-py3-none-any.whl → mambalade-0.3.13-py3-none-any.whl} RENAMED Viewed

	index f561a9e..666059a 100644
	Binary file