@coana-tech/cli 14.12.71 → 14.12.72

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/cli.mjs +29 -26
  2. package/package.json +1 -1
  3. package/reachability-analyzers-cli.mjs +22 -23
  4. package/repos/coana-tech/alucard/alucard.jar +0 -0
  5. package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
  6. package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
  7. package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
  8. package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
package/cli.mjs CHANGED
@@ -229736,6 +229736,29 @@ ${vulnerabilityFixes.map((fix) => ` ${fix.dependencyName} from ${fix.currentVers
229736
229736
  // dist/internal/socket-mode-helpers-socket-dependency-trees.js
229737
229737
  import { basename as basename7, dirname as dirname21, join as join24, sep as sep5 } from "path";
229738
229738
  var REQUIREMENTS_FILES_SEARCH_DEPTH2 = 3;
229739
+ var venvExcludes = [
229740
+ "venv",
229741
+ ".venv",
229742
+ "env",
229743
+ ".env",
229744
+ "virtualenv",
229745
+ ".virtualenv",
229746
+ "venvs",
229747
+ ".venvs",
229748
+ "envs",
229749
+ ".envs",
229750
+ "__pycache__",
229751
+ ".tox",
229752
+ ".nox",
229753
+ ".pytest_cache",
229754
+ "site-packages",
229755
+ "dist-packages",
229756
+ "conda-meta",
229757
+ "conda-bld",
229758
+ ".mypy_cache",
229759
+ ".ruff_cache",
229760
+ ".hypothesis"
229761
+ ];
229739
229762
  function inferWorkspaceFromManifestPath(ecosystem, manifestPath, properPythonProjects) {
229740
229763
  switch (ecosystem) {
229741
229764
  case "NPM": {
@@ -229747,6 +229770,9 @@ function inferWorkspaceFromManifestPath(ecosystem, manifestPath, properPythonPro
229747
229770
  return ".";
229748
229771
  }
229749
229772
  case "PIP": {
229773
+ if (venvExcludes.some((exclude) => manifestPath.startsWith(`${exclude}/`) || manifestPath.includes(`/${exclude}/`))) {
229774
+ return void 0;
229775
+ }
229750
229776
  const base = basename7(manifestPath);
229751
229777
  const dir = dirname21(manifestPath);
229752
229778
  const workspaceDir = dir === "" ? "." : dir;
@@ -229831,29 +229857,6 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
229831
229857
  pipArtifactToRepresentativeManifest[simplePurl(artifact.type, artifact.namespace ?? "", artifact.name ?? "", artifact.version ?? "")] = artifact;
229832
229858
  }
229833
229859
  }
229834
- const venvExcludes = [
229835
- "venv",
229836
- ".venv",
229837
- "env",
229838
- ".env",
229839
- "virtualenv",
229840
- ".virtualenv",
229841
- "venvs",
229842
- ".venvs",
229843
- "envs",
229844
- ".envs",
229845
- "__pycache__",
229846
- ".tox",
229847
- ".nox",
229848
- ".pytest_cache",
229849
- "site-packages",
229850
- "dist-packages",
229851
- "conda-meta",
229852
- "conda-bld",
229853
- ".mypy_cache",
229854
- ".ruff_cache",
229855
- ".hypothesis"
229856
- ];
229857
229860
  const allFiles = await getFilesRelative(rootWorkingDirectory, venvExcludes);
229858
229861
  for (const file of allFiles) {
229859
229862
  const base = basename7(file);
@@ -229896,7 +229899,7 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
229896
229899
  break;
229897
229900
  }
229898
229901
  case "PIP": {
229899
- const sPurl = simplePurl(artifact.type, artifact.namespace ?? "", artifact.name ?? "", artifact.version ?? "");
229902
+ const sPurl = simplePurl(artifact.type, artifact.namespace ?? null, artifact.name ?? null, artifact.version ?? null);
229900
229903
  if (pipArtifactToRepresentativeManifest[sPurl]) {
229901
229904
  manifestFiles.push(...(pipArtifactToRepresentativeManifest[sPurl].manifestFiles ?? []).map((ref) => ref.file));
229902
229905
  }
@@ -229925,7 +229928,7 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
229925
229928
  });
229926
229929
  }
229927
229930
  if (Object.keys(workspaceToManifestFiles).length === 0 && artifact.vulnerabilities && artifact.vulnerabilities.length > 0) {
229928
- purlsFailedToFindWorkspace.add(purlToString(artifact));
229931
+ purlsFailedToFindWorkspace.add(simplePurl(artifact.type, artifact.namespace ?? null, artifact.name ?? null, artifact.version ?? null));
229929
229932
  }
229930
229933
  for (const [workspace, manifestFiles2] of Object.entries(workspaceToManifestFiles)) {
229931
229934
  const workspaceData = (ecosystemToWorkspaceToAnalysisData[ecosystem] ??= {})[workspace] ??= {
@@ -245855,7 +245858,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
245855
245858
  }
245856
245859
 
245857
245860
  // dist/version.js
245858
- var version2 = "14.12.71";
245861
+ var version2 = "14.12.72";
245859
245862
 
245860
245863
  // dist/cli-core.js
245861
245864
  var { mapValues, omit, partition, pick } = import_lodash15.default;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@coana-tech/cli",
3
- "version": "14.12.71",
3
+ "version": "14.12.72",
4
4
  "description": "Coana CLI",
5
5
  "type": "module",
6
6
  "bin": {
package/reachability-analyzers-cli.mjs CHANGED
@@ -109133,7 +109133,7 @@ async function setupDependenciesForAnalysis(subprojectDir, workspaceDir, directD
109133
109133
  });
109134
109134
  }
109135
109135
  function convertToPackageMetadatas(workspaceDir, dependenciesToInstall, directDependencies, artifactIdToArtifact) {
109136
- const artifactIdToDepedenciesToInstallIdx = Object.fromEntries(dependenciesToInstall.map((dep, idx) => [
109136
+ const artifactIdToDependenciesToInstallIdx = Object.fromEntries(dependenciesToInstall.map((dep, idx) => [
109137
109137
  Object.entries(artifactIdToArtifact).find(([_, artifact]) => artifact === dep.artifact)[0],
109138
109138
  idx + 1
109139
109139
  ]));
@@ -109146,16 +109146,16 @@ function convertToPackageMetadatas(workspaceDir, dependenciesToInstall, directDe
109146
109146
  installedPath: workspaceDir
109147
109147
  });
109148
109148
  for (const [parentId, parent2] of Object.entries(artifactIdToArtifact)) {
109149
- if (!(parentId in artifactIdToDepedenciesToInstallIdx))
109149
+ if (!(parentId in artifactIdToDependenciesToInstallIdx))
109150
109150
  continue;
109151
109151
  for (const child of parent2.dependencies ?? []) {
109152
109152
  const childArtifact = artifactIdToArtifact[child];
109153
- if (!artifactIdToDepedenciesToInstallIdx[child])
109153
+ if (!artifactIdToDependenciesToInstallIdx[child])
109154
109154
  continue;
109155
109155
  if (!artifactToParents.has(childArtifact)) {
109156
109156
  artifactToParents.set(childArtifact, []);
109157
109157
  }
109158
- artifactToParents.get(childArtifact).push(artifactIdToDepedenciesToInstallIdx[parentId]);
109158
+ artifactToParents.get(childArtifact).push(artifactIdToDependenciesToInstallIdx[parentId]);
109159
109159
  }
109160
109160
  }
109161
109161
  for (const directDependency of directDependencies) {
@@ -109262,9 +109262,9 @@ function computePackagePlacements(packageMetadatas, nodeModulesDir) {
109262
109262
  addPlacementToRelativeInstallDirsForSCC(sccToPlace, /* @__PURE__ */ new Set([nodeModulesDir]), installNames);
109263
109263
  return;
109264
109264
  }
109265
- const parentMetadatas = Array.from(curParents).map((parentIndex) => packageMetadataDag.sccs[parentIndex].packages).flat();
109265
+ const parentMetadatas = Array.from(curParents, (parentIndex) => packageMetadataDag.sccs[parentIndex].packages).flat();
109266
109266
  if (curSCC !== sccToPlace) {
109267
- const anyParentDependsOnDifferentPackageToPlace = parentMetadatas.some((parentPackage) => sccToPlace.packages.some((packageToPlace) => parentPackage.dependencies[packageToPlace.name] && // If the package to place has the parentPackage as a parent, then the version it depends on is actually the one to place, and therefore it should not have a different installation
109267
+ const anyParentDependsOnDifferentPackageToPlace = parentMetadatas.some((parentPackage) => sccToPlace.packages.some((packageToPlace) => Object.hasOwn(parentPackage.dependencies, packageToPlace.name) && // If the package to place has the parentPackage as a parent, then the version it depends on is actually the one to place, and therefore it should not have a different installation
109268
109268
  !packageToPlace.parents.some((p2p) => packageMetadatas[p2p] === parentPackage)));
109269
109269
  if (anyParentDependsOnDifferentPackageToPlace) {
109270
109270
  addPlacementToRelativeToPackages(sccToPlace, curSCC.packages, installNames);
@@ -109272,16 +109272,16 @@ function computePackagePlacements(packageMetadatas, nodeModulesDir) {
109272
109272
  }
109273
109273
  }
109274
109274
  const installNamesClone = new Map([...installNames.entries()].map(([packageName, installNames2]) => [packageName, new Set(installNames2)]));
109275
- const newInstallNames = parentMetadatas.flatMap((parentPackage) => sccToPlace.packages.flatMap((packageToPlace) => Object.entries(parentPackage.dependencies).filter(([name2, version3]) => name2 === packageToPlace.name || version3.startsWith("npm:") && version3.includes(`${packageToPlace.name}@`)).map(([name2, _version]) => [packageToPlace.name, name2])));
109276
- for (const [packageName, installName] of newInstallNames) {
109277
- if (!installNamesClone.has(packageName)) {
109278
- installNamesClone.set(packageName, /* @__PURE__ */ new Set());
109279
- }
109280
- installNamesClone.get(packageName).add(installName);
109275
+ const newInstallNames = parentMetadatas.flatMap((parentPackage) => sccToPlace.packages.flatMap((packageToPlace) => Object.entries(parentPackage.dependencies).filter(([name2, version3]) => name2 === packageToPlace.name || version3.startsWith("npm:") && version3.includes(`${packageToPlace.name}@`)).map(([name2]) => [packageToPlace, name2])));
109276
+ for (const [packageMetadata, installName] of newInstallNames) {
109277
+ const installNamesSet = installNamesClone.get(packageMetadata);
109278
+ if (!installNamesSet)
109279
+ installNamesClone.set(packageMetadata, /* @__PURE__ */ new Set([installName]));
109280
+ else
109281
+ installNamesSet.add(installName);
109281
109282
  }
109282
- for (const parent2 of curParents) {
109283
+ for (const parent2 of curParents)
109283
109284
  recHelper2(parent2, installNamesClone);
109284
- }
109285
109285
  };
109286
109286
  var recHelper = recHelper2;
109287
109287
  addPlacementsDirectIfMultipleVersions(sccToPlace);
@@ -109304,8 +109304,8 @@ function computePackagePlacements(packageMetadatas, nodeModulesDir) {
109304
109304
  const parentMetadata = packageMetadatas[parent2];
109305
109305
  const parentInstallDirs = computedPlacements.get(parentMetadata);
109306
109306
  if (parentInstallDirs) {
109307
- const dependencyInstallName = metadataToPlace.name in parentMetadata.dependencies ? metadataToPlace.name : Object.entries(parentMetadata.dependencies).find(([_name, version3]) => version3.startsWith("npm:") && version3.includes(`${metadataToPlace.name}@`))?.[0];
109308
- addPlacementToRelativeInstallDirs(metadataToPlace, parentInstallDirs, /* @__PURE__ */ new Map([[metadataToPlace.name, /* @__PURE__ */ new Set([dependencyInstallName ?? metadataToPlace.name])]]));
109307
+ const dependencyInstallName = Object.hasOwn(parentMetadata.dependencies, metadataToPlace.name) ? metadataToPlace.name : Object.entries(parentMetadata.dependencies).find(([, version3]) => version3.startsWith("npm:") && version3.includes(`${metadataToPlace.name}@`))?.[0];
109308
+ addPlacementToRelativeInstallDirs(metadataToPlace, parentInstallDirs, /* @__PURE__ */ new Map([[metadataToPlace, /* @__PURE__ */ new Set([dependencyInstallName ?? metadataToPlace.name])]]));
109309
109309
  }
109310
109310
  }
109311
109311
  }
@@ -109317,24 +109317,23 @@ function computePackagePlacements(packageMetadatas, nodeModulesDir) {
109317
109317
  }
109318
109318
  }
109319
109319
  function addPlacementToRelativeInstallDirsForSCC(sccToPlace, installDirs, installNames) {
109320
- for (const metadataToPlace of sccToPlace.packages) {
109320
+ for (const metadataToPlace of sccToPlace.packages)
109321
109321
  addPlacementToRelativeInstallDirs(metadataToPlace, installDirs, installNames);
109322
- }
109323
109322
  }
109324
109323
  function addPlacementToRelativeInstallDirs(metadataToPlace, installDirs, installNames) {
109325
109324
  if (metadataToPlace.name === ROOT_PACKAGE_METADATA_NAME) {
109326
109325
  return;
109327
109326
  }
109328
- if (!computedPlacements.has(metadataToPlace)) {
109329
- computedPlacements.set(metadataToPlace, /* @__PURE__ */ new Set());
109330
- }
109327
+ let computedPlacementsForMetadata = computedPlacements.get(metadataToPlace);
109328
+ if (!computedPlacementsForMetadata)
109329
+ computedPlacements.set(metadataToPlace, computedPlacementsForMetadata = /* @__PURE__ */ new Set());
109331
109330
  for (const installDir of [...installDirs]) {
109332
- for (const installName of installNames.get(metadataToPlace.name) ?? /* @__PURE__ */ new Set([metadataToPlace.name])) {
109331
+ for (const installName of installNames.get(metadataToPlace) ?? /* @__PURE__ */ new Set([metadataToPlace.name])) {
109333
109332
  if (installDir.endsWith(`/node_modules/${installName}`))
109334
109333
  continue;
109335
109334
  const computedInstallDir = installDir.endsWith(nodeModulesDir) ? resolve11(installDir, installName) : resolve11(installDir, "node_modules", installName);
109336
109335
  if (!allInstallDirs.has(computedInstallDir)) {
109337
- computedPlacements.get(metadataToPlace).add(computedInstallDir);
109336
+ computedPlacementsForMetadata.add(computedInstallDir);
109338
109337
  allInstallDirs.add(computedInstallDir);
109339
109338
  }
109340
109339
  }