@coana-tech/cli 14.12.93 → 14.12.95

package/cli.mjs

@@ -244541,7 +244541,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version2 = "14.12.93";
+var version2 = "14.12.95";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.12.93",
+  "version": "14.12.95",
   "description": "Coana CLI",
   "type": "module",
   "bin": {

package/reachability-analyzers-cli.mjs

@@ -80697,7 +80697,7 @@ async function getModuleInfo(goModPath) {
 }
 async function runGoModTidy(moduleDir, { continueOnError = false } = {}) {
   logger.debug(`Running 'go mod tidy' in ${moduleDir}`);
-  const { error } = await execNeverFail(["go", "mod", "tidy"], moduleDir);
+  const { error } = await execNeverFail(["go", "mod", "tidy"], moduleDir, { timeout: 30 * 60 * 1e3 });
   logger.debug(`'go mod tidy' finished`);
   if (error) {
     const { Module, Go } = await getModuleInfo(moduleDir);
@@ -89804,6 +89804,31 @@ function evaluate(expression, project) {
 
 // dist/whole-program-code-aware-vulnerability-scanner/dotnet/dotnet-code-aware-vulnerability-scanner.js
 var { uniq: uniq2, uniqWith, isEqual } = import_lodash6.default;
+async function ensureDotnet6OrAbove() {
+  const result = await execNeverFail(cmdt`dotnet --list-runtimes`);
+  if (result.error)
+    throw new Error(".NET runtime not found. Please install .NET 6 runtime or above.");
+  const runtimesOutput = result.stdout ?? "";
+  const runtimeLines = runtimesOutput.split("\n").map((line) => line.trim()).filter(Boolean);
+  const netCoreRuntimes = runtimeLines.filter((line) => line.startsWith("Microsoft.NETCore.App")).map((line) => {
+    const versionMatch = line.match(/Microsoft\.NETCore\.App\s+(\d+)(?:\.(\d+))?(?:\.(\d+))?/);
+    if (versionMatch) {
+      return {
+        major: parseInt(versionMatch[1], 10),
+        minor: versionMatch[2] ? parseInt(versionMatch[2], 10) : 0,
+        patch: versionMatch[3] ? parseInt(versionMatch[3], 10) : 0
+      };
+    }
+    return void 0;
+  }).filter((v) => v !== void 0);
+  if (netCoreRuntimes.length === 0)
+    throw new Error(".NET runtime not found. Please install .NET 6 runtime or above.");
+  const hasValidRuntime = netCoreRuntimes.some((version3) => version3.major >= 6);
+  if (!hasValidRuntime) {
+    const foundVersions = netCoreRuntimes.map((v) => `${v.major}.${v.minor}.${v.patch}`).join(", ");
+    throw new Error(`.NET runtime versions found: ${foundVersions}. None are supported. Please install .NET 6 runtime or above.`);
+  }
+}
 var DotnetCodeAwareVulnerabilityScanner = class _DotnetCodeAwareVulnerabilityScanner {
   apps;
   deps;
@@ -89909,6 +89934,11 @@ var DotnetCodeAwareVulnerabilityScanner = class _DotnetCodeAwareVulnerabilitySca
   }
   async runPhantomDependencyAnalysis() {
     return withTmpDirectory("dotnet-direct-dependency-analysis", async (tmpDir) => {
+      try {
+        await ensureDotnet6OrAbove();
+      } catch {
+        return void 0;
+      }
       const options = {
         apps: this.apps,
         deps: this.deps,
@@ -89942,6 +89972,11 @@ var DotnetCodeAwareVulnerabilityScanner = class _DotnetCodeAwareVulnerabilitySca
   async actuallyRunAnalysis(vulnerabilityAccessPaths, filteredDeps) {
     this.statusUpdater?.("Running analysis...");
     return withTmpDirectory("dotnet-run-analysis", async (tmpDir) => {
+      try {
+        await ensureDotnet6OrAbove();
+      } catch (e) {
+        return { type: "error", message: e.message };
+      }
       const options = {
         apps: this.apps,
         deps: filteredDeps ?? this.deps,
@@ -103749,6 +103784,21 @@ var treeSitterScalaPath = join13(COANA_REPOS_PATH(), "tree-sitter-scala");
 // dist/whole-program-code-aware-vulnerability-scanner/java/java-code-aware-vulnerability-scanner.js
 var import_picomatch2 = __toESM(require_picomatch4(), 1);
 var { uniq: uniq3, uniqWith: uniqWith2, isEqual: isEqual2 } = import_lodash8.default;
+async function ensureJdk8OrAbove() {
+  const javapResult = await execNeverFail(cmdt`javap -version`);
+  if (javapResult.error)
+    throw new Error("JDK not found. Please install JDK 8 or above.");
+  const javapOutput = javapResult.stdout.trim() || "";
+  const versionMatch = javapOutput.match(/(\d+)(?:\.(\d+))?(?:\.(\d+))?/);
+  if (!versionMatch)
+    throw new Error("Could not determine Java version. Please ensure JDK 8 or above is installed.");
+  const major = parseInt(versionMatch[1], 10);
+  const minor = versionMatch[2] ? parseInt(versionMatch[2], 10) : 0;
+  const isValid = major === 1 && minor >= 8 || major >= 8;
+  if (!isValid) {
+    throw new Error(`JDK version ${javapOutput} is not supported. Please install JDK 8 or above.`);
+  }
+}
 var JavaCodeAwareVulnerabilityScanner = class _JavaCodeAwareVulnerabilityScanner {
   apps;
   deps;
@@ -103855,6 +103905,11 @@ var JavaCodeAwareVulnerabilityScanner = class _JavaCodeAwareVulnerabilityScanner
   }
   async runPhantomDependencyAnalysis() {
     return withTmpDirectory("java-direct-dependency-analysis", async (tmpDir) => {
+      try {
+        await ensureJdk8OrAbove();
+      } catch {
+        return void 0;
+      }
       const options = {
         apps: this.apps,
         deps: this.deps,
@@ -103888,6 +103943,11 @@ var JavaCodeAwareVulnerabilityScanner = class _JavaCodeAwareVulnerabilityScanner
   async actuallyRunAnalysis(vulnerabilityAccessPaths, filteredDeps) {
     this.statusUpdater?.("Running analysis...");
     return withTmpDirectory("java-run-analysis", async (tmpDir) => {
+      try {
+        await ensureJdk8OrAbove();
+      } catch (e) {
+        return { type: "error", message: e.message };
+      }
       const options = {
         apps: this.apps,
         deps: filteredDeps ?? this.deps,