@coana-tech/cli 14.9.21 → 14.9.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/cli.mjs +43 -10
  2. package/package.json +1 -1
package/cli.mjs CHANGED
@@ -212320,7 +212320,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
212320
212320
  }
212321
212321
 
212322
212322
  // dist/version.js
212323
- var version2 = "14.9.21";
212323
+ var version2 = "14.9.23";
212324
212324
 
212325
212325
  // ../../node_modules/.pnpm/axios@1.9.0/node_modules/axios/lib/helpers/bind.js
212326
212326
  function bind2(fn2, thisArg) {
@@ -215812,7 +215812,7 @@ function getNamespaceAndName(ecosystem, packageName) {
215812
215812
  }
215813
215813
 
215814
215814
  // dist/internal/socket-report.js
215815
- function toSocketFacts(report, dependencyTrees) {
215815
+ function toSocketFacts(report, dependencyTrees, subPjToWsPathToDirectDependencies) {
215816
215816
  const components = [];
215817
215817
  const purlToIndex = /* @__PURE__ */ new Map();
215818
215818
  for (const dependencyTree of dependencyTrees) {
@@ -215831,8 +215831,10 @@ function toSocketFacts(report, dependencyTrees) {
215831
215831
  artifact_id: depTreeNode.purlObj.artifact_id,
215832
215832
  artifactId: depTreeNode.purlObj.artifactId,
215833
215833
  qualifiers: depTreeNode.purlObj.qualifiers,
215834
- // direct: false, // TODO: add direct flag
215835
- // dev: false, // TODO: add dev flag
215834
+ direct: false,
215835
+ // Use false as default, and set to true if actually direct
215836
+ dev: true,
215837
+ // Use true as default, and set to false if the artifact is found as prod, prod&dev or missing for any dependency chain.
215836
215838
  dependencies: []
215837
215839
  };
215838
215840
  }
@@ -215849,6 +215851,28 @@ function toSocketFacts(report, dependencyTrees) {
215849
215851
  }
215850
215852
  });
215851
215853
  }
215854
+ for (const depIdentifier of dependencyTree.dependencyTree.dependencies ?? []) {
215855
+ const depTreeNode = dependencyTree.dependencyTree.transitiveDependencies[depIdentifier];
215856
+ const component = components[purlToIndex.get(depTreeNode.purlObj.purlString)];
215857
+ component.direct = true;
215858
+ }
215859
+ for (const depIdentifier of dependencyTree.dependencyTree.dependencies ?? []) {
215860
+ let updateDependencyType2 = function(id) {
215861
+ if (visitedIds.has(id.toString()))
215862
+ return;
215863
+ visitedIds.add(id.toString());
215864
+ const component = components[id];
215865
+ if (dependencyType !== "dev") {
215866
+ component.dev = false;
215867
+ }
215868
+ component.dependencies?.forEach((depId) => updateDependencyType2(parseInt(depId)));
215869
+ };
215870
+ var updateDependencyType = updateDependencyType2;
215871
+ const depTreeNode = dependencyTree.dependencyTree.transitiveDependencies[depIdentifier];
215872
+ const dependencyType = subPjToWsPathToDirectDependencies[dependencyTree.subprojectPath][dependencyTree.workspacePath][depTreeNode.packageName];
215873
+ const visitedIds = /* @__PURE__ */ new Set();
215874
+ updateDependencyType2(purlToIndex.get(depTreeNode.purlObj.purlString));
215875
+ }
215852
215876
  }
215853
215877
  for (const vulnerability of report.vulnerabilities) {
215854
215878
  const component = components[purlToIndex.get(vulnerability.purl)];
@@ -215986,7 +216010,7 @@ var CliCore = class {
215986
216010
  }
215987
216011
  }
215988
216012
  }
215989
- if (!this.options.repoUrl && !this.options.projectName && !this.options.disableReportSubmission && !this.options.offlineDatabase) {
216013
+ if (!this.options.repoUrl && !this.options.projectName && !this.options.disableReportSubmission && !this.options.offlineDatabase && !this.options.socketMode) {
215990
216014
  throw new Error("Either --repo-url or --project-name is required for dashboard integration. Use --disable-report-submission to skip report submission.");
215991
216015
  }
215992
216016
  if ((this.options.disableReportSubmission || this.options.offlineDatabase) && !this.options.outputDir && !this.options.printReport) {
@@ -216015,9 +216039,9 @@ var CliCore = class {
216015
216039
  const gitData = await getGitDataToMetadataIfAvailable(this.rootWorkingDirectory);
216016
216040
  this.reportId = await createReport(this.options.repoUrl, this.options.projectName, version2, gitData?.sha, gitData?.branchName, omit(this.options, "apiKey", "print-report", "repoUrl", "projectName", "writeReportToFile"), this.apiKey, this.options.runEnv);
216017
216041
  }
216018
- const report = await this.computeReport();
216042
+ const { report, subPjToWsPathToDirectDependencies } = await this.computeReport();
216019
216043
  logger.info("Report computed successfully");
216020
- await this.outputAndShareReport(report);
216044
+ await this.outputAndShareReport(report, subPjToWsPathToDirectDependencies);
216021
216045
  this.spinner.stop();
216022
216046
  return report;
216023
216047
  } catch (e) {
@@ -216046,13 +216070,13 @@ var CliCore = class {
216046
216070
  if (this.reportId)
216047
216071
  await sendLogToDashboard(await this.getLogContent(), this.reportId, this.apiKey);
216048
216072
  }
216049
- async outputAndShareReport(report) {
216073
+ async outputAndShareReport(report, subPjToWsPathToDirectDependencies) {
216050
216074
  const outputDir = this.options.outputDir;
216051
216075
  if (this.options.socketMode) {
216052
216076
  if (!this.reportDependencyTrees) {
216053
216077
  throw new Error("Dependency trees should be available when using --socket-mode");
216054
216078
  }
216055
- const socketReport = toSocketFacts(report, this.reportDependencyTrees);
216079
+ const socketReport = toSocketFacts(report, this.reportDependencyTrees, subPjToWsPathToDirectDependencies);
216056
216080
  const outputFile = resolve24(this.options.socketMode);
216057
216081
  await writeFile10(outputFile, JSON.stringify(socketReport, null, 2));
216058
216082
  logger.info(kleur_default.green(`Socket report written to: ${outputFile}`));
@@ -216140,7 +216164,16 @@ var CliCore = class {
216140
216164
  vulnerabilities: allVulnerabilities,
216141
216165
  ...await this.createMetadataForReport(startTime)
216142
216166
  };
216143
- return report;
216167
+ const reportAndSubPjToWsPathToDirectDependencies = {
216168
+ report,
216169
+ subPjToWsPathToDirectDependencies: workspacesOutput.reduce((acc, { subprojectPath, workspacePath, directDependencies }) => {
216170
+ if (!acc[subprojectPath])
216171
+ acc[subprojectPath] = {};
216172
+ acc[subprojectPath][workspacePath] = directDependencies;
216173
+ return acc;
216174
+ }, {})
216175
+ };
216176
+ return reportAndSubPjToWsPathToDirectDependencies;
216144
216177
  }
216145
216178
  async updateSpinnerTextOnNewSubproject(subprojectAndWsPath, numberSubprojects, index2) {
216146
216179
  this.spinner.start();
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@coana-tech/cli",
3
- "version": "14.9.21",
3
+ "version": "14.9.23",
4
4
  "description": "Coana CLI",
5
5
  "type": "module",
6
6
  "bin": {