@coana-tech/cli 14.9.23 → 14.9.24

package/cli.mjs

@@ -212320,7 +212320,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version2 = "14.9.23";
+var version2 = "14.9.24";
 
 // ../../node_modules/.pnpm/axios@1.9.0/node_modules/axios/lib/helpers/bind.js
 function bind2(fn2, thisArg) {
@@ -215646,14 +215646,20 @@ async function scanForVulnerabilitiesSocketMode(dependencyTree) {
     const data2 = {
       components: Object.keys(purlStringsToIdentifier).map((purl) => ({ purl }))
     };
-    const componentsString = (await axios_default2.post(url3, data2, {
+    const componentsResponse = (await axios_default2.post(url3, data2, {
       headers: {
         "Content-Type": "application/json",
         Accept: "application/json",
         Authorization: `Basic ${btoa(`${process.env.SOCKET_CLI_API_TOKEN}:`)}`
       }
     })).data;
-    components = JSON.parse(`[${componentsString.trim().replace(/\n/g, ",")}]`);
+    if (typeof componentsResponse === "object") {
+      components = [componentsResponse];
+    } else if (typeof componentsResponse === "string") {
+      components = JSON.parse(`[${componentsResponse.trim().replace(/\n/g, ",")}]`);
+    } else {
+      throw new Error(`Unexpected response type from Socket API: ${typeof componentsResponse}`);
+    }
   } catch (e) {
     logger.error("Failed to scan for vulnerabilities in socket mode");
     logger.error("error", e);
@@ -215816,7 +215822,7 @@ function toSocketFacts(report, dependencyTrees, subPjToWsPathToDirectDependencie
   const components = [];
   const purlToIndex = /* @__PURE__ */ new Map();
   for (const dependencyTree of dependencyTrees) {
-    const depIdentifierToPurl = Object.fromEntries(Object.entries(dependencyTree.dependencyTree.transitiveDependencies).map(([depIdentifier, dep]) => {
+    const depIdentifierToPurl = Object.fromEntries(Object.entries(dependencyTree.dependencyTree.transitiveDependencies).filter(([_depIdentifier, dep]) => dep.purlObj).map(([depIdentifier, dep]) => {
       const purl = dep.purlObj.purlString;
       if (purl && !purlToIndex.has(purl)) {
         purlToIndex.set(purl, components.length);
@@ -215842,11 +215848,14 @@ function toSocketFacts(report, dependencyTrees, subPjToWsPathToDirectDependencie
     }));
     for (const [depIdentifier, purl] of Object.entries(depIdentifierToPurl)) {
       const depTreeNode = dependencyTree.dependencyTree.transitiveDependencies[depIdentifier];
+      if (!depTreeNode.purlObj) {
+        continue;
+      }
       const component = components[purlToIndex.get(purl)];
       depTreeNode.dependencies?.forEach((dep) => {
         const depPurl = depIdentifierToPurl[dep];
         const depIndex = purlToIndex.get(depPurl);
-        if (!component.dependencies?.includes(depIndex.toString())) {
+        if (depIndex && !component.dependencies?.includes(depIndex.toString())) {
           component.dependencies.push(depIndex.toString());
         }
       });
@@ -216326,8 +216335,6 @@ var CliCore = class {
           ];
         } catch (e) {
           logger.error(`Scanning for vulnerabilities failed for subproject ${subprojectPath} in workspace ${workspacePath}`);
-          logger.error(JSON.stringify(dependencyTree, null, 2));
-          await new Promise((resolve25) => setTimeout(resolve25, 1e4));
           throw e;
         } finally {
           this.sendProgress("SCAN_FOR_VULNERABILITIES", false, subprojectPath, workspacePath);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "14.9.23",
+  "version": "14.9.24",
   "description": "Coana CLI",
   "type": "module",
   "bin": {