@coana-tech/cli 14.9.32 → 14.9.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +16 -5
- package/package.json +1 -1
package/cli.mjs
CHANGED
|
@@ -221973,7 +221973,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
221973
221973
|
}
|
|
221974
221974
|
|
|
221975
221975
|
// dist/version.js
|
|
221976
|
-
var version2 = "14.9.
|
|
221976
|
+
var version2 = "14.9.34";
|
|
221977
221977
|
|
|
221978
221978
|
// ../../node_modules/.pnpm/axios@1.9.0/node_modules/axios/lib/helpers/bind.js
|
|
221979
221979
|
function bind2(fn2, thisArg) {
|
|
@@ -226497,9 +226497,21 @@ async function computeFixesAndUpgradePurls(path2, options) {
|
|
|
226497
226497
|
...vulnerableArtifactIdsPerVulnerability.get(ghsa)?.values() ?? []
|
|
226498
226498
|
]);
|
|
226499
226499
|
const computedFix = await useSocketComputeFixEndpoint(artifacts, vulnerableArtifactIdsForGhsas);
|
|
226500
|
-
if (computedFix.type !== "
|
|
226500
|
+
if (computedFix.type !== "success") {
|
|
226501
226501
|
throw new Error(`No fix found for the given vulnerabilities`);
|
|
226502
226502
|
}
|
|
226503
|
+
if (computedFix.failedArtifacts) {
|
|
226504
|
+
const ghsasFailedToFix = options.applyFixesTo.filter((ghsa) => {
|
|
226505
|
+
const artifactIds = vulnerableArtifactIdsPerVulnerability.get(ghsa);
|
|
226506
|
+
if (!artifactIds)
|
|
226507
|
+
return false;
|
|
226508
|
+
return Array.from(artifactIds).some((vuln) => computedFix.failedArtifacts?.includes(vuln));
|
|
226509
|
+
});
|
|
226510
|
+
logger.info("Failed to compute fixes for the following vulnerabilities:");
|
|
226511
|
+
for (const ghsa of ghsasFailedToFix) {
|
|
226512
|
+
logger.info(` - ${ghsa} (${Array.from(vulnerableArtifactIdsPerVulnerability.get(ghsa)).map((id) => simplePurl(artifacts[id].type, artifacts[id].namespace ?? null, artifacts[id].name, artifacts[id].version ?? null)).join(", ")})`);
|
|
226513
|
+
}
|
|
226514
|
+
}
|
|
226503
226515
|
if (options.dryRun) {
|
|
226504
226516
|
logger.info("Fixes found:");
|
|
226505
226517
|
for (const fix of computedFix.fixes) {
|
|
@@ -226608,9 +226620,8 @@ async function useSocketComputeFixEndpoint(artifacts, vulnerableArtifactIdsForGh
|
|
|
226608
226620
|
} catch (error) {
|
|
226609
226621
|
logger.error("Request to compute fixes failed:", error);
|
|
226610
226622
|
return {
|
|
226611
|
-
type: "error
|
|
226612
|
-
message: "Error during computation"
|
|
226613
|
-
fixes: []
|
|
226623
|
+
type: "error",
|
|
226624
|
+
message: "Error during computation"
|
|
226614
226625
|
};
|
|
226615
226626
|
}
|
|
226616
226627
|
}
|