npm - @coana-tech/cli - Versions diffs - 15.2.0 → 15.2.2 - Mend

@coana-tech/cli 15.2.0 → 15.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/cli.mjs +186 -319
package/package.json +1 -1
package/reachability-analyzers-cli.mjs +52 -52
package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
package/repos/coana-tech/javap-service/javap-service.jar +0 -0

package/cli.mjs CHANGED Viewed

@@ -14563,8 +14563,8 @@ var require_follow_redirects = __commonJS({
       }
       return parsed;
     }
-    function resolveUrl(relative23, base) {
-      return useNativeURL ? new URL3(relative23, base) : parseUrl(url2.resolve(base, relative23));
+    function resolveUrl(relative25, base) {
+      return useNativeURL ? new URL3(relative25, base) : parseUrl(url2.resolve(base, relative25));
     }
     function validateUrl(input) {
       if (/^\[/.test(input.hostname) && !/^\[[:0-9a-f]+\]$/i.test(input.hostname)) {
@@ -17420,7 +17420,7 @@ var require_safe_stable_stringify = __commonJS({
               return circularValue;
             }
             let res = "";
-            let join36 = ",";
+            let join35 = ",";
             const originalIndentation = indentation;
             if (Array.isArray(value2)) {
               if (value2.length === 0) {
@@ -17434,7 +17434,7 @@ var require_safe_stable_stringify = __commonJS({
                 indentation += spacer;
                 res += `
 ${indentation}`;
-                join36 = `,
+                join35 = `,
 ${indentation}`;
               }
               const maximumValuesToStringify = Math.min(value2.length, maximumBreadth);
@@ -17442,13 +17442,13 @@ ${indentation}`;
               for (; i7 < maximumValuesToStringify - 1; i7++) {
                 const tmp2 = stringifyFnReplacer(String(i7), value2, stack2, replacer, spacer, indentation);
                 res += tmp2 !== void 0 ? tmp2 : "null";
-                res += join36;
+                res += join35;
               }
               const tmp = stringifyFnReplacer(String(i7), value2, stack2, replacer, spacer, indentation);
               res += tmp !== void 0 ? tmp : "null";
               if (value2.length - 1 > maximumBreadth) {
                 const removedKeys = value2.length - maximumBreadth - 1;
-                res += `${join36}"... ${getItemCount(removedKeys)} not stringified"`;
+                res += `${join35}"... ${getItemCount(removedKeys)} not stringified"`;
               }
               if (spacer !== "") {
                 res += `
@@ -17469,7 +17469,7 @@ ${originalIndentation}`;
             let separator = "";
             if (spacer !== "") {
               indentation += spacer;
-              join36 = `,
+              join35 = `,
 ${indentation}`;
               whitespace2 = " ";
             }
@@ -17483,13 +17483,13 @@ ${indentation}`;
               const tmp = stringifyFnReplacer(key2, value2, stack2, replacer, spacer, indentation);
               if (tmp !== void 0) {
                 res += `${separator}${strEscape(key2)}:${whitespace2}${tmp}`;
-                separator = join36;
+                separator = join35;
               }
             }
             if (keyLength > maximumBreadth) {
               const removedKeys = keyLength - maximumBreadth;
               res += `${separator}"...":${whitespace2}"${getItemCount(removedKeys)} not stringified"`;
-              separator = join36;
+              separator = join35;
             }
             if (spacer !== "" && separator.length > 1) {
               res = `
@@ -17530,7 +17530,7 @@ ${originalIndentation}`;
             }
             const originalIndentation = indentation;
             let res = "";
-            let join36 = ",";
+            let join35 = ",";
             if (Array.isArray(value2)) {
               if (value2.length === 0) {
                 return "[]";
@@ -17543,7 +17543,7 @@ ${originalIndentation}`;
                 indentation += spacer;
                 res += `
 ${indentation}`;
-                join36 = `,
+                join35 = `,
 ${indentation}`;
               }
               const maximumValuesToStringify = Math.min(value2.length, maximumBreadth);
@@ -17551,13 +17551,13 @@ ${indentation}`;
               for (; i7 < maximumValuesToStringify - 1; i7++) {
                 const tmp2 = stringifyArrayReplacer(String(i7), value2[i7], stack2, replacer, spacer, indentation);
                 res += tmp2 !== void 0 ? tmp2 : "null";
-                res += join36;
+                res += join35;
               }
               const tmp = stringifyArrayReplacer(String(i7), value2[i7], stack2, replacer, spacer, indentation);
               res += tmp !== void 0 ? tmp : "null";
               if (value2.length - 1 > maximumBreadth) {
                 const removedKeys = value2.length - maximumBreadth - 1;
-                res += `${join36}"... ${getItemCount(removedKeys)} not stringified"`;
+                res += `${join35}"... ${getItemCount(removedKeys)} not stringified"`;
               }
               if (spacer !== "") {
                 res += `
@@ -17570,7 +17570,7 @@ ${originalIndentation}`;
             let whitespace2 = "";
             if (spacer !== "") {
               indentation += spacer;
-              join36 = `,
+              join35 = `,
 ${indentation}`;
               whitespace2 = " ";
             }
@@ -17579,7 +17579,7 @@ ${indentation}`;
               const tmp = stringifyArrayReplacer(key2, value2[key2], stack2, replacer, spacer, indentation);
               if (tmp !== void 0) {
                 res += `${separator}${strEscape(key2)}:${whitespace2}${tmp}`;
-                separator = join36;
+                separator = join35;
               }
             }
             if (spacer !== "" && separator.length > 1) {
@@ -17637,20 +17637,20 @@ ${originalIndentation}`;
               indentation += spacer;
               let res2 = `
 ${indentation}`;
-              const join37 = `,
+              const join36 = `,
 ${indentation}`;
               const maximumValuesToStringify = Math.min(value2.length, maximumBreadth);
               let i7 = 0;
               for (; i7 < maximumValuesToStringify - 1; i7++) {
                 const tmp2 = stringifyIndent(String(i7), value2[i7], stack2, spacer, indentation);
                 res2 += tmp2 !== void 0 ? tmp2 : "null";
-                res2 += join37;
+                res2 += join36;
               }
               const tmp = stringifyIndent(String(i7), value2[i7], stack2, spacer, indentation);
               res2 += tmp !== void 0 ? tmp : "null";
               if (value2.length - 1 > maximumBreadth) {
                 const removedKeys = value2.length - maximumBreadth - 1;
-                res2 += `${join37}"... ${getItemCount(removedKeys)} not stringified"`;
+                res2 += `${join36}"... ${getItemCount(removedKeys)} not stringified"`;
               }
               res2 += `
 ${originalIndentation}`;
@@ -17666,16 +17666,16 @@ ${originalIndentation}`;
               return '"[Object]"';
             }
             indentation += spacer;
-            const join36 = `,
+            const join35 = `,
 ${indentation}`;
             let res = "";
             let separator = "";
             let maximumPropertiesToStringify = Math.min(keyLength, maximumBreadth);
             if (isTypedArrayWithEntries(value2)) {
-              res += stringifyTypedArray(value2, join36, maximumBreadth);
+              res += stringifyTypedArray(value2, join35, maximumBreadth);
               keys = keys.slice(value2.length);
               maximumPropertiesToStringify -= value2.length;
-              separator = join36;
+              separator = join35;
             }
             if (deterministic) {
               keys = insertSort(keys);
@@ -17686,13 +17686,13 @@ ${indentation}`;
               const tmp = stringifyIndent(key2, value2[key2], stack2, spacer, indentation);
               if (tmp !== void 0) {
                 res += `${separator}${strEscape(key2)}: ${tmp}`;
-                separator = join36;
+                separator = join35;
               }
             }
             if (keyLength > maximumBreadth) {
               const removedKeys = keyLength - maximumBreadth;
               res += `${separator}"...": "${getItemCount(removedKeys)} not stringified"`;
-              separator = join36;
+              separator = join35;
             }
             if (separator !== "") {
               res = `
@@ -19259,7 +19259,7 @@ var require_buffer_list = __commonJS({
         }
       }, {
         key: "join",
-        value: function join36(s6) {
+        value: function join35(s6) {
           if (this.length === 0) return "";
           var p3 = this.head;
           var ret = "" + p3.data;
@@ -30493,7 +30493,7 @@ var require_lodash = __commonJS({
           }
           return mapped.length && mapped[0] === arrays[0] ? baseIntersection(mapped, undefined2, comparator) : [];
         });
-        function join36(array, separator) {
+        function join35(array, separator) {
           return array == null ? "" : nativeJoin.call(array, separator);
         }
         function last2(array) {
@@ -32412,7 +32412,7 @@ var require_lodash = __commonJS({
         lodash16.isUndefined = isUndefined2;
         lodash16.isWeakMap = isWeakMap;
         lodash16.isWeakSet = isWeakSet;
-        lodash16.join = join36;
+        lodash16.join = join35;
         lodash16.kebabCase = kebabCase;
         lodash16.last = last2;
         lodash16.lastIndexOf = lastIndexOf;
@@ -46046,7 +46046,7 @@ var require_builder = __commonJS({
       }
     };
     exports2.SeqBuilder = SeqBuilder;
-    function join36(first2, second, ...others) {
+    function join35(first2, second, ...others) {
       const seq = new SeqBuilder(first2, second);
       if (!others.length) {
         return seq;
@@ -46055,7 +46055,7 @@ var require_builder = __commonJS({
         return res.join(query);
       }, seq);
     }
-    exports2.join = join36;
+    exports2.join = join35;
     var SymBuilder = class extends AbstractBuilder {
       constructor(opts) {
         super();
@@ -69980,16 +69980,16 @@ var require_lockfile = __commonJS({
             if (process.platform === "win32") {
               yield fsSymlink(src, dest, "junction");
             } else {
-              let relative23;
+              let relative25;
               try {
-                relative23 = (_path2 || _load_path()).default.relative((_fs || _load_fs()).default.realpathSync((_path2 || _load_path()).default.dirname(dest)), (_fs || _load_fs()).default.realpathSync(src));
+                relative25 = (_path2 || _load_path()).default.relative((_fs || _load_fs()).default.realpathSync((_path2 || _load_path()).default.dirname(dest)), (_fs || _load_fs()).default.realpathSync(src));
               } catch (err) {
                 if (err.code !== "ENOENT") {
                   throw err;
                 }
-                relative23 = (_path2 || _load_path()).default.relative((_path2 || _load_path()).default.dirname(dest), src);
+                relative25 = (_path2 || _load_path()).default.relative((_path2 || _load_path()).default.dirname(dest), src);
               }
-              yield fsSymlink(relative23 || ".", dest);
+              yield fsSymlink(relative25 || ".", dest);
             }
           });
           return function symlink2(_x24, _x25) {
@@ -70016,17 +70016,17 @@ var require_lockfile = __commonJS({
                 _ref28 = _i14.value;
               }
               const name2 = _ref28;
-              const relative23 = relativeDir ? (_path2 || _load_path()).default.join(relativeDir, name2) : name2;
+              const relative25 = relativeDir ? (_path2 || _load_path()).default.join(relativeDir, name2) : name2;
               const loc = (_path2 || _load_path()).default.join(dir, name2);
               const stat6 = yield lstat3(loc);
               files.push({
-                relative: relative23,
+                relative: relative25,
                 basename: name2,
                 absolute: loc,
                 mtime: +stat6.mtime
               });
               if (stat6.isDirectory()) {
-                files = files.concat(yield walk(loc, relative23, ignoreBasenames));
+                files = files.concat(yield walk(loc, relative25, ignoreBasenames));
               }
             }
             return files;
@@ -199710,7 +199710,7 @@ var {
 // dist/index.js
 import { mkdir as mkdir7, mkdtemp as mkdtemp2, readFile as readFile38, rm as rm4, writeFile as writeFile17 } from "fs/promises";
 import { tmpdir as tmpdir5 } from "os";
-import { dirname as dirname27, join as join35, resolve as resolve44 } from "path";
+import { dirname as dirname27, join as join34, resolve as resolve44 } from "path";
 // ../../node_modules/.pnpm/remeda@2.14.0/node_modules/remeda/dist/chunk-ANXBDSUI.js
 var s = { done: false, hasNext: false };
@@ -223680,10 +223680,10 @@ var Ignore = class {
   ignored(p3) {
     const fullpath = p3.fullpath();
     const fullpaths = `${fullpath}/`;
-    const relative23 = p3.relative() || ".";
-    const relatives = `${relative23}/`;
+    const relative25 = p3.relative() || ".";
+    const relatives = `${relative25}/`;
     for (const m4 of this.relative) {
-      if (m4.match(relative23) || m4.match(relatives))
+      if (m4.match(relative25) || m4.match(relatives))
         return true;
     }
     for (const m4 of this.absolute) {
@@ -223694,9 +223694,9 @@ var Ignore = class {
   }
   childrenIgnored(p3) {
     const fullpath = p3.fullpath() + "/";
-    const relative23 = (p3.relative() || ".") + "/";
+    const relative25 = (p3.relative() || ".") + "/";
     for (const m4 of this.relativeChildren) {
-      if (m4.match(relative23))
+      if (m4.match(relative25))
         return true;
     }
     for (const m4 of this.absoluteChildren) {
@@ -229111,7 +229111,7 @@ var NuGetSocketUpgradeManager = class {
 };
 // ../fixing-management/src/fixing-management/rust/cargo-socket-upgrade-manager.ts
-import { dirname as dirname18, relative as relative13, resolve as resolve28 } from "node:path";
+import { dirname as dirname18, relative as relative14, resolve as resolve28 } from "node:path";
 var import_picomatch6 = __toESM(require_picomatch2(), 1);
 var import_semver5 = __toESM(require_semver2(), 1);
 import assert12 from "node:assert";
@@ -229119,7 +229119,7 @@ import { readFile as readFile24, writeFile as writeFile10 } from "node:fs/promis
 // ../utils/src/cargo-utils.ts
 import { readFile as readFile23 } from "node:fs/promises";
-import { dirname as dirname17, resolve as resolve27 } from "node:path";
+import { dirname as dirname17, relative as relative13, resolve as resolve27 } from "node:path";
 var import_picomatch5 = __toESM(require_picomatch2(), 1);
 async function getCargoTomlFilesForCargoLockFile(rootDir, cargoLockFile, cargoTomlFiles) {
   const lockDir = dirname17(cargoLockFile);
@@ -229148,7 +229148,10 @@ async function getCargoTomlFilesForCargoLockFile(rootDir, cargoLockFile, cargoTo
   const matcher = (0, import_picomatch5.default)(memberPatterns, {
     ignore: excludePatterns
   });
-  const memberTomlFiles = cargoTomlFiles.filter((file) => matcher(dirname17(file) || "."));
+  const absLockDir = resolve27(rootDir, lockDir);
+  const memberTomlFiles = cargoTomlFiles.filter(
+    (file) => matcher(relative13(absLockDir, resolve27(rootDir, dirname17(file))) || ".")
+  );
   return { rootTomlFile, memberTomlFiles };
 }
@@ -229263,14 +229266,14 @@ var CargoSocketUpgradeManager = class {
         await writeFile10(path9, content);
         ctxt.statusUpdater?.({
           status: "success",
-          file: relative13(this.rootDir, path9),
+          file: relative14(this.rootDir, path9),
           message: "File restored",
           artifacts: i3(artifacts)
         });
       } catch (e) {
         ctxt.statusUpdater?.({
           status: "error",
-          file: relative13(this.rootDir, path9),
+          file: relative14(this.rootDir, path9),
           message: "Could not restore file",
           artifacts: i3(artifacts)
         });
@@ -229470,7 +229473,7 @@ ${newDependencyLine}`
 // ../fixing-management/src/fixing-management/pip/pip-socket-upgrade-manager.ts
 var import_picomatch8 = __toESM(require_picomatch2(), 1);
-import { dirname as dirname20, join as join19, resolve as resolve31 } from "node:path";
+import { dirname as dirname20, resolve as resolve31 } from "node:path";
 import assert13 from "node:assert";
 import { readFile as readFile27 } from "node:fs/promises";
@@ -229826,7 +229829,7 @@ function createPep508VersionPatches(file, idx, requirement, oldVersion, upgradeV
 // ../utils/src/pip-utils.ts
 import { existsSync as existsSync19 } from "node:fs";
 import { readFile as readFile26 } from "node:fs/promises";
-import { dirname as dirname19, resolve as resolve30 } from "node:path";
+import { dirname as dirname19, resolve as resolve30, relative as relative15 } from "node:path";
 import util4 from "node:util";
 // ../utils/src/python-versions-manager.ts
@@ -229887,7 +229890,10 @@ async function getPyprojectTomlFilesForLockFile(rootDir, uvLockfile, pyprojectFi
   const matcher = (0, import_picomatch7.default)(memberPatterns, {
     ignore: excludePatterns
   });
-  const memberTomlFiles = pyprojectFiles.filter((file) => matcher(dirname19(file) || "."));
+  const absLockDir = resolve30(rootDir, lockDir);
+  const memberTomlFiles = pyprojectFiles.filter(
+    (file) => matcher(relative15(absLockDir, resolve30(rootDir, dirname19(file))) || ".")
+  );
   return { rootTomlFile, memberTomlFiles };
 }
@@ -229906,82 +229912,43 @@ var PipSocketUpgradeManager = class {
   uvLockMatcher = (0, import_picomatch8.default)("uv.lock", { basename: true });
   poetryLockMatcher = (0, import_picomatch8.default)("poetry.lock", { basename: true });
   async applySocketArtifactUpgrades(ctxt) {
-    const pyprojectTomlFiles = ctxt.manifestFiles.filter((f5) => this.pyprojectTomlMatcher(f5));
     const patches = [];
     const uvLockFilesToValidate = /* @__PURE__ */ new Set();
-    const lockFileToDepTree = /* @__PURE__ */ new Map();
+    const patchedNamesByLockFile = /* @__PURE__ */ new Map();
+    const pyprojectTomlFiles = ctxt.manifestFiles.filter((f5) => this.pyprojectTomlMatcher(f5));
+    const uvLockFiles = ctxt.manifestFiles.filter((f5) => this.uvLockMatcher(f5));
+    const lockFileToRootToml = /* @__PURE__ */ new Map();
+    for (const lockFile of uvLockFiles) {
+      const tomlFiles = await getPyprojectTomlFilesForLockFile(this.rootDir, lockFile, pyprojectTomlFiles);
+      if (!tomlFiles) continue;
+      lockFileToRootToml.set(lockFile, tomlFiles.rootTomlFile);
+    }
     const poetryLockArtifacts = /* @__PURE__ */ new Map();
     for (const [idx, upgradeVersion] of ctxt.upgrades) {
       const artifact = ctxt.artifacts[idx];
       assert13(artifact.name);
       assert13(artifact.version);
-      const packageName = normalizePackageName(artifact.name);
       const directRequirementsTxts = /* @__PURE__ */ new Set();
       for (const mf of artifact.manifestFiles ?? []) {
         if (this.requirementsTxtMatcher(mf.file)) {
           if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(mf.file) || ".")) continue;
           directRequirementsTxts.add(mf.file);
           patches.push(...await this.createRequirementsTxtDirectDependencyPatches(mf, idx, upgradeVersion, ctxt));
+        } else if (this.pyprojectTomlMatcher(mf.file)) {
+          if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(mf.file) || ".")) continue;
+          patches.push(...await this.createPyprojectTomlDirectDependencyPatches(mf.file, idx, upgradeVersion, ctxt));
         } else if (this.uvLockMatcher(mf.file)) {
-          const tomlFiles = await getPyprojectTomlFilesForLockFile(this.rootDir, mf.file, pyprojectTomlFiles);
-          if (!tomlFiles) {
-            ctxt.statusUpdater?.({
-              status: "error",
-              file: mf.file,
-              artifacts: [idx],
-              message: "No pyproject.toml found for uv.lock"
-            });
-            continue;
-          }
-          const { rootTomlFile, memberTomlFiles } = tomlFiles;
-          let depTree = lockFileToDepTree.get(mf.file);
-          if (!depTree) {
-            depTree = await buildDependencyTreesFromUvLock(this.rootDir, mf.file);
-            if (depTree) {
-              lockFileToDepTree.set(mf.file, depTree);
-            } else {
-              ctxt.statusUpdater?.({
-                status: "error",
-                file: mf.file,
-                artifacts: [idx],
-                message: "Failed to parse uv.lock"
-              });
-              continue;
-            }
-          }
-          const lookupKey = getPackageKey(packageName, artifact.version);
-          for (const [projectDir, projectInfo] of depTree) {
-            if (ctxt.wsFilter && !ctxt.wsFilter(projectDir)) continue;
-            const nodesByNameVersion = /* @__PURE__ */ new Map();
-            for (const [, node] of projectInfo.nodes) {
-              const key = getPackageKey(node.packageName, node.version);
-              const existing = nodesByNameVersion.get(key) ?? [];
-              existing.push(node);
-              nodesByNameVersion.set(key, existing);
-            }
-            const matchingNodes = nodesByNameVersion.get(lookupKey) ?? [];
-            const isDirectDep = matchingNodes.some((node) => projectInfo.direct.has(node.nodeKey));
-            if (isDirectDep) {
-              const tomlFile = [rootTomlFile, ...memberTomlFiles ?? []].find(
-                (f5) => (dirname20(f5) || ".") === projectDir
-              );
-              if (tomlFile) {
-                patches.push(
-                  ...await this.createPyprojectTomlDirectDependencyPatches(tomlFile, idx, upgradeVersion, ctxt)
-                );
-              } else {
-                ctxt.statusUpdater?.({
-                  status: "error",
-                  file: mf.file,
-                  artifacts: [idx],
-                  message: `No pyproject.toml found for project at ${projectDir}`
-                });
-              }
-            }
-          }
           patches.push(...await this.createUvLockPatches(mf.file, idx, upgradeVersion, ctxt));
           uvLockFilesToValidate.add(mf.file);
-          patches.push(...await this.createOverrideDependencyUpdatePatches(rootTomlFile, idx, upgradeVersion, ctxt));
+          const namesSet = patchedNamesByLockFile.get(mf.file) ?? /* @__PURE__ */ new Set();
+          namesSet.add(normalizePackageName(artifact.name));
+          patchedNamesByLockFile.set(mf.file, namesSet);
+          const rootTomlFile = lockFileToRootToml.get(mf.file);
+          if (rootTomlFile) {
+            patches.push(
+              ...await this.createOverrideDependencyUpdatePatches(rootTomlFile, idx, upgradeVersion, ctxt)
+            );
+          }
         } else if (this.poetryLockMatcher(mf.file)) {
           const existing = poetryLockArtifacts.get(mf.file) ?? [];
           existing.push(idx);
@@ -230028,7 +229995,14 @@ var PipSocketUpgradeManager = class {
         }
       }
       await this.removeDuplicateUvLockEntries(lockFile, ctxt);
-      const result = await execNeverFail2(["uv", "lock"], dirname20(resolve31(this.rootDir, lockFile)));
+      const refreshFlags = Array.from(patchedNamesByLockFile.get(lockFile) ?? []).flatMap((name2) => [
+        "--refresh-package",
+        name2
+      ]);
+      const result = await execNeverFail2(
+        ["uv", "lock", ...refreshFlags],
+        dirname20(resolve31(this.rootDir, lockFile))
+      );
       if (result.error) {
         logger.debug("update lockfile stdout", result.stdout);
         logger.debug("update lockfile stderr", result.stderr);
@@ -230566,113 +230540,6 @@ function parseSourceString(source) {
   }
   return void 0;
 }
-async function buildDependencyTreesFromUvLock(rootDir, uvLockFile) {
-  let lockToml;
-  try {
-    const lockContent = await readFile27(resolve31(rootDir, uvLockFile), "utf-8");
-    lockToml = parseTOML2(lockContent);
-  } catch {
-    return void 0;
-  }
-  if (!lockToml) return void 0;
-  const packages = lockToml.package;
-  if (!(packages instanceof TOMLArray)) return void 0;
-  const nodes = /* @__PURE__ */ new Map();
-  const nameToFullKeys = /* @__PURE__ */ new Map();
-  const nameVersionToFullKeys = /* @__PURE__ */ new Map();
-  const localProjectNodeKeys = /* @__PURE__ */ new Map();
-  for (const pkg of packages) {
-    if (!(pkg instanceof TOMLTable)) continue;
-    const nameScalar = pkg.name;
-    const versionScalar = pkg.version;
-    const source = pkg.source;
-    if (!(nameScalar instanceof TOMLScalar) || !(versionScalar instanceof TOMLScalar)) continue;
-    if (typeof nameScalar[value] !== "string" || typeof versionScalar[value] !== "string") continue;
-    const pkgName = nameScalar[value];
-    const pkgVersion = versionScalar[value];
-    const pkgSource = source instanceof TOMLTable ? parseSourceString(source) : void 0;
-    const nodeKey = getPackageKey(pkgName, pkgVersion, pkgSource);
-    const normalizedName = normalizePackageName(pkgName);
-    const node = {
-      packageName: normalizedName,
-      version: pkgVersion,
-      nodeKey,
-      deps: /* @__PURE__ */ new Set()
-      // Populated in pass 2
-    };
-    if (!nodes.has(nodeKey)) {
-      nodes.set(nodeKey, node);
-    }
-    const fullKeys = nameToFullKeys.get(normalizedName) ?? [];
-    fullKeys.push(nodeKey);
-    nameToFullKeys.set(normalizedName, fullKeys);
-    const nameVersionKey = `${normalizedName}==${pkgVersion}`;
-    const nameVersionFullKeys = nameVersionToFullKeys.get(nameVersionKey) ?? [];
-    nameVersionFullKeys.push(nodeKey);
-    nameVersionToFullKeys.set(nameVersionKey, nameVersionFullKeys);
-    if (source instanceof TOMLTable) {
-      const virtualPath = source.virtual;
-      const editablePath = source.editable;
-      if (virtualPath instanceof TOMLScalar && typeof virtualPath[value] === "string") {
-        localProjectNodeKeys.set(join19(dirname20(uvLockFile), virtualPath[value]), nodeKey);
-      } else if (editablePath instanceof TOMLScalar && typeof editablePath[value] === "string") {
-        localProjectNodeKeys.set(join19(dirname20(uvLockFile), editablePath[value]), nodeKey);
-      }
-    }
-  }
-  for (const pkg of packages) {
-    if (!(pkg instanceof TOMLTable)) continue;
-    const nameScalar = pkg.name;
-    const versionScalar = pkg.version;
-    const source = pkg.source;
-    if (!(nameScalar instanceof TOMLScalar) || !(versionScalar instanceof TOMLScalar)) continue;
-    if (typeof nameScalar[value] !== "string" || typeof versionScalar[value] !== "string") continue;
-    const pkgSource = source instanceof TOMLTable ? parseSourceString(source) : void 0;
-    const nodeKey = getPackageKey(nameScalar[value], versionScalar[value], pkgSource);
-    const node = nodes.get(nodeKey);
-    if (!node) continue;
-    const depsArray = pkg.dependencies;
-    if (!(depsArray instanceof TOMLArray)) continue;
-    for (const dep of depsArray) {
-      if (!(dep instanceof TOMLTable)) continue;
-      const depNameScalar = dep.name;
-      if (!(depNameScalar instanceof TOMLScalar) || typeof depNameScalar[value] !== "string") continue;
-      const depName = depNameScalar[value];
-      const depVersionScalar = dep.version;
-      const depSource = dep.source;
-      let resolvedKeys;
-      if (depVersionScalar instanceof TOMLScalar && typeof depVersionScalar[value] === "string" && depSource instanceof TOMLTable) {
-        const depSourceStr = parseSourceString(depSource);
-        resolvedKeys = [getPackageKey(depName, depVersionScalar[value], depSourceStr)];
-      } else if (depVersionScalar instanceof TOMLScalar && typeof depVersionScalar[value] === "string") {
-        const nameVersionKey = `${normalizePackageName(depName)}==${depVersionScalar[value]}`;
-        resolvedKeys = nameVersionToFullKeys.get(nameVersionKey) ?? [];
-      } else {
-        resolvedKeys = nameToFullKeys.get(normalizePackageName(depName)) ?? [];
-      }
-      for (const key of resolvedKeys) {
-        node.deps.add(key);
-      }
-    }
-  }
-  const localProjectNodeKeySet = new Set(localProjectNodeKeys.values());
-  const result = /* @__PURE__ */ new Map();
-  for (const [projectDir, projectNodeKey] of localProjectNodeKeys.entries()) {
-    const projectNode = nodes.get(projectNodeKey);
-    if (!projectNode) {
-      result.set(projectDir, { direct: /* @__PURE__ */ new Set(), nodes });
-      continue;
-    }
-    const resolvedDirect = /* @__PURE__ */ new Set();
-    for (const depKey of projectNode.deps) {
-      if (!localProjectNodeKeySet.has(depKey)) {
-        resolvedDirect.add(depKey);
-      }
-    }
-    result.set(projectDir, { direct: resolvedDirect, nodes });
-  }
-  return result;
-}
 function satisfiestVersionSpecs(version4, versionSpec) {
   return pipVersionSatisfiesConstraints(
     version4,
@@ -230681,14 +230548,14 @@ function satisfiestVersionSpecs(version4, versionSpec) {
 }
 // ../fixing-management/src/fixing-management/rubygems/rubygems-socket-upgrade-manager.ts
-import { dirname as dirname22, relative as relative15, resolve as resolve33 } from "node:path";
+import { dirname as dirname22, relative as relative17, resolve as resolve33 } from "node:path";
 var import_picomatch9 = __toESM(require_picomatch2(), 1);
 import assert14 from "node:assert";
 // ../fixing-management/src/fixing-management/rubygems/gemfile-utils.ts
 var import_good_enough_parser4 = __toESM(require_cjs(), 1);
 init_ruby_lang();
-import { resolve as resolve32, dirname as dirname21, relative as relative14 } from "node:path";
+import { resolve as resolve32, dirname as dirname21, relative as relative16 } from "node:path";
 import { existsSync as existsSync20, readFileSync as readFileSync5, readdirSync as readdirSync4 } from "node:fs";
 init_gemspec_utils();
 var booleanQuery2 = import_good_enough_parser4.query.alt(
@@ -230797,13 +230664,13 @@ var evalGemfileQuery = import_good_enough_parser4.query.sym("eval_gemfile").join
   ctx.exprEndOffset = void 0;
   if (ctx.depth > 50) {
     logger.warn(
-      `Recursion limit hit while evaluating gemfile: ${relative14(ctx.gemfile.rootDir, resolve32(ctx.gemfile.rootDir, ctx.gemfile.file))}`
+      `Recursion limit hit while evaluating gemfile: ${relative16(ctx.gemfile.rootDir, resolve32(ctx.gemfile.rootDir, ctx.gemfile.file))}`
     );
     return ctx;
   }
   if (pathEvaluated === void 0) return ctx;
   const rootDir = ctx.gemfile.rootDir;
-  const file = relative14(rootDir, resolve32(rootDir, dirname21(ctx.gemfile.file), pathEvaluated));
+  const file = relative16(rootDir, resolve32(rootDir, dirname21(ctx.gemfile.file), pathEvaluated));
   if (!existsSync20(resolve32(rootDir, file))) return ctx;
   const sourceText = readFileSync5(resolve32(rootDir, file), "utf-8");
   const parser2 = import_good_enough_parser4.lang.createLang(lang3);
@@ -230856,7 +230723,7 @@ var gemspecQuery = import_good_enough_parser4.query.sym("gemspec").opt(
 ).handler((ctx) => {
   if (ctx.depth > 50) {
     logger.warn(
-      `Recursion limit hit while evaluating gemspec: ${relative14(ctx.gemfile.rootDir, resolve32(ctx.gemfile.rootDir, ctx.gemfile.file))}`
+      `Recursion limit hit while evaluating gemspec: ${relative16(ctx.gemfile.rootDir, resolve32(ctx.gemfile.rootDir, ctx.gemfile.file))}`
     );
     ctx.currentGem = void 0;
     return ctx;
@@ -230895,7 +230762,7 @@ var gemspecQuery = import_good_enough_parser4.query.sym("gemspec").opt(
   if (gemspecFiles.length === 0) return ctx;
   const gemspecFile = gemspecFiles[0];
   const gemspecFullPath = resolve32(searchDir, gemspecFile);
-  const gemspecRelativePath = relative14(rootDir, gemspecFullPath);
+  const gemspecRelativePath = relative16(rootDir, gemspecFullPath);
   try {
     const sourceText = readFileSync5(gemspecFullPath, "utf-8");
     const gemspec = parseGemspec(rootDir, gemspecRelativePath, sourceText);
@@ -231271,7 +231138,7 @@ var RubygemsSocketUpgradeManager = class {
             });
             continue;
           }
-          const gemfileName = relative15(this.rootDir, resolve33(this.rootDir, dirname22(mf.file), "Gemfile"));
+          const gemfileName = relative17(this.rootDir, resolve33(this.rootDir, dirname22(mf.file), "Gemfile"));
           gemfileToLockfile.set(gemfileName, mf.file);
           if (pathGems.length > 0) {
             const { gemspecPatches, gemfilePatches } = await this.handleGemspecDependency(
@@ -231350,14 +231217,14 @@ var RubygemsSocketUpgradeManager = class {
         await writeFile11(path9, content);
         ctxt.statusUpdater?.({
           status: "success",
-          file: relative15(this.rootDir, path9),
+          file: relative17(this.rootDir, path9),
           message: "File restored",
           artifacts: i3(artifacts)
         });
       } catch (e) {
         ctxt.statusUpdater?.({
           status: "error",
-          file: relative15(this.rootDir, path9),
+          file: relative17(this.rootDir, path9),
           message: "Could not restore file",
           artifacts: i3(artifacts)
         });
@@ -231614,7 +231481,7 @@ import { resolve as resolve35 } from "path";
 // ../utils/dist/constants.js
 var import_lodash8 = __toESM(require_lodash(), 1);
-import { dirname as dirname23, join as join21 } from "node:path";
+import { dirname as dirname23, join as join20 } from "node:path";
 import { fileURLToPath as fileURLToPath3 } from "node:url";
 // ../utils/dist/file-utils.js
@@ -231622,7 +231489,7 @@ var import_lodash7 = __toESM(require_lodash(), 1);
 var import_micromatch2 = __toESM(require_micromatch(), 1);
 import { existsSync as existsSync21 } from "fs";
 import { access as access4, cp as cp3, readdir as readdir4, stat as stat4 } from "fs/promises";
-import { basename as basename9, join as join20, relative as relative16, resolve as resolve34 } from "path";
+import { basename as basename9, join as join19, relative as relative18, resolve as resolve34 } from "path";
 var { uniq: uniq2 } = import_lodash7.default;
 var { isMatch: isMatch2 } = import_micromatch2.default;
 function* parents2(dir) {
@@ -231651,10 +231518,10 @@ var COANA_ROOT = once3(() => {
   return coanaRoot;
 });
 var REPOS_PATH = once3(() => {
-  return process.env.REPOS_PATH ?? join21(COANA_ROOT(), "repos");
+  return process.env.REPOS_PATH ?? join20(COANA_ROOT(), "repos");
 });
 var COANA_REPOS_PATH = once3(() => {
-  return process.env.COANA_REPOS_PATH ?? join21(REPOS_PATH(), "coana-tech");
+  return process.env.COANA_REPOS_PATH ?? join20(REPOS_PATH(), "coana-tech");
 });
 // ../docker-management/src/constants.ts
@@ -231668,32 +231535,32 @@ var getImageTag = () => {
 };
 // ../docker-management/src/docker-spec.ts
-import { join as join22 } from "path";
+import { join as join21 } from "path";
 var builderSpecs = [
   {
     name: "maven-builder",
-    file: join22("builders", "maven", "Dockerfile"),
+    file: join21("builders", "maven", "Dockerfile"),
     isBuilder: true
   },
   {
     name: "python-builder",
-    file: join22("builders", "python", "Dockerfile"),
+    file: join21("builders", "python", "Dockerfile"),
     isBuilder: true
   },
   {
     name: "go-builder",
-    file: join22("builders", "go", "Dockerfile"),
+    file: join21("builders", "go", "Dockerfile"),
     isBuilder: true
   }
 ];
 var packageManagerDockerSpecs = [
   {
     name: "npm-package-managers",
-    file: join22("package-management", "npm", "Dockerfile")
+    file: join21("package-management", "npm", "Dockerfile")
   },
   {
     name: "maven-package-managers",
-    file: join22("package-management", "maven", "Dockerfile"),
+    file: join21("package-management", "maven", "Dockerfile"),
     variants: {
       jdk8: {
         JDK_URL_AMD64: "https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u442-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u442b06.tar.gz",
@@ -231718,57 +231585,57 @@ var packageManagerDockerSpecs = [
   },
   {
     name: "pip-package-managers",
-    file: join22("package-management", "pip", "Dockerfile"),
+    file: join21("package-management", "pip", "Dockerfile"),
     from: {
       name: "python-builder"
     }
   },
   {
     name: "go-package-manager",
-    file: join22("package-management", "go", "Dockerfile"),
+    file: join21("package-management", "go", "Dockerfile"),
     from: {
       name: "go-builder"
     }
   },
   {
     name: "nuget-package-manager",
-    file: join22("package-management", "nuget", "Dockerfile")
+    file: join21("package-management", "nuget", "Dockerfile")
   },
   {
     name: "cargo-package-manager",
-    file: join22("package-management", "cargo", "Dockerfile")
+    file: join21("package-management", "cargo", "Dockerfile")
   }
 ];
 var reachabilityAnalyzerDockerSpecs = [
   {
     name: "jelly-analyzer",
-    file: join22("reachability-analyzers", "jelly", "Dockerfile")
+    file: join21("reachability-analyzers", "jelly", "Dockerfile")
   },
   {
     name: "alucard-analyzer",
-    file: join22("reachability-analyzers", "alucard", "Dockerfile")
+    file: join21("reachability-analyzers", "alucard", "Dockerfile")
   },
   {
     name: "mambalade-analyzer",
-    file: join22("reachability-analyzers", "mambalade", "Dockerfile"),
+    file: join21("reachability-analyzers", "mambalade", "Dockerfile"),
     from: {
       name: "python-builder"
     }
   },
   {
     name: "goana-analyzer",
-    file: join22("reachability-analyzers", "goana", "Dockerfile"),
+    file: join21("reachability-analyzers", "goana", "Dockerfile"),
     from: {
       name: "go-builder"
     }
   },
   {
     name: "cocoa-analyzer",
-    file: join22("reachability-analyzers", "cocoa", "Dockerfile")
+    file: join21("reachability-analyzers", "cocoa", "Dockerfile")
   },
   {
     name: "rustica-analyzer",
-    file: join22("reachability-analyzers", "rustica", "Dockerfile")
+    file: join21("reachability-analyzers", "rustica", "Dockerfile")
   }
 ];
 function getAllPackageManagerSpecs() {
@@ -232061,13 +231928,13 @@ async function detectVariantMaven(projectDir) {
 // ../docker-management/src/maven/gradle-version-detector.ts
 import { existsSync as existsSync22 } from "fs";
-import { join as join23 } from "path";
+import { join as join22 } from "path";
 import { readFile as readFile30 } from "fs/promises";
 async function detectVariantGradle(projectDir) {
   return sanitizeJvmVariant("GRADLE", projectDir, await detect(projectDir));
 }
 async function detect(projectDir) {
-  const gradleWrapperPropertiesPath = join23(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
+  const gradleWrapperPropertiesPath = join22(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
   const gradleWrapperProperties = existsSync22(gradleWrapperPropertiesPath) ? (await readFile30(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!gradleWrapperProperties) return void 0;
   const distributionUrlRegex = /.*gradle-(\d+(\.\d+(\.\d+)?)?)/;
@@ -232083,13 +231950,13 @@ async function detect(projectDir) {
 // ../docker-management/src/maven/sbt-version-detector.ts
 import { existsSync as existsSync23 } from "fs";
-import { join as join24 } from "path";
+import { join as join23 } from "path";
 import { readFile as readFile31 } from "fs/promises";
 async function detectVariantSbt(projectDir) {
   return sanitizeJvmVariant("SBT", projectDir, await detect2(projectDir));
 }
 async function detect2(projectDir) {
-  const sbtBuildPropertiesPath = join24(projectDir, "project", "build.properties");
+  const sbtBuildPropertiesPath = join23(projectDir, "project", "build.properties");
   const sbtBuildProperties = existsSync23(sbtBuildPropertiesPath) ? (await readFile31(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!sbtBuildProperties) return void 0;
   for (const prop2 of sbtBuildProperties) {
@@ -232207,7 +232074,7 @@ import { rmSync } from "fs";
 import { mkdir as mkdir5, readFile as readFile32, writeFile as writeFile12 } from "fs/promises";
 import assert15 from "node:assert";
 import { platform as platform8 } from "os";
-import { join as join27, posix as posix2, relative as relative18, sep as sep3 } from "path";
+import { join as join26, posix as posix2, relative as relative20, sep as sep3 } from "path";
 // ../web-compat-utils/dist/analysis-error-keys.js
 var InstallError = class extends Error {
@@ -232222,10 +232089,10 @@ var InstallError = class extends Error {
 // ../utils/src/tmp-file.ts
 import { rm, mkdtemp, cp as cp4, lstat as lstat2 } from "fs/promises";
 import { tmpdir as tmpdir4 } from "os";
-import { join as join25, relative as relative17, sep as sep2, extname as extname2 } from "path";
+import { join as join24, relative as relative19, sep as sep2, extname as extname2 } from "path";
 async function createTmpDirectory(prefix) {
   try {
-    const tmpDir = await mkdtemp(join25(tmpdir4(), prefix));
+    const tmpDir = await mkdtemp(join24(tmpdir4(), prefix));
     return tmpDir;
   } catch (err) {
     console.log("Error creating tmp directory", err);
@@ -232259,7 +232126,7 @@ async function copyForNpmAnalysis(srcDir, prefix) {
       verbatimSymlinks: true,
       // Preserve symlinks as symlinks instead of dereferencing them
       filter: async (src) => {
-        const relativePath = relative17(srcDir, src);
+        const relativePath = relative19(srcDir, src);
         if (relativePath === "") return true;
         const pathSegments = relativePath.split(sep2);
         if (pathSegments.some((segment) => EXCLUDED_DIRECTORIES.has(segment))) {
@@ -232500,7 +232367,7 @@ import { resolve as resolve36 } from "path";
 // ../utils/src/constants.ts
 var import_lodash10 = __toESM(require_lodash(), 1);
-import { dirname as dirname24, join as join26 } from "node:path";
+import { dirname as dirname24, join as join25 } from "node:path";
 import { fileURLToPath as fileURLToPath4 } from "node:url";
 var { once: once5 } = import_lodash10.default;
 var fileName2 = fileURLToPath4(import.meta.url);
@@ -232513,10 +232380,10 @@ var COANA_ROOT2 = once5(() => {
   return coanaRoot;
 });
 var REPOS_PATH2 = once5(() => {
-  return process.env.REPOS_PATH ?? join26(COANA_ROOT2(), "repos");
+  return process.env.REPOS_PATH ?? join25(COANA_ROOT2(), "repos");
 });
 var COANA_REPOS_PATH2 = once5(() => {
-  return process.env.COANA_REPOS_PATH ?? join26(REPOS_PATH2(), "coana-tech");
+  return process.env.COANA_REPOS_PATH ?? join25(REPOS_PATH2(), "coana-tech");
 });
 var REQUIREMENTS_FILES_SEARCH_DEPTH = 2;
@@ -232555,7 +232422,7 @@ var { memoize, once: once7, take } = import_lodash12.default;
 async function getReachabilityAnalyzersScriptPath() {
   if (isNexeMode()) {
     const extractedPath = await extractTool("reachability-analyzers", "reachability-analyzers-cli.mjs");
-    return join27(extractedPath, "reachability-analyzers-cli.mjs");
+    return join26(extractedPath, "reachability-analyzers-cli.mjs");
   }
   return REACHABILITY_ANALYZERS_SCRIPT_PATH();
 }
@@ -232643,7 +232510,7 @@ var OtherModulesCommunicator = class {
     }
     if (cmd === "getWorkspacePathsMultipleSubprojects")
       return `${_cmdStr()}: (${packageManagerName}) ${abbreviateList(subprojects, 10)}`;
-    return `${_cmdStr()}: (${packageManagerName}) ${relative18(this.rootWorkingDir, subprojectPath) || "."}`;
+    return `${_cmdStr()}: (${packageManagerName}) ${relative20(this.rootWorkingDir, subprojectPath) || "."}`;
   }
   getSpinnerTextForReachabilityAnalyzerCommand(cmd, ecosystem, subprojectPath, workspacePath) {
     function _cmdStr() {
@@ -232658,10 +232525,10 @@ var OtherModulesCommunicator = class {
           return "Running reachability analysis on package registry package";
       }
     }
-    return `${_cmdStr()}: (${ecosystem}) ${relative18(this.rootWorkingDir, join27(subprojectPath, workspacePath)) || "."}`;
+    return `${_cmdStr()}: (${ecosystem}) ${relative20(this.rootWorkingDir, join26(subprojectPath, workspacePath)) || "."}`;
   }
   getProjectPath(subprojectPath) {
-    return this.options.runWithoutDocker ? subprojectPath : posix2.resolve("/project", relative18(this.rootWorkingDir, subprojectPath).replaceAll(sep3, posix2.sep));
+    return this.options.runWithoutDocker ? subprojectPath : posix2.resolve("/project", relative20(this.rootWorkingDir, subprojectPath).replaceAll(sep3, posix2.sep));
   }
   // options shared between package-management and reachability-analyzers
   commonOptions = once7(
@@ -232707,7 +232574,7 @@ var OtherModulesCommunicator = class {
   async runPackageManagerCommandWithOutput(commandName, packageManagerName, subprojectPath, args2 = [], extraDockerArgs, env) {
     const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
     const outputFileName = `${v4_default()}-${commandName}-output.json`;
-    const outputFilePathThisProcess = join27(tmpDir, outputFileName);
+    const outputFilePathThisProcess = join26(tmpDir, outputFileName);
     const outputFilePathOtherProcess = this.options.runWithoutDocker ? outputFilePathThisProcess : posix2.join(TMP_DIR_IN_DOCKER, outputFileName);
     await this.runPackageManagerCommand(
       commandName,
@@ -232745,8 +232612,8 @@ var OtherModulesCommunicator = class {
     if (isNexeMode()) {
       const baseDir = getExtractionBaseDir();
       env.COANA_ROOT = baseDir;
-      env.REPOS_PATH = join27(baseDir, "repos");
-      env.COANA_REPOS_PATH = join27(baseDir, "repos", "coana-tech");
+      env.REPOS_PATH = join26(baseDir, "repos");
+      env.COANA_REPOS_PATH = join26(baseDir, "repos", "coana-tech");
       env.REACHABILITY_ANALYZERS_SCRIPT_PATH = scriptPath;
     }
     return Spinner.instance().wrap(
@@ -232784,7 +232651,7 @@ var OtherModulesCommunicator = class {
   async runReachabilityAnalyzerCommandWithOutput(commandName, ecosystem, subprojectPath, workspacePath, args2, env, rootWorkingDirOverride, displaySubprojectPath, extraDockerArgs) {
     const tmpDir = await this.getTmpDirForSubproject(displaySubprojectPath ?? subprojectPath);
     const outputFileName = `${v4_default()}-${commandName}-output.json`;
-    const outputFilePathThisProcess = join27(tmpDir, outputFileName);
+    const outputFilePathThisProcess = join26(tmpDir, outputFileName);
     const outputFilePathOtherProcess = this.options.runWithoutDocker ? outputFilePathThisProcess : posix2.join(TMP_DIR_IN_DOCKER, outputFileName);
     await this.runReachabilityAnalyzerCommand(
       commandName,
@@ -232821,7 +232688,7 @@ var OtherModulesCommunicator = class {
       "getWorkspacePathsMultipleSubprojects",
       packageManagerName,
       this.rootWorkingDir,
-      subprojectPaths.map((subprojectPath) => relative18(this.rootWorkingDir, subprojectPath) || ".")
+      subprojectPaths.map((subprojectPath) => relative20(this.rootWorkingDir, subprojectPath) || ".")
     );
   }
   async getProvidedArgsForSubproject(subprojectPath, providedOptions) {
@@ -232829,7 +232696,7 @@ var OtherModulesCommunicator = class {
       if (providedOptions.type === "providee") {
         const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
         const providerFileName = "provider.json";
-        const providerFileThisProcess = join27(tmpDir, providerFileName);
+        const providerFileThisProcess = join26(tmpDir, providerFileName);
         const providerFileOtherProcess = this.options.runWithoutDocker ? providerFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, providerFileName);
         await writeFile12(providerFileThisProcess, JSON.stringify(providedOptions.provider));
         return ["--provider", providerFileOtherProcess];
@@ -232876,7 +232743,7 @@ var OtherModulesCommunicator = class {
       await extractAllToolsForNexeMode();
     }
     const inputFileName = `${v4_default()}-installDependencies-input.json`;
-    const inputFileThisProcess = join27(tmpDir, inputFileName);
+    const inputFileThisProcess = join26(tmpDir, inputFileName);
     const inputFileOtherProcess = this.options.runWithoutDocker ? inputFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, inputFileName);
     const preinstallDirOtherProcess = this.options.runWithoutDocker ? preinstallDir : PREINSTALL_DIR_IN_DOCKER;
     const extraDockerArgs = this.options.runWithoutDocker ? void 0 : ["-v", `${preinstallDir}:${PREINSTALL_DIR_IN_DOCKER}`];
@@ -232911,7 +232778,7 @@ var OtherModulesCommunicator = class {
       await extractAllToolsForNexeMode();
     }
     const inputFileName = `${v4_default()}-runReachabilityAnalysis-input.json`;
-    const inputFileThisProcess = join27(tmpDir, inputFileName);
+    const inputFileThisProcess = join26(tmpDir, inputFileName);
     const inputFileOtherProcess = this.options.runWithoutDocker ? inputFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, inputFileName);
     const preinstallDirOtherProcess = preinstallDir ? this.options.runWithoutDocker ? preinstallDir : PREINSTALL_DIR_IN_DOCKER : void 0;
     const extraDockerArgs = preinstallDir && !this.options.runWithoutDocker ? ["-v", `${preinstallDir}:${PREINSTALL_DIR_IN_DOCKER}`] : void 0;
@@ -232959,7 +232826,7 @@ var setUpGoModuleCache = once7(async () => {
     execFileSync2("chmod", ["--recursive", "+rw", tmpDir]);
     rmSync(tmpDir, { recursive: true, force: true });
   });
-  const [upper, work] = [join27(tmpDir, "upper"), join27(tmpDir, "work")];
+  const [upper, work] = [join26(tmpDir, "upper"), join26(tmpDir, "work")];
   for (const dir of [upper, work]) await mkdir5(dir);
   const o7 = await execNeverFail2(
     cmdt`docker volume create --driver local --opt type=overlay
@@ -234210,21 +234077,21 @@ function getVulnerabilitiesFromReport(report) {
 var import_packageurl_js = __toESM(require_packageurl_js(), 1);
 // dist/cli-upgrade-purl.js
-import { join as join30, relative as relative21, resolve as resolve40 } from "node:path";
+import { join as join29, relative as relative23, resolve as resolve40 } from "node:path";
 var import_picomatch10 = __toESM(require_picomatch2(), 1);
 // ../project-management/src/project-management/project-manager.ts
-import { relative as relative20, resolve as resolve39 } from "path";
+import { relative as relative22, resolve as resolve39 } from "path";
 // ../project-management/src/project-management/ecosystem-management/ecosystem-manager.ts
 var import_micromatch3 = __toESM(require_micromatch2(), 1);
 import { readdir as readdir6 } from "fs/promises";
-import { join as join29, relative as relative19, resolve as resolve38 } from "path";
+import { join as join28, relative as relative21, resolve as resolve38 } from "path";
 // ../project-management/src/project-management/ecosystem-management/ecosystem-specs.ts
 import { existsSync as existsSync25 } from "fs";
 import { readdir as readdir5, readFile as readFile33 } from "fs/promises";
-import { join as join28, sep as sep4 } from "path";
+import { join as join27, sep as sep4 } from "path";
 var specs = {
   NPM: [
     /* @__PURE__ */ new Map([["package.json", packageManagerIfPackageJSONExistsAndValid("NPM")]]),
@@ -234255,7 +234122,7 @@ var specs = {
         [
           /^(pyproject.toml|setup.py|requirements.*\.txt)/,
           async (projectDir) => {
-            const isPythonProject = await exists(join28(projectDir, "pyproject.toml")) || await exists(join28(projectDir, "setup.py")) && await isSetupPySetuptools(join28(projectDir, "setup.py"));
+            const isPythonProject = await exists(join27(projectDir, "pyproject.toml")) || await exists(join27(projectDir, "setup.py")) && await isSetupPySetuptools(join27(projectDir, "setup.py"));
             if (isPythonProject) {
               properPythonProjects.push(projectDir + sep4);
               return "PIP_REQUIREMENTS";
@@ -234278,7 +234145,7 @@ var specs = {
         [
           "uv.lock",
           async (projectDir) => {
-            if (await exists(join28(projectDir, "pyproject.toml"))) {
+            if (await exists(join27(projectDir, "pyproject.toml"))) {
               logger.warn("uv is not supported yet, using plain pyproject.toml as a fallback");
               return "PIP_REQUIREMENTS";
             } else logger.error("uv.lock found without pyproject.toml");
@@ -234299,8 +234166,8 @@ function getEcosystemSpecs(ecosystems) {
 }
 function packageManagerIfPackageJSONExistsAndValid(packageManager) {
   return async (projectDir) => {
-    if (!existsSync25(join28(projectDir, "package.json"))) return void 0;
-    const packageJSONPath = join28(projectDir, "package.json");
+    if (!existsSync25(join27(projectDir, "package.json"))) return void 0;
+    const packageJSONPath = join27(projectDir, "package.json");
     try {
       JSON.parse(await readFile33(packageJSONPath, "utf-8"));
       return packageManager;
@@ -234357,7 +234224,7 @@ var EcosystemManager = class _EcosystemManager {
           const resolvedProjectDir = resolve38(mainProjectDir, relativeProjectDir);
           if (config3.includeDirs.length > 0)
             workspacePaths = workspacePaths.filter(
-              (workspacePath) => isMatch3(relative19(mainProjectDir, join29(resolvedProjectDir, workspacePath)), config3.includeDirs)
+              (workspacePath) => isMatch3(relative21(mainProjectDir, join28(resolvedProjectDir, workspacePath)), config3.includeDirs)
             );
           workspacePaths.filter((workspacePath) => workspacePath !== ".").forEach((workspacePath) => projectDirsAlreadyCovered.push(resolve38(resolvedProjectDir, workspacePath)));
           if (workspacePaths.length > 0)
@@ -234385,7 +234252,7 @@ var EcosystemManager = class _EcosystemManager {
         }
       }
       for (const dir of directoriesToTraverse) {
-        await recHelper(join29(projectDir, dir), true);
+        await recHelper(join28(projectDir, dir), true);
       }
     }
     async function getPackageManagerName(projectDir, foundProjectFiles, foundLockFiles) {
@@ -234398,7 +234265,7 @@ var EcosystemManager = class _EcosystemManager {
         return typeof packageManagerNameProvider === "function" ? await packageManagerNameProvider(projectDir) : packageManagerNameProvider;
       } catch (e) {
         if (e instanceof InvalidProjectFileError) {
-          const projectDirRelative = relative19(mainProjectDir, projectDir) || ".";
+          const projectDirRelative = relative21(mainProjectDir, projectDir) || ".";
           logger.error(
             `Invalid ${e.fileName} file in ${projectDirRelative}. If the project is intentionally invalid, and you want Coana to skip it in the scan, then add "--exclude-dirs ${projectDirRelative}" to the Coana command.`
           );
@@ -234414,7 +234281,7 @@ var EcosystemManager = class _EcosystemManager {
       const filesAndDirectories = await readdir6(projectDir, { withFileTypes: true });
       for (const dirent of filesAndDirectories) {
         const fileOrDirectory = dirent.name;
-        const fullPath = join29(projectDir, fileOrDirectory);
+        const fullPath = join28(projectDir, fileOrDirectory);
         if (dirent.isDirectory()) {
           if (shouldIgnoreDir(fileOrDirectory) || shouldIgnoreDueToExcludeDirsOrChangedFiles(config3, fullPath))
             continue;
@@ -234441,7 +234308,7 @@ var EcosystemManager = class _EcosystemManager {
       packageManagerName,
       subprojectPath,
       workspacePaths: workspacePaths.filter(
-        (workspacePath) => !shouldIgnoreDueToExcludeDirsOrChangedFiles(this.config, join29(subprojectPath, workspacePath))
+        (workspacePath) => !shouldIgnoreDueToExcludeDirsOrChangedFiles(this.config, join28(subprojectPath, workspacePath))
       )
     }));
   }
@@ -234490,13 +234357,13 @@ function shouldIgnoreDir(dir) {
   return dirsToIgnore.includes(dir);
 }
 function shouldIgnoreDueToExcludeDirsOrChangedFiles({ mainProjectDir, excludeDirs, changedFiles }, fullPath) {
-  const relativeToProjectDir = relative19(mainProjectDir, fullPath) || ".";
+  const relativeToProjectDir = relative21(mainProjectDir, fullPath) || ".";
   return !!(isMatch3(relativeToProjectDir, excludeDirs) || changedFiles && !changedFiles.some((changedFile) => changedFile.startsWith(relativeToProjectDir)));
 }
 function shouldIncludeWorkspaceForAnalysis(config3, workspaceFullPath) {
   if (shouldIgnoreDueToExcludeDirsOrChangedFiles(config3, workspaceFullPath)) return false;
   if (config3.includeDirs.length > 0) {
-    const relPath = relative19(config3.mainProjectDir, workspaceFullPath);
+    const relPath = relative21(config3.mainProjectDir, workspaceFullPath);
     if (!isMatch3(relPath, config3.includeDirs)) return false;
   }
   return true;
@@ -234546,7 +234413,7 @@ var ProjectManager = class _ProjectManager {
       if (subprojects.length === 0) return void 0;
       return `  ${ecosystem}:
 ${subprojects.map(
-        ({ subprojectPath, workspacePaths }) => `    ${relative20(this.projectDir, subprojectPath) || ". (Root)"}${workspacePaths.length > 1 || workspacePaths[0] !== "." ? ` (${workspacePaths.length} ${ecosystem === "MAVEN" ? "modules" : "workspaces"})` : ""}`
+        ({ subprojectPath, workspacePaths }) => `    ${relative22(this.projectDir, subprojectPath) || ". (Root)"}${workspacePaths.length > 1 || workspacePaths[0] !== "." ? ` (${workspacePaths.length} ${ecosystem === "MAVEN" ? "modules" : "workspaces"})` : ""}`
       ).join("\n")}`;
     }).filter((line) => line).join("\n");
     const detailsString = Object.entries(this.ecosystemToEcosystemManager).map(([ecosystem, manager]) => {
@@ -234554,7 +234421,7 @@ ${subprojects.map(
       if (subprojects.length === 0) return void 0;
       const subprojectsString = subprojects.map(({ subprojectPath, workspacePaths, packageManagerName }) => {
         if (workspacePaths.length === 1 && workspacePaths[0] === ".") return void 0;
-        return `    ${relative20(this.projectDir, subprojectPath) || ". (Root)"}
+        return `    ${relative22(this.projectDir, subprojectPath) || ". (Root)"}
 ${workspacePaths.map((ws) => `      ${ws === "." ? ". (Root)" : ws} - ${packageManagerName}`).join("\n")}`;
       }).filter((line) => line).join("\n");
       if (!subprojectsString) return void 0;
@@ -234869,7 +234736,7 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => `	${prettyPrintPurlUpgrade
             warn: "\u26A0\uFE0F",
             error: "\u274C"
           };
-          logger.info(`${statusIcons[update3.status]} ${update3.message} \u2500 ${relative21(rootDir, resolve40(rootDir, update3.file))}`);
+          logger.info(`${statusIcons[update3.status]} ${update3.message} \u2500 ${relative23(rootDir, resolve40(rootDir, update3.file))}`);
           update3.artifacts.forEach((idx, i7) => {
             logger.info(`${" ".repeat(3)}${i7 === update3.artifacts.length - 1 ? "\u2514\u2500" : "\u251C\u2500"} ${prettyPrintSocketFactArtifactUpgrade(artifacts[idx], upgrades2.get(idx))}`);
           });
@@ -234937,7 +234804,7 @@ ${total}/${total} workspaces were upgraded successfully.`));
     const subprojectPromiseQueue = new PromiseQueue(Number(options.concurrency));
     supportedSubprojects.forEach((subproject) => {
       subprojectPromiseQueue.enqueueTask(async () => {
-        const workspacePathsMatchingGlob = subproject.workspacePaths.filter((wsPath) => wsFilter(relative21(rootDir, resolve40(rootDir, subproject.subprojectPath, wsPath)) || "."));
+        const workspacePathsMatchingGlob = subproject.workspacePaths.filter((wsPath) => wsFilter(relative23(rootDir, resolve40(rootDir, subproject.subprojectPath, wsPath)) || "."));
         if (workspacePathsMatchingGlob.length === 0)
           return;
         const filterDescription = options.include !== void 0 || options.exclude !== void 0 ? `matching filters ${options.include ? `include: [${options.include.join(", ")}]` : ""}${options.include && options.exclude ? " " : ""}${options.exclude ? `exclude: [${options.exclude.join(", ")}]` : ""}` : "";
@@ -234967,7 +234834,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => `	${wsPath}`).join("\n")}`);
           });
           if (vulnerabilityFixes.length === 0)
             return;
-          logger.info(`Found ${vulnerabilityFixes.length} ${vulnerabilityFixes.length === 1 ? "dependency" : "dependencies"} matching upgrade specs for ${join30(subproject.subprojectPath, wsPath)}`);
+          logger.info(`Found ${vulnerabilityFixes.length} ${vulnerabilityFixes.length === 1 ? "dependency" : "dependencies"} matching upgrade specs for ${join29(subproject.subprojectPath, wsPath)}`);
           workspaceToFixes[wsPath] = [
             {
               fixId: "dummy",
@@ -234979,7 +234846,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => `	${wsPath}`).join("\n")}`);
           logger.info(`No dependencies matching upgrade specs found for subproject ${subproject.subprojectPath}`);
           return;
         }
-        await applySecurityFixes(subproject.packageManagerName, rootDir, relative21(rootDir, subproject.subprojectPath) || ".", otherModulesCommunicator, workspaceToFixes, fixingData, signalFixApplied);
+        await applySecurityFixes(subproject.packageManagerName, rootDir, relative23(rootDir, subproject.subprojectPath) || ".", otherModulesCommunicator, workspaceToFixes, fixingData, signalFixApplied);
       });
     });
     await subprojectPromiseQueue.onIdle();
@@ -234988,7 +234855,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => `	${wsPath}`).join("\n")}`);
   }
 }
 var signalFixApplied = (_fixId, subprojectPath, workspacePath, vulnerabilityFixes) => {
-  logger.info(`Successfully upgraded purls for: ${join30(subprojectPath, workspacePath)}`);
+  logger.info(`Successfully upgraded purls for: ${join29(subprojectPath, workspacePath)}`);
   logger.info(`Upgraded:
 ${vulnerabilityFixes.map((fix) => `	${fix.dependencyName} from ${fix.currentVersion} to ${fix.fixedVersion}`).join("\n")}`);
 };
@@ -235395,7 +235262,7 @@ import { existsSync as existsSync30, writeFileSync as writeFileSync3 } from "fs"
 import { mkdir as mkdir6, rm as rm3, writeFile as writeFile15 } from "fs/promises";
 var import_lodash15 = __toESM(require_lodash(), 1);
 import os2 from "os";
-import { join as join34, relative as relative22, resolve as resolve42 } from "path";
+import { join as join33, relative as relative24, resolve as resolve42 } from "path";
 // ../utils/src/dashboard-api/shared-api.ts
 var DashboardAPI = class {
@@ -236289,7 +236156,7 @@ async function inferExcludeDirsFromSocketConfig(socketConfigFile) {
 var import_fast_glob = __toESM(require_out4(), 1);
 var import_ignore3 = __toESM(require_ignore(), 1);
 import { readFile as readFile36 } from "fs/promises";
-import { join as join31 } from "path";
+import { join as join30 } from "path";
 var DEFAULT_IGNORE_PATTERNS = [
   "**/node_modules/**",
   "**/.git/**",
@@ -236303,7 +236170,7 @@ var DEFAULT_IGNORE_PATTERNS = [
 ];
 async function loadGitignore(rootDir) {
   try {
-    const gitignorePath = join31(rootDir, ".gitignore");
+    const gitignorePath = join30(rootDir, ".gitignore");
     const content = await readFile36(gitignorePath, "utf-8");
     return (0, import_ignore3.default)().add(content);
   } catch {
@@ -236488,7 +236355,7 @@ function transformToVulnChainNode(dependencyTree) {
 }
 // dist/internal/socket-mode-helpers-socket-dependency-trees.js
-import { basename as basename13, dirname as dirname26, join as join32, sep as sep5 } from "path";
+import { basename as basename13, dirname as dirname26, join as join31, sep as sep5 } from "path";
 var REQUIREMENTS_FILES_SEARCH_DEPTH2 = 3;
 var venvExcludes = [
   "venv",
@@ -236613,7 +236480,7 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
     for (const file of allFiles) {
       const base = basename13(file);
       const workspaceDir = dirname26(file) || ".";
-      if (base === "pyproject.toml" || base === "setup.py" && await isSetupPySetuptools(join32(rootWorkingDirectory, file))) {
+      if (base === "pyproject.toml" || base === "setup.py" && await isSetupPySetuptools(join31(rootWorkingDirectory, file))) {
         if (!properPythonProjects.includes(workspaceDir)) {
           properPythonProjects.push(workspaceDir);
         }
@@ -239182,10 +239049,10 @@ function compareDocumentPosition(nodeA, nodeB) {
 function uniqueSort(nodes) {
   nodes = nodes.filter((node, i7, arr) => !arr.includes(node, i7 + 1));
   nodes.sort((a4, b) => {
-    const relative23 = compareDocumentPosition(a4, b);
-    if (relative23 & DocumentPosition.PRECEDING) {
+    const relative25 = compareDocumentPosition(a4, b);
+    if (relative25 & DocumentPosition.PRECEDING) {
       return -1;
-    } else if (relative23 & DocumentPosition.FOLLOWING) {
+    } else if (relative25 & DocumentPosition.FOLLOWING) {
       return 1;
     }
     return 0;
@@ -251044,7 +250911,7 @@ var { root: root2 } = static_exports;
 // ../utils/src/maven-utils.ts
 var import_lodash14 = __toESM(require_lodash(), 1);
 import { existsSync as existsSync29, readdirSync as readdirSync5, statSync as statSync5 } from "fs";
-import { join as join33 } from "path";
+import { join as join32 } from "path";
 // ../utils/src/download-utils.ts
 import { existsSync as existsSync28 } from "fs";
@@ -252415,7 +252282,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 // dist/version.js
-var version3 = "15.2.0";
+var version3 = "15.2.2";
 // dist/cli-core.js
 var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
@@ -252592,8 +252459,8 @@ var CliCore = class {
   }
   async main() {
     const tmpDir = await createTmpDirectory("coana-cli-");
-    this.coanaLogPath = join34(tmpDir, "coana-log.txt");
-    this.coanaSocketPath = join34(tmpDir, "coana.sock");
+    this.coanaLogPath = join33(tmpDir, "coana-log.txt");
+    this.coanaSocketPath = join33(tmpDir, "coana.sock");
     if (this.options.socketMode) {
       logger.enableStreamBuffering();
     }
@@ -252787,7 +252654,7 @@ var CliCore = class {
         if (!isEcosystemToAnalyze) {
           logger.info(`Skipping reachability analysis for ecosystem ${getPurlType(ecosystem)} since it is not included in the list of ecosystems to analyze.`);
         }
-        const ecosystemPreinstallDir = preinstallDir ? join34(preinstallDir, ecosystem) : void 0;
+        const ecosystemPreinstallDir = preinstallDir ? join33(preinstallDir, ecosystem) : void 0;
         const { vulnerabilities, diagnostics, timings } = await this.runReachabilityAnalysisForWorkspaces(
           workspaceToAnalysisData,
           ecosystemToWorkspaceToVulnerabilities[ecosystem] ?? {},
@@ -252930,7 +252797,7 @@ var CliCore = class {
     const { reachabilitySupport, traditionalScaSupport, noSupport } = manager.getSubprojectsWithWorkspacePaths();
     await this.dashboardAPI.registerSubprojects([...reachabilitySupport, ...traditionalScaSupport, ...noSupport].map((sp) => ({
       ...sp,
-      subprojectPath: relative22(this.rootWorkingDirectory, sp.subprojectPath) || "."
+      subprojectPath: relative24(this.rootWorkingDirectory, sp.subprojectPath) || "."
     })), this.reportId, this.apiKey);
     for (const unsupported of noSupport)
       logger.warn(unsupported.unsupportedMsg);
@@ -252959,7 +252826,7 @@ var CliCore = class {
           await this.spinner.succeed();
         } catch (error) {
           if (this.options.ignoreFailingWorkspaces) {
-            const relativeSubprojectPath = relative22(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
+            const relativeSubprojectPath = relative24(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
             this.failedSubprojects.push({
               subproject: relativeSubprojectPath,
               error: error.message || "Unknown error"
@@ -253018,7 +252885,7 @@ Subproject: ${subproject}`);
   }
   async updateSpinnerTextOnNewSubproject(subprojectAndWsPath, numberSubprojects, index2) {
     this.spinner.start();
-    const relativeSubprojectPath = relative22(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
+    const relativeSubprojectPath = relative24(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
     await this.spinner.setText(numberSubprojects > 1 ? `Processing subproject ${relativeSubprojectPath} (${index2 + 1}/${numberSubprojects})${+this.options.concurrency > 1 ? `. May process up to ${+this.options.concurrency - 1} other workspaces in parallel` : ""}` : `Processing ${relativeSubprojectPath}`);
   }
   async initialize() {
@@ -253101,7 +252968,7 @@ Subproject: ${subproject}`);
         return workspaceToAugmentedVulnerabilities[workspacePath] !== void 0;
       }).map((workspacePath) => {
         return {
-          subprojectPath: relative22(this.rootWorkingDirectory, subprojectPath) || ".",
+          subprojectPath: relative24(this.rootWorkingDirectory, subprojectPath) || ".",
           workspacePath,
           directDependencies: projectInfo[workspacePath].dataForAnalysis.directDependenciesMap ?? {},
           vulnerabilities: workspaceToAugmentedVulnerabilities[workspacePath],
@@ -253178,7 +253045,7 @@ Subproject: ${subproject}`);
             }
             try {
               const perProjectEcosystems = ["PIP", "RUBYGEMS", "COMPOSER"];
-              const effectivePreinstallDir = preinstallDir && perProjectEcosystems.includes(ecosystem) ? join34(preinstallDir, workspacePath.replace(/\//g, "_")) : preinstallDir;
+              const effectivePreinstallDir = preinstallDir && perProjectEcosystems.includes(ecosystem) ? join33(preinstallDir, workspacePath.replace(/\//g, "_")) : preinstallDir;
               const resAndDiagnostics = await this.runReachabilityAnalysis(
                 otherModulesCommunicator,
                 effectiveSubprojectPath,
@@ -253303,11 +253170,11 @@ Subproject: ${subproject}`);
     for (const [ecosystem, workspaceToAnalysisData] of Object.entries(ecosystemToWorkspaceToAnalysisData)) {
       if (ecosystem === "GO" && this.options.reachContinueOnInstallErrors)
         continue;
-      const ecosystemDir = join34(preinstallDir, ecosystem);
+      const ecosystemDir = join33(preinstallDir, ecosystem);
       await mkdir6(ecosystemDir, { recursive: true });
       for (const [workspace, analysisData] of Object.entries(workspaceToAnalysisData)) {
         const perProjectEcosystems = ["PIP", "RUBYGEMS", "COMPOSER"];
-        const installDir = perProjectEcosystems.includes(ecosystem) ? join34(ecosystemDir, workspace.replace(/\//g, "_")) : ecosystemDir;
+        const installDir = perProjectEcosystems.includes(ecosystem) ? join33(ecosystemDir, workspace.replace(/\//g, "_")) : ecosystemDir;
         if (installDir !== ecosystemDir) {
           await mkdir6(installDir, { recursive: true });
         }
@@ -253516,7 +253383,7 @@ Subproject: ${subproject}`);
   async sendProgress(type, isStartEvent, subprojectPath, workspacePath) {
     await this.dashboardAPI.registerCLIProgress({
       type,
-      ...subprojectPath ? { subprojectPath: relative22(this.rootWorkingDirectory, subprojectPath) || "." } : {},
+      ...subprojectPath ? { subprojectPath: relative24(this.rootWorkingDirectory, subprojectPath) || "." } : {},
       ...workspacePath ? { workspacePath } : {}
     }, isStartEvent, this.reportId, this.apiKey);
   }
@@ -253573,7 +253440,7 @@ Subproject: ${subproject}`);
       dependencyTree: workspaceToPlainDependencyTree[workspacePath],
       ecosystem: workspaceToPlainDependencyTree[workspacePath].ecosystem ?? "NPM",
       workspacePath,
-      subprojectPath: relative22(rootWorkingDirectory, subprojectPath) || "."
+      subprojectPath: relative24(rootWorkingDirectory, subprojectPath) || "."
     }));
     if (this.options.socketMode) {
       this.reportDependencyTrees = workspacePaths.map((workspacePath) => ({
@@ -253581,7 +253448,7 @@ Subproject: ${subproject}`);
         dependencyTree: projectInfo[workspacePath].dataForAnalysis.data.dependencyTree,
         ecosystem: projectInfo[workspacePath].dataForAnalysis.data.dependencyTree.ecosystem ?? "NPM",
         workspacePath,
-        subprojectPath: relative22(rootWorkingDirectory, subprojectPath) || "."
+        subprojectPath: relative24(rootWorkingDirectory, subprojectPath) || "."
       }));
     }
     if (this.shareWithDashboard)
@@ -253597,7 +253464,7 @@ Subproject: ${subproject}`);
       } catch (e) {
         logger.error(`Scanning for vulnerabilities failed for subproject ${subprojectPath} in workspace ${workspacePath}`);
         if (this.options.ignoreFailingWorkspaces) {
-          const relativeSubprojectPath = relative22(this.rootWorkingDirectory, subprojectPath) || ".";
+          const relativeSubprojectPath = relative24(this.rootWorkingDirectory, subprojectPath) || ".";
           this.failedWorkspaces.push({
             subproject: relativeSubprojectPath,
             workspace: workspacePath,
@@ -253616,7 +253483,7 @@ Subproject: ${subproject}`);
   }
 };
 function getRelativeSubprojectPath(subprojectPath, projectDir) {
-  return relative22(projectDir, subprojectPath) || ".";
+  return relative24(projectDir, subprojectPath) || ".";
 }
 function getDependencyType(vulnChainDetails, codeAwareScanResults, directDependencies, reachability) {
   if (reachability === "UNREACHABLE" || reachability === "UNKNOWN") {
@@ -253841,8 +253708,8 @@ computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument(
   }
   options.purlTypes = options.purlTypes?.map((t4) => t4.toLowerCase());
   options.packageManagers = normalizeAndValidatePackageManagers(options.packageManagers);
-  const tmpDir = await mkdtemp2(join35(tmpdir5(), "compute-fixes-and-upgrade-purls-"));
-  const logFile = join35(tmpDir, "compute-fixes-and-upgrade-purls.log");
+  const tmpDir = await mkdtemp2(join34(tmpdir5(), "compute-fixes-and-upgrade-purls-"));
+  const logFile = join34(tmpDir, "compute-fixes-and-upgrade-purls.log");
   logger.initWinstonLogger(options.debug, logFile);
   try {
     if (options.minimumReleaseAge) {