@coana-tech/cli 15.2.3 → 15.2.5

package/cli.mjs

@@ -218666,16 +218666,20 @@ var MavenSocketUpgradeManager = class {
     const targetOutput = (0, import_picomatch3.default)("**/target/**");
     const gradleLockfileMatcher = (0, import_picomatch3.default)("gradle.lockfile", { basename: true });
     const sbtMatcher = (0, import_picomatch3.default)(["*.sbt", "*.scala"], { basename: true });
+    const allowed = ctxt.allowedPackageManagers;
     for (const manifestFile of ctxt.manifestFiles) {
       if (pomMatcher(manifestFile) && !buildOutput(manifestFile) && !targetOutput(manifestFile)) {
+        if (allowed && !allowed.includes("MAVEN")) continue;
         pomFiles.add(resolve16(this.rootDir, manifestFile));
         continue;
       }
       if (gradleLockfileMatcher(manifestFile)) {
+        if (allowed && !allowed.includes("GRADLE")) continue;
         gradleLockfiles.add(resolve16(this.rootDir, manifestFile));
         continue;
       }
       if (pomMatcher(manifestFile) && targetOutput(manifestFile) || sbtMatcher(manifestFile)) {
+        if (allowed && !allowed.includes("SBT")) continue;
         sbtManifestFiles.add(resolve16(this.rootDir, manifestFile));
         continue;
       }
@@ -219014,7 +219018,6 @@ ${indent(1, indentationSize)}`)}
 };
 
 // ../fixing-management/src/fixing-management/npm/npm-socket-upgrade-manager.ts
-import { existsSync as existsSync17 } from "fs";
 import { readFile as readFile20 } from "fs/promises";
 import assert10 from "node:assert";
 import { dirname as dirname14, join as join14, relative as relative10, resolve as resolve24 } from "path";
@@ -225240,13 +225243,14 @@ async function getPackageVersionDetailsFromNpm(packageName, version4) {
   return relevantDetails;
 }
 var getNpmBin = once(async () => {
-  const prefix = await runCommandResolveStdOut4("npm config get prefix", "/");
-  let npmBin = `${prefix}/bin/npm`;
+  let npmBin;
   try {
+    const prefix = await runCommandResolveStdOut4("npm config get prefix", "/");
+    npmBin = `${prefix}/bin/npm`;
     await access2(npmBin, constants2.X_OK);
   } catch (e) {
     npmBin = await runCommandResolveStdOut4("which npm", "/");
-    logger.warn(`Could not find npm at ${prefix}/bin/npm. Trying ${npmBin}`);
+    logger.warn(`Could not resolve npm via 'npm config get prefix'. Trying ${npmBin}`);
     await access2(npmBin, constants2.X_OK);
   }
   return npmBin;
@@ -226092,27 +226096,54 @@ async function checkForYarnResolutions(packageJsonPath, fixes) {
 
 // ../fixing-management/src/fixing-management/npm/npm-socket-upgrade-manager.ts
 import { basename as basename7 } from "node:path";
+function npmPackageManagerForLockfile(file) {
+  switch (basename7(file)) {
+    case "package-lock.json":
+      return "NPM";
+    case "pnpm-lock.yaml":
+    case "pnpm-lock.yml":
+      return "PNPM";
+    case "yarn.lock":
+      return "YARN";
+    default:
+      return void 0;
+  }
+}
 var NpmSocketUpgradeManager = class {
   constructor(rootDir) {
     this.rootDir = rootDir;
   }
   async applySocketArtifactUpgrades(ctxt) {
-    const subprojectToUpgrade = await this.groupUpgradesBySubprojectAndWorkspace(
+    const { subprojectToUpgrade, subprojectToPackageManager, subprojectToLockfileName } = await this.groupUpgradesBySubprojectAndWorkspace(
       ctxt.manifestFiles,
       Array.from(ctxt.upgrades).map(([idx, upgradeVersion]) => ({
         idx,
         upgradeVersion
       })),
       ctxt.artifacts,
-      ctxt.wsFilter
+      ctxt.wsFilter,
+      ctxt.allowedPackageManagers
     );
     for (const [subprojectDir, workspaceToUpgrade] of subprojectToUpgrade) {
-      const fixingManager = this.getFixingManagerFromPackageManager(
-        this.getPackageManagerForDirectory(subprojectDir),
-        subprojectDir
-      );
+      const pm = subprojectToPackageManager.get(subprojectDir);
+      const lockfileName = subprojectToLockfileName.get(subprojectDir);
+      if (!pm || !lockfileName) {
+        ctxt.statusUpdater?.({
+          status: "warn",
+          file: subprojectDir,
+          message: "Skipping upgrade for this directory: no supported lockfile found" + (ctxt.allowedPackageManagers ? ` (after applying --package-managers filter [${ctxt.allowedPackageManagers.join(", ")}])` : ""),
+          artifacts: Array.from(
+            new Set(
+              Array.from(workspaceToUpgrade.values()).flat().map((u8) => u8.idx)
+            )
+          )
+        });
+        continue;
+      }
+      const fixingManager = this.getFixingManagerFromPackageManager(pm, subprojectDir);
       await this.applySecurityFixesForSocketArtifacts(
         subprojectDir,
+        lockfileName,
         fixingManager,
         ctxt.artifacts,
         workspaceToUpgrade,
@@ -226120,19 +226151,19 @@ var NpmSocketUpgradeManager = class {
       );
     }
   }
-  async groupUpgradesBySubprojectAndWorkspace(manifestFiles, upgrades, artifacts, wsFilter) {
+  async groupUpgradesBySubprojectAndWorkspace(manifestFiles, upgrades, artifacts, wsFilter, allowedPackageManagers) {
     const subprojectToUpgrade = /* @__PURE__ */ new Map();
+    const subprojectToPackageManager = /* @__PURE__ */ new Map();
+    const subprojectToLockfileName = /* @__PURE__ */ new Map();
     const workspaceToSubproject = /* @__PURE__ */ new Map();
-    const lockFiles = manifestFiles.filter(
-      (f5) => ["package-lock.json", "pnpm-lock.yml", "pnpm-lock.yaml", "yarn.lock"].some(
-        (lockFile) => basename7(f5) === lockFile
-      )
-    ) ?? [];
-    for (const lockFile of lockFiles) {
-      const subprojectDir = dirname14(lockFile);
+    for (const lockFile of manifestFiles) {
       const fileName3 = basename7(lockFile);
-      const isPnpmLockFile = fileName3 === "pnpm-lock.yaml" || fileName3 === "pnpm-lock.yml";
-      const isYarnBerry = fileName3 === "yarn.lock" && await getYarnType(resolve24(this.rootDir, subprojectDir)) === "berry";
+      const pm = npmPackageManagerForLockfile(lockFile);
+      if (!pm) continue;
+      if (allowedPackageManagers && !allowedPackageManagers.includes(pm)) continue;
+      const subprojectDir = dirname14(lockFile);
+      const isPnpmLockFile = pm === "PNPM";
+      const isYarnBerry = pm === "YARN" && await getYarnType(resolve24(this.rootDir, subprojectDir)) === "berry";
       let workspaces;
       if (isPnpmLockFile) {
         workspaces = await getWorkspacePathsFromPnpmLockFile(resolve24(this.rootDir, subprojectDir), true);
@@ -226146,6 +226177,10 @@ var NpmSocketUpgradeManager = class {
         }
         workspaces = result.workspacePaths;
       }
+      if (!subprojectToPackageManager.has(subprojectDir)) {
+        subprojectToPackageManager.set(subprojectDir, pm);
+        subprojectToLockfileName.set(subprojectDir, fileName3);
+      }
       for (const workspace of workspaces) {
         workspaceToSubproject.set(join14(subprojectDir, workspace), subprojectDir);
       }
@@ -226178,9 +226213,9 @@ var NpmSocketUpgradeManager = class {
         subprojectToUpgrade.get(subprojectDir)?.get(workspacePath)?.push(upgrade);
       }
     }
-    return subprojectToUpgrade;
+    return { subprojectToUpgrade, subprojectToPackageManager, subprojectToLockfileName };
   }
-  async applySecurityFixesForSocketArtifacts(subprojectDir, fixingManager, artifacts, workspaceToFixes, ctxt) {
+  async applySecurityFixesForSocketArtifacts(subprojectDir, lockfileName, fixingManager, artifacts, workspaceToFixes, ctxt) {
     for (const [workspacePath, upgrades] of workspaceToFixes.entries()) {
       const upgradesToDirectDependencies = upgrades.filter((upgrade) => artifacts[upgrade.idx].direct);
       if (upgradesToDirectDependencies.length === 0) continue;
@@ -226203,7 +226238,6 @@ var NpmSocketUpgradeManager = class {
         await applyPatches("NPM", this.rootDir, directPatches, ctxt);
       }
     }
-    const lockfileName = this.getLockfileName(subprojectDir);
     const lockfilePath = join14(subprojectDir, lockfileName);
     const allUpgrades = Array.from(workspaceToFixes.values()).flat();
     const upgradesTransformed = allUpgrades.map((upgrade) => ({
@@ -226259,27 +226293,6 @@ var NpmSocketUpgradeManager = class {
       return new YarnFixingManager(this.rootDir, subprojectPath);
     }
   }
-  getPackageManagerForDirectory(directory) {
-    const fullPath = resolve24(this.rootDir, directory);
-    if (existsSync17(join14(fullPath, "pnpm-lock.yaml")) || existsSync17(join14(fullPath, "pnpm-lock.yml"))) {
-      return "PNPM";
-    } else if (existsSync17(join14(fullPath, "yarn.lock"))) {
-      return "YARN";
-    } else if (existsSync17(join14(fullPath, "package-lock.json"))) {
-      return "NPM";
-    }
-    throw new Error(
-      `Upgrading packages is currently only supported for NPM projects using a lock file. Failed to find a lock file in ${fullPath}`
-    );
-  }
-  getLockfileName(directory) {
-    const fullPath = resolve24(this.rootDir, directory);
-    if (existsSync17(join14(fullPath, "pnpm-lock.yaml"))) return "pnpm-lock.yaml";
-    if (existsSync17(join14(fullPath, "pnpm-lock.yml"))) return "pnpm-lock.yml";
-    if (existsSync17(join14(fullPath, "yarn.lock"))) return "yarn.lock";
-    if (existsSync17(join14(fullPath, "package-lock.json"))) return "package-lock.json";
-    throw new Error(`No lockfile found in ${fullPath}`);
-  }
   async createDirectDependencyPatches(mf, idx, upgradeVersion, ctxt) {
     const artifact = ctxt.artifacts[idx];
     assert10(artifact.name);
@@ -226662,7 +226675,7 @@ import { dirname as dirname16, relative as relative12, resolve as resolve26 } fr
 var import_parse_xml3 = __toESM(require_dist(), 1);
 import { readFile as readFile22 } from "node:fs/promises";
 import { dirname as dirname15, join as join17, relative as relative11, resolve as resolve25, basename as basename8, extname } from "node:path";
-import { existsSync as existsSync18 } from "node:fs";
+import { existsSync as existsSync17 } from "node:fs";
 
 // ../utils/dist/version-comparison/version-satisfies.js
 var import_semver4 = __toESM(require_semver2(), 1);
@@ -228215,7 +228228,7 @@ async function loadNuGetProject(rootDir, projectFile, validateFile) {
 }
 async function loadNuGetProjectOrTarget(rootDir, projectFile, mainProject, visited, validateFile) {
   const validatedProjectPath = validateFile ? validateFile(resolve25(rootDir, projectFile)) : resolve25(rootDir, projectFile);
-  if (!validatedProjectPath || !existsSync18(validatedProjectPath)) return void 0;
+  if (!validatedProjectPath || !existsSync17(validatedProjectPath)) return void 0;
   if (visited.has(validatedProjectPath)) return void 0;
   visited.set(validatedProjectPath);
   const sourceText = await readFile22(validatedProjectPath, "utf-8");
@@ -228290,7 +228303,7 @@ async function loadNuGetProjectOrTarget(rootDir, projectFile, mainProject, visit
 }
 async function loadPackagesConfig(rootDir, file, validateFile) {
   const validatedConfigPath = validateFile(resolve25(rootDir, file));
-  if (!validatedConfigPath || !existsSync18(validatedConfigPath)) return void 0;
+  if (!validatedConfigPath || !existsSync17(validatedConfigPath)) return void 0;
   const sourceText = await readFile22(validatedConfigPath, "utf-8");
   const configXml = (0, import_parse_xml3.parseXml)(sourceText, { includeOffsets: true });
   const packages = extractPackagesFromXml(configXml, sourceText);
@@ -228420,7 +228433,7 @@ async function handleImportElement(currentProject, importElement, mainProject, v
   if (!importPath) return;
   const resolvedPath = resolve25(dirname15(currentProject.validatedProjectPath), normalizeMSBuildPath(importPath));
   const validatedPath = validateFile ? validateFile(resolvedPath) : resolvedPath;
-  if (!validatedPath || !existsSync18(validatedPath)) return;
+  if (!validatedPath || !existsSync17(validatedPath)) return;
   const importedProject = await loadNuGetProjectOrTarget(
     currentProject.rootDir,
     resolvedPath,
@@ -229827,7 +229840,7 @@ function createPep508VersionPatches(file, idx, requirement, oldVersion, upgradeV
 }
 
 // ../utils/src/pip-utils.ts
-import { existsSync as existsSync19 } from "node:fs";
+import { existsSync as existsSync18 } from "node:fs";
 import { readFile as readFile26 } from "node:fs/promises";
 import { dirname as dirname19, resolve as resolve30, relative as relative15 } from "node:path";
 import util4 from "node:util";
@@ -229911,6 +229924,17 @@ var PipSocketUpgradeManager = class {
   pyprojectTomlMatcher = (0, import_picomatch8.default)("pyproject.toml", { basename: true });
   uvLockMatcher = (0, import_picomatch8.default)("uv.lock", { basename: true });
   poetryLockMatcher = (0, import_picomatch8.default)("poetry.lock", { basename: true });
+  /**
+   * Drop manifests whose PM is excluded by `--package-managers`. Files with
+   * no clear PM signal (pyproject.toml, uv.lock) are PM-agnostic and always
+   * pass through.
+   */
+  isManifestAllowed(file, ctxt) {
+    if (!ctxt.allowedPackageManagers) return true;
+    const pms = getPackageManagersForManifestFile(file);
+    if (pms.length === 0) return true;
+    return pms.some((pm) => ctxt.allowedPackageManagers.includes(pm));
+  }
   async applySocketArtifactUpgrades(ctxt) {
     const patches = [];
     const uvLockFilesToValidate = /* @__PURE__ */ new Set();
@@ -229930,6 +229954,7 @@ var PipSocketUpgradeManager = class {
       assert13(artifact.version);
       const directRequirementsTxts = /* @__PURE__ */ new Set();
       for (const mf of artifact.manifestFiles ?? []) {
+        if (!this.isManifestAllowed(mf.file, ctxt)) continue;
         if (this.requirementsTxtMatcher(mf.file)) {
           if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(mf.file) || ".")) continue;
           directRequirementsTxts.add(mf.file);
@@ -229966,6 +229991,7 @@ var PipSocketUpgradeManager = class {
         const ancestor = ctxt.artifacts.find((a4) => a4.id === ancestorId);
         for (const mf of ancestor?.manifestFiles ?? []) {
           if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(mf.file) || ".")) continue;
+          if (!this.isManifestAllowed(mf.file, ctxt)) continue;
           if (this.requirementsTxtMatcher(mf.file) && !directRequirementsTxts.has(mf.file)) {
             patches.push(...await this.createRequirementsTxtTransitivePatches(mf.file, idx, upgradeVersion, ctxt));
           }
@@ -230556,7 +230582,7 @@ import assert14 from "node:assert";
 var import_good_enough_parser4 = __toESM(require_cjs(), 1);
 init_ruby_lang();
 import { resolve as resolve32, dirname as dirname21, relative as relative16 } from "node:path";
-import { existsSync as existsSync20, readFileSync as readFileSync5, readdirSync as readdirSync4 } from "node:fs";
+import { existsSync as existsSync19, readFileSync as readFileSync5, readdirSync as readdirSync4 } from "node:fs";
 init_gemspec_utils();
 var booleanQuery2 = import_good_enough_parser4.query.alt(
   import_good_enough_parser4.query.sym(/^true|false$/, (ctx, { value: value2, offset }) => {
@@ -230671,7 +230697,7 @@ var evalGemfileQuery = import_good_enough_parser4.query.sym("eval_gemfile").join
   if (pathEvaluated === void 0) return ctx;
   const rootDir = ctx.gemfile.rootDir;
   const file = relative16(rootDir, resolve32(rootDir, dirname21(ctx.gemfile.file), pathEvaluated));
-  if (!existsSync20(resolve32(rootDir, file))) return ctx;
+  if (!existsSync19(resolve32(rootDir, file))) return ctx;
   const sourceText = readFileSync5(resolve32(rootDir, file), "utf-8");
   const parser2 = import_good_enough_parser4.lang.createLang(lang3);
   const cursor = parser2.parse(sourceText);
@@ -230746,7 +230772,7 @@ var gemspecQuery = import_good_enough_parser4.query.sym("gemspec").opt(
     ctx.currentGem = void 0;
   }
   const searchDir = gemspecPath ? resolve32(rootDir, gemfileDir, gemspecPath) : resolve32(rootDir, gemfileDir);
-  if (!existsSync20(searchDir)) return ctx;
+  if (!existsSync19(searchDir)) return ctx;
   let gemspecFiles = [];
   try {
     const entries = readdirSync4(searchDir);
@@ -231470,7 +231496,7 @@ async function applySocketUpgrades(ecosystem, rootDir, ctxt) {
 
 // dist/cli-apply-fix.js
 var import_lodash13 = __toESM(require_lodash(), 1);
-import { existsSync as existsSync24 } from "fs";
+import { existsSync as existsSync23 } from "fs";
 
 // ../other-modules-communicator/src/other-modules-communicator.ts
 import { execFileSync as execFileSync2 } from "child_process";
@@ -231487,7 +231513,7 @@ import { fileURLToPath as fileURLToPath3 } from "node:url";
 // ../utils/dist/file-utils.js
 var import_lodash7 = __toESM(require_lodash(), 1);
 var import_micromatch2 = __toESM(require_micromatch(), 1);
-import { existsSync as existsSync21 } from "fs";
+import { existsSync as existsSync20 } from "fs";
 import { access as access4, cp as cp3, readdir as readdir4, stat as stat4 } from "fs/promises";
 import { basename as basename9, join as join19, relative as relative18, resolve as resolve34 } from "path";
 var { uniq: uniq2 } = import_lodash7.default;
@@ -231927,7 +231953,7 @@ async function detectVariantMaven(projectDir) {
 }
 
 // ../docker-management/src/maven/gradle-version-detector.ts
-import { existsSync as existsSync22 } from "fs";
+import { existsSync as existsSync21 } from "fs";
 import { join as join22 } from "path";
 import { readFile as readFile30 } from "fs/promises";
 async function detectVariantGradle(projectDir) {
@@ -231935,7 +231961,7 @@ async function detectVariantGradle(projectDir) {
 }
 async function detect(projectDir) {
   const gradleWrapperPropertiesPath = join22(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
-  const gradleWrapperProperties = existsSync22(gradleWrapperPropertiesPath) ? (await readFile30(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const gradleWrapperProperties = existsSync21(gradleWrapperPropertiesPath) ? (await readFile30(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!gradleWrapperProperties) return void 0;
   const distributionUrlRegex = /.*gradle-(\d+(\.\d+(\.\d+)?)?)/;
   for (const prop2 of gradleWrapperProperties) {
@@ -231949,7 +231975,7 @@ async function detect(projectDir) {
 }
 
 // ../docker-management/src/maven/sbt-version-detector.ts
-import { existsSync as existsSync23 } from "fs";
+import { existsSync as existsSync22 } from "fs";
 import { join as join23 } from "path";
 import { readFile as readFile31 } from "fs/promises";
 async function detectVariantSbt(projectDir) {
@@ -231957,7 +231983,7 @@ async function detectVariantSbt(projectDir) {
 }
 async function detect2(projectDir) {
   const sbtBuildPropertiesPath = join23(projectDir, "project", "build.properties");
-  const sbtBuildProperties = existsSync23(sbtBuildPropertiesPath) ? (await readFile31(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
+  const sbtBuildProperties = existsSync22(sbtBuildPropertiesPath) ? (await readFile31(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
   if (!sbtBuildProperties) return void 0;
   for (const prop2 of sbtBuildProperties) {
     const [key, value2] = prop2.split("=");
@@ -233263,7 +233289,7 @@ async function verifyFixes(fixes, otherModulesCommunicator, rootPath) {
   if (pathsForEachFixIdData.length !== new Set(pathsForEachFixIdData).size) {
     throw new Error("Multiple fix IDs found for the same subproject, workspace and ecosystem");
   }
-  const subprojectsNotFound = uniq3(fixes.filter(({ vulnerabilityInstance: v }) => !existsSync24(resolve37(rootPath, v.subprojectPath))).map(({ vulnerabilityInstance: v }) => `${v.subprojectPath}:${v.ecosystem}`));
+  const subprojectsNotFound = uniq3(fixes.filter(({ vulnerabilityInstance: v }) => !existsSync23(resolve37(rootPath, v.subprojectPath))).map(({ vulnerabilityInstance: v }) => `${v.subprojectPath}:${v.ecosystem}`));
   if (subprojectsNotFound.length > 0) {
     throw new Error(`Cannot find the following subprojects: ${subprojectsNotFound.join(", ")}`);
   }
@@ -234089,7 +234115,7 @@ import { readdir as readdir6 } from "fs/promises";
 import { join as join28, relative as relative21, resolve as resolve38 } from "path";
 
 // ../project-management/src/project-management/ecosystem-management/ecosystem-specs.ts
-import { existsSync as existsSync25 } from "fs";
+import { existsSync as existsSync24 } from "fs";
 import { readdir as readdir5, readFile as readFile33 } from "fs/promises";
 import { join as join27, sep as sep4 } from "path";
 var specs = {
@@ -234166,7 +234192,7 @@ function getEcosystemSpecs(ecosystems) {
 }
 function packageManagerIfPackageJSONExistsAndValid(packageManager) {
   return async (projectDir) => {
-    if (!existsSync25(join27(projectDir, "package.json"))) return void 0;
+    if (!existsSync24(join27(projectDir, "package.json"))) return void 0;
     const packageJSONPath = join27(projectDir, "package.json");
     try {
       JSON.parse(await readFile33(packageJSONPath, "utf-8"));
@@ -234764,7 +234790,8 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => `	${prettyPrintPurlUpgrade
           wsFilter: (0, import_picomatch10.default)(options.include?.map((s6) => (s6 || ".").replace(/\/+$/, "") || ".") ?? [".", "**"], {
             ignore: options.exclude?.map((s6) => (s6 || ".").replace(/\/+$/, "") || ".")
           }),
-          statusUpdater
+          statusUpdater,
+          allowedPackageManagers: options.packageManagers
         };
         try {
           await applySocketUpgrades(ecosystem, rootDir, ctxt);
@@ -234973,7 +235000,8 @@ async function computeFixesAndUpgradePurls(path9, options, logFile) {
       include: options.include,
       exclude: options.exclude,
       rangeStyle: options.rangeStyle,
-      disableExternalToolChecks: options.disableExternalToolChecks
+      disableExternalToolChecks: options.disableExternalToolChecks,
+      packageManagers: options.packageManagers
     }, autofixRunId) ?? "fixed-all";
     if (autofixRunId) {
       const allGhsasFailed = ghsasWithFixes.length === 0;
@@ -235258,7 +235286,7 @@ function prettyApplyFixesTo(applyFixesToOption) {
 
 // dist/cli-core.js
 import assert16 from "node:assert";
-import { existsSync as existsSync30, writeFileSync as writeFileSync3 } from "fs";
+import { existsSync as existsSync29, writeFileSync as writeFileSync3 } from "fs";
 import { mkdir as mkdir6, rm as rm3, writeFile as writeFile15 } from "fs/promises";
 var import_lodash15 = __toESM(require_lodash(), 1);
 import os2 from "os";
@@ -235516,7 +235544,7 @@ var BatchedHttpLogStreamer = class {
 // ../utils/src/logging/socket-log-server.ts
 import { createServer } from "net";
 import { once as once8 } from "events";
-import { createWriteStream as createWriteStream6, existsSync as existsSync26 } from "fs";
+import { createWriteStream as createWriteStream6, existsSync as existsSync25 } from "fs";
 import { unlink as unlink3 } from "fs/promises";
 var SocketLogServer = class {
   server;
@@ -235537,7 +235565,7 @@ var SocketLogServer = class {
     this.server = createServer((socket) => this.handleConnection(socket));
   }
   async start() {
-    if (existsSync26(this.socketPath)) {
+    if (existsSync25(this.socketPath)) {
       await unlink3(this.socketPath);
     }
     this.server.listen(this.socketPath);
@@ -235659,7 +235687,7 @@ var SocketLogServer = class {
     return new Promise((resolve45, reject) => {
       this.server.close((serverError) => {
         this.writeStream.end(() => {
-          if (existsSync26(this.socketPath)) {
+          if (existsSync25(this.socketPath)) {
             unlink3(this.socketPath).then(() => {
               if (serverError) reject(serverError);
               else resolve45();
@@ -236121,16 +236149,16 @@ function nextParent(dir) {
 var DEFAULT_REPORT_FILENAME_BASE = "coana-report";
 
 // dist/internal/exclude-dirs-from-configuration-files.js
-import { existsSync as existsSync27 } from "fs";
+import { existsSync as existsSync26 } from "fs";
 import { readFile as readFile35 } from "fs/promises";
 import { basename as basename12, resolve as resolve41 } from "path";
 var import_yaml2 = __toESM(require_dist11(), 1);
 async function inferExcludeDirsFromConfigurationFiles(rootWorkingDir) {
   const socketYmlConfigFile = resolve41(rootWorkingDir, "socket.yml");
-  if (existsSync27(socketYmlConfigFile))
+  if (existsSync26(socketYmlConfigFile))
     return inferExcludeDirsFromSocketConfig(socketYmlConfigFile);
   const socketYamlConfigFile = resolve41(rootWorkingDir, "socket.yaml");
-  if (existsSync27(socketYamlConfigFile))
+  if (existsSync26(socketYamlConfigFile))
     return inferExcludeDirsFromSocketConfig(socketYamlConfigFile);
   return void 0;
 }
@@ -250910,11 +250938,11 @@ var { root: root2 } = static_exports;
 
 // ../utils/src/maven-utils.ts
 var import_lodash14 = __toESM(require_lodash(), 1);
-import { existsSync as existsSync29, readdirSync as readdirSync5, statSync as statSync5 } from "fs";
+import { existsSync as existsSync28, readdirSync as readdirSync5, statSync as statSync5 } from "fs";
 import { join as join32 } from "path";
 
 // ../utils/src/download-utils.ts
-import { existsSync as existsSync28 } from "fs";
+import { existsSync as existsSync27 } from "fs";
 import { writeFile as writeFile14 } from "fs/promises";
 
 // ../utils/src/maven-utils.ts
@@ -252282,7 +252310,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version3 = "15.2.3";
+var version3 = "15.2.5";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
@@ -252985,7 +253013,7 @@ Subproject: ${subproject}`);
     const concurrency = Number(this.options.concurrency);
     const shouldIncludeWorkspaceInLogs = concurrency > 1;
     let npmProjectDirPool;
-    const nodeModulesExists = existsSync30(resolve42(subprojectPath, "node_modules"));
+    const nodeModulesExists = existsSync29(resolve42(subprojectPath, "node_modules"));
     if (ecosystem === "NPM" && concurrency > 1 && !nodeModulesExists) {
       const numCopies = Math.min(concurrency, workspaces.length) - 1;
       if (numCopies > 0) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "15.2.3",
+  "version": "15.2.5",
   "description": "Coana CLI",
   "type": "module",
   "bin": {