@coana-tech/cli 15.2.7 → 15.2.9

package/cli.mjs

@@ -204277,10 +204277,14 @@ function parseSocketResponse(responseData) {
 }
 function parseComputeArtifactsResponse(responseData) {
   const response = parseSocketResponse(responseData);
+  const errorRecord = response.findLast(
+    (r3) => r3.type === "error"
+  );
   return {
     artifacts: response.filter((r3) => r3.type === "artifact").map((r3) => r3.value),
-    metadata: response.filter((r3) => r3.type === "metadata").flatMap((r3) => r3.value)
+    metadata: response.filter((r3) => r3.type === "metadata").flatMap((r3) => r3.value),
     // There should always only be one metadata object
+    error: errorRecord?.value
   };
 }
 async function createSocketTier1Scan(cliOptions, coanaCliVersion, systemInformation) {
@@ -204534,6 +204538,14 @@ async function fetchArtifactsFromManifestsTarHash(manifestsTarHash, includePreco
       const url2 = getSocketApiUrl(`orgs/${process.env.SOCKET_ORG_SLUG}/compute-artifacts?${params.toString()}`);
       responseData = (await axios2.post(url2, {}, { headers: getAuthHeaders() })).data;
       const result = parseComputeArtifactsResponse(responseData);
+      if (result.error) {
+        logger.debug(
+          `compute-artifacts terminal error record: code=${result.error.code} retryable=${result.error.retryable}`
+        );
+        throw new Error(
+          `Socket compute-artifacts failed: ${result.error.message} (code=${result.error.code})`
+        );
+      }
       if (useOnlyPregeneratedSboms) {
         const matcher = await initializePregeneratedSbomMatcher();
         result.artifacts = result.artifacts.filter(
@@ -234590,14 +234602,14 @@ function getEcosystemsFromManifestFileNames(fileNames) {
   }
   return [...ecosystems];
 }
-async function validateExternalDependencies(ecosystems, command, manifestFileNames) {
+async function validateExternalDependencies(ecosystems, command, manifestFileNames, packageManagers) {
   const checks = [];
   const ecosystemSet = new Set(ecosystems);
   if (ecosystemSet.has("NPM")) {
-    checks.push(...getNpmChecks(command, manifestFileNames));
+    checks.push(...getNpmChecks(command, manifestFileNames, packageManagers));
   }
   if (ecosystemSet.has("PIP")) {
-    checks.push(...getPipChecks(command, manifestFileNames));
+    checks.push(...getPipChecks(command, manifestFileNames, packageManagers));
   }
   if (ecosystemSet.has("MAVEN") && command === "run") {
     checks.push(checkJavaAvailable());
@@ -234637,9 +234649,10 @@ async function validateExternalDependencies(ecosystems, command, manifestFileNam
     throw new Error(message2);
   }
 }
-function getNpmChecks(command, manifestFileNames) {
+function getNpmChecks(command, manifestFileNames, packageManagers) {
   const checks = [];
   const nexe = isNexeMode();
+  const isAllowed = (pm) => !packageManagers || packageManagers.includes(pm);
   if (command === "run") {
     checks.push(Promise.resolve(checkNodeVersion(20)));
     if (!nexe) {
@@ -234647,21 +234660,22 @@ function getNpmChecks(command, manifestFileNames) {
     }
   } else {
     const files = manifestFileNames ?? [];
-    if (files.some((f5) => f5.endsWith("package-lock.json")) && !nexe) {
+    if (files.some((f5) => f5.endsWith("package-lock.json")) && !nexe && isAllowed("NPM")) {
       checks.push(checkTool("npm", "NPM", "Required for NPM dependency management. Install from https://nodejs.org"));
     }
-    if (files.some((f5) => f5.endsWith("pnpm-lock.yaml"))) {
+    if (files.some((f5) => f5.endsWith("pnpm-lock.yaml")) && isAllowed("PNPM")) {
       checks.push(checkTool("pnpm", "NPM", "Required for pnpm dependency management. Install from https://pnpm.io"));
     }
-    if (files.some((f5) => f5.endsWith("yarn.lock"))) {
+    if (files.some((f5) => f5.endsWith("yarn.lock")) && isAllowed("YARN")) {
       checks.push(checkTool("yarn", "NPM", "Required for Yarn dependency management. Install from https://yarnpkg.com"));
     }
   }
   return checks;
 }
-function getPipChecks(command, manifestFileNames) {
+function getPipChecks(command, manifestFileNames, packageManagers) {
   const checks = [];
   const nexe = isNexeMode();
+  const isAllowed = (pm) => !packageManagers || packageManagers.includes(pm);
   if (command === "run") {
     checks.push(checkEitherTool("python3", "python", "Python (PIP)", "python3 (or python)", "Required for Python dependency management. Install from https://python.org"));
     if (!nexe) {
@@ -234669,7 +234683,7 @@ function getPipChecks(command, manifestFileNames) {
     }
   } else {
     const files = manifestFileNames ?? [];
-    if (files.some((f5) => f5.endsWith("uv.lock")) && !nexe) {
+    if (files.some((f5) => f5.endsWith("uv.lock")) && !nexe && isAllowed("UV")) {
       checks.push(checkTool("uv", "Python (PIP)", "Required for Python dependency management. Install from https://docs.astral.sh/uv/"));
     }
   }
@@ -234771,7 +234785,7 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => `	${prettyPrintPurlUpgrade
       }
       const detectedEcosystems = Array.from(ecosystemToSocketArtifactUpgrades.keys());
       if (!options.disableExternalToolChecks) {
-        await validateExternalDependencies(detectedEcosystems, "compute-fixes-and-upgrade-purls", manifestFiles);
+        await validateExternalDependencies(detectedEcosystems, "compute-fixes-and-upgrade-purls", manifestFiles, options.packageManagers);
       }
       let anyErrors = false;
       let anySkipped = false;
@@ -252347,7 +252361,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version3 = "15.2.7";
+var version3 = "15.2.9";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@coana-tech/cli",
-  "version": "15.2.7",
+  "version": "15.2.9",
   "description": "Coana CLI",
   "type": "module",
   "bin": {