@herodevs/cli 1.1.0-beta.1 → 1.3.0-beta.1

package/dist/api/types/nes.types.d.ts

@@ -1,35 +1,52 @@
-export type ScanInput = {
+/**
+ * Input parameters for the EOL scan operation
+ */
+export interface InsightsEolScanInput {
+    scanId?: string;
+    /** Array of package URLs in purl format to scan */
     components: string[];
-    type: 'SBOM';
-} | {
-    type: 'OTHER';
-};
+    /** The type of scan being performed (e.g. 'SBOM') */
+    type: string;
+    page: number;
+    totalPages: number;
+}
 export interface ScanResponse {
     insights: {
         scan: {
-            eol: ScanResponseReport;
+            eol: InsightsEolScanResult;
         };
     };
 }
-export interface ScanResponseReport {
-    components: ScanResultComponent[];
-    diagnostics?: Record<string, unknown>;
-    message: string;
+/**
+ * Result of the EOL scan operation
+ */
+export interface InsightsEolScanResult {
+    scanId?: string;
     success: boolean;
+    message: string;
+    components: InsightsEolScanComponent[];
+    warnings: ScanWarning[];
 }
-export type ComponentStatus = 'EOL' | 'LTS' | 'OK';
-export interface ScanResultComponent {
-    info: {
-        eolAt: Date | null;
-        isEol: boolean;
-        isUnsafe: boolean;
-    };
+/**
+ * Information about a component's EOL status
+ */
+export interface InsightsEolScanComponentInfo {
+    isEol: boolean;
+    isUnsafe: boolean;
+    eolAt: Date | null;
+    status: ComponentStatus;
+    daysEol: number | null;
+}
+export interface InsightsEolScanComponent {
+    info: InsightsEolScanComponentInfo;
     purl: string;
-    status?: ComponentStatus;
 }
-export interface ScanResult {
-    components: Map<string, ScanResultComponent>;
-    diagnostics?: Record<string, unknown>;
+export interface ScanWarning {
+    purl: string;
     message: string;
-    success: boolean;
+    type?: string;
+    error?: unknown;
+    diagnostics?: Record<string, unknown>;
 }
+export type ComponentStatus = (typeof VALID_STATUSES)[number];
+export declare const VALID_STATUSES: readonly ["UNKNOWN", "OK", "EOL", "LTS"];

package/dist/api/types/nes.types.js

@@ -1 +1 @@
-export {};
+export const VALID_STATUSES = ['UNKNOWN', 'OK', 'EOL', 'LTS'];

package/dist/commands/report/committers.js

@@ -3,6 +3,7 @@ import { Command, Flags } from '@oclif/core';
 import fs from 'node:fs';
 import path from 'node:path';
 import { calculateOverallStats, formatAsCsv, formatAsText, groupCommitsByMonth, parseGitLogOutput, } from "../../service/committers.svc.js";
+import { getErrorMessage, isErrnoException } from "../../service/error.svc.js";
 export default class Committers extends Command {
     static description = 'Generate report of committers to a git repository';
     static enableJsonFlag = true;
@@ -44,28 +45,42 @@ export default class Committers extends Command {
             if (isJson) {
                 // JSON mode
                 if (save) {
-                    fs.writeFileSync(path.resolve('nes.committers.json'), JSON.stringify(reportData, null, 2));
-                    this.log('Report written to json');
+                    try {
+                        fs.writeFileSync(path.resolve('nes.committers.json'), JSON.stringify(reportData, null, 2));
+                        this.log('Report written to json');
+                    }
+                    catch (error) {
+                        this.error(`Failed to save JSON report: ${getErrorMessage(error)}`);
+                    }
                 }
                 return reportData;
             }
+            const textOutput = formatAsText(reportData);
             if (csv) {
                 // CSV mode
                 const csvOutput = formatAsCsv(reportData);
                 if (save) {
-                    fs.writeFileSync(path.resolve('nes.committers.csv'), csvOutput);
-                    this.log('Report written to csv');
+                    try {
+                        fs.writeFileSync(path.resolve('nes.committers.csv'), csvOutput);
+                        this.log('Report written to csv');
+                    }
+                    catch (error) {
+                        this.error(`Failed to save CSV report: ${getErrorMessage(error)}`);
+                    }
                 }
                 else {
-                    this.log(csvOutput);
+                    this.log(textOutput);
                 }
                 return csvOutput;
             }
-            // Text mode
-            const textOutput = formatAsText(reportData);
             if (save) {
-                fs.writeFileSync(path.resolve('nes.committers.txt'), textOutput);
-                this.log('Report written to txt');
+                try {
+                    fs.writeFileSync(path.resolve('nes.committers.txt'), textOutput);
+                    this.log('Report written to txt');
+                }
+                catch (error) {
+                    this.error(`Failed to save txt report: ${getErrorMessage(error)}`);
+                }
             }
             else {
                 this.log(textOutput);
@@ -73,8 +88,7 @@ export default class Committers extends Command {
             return textOutput;
         }
         catch (error) {
-            this.error(`Failed to generate report: ${error.message}`);
-            throw error;
+            this.error(`Failed to generate report: ${getErrorMessage(error)}`);
         }
     }
     /**
@@ -105,25 +119,28 @@ export default class Committers extends Command {
      * @param sinceDate - Date range for git log
      */
     fetchGitCommitData(sinceDate) {
-        try {
-            const logProcess = spawnSync('git', [
-                'log',
-                '--all', // Include committers on all branches in the repo
-                '--format="%ad|%an"', // Format: date|author
-                '--date=format:%Y-%m', // Format date as YYYY-MM
-                `--since="${sinceDate}"`,
-            ], { encoding: 'utf-8' });
-            if (logProcess.error) {
-                throw new Error(`Git command failed: ${logProcess.error.message}`);
-            }
-            if (!logProcess.stdout) {
-                return [];
+        const logProcess = spawnSync('git', [
+            'log',
+            '--all', // Include committers on all branches in the repo
+            '--format="%ad|%an"', // Format: date|author
+            '--date=format:%Y-%m', // Format date as YYYY-MM
+            `--since="${sinceDate}"`,
+        ], { encoding: 'utf-8' });
+        if (logProcess.error) {
+            if (isErrnoException(logProcess.error)) {
+                if (logProcess.error.code === 'ENOENT') {
+                    this.error('Git command not found. Please ensure git is installed and available in your PATH.');
+                }
+                this.error(`Git command failed: ${getErrorMessage(logProcess.error)}`);
             }
-            return parseGitLogOutput(logProcess.stdout);
+            this.error(`Git command failed: ${getErrorMessage(logProcess.error)}`);
         }
-        catch (error) {
-            this.error(`Failed to fetch git data: ${error.message}`);
-            return []; // This line won't execute due to this.error() above
+        if (logProcess.status !== 0) {
+            this.error(`Git command failed with status ${logProcess.status}: ${logProcess.stderr}`);
+        }
+        if (!logProcess.stdout) {
+            return [];
         }
+        return parseGitLogOutput(logProcess.stdout);
     }
 }

package/dist/commands/report/purls.js

@@ -1,8 +1,9 @@
 import fs from 'node:fs';
 import path from 'node:path';
 import { Command, Flags, ux } from '@oclif/core';
+import { getErrorMessage, isErrnoException } from "../../service/error.svc.js";
 import { extractPurls, getPurlOutput } from "../../service/purls.svc.js";
-import SbomScan from "../scan/sbom.js";
+import ScanSbom from "../scan/sbom.js";
 export default class ReportPurls extends Command {
     static description = 'Generate a list of purls from a sbom';
     static enableJsonFlag = true;
@@ -36,36 +37,48 @@ export default class ReportPurls extends Command {
     async run() {
         const { flags } = await this.parse(ReportPurls);
         const { dir: _dirFlag, file: _fileFlag, save, csv } = flags;
-        const sbomArgs = SbomScan.getSbomArgs(flags);
-        const sbomCommand = new SbomScan(sbomArgs, this.config);
-        const sbom = await sbomCommand.run();
-        if (!sbom) {
-            throw new Error('SBOM not generated');
-        }
-        const purls = await extractPurls(sbom);
-        this.log('Extracted %d purls from SBOM', purls.length);
-        ux.action.stop('Scan completed');
-        // Print the purls
-        for (const purl of purls) {
-            this.log(purl);
-        }
-        // Save if requested
-        if (save) {
-            try {
-                const outputFile = csv && !this.jsonEnabled() ? 'csv' : 'json';
-                const outputPath = path.join(_dirFlag || process.cwd(), `nes.purls.${outputFile}`);
-                const purlOutput = getPurlOutput(purls, outputFile);
-                fs.writeFileSync(outputPath, purlOutput);
-                this.log('Purls saved to %s', outputPath);
+        try {
+            const sbom = await ScanSbom.loadSbom(flags, this.config);
+            const purls = await extractPurls(sbom);
+            this.log('Extracted %d purls from SBOM', purls.length);
+            ux.action.stop('Scan completed');
+            // Print the purls
+            for (const purl of purls) {
+                this.log(purl);
             }
-            catch (error) {
-                const errorMessage = error && typeof error === 'object' && 'message' in error ? error.message : 'Unknown error';
-                this.warn(`Failed to save purls: ${errorMessage}`);
+            // Save if requested
+            if (save) {
+                try {
+                    const outputFile = csv && !this.jsonEnabled() ? 'csv' : 'json';
+                    const outputPath = path.join(_dirFlag || process.cwd(), `nes.purls.${outputFile}`);
+                    const purlOutput = getPurlOutput(purls, outputFile);
+                    fs.writeFileSync(outputPath, purlOutput);
+                    this.log('Purls saved to %s', outputPath);
+                }
+                catch (error) {
+                    if (isErrnoException(error)) {
+                        switch (error.code) {
+                            case 'EACCES':
+                                this.error('Permission denied: Cannot write to output file');
+                                break;
+                            case 'ENOSPC':
+                                this.error('No space left on device');
+                                break;
+                            case 'EISDIR':
+                                this.error('Cannot write to output file: Is a directory');
+                                break;
+                            default:
+                                this.error(`Failed to save purls: ${getErrorMessage(error)}`);
+                        }
+                    }
+                    this.error(`Failed to save purls: ${getErrorMessage(error)}`);
+                }
             }
+            // Return wrapped object with metadata
+            return { purls };
+        }
+        catch (error) {
+            this.error(`Failed to generate PURLs: ${getErrorMessage(error)}`);
         }
-        // Return wrapped object with metadata
-        return {
-            purls,
-        };
     }
 }

package/dist/commands/scan/eol.d.ts

@@ -1,16 +1,28 @@
 import { Command } from '@oclif/core';
-import type { ScanResult } from '../../api/types/nes.types.ts';
+import type { InsightsEolScanComponent } from '../../api/types/nes.types.ts';
 export default class ScanEol extends Command {
     static description: string;
     static enableJsonFlag: boolean;
     static examples: string[];
     static flags: {
         file: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        purls: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
         dir: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
         save: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        all: import("@oclif/core/interfaces").BooleanFlag<boolean>;
+        getCustomerSupport: import("@oclif/core/interfaces").BooleanFlag<boolean>;
     };
-    run(): Promise<ScanResult | {
-        components: [];
+    run(): Promise<{
+        components: InsightsEolScanComponent[];
     }>;
-    private checkEolScanDisabled;
+    private getScan;
+    private getPurlsFromFile;
+    private scanSbom;
+    private getFilteredComponents;
+    private saveReport;
+    private displayResults;
+    private displayNoComponentsMessage;
+    private logLine;
+    private displayStatusSection;
+    private logLegend;
 }

package/dist/commands/scan/eol.js

@@ -1,19 +1,32 @@
+import fs from 'node:fs';
+import path from 'node:path';
 import { Command, Flags, ux } from '@oclif/core';
-import { prepareRows, scanForEol } from "../../service/eol/eol.svc.js";
-import { promptComponentDetails } from "../../ui/eol.ui.js";
-import SbomScan from "./sbom.js";
+import { batchSubmitPurls } from "../../api/nes/nes.client.js";
+import { DEFAULT_SCAN_BATCH_SIZE, DEFAULT_SCAN_INPUT_OPTIONS } from '../../api/types/hd-cli.types.js';
+import { getErrorMessage, isErrnoException } from "../../service/error.svc.js";
+import { extractPurls } from "../../service/purls.svc.js";
+import { parsePurlsFile } from "../../service/purls.svc.js";
+import { createStatusDisplay } from "../../ui/eol.ui.js";
+import { INDICATORS, STATUS_COLORS } from "../../ui/shared.us.js";
+import ScanSbom from "./sbom.js";
 export default class ScanEol extends Command {
     static description = 'Scan a given sbom for EOL data';
     static enableJsonFlag = true;
     static examples = [
         '<%= config.bin %> <%= command.id %> --dir=./my-project',
         '<%= config.bin %> <%= command.id %> --file=path/to/sbom.json',
+        '<%= config.bin %> <%= command.id %> --purls=path/to/purls.json',
+        '<%= config.bin %> <%= command.id %> -a --dir=./my-project',
     ];
     static flags = {
         file: Flags.string({
             char: 'f',
             description: 'The file path of an existing cyclonedx sbom to scan for EOL',
         }),
+        purls: Flags.string({
+            char: 'p',
+            description: 'The file path of a list of purls to scan for EOL',
+        }),
         dir: Flags.string({
             char: 'd',
             description: 'The directory to scan in order to create a cyclonedx sbom',
@@ -23,52 +36,142 @@ export default class ScanEol extends Command {
             default: false,
             description: 'Save the generated SBOM as nes.sbom.json in the scanned directory',
         }),
+        all: Flags.boolean({
+            char: 'a',
+            description: 'Show all components (default is EOL and LTS only)',
+            default: false,
+        }),
+        getCustomerSupport: Flags.boolean({
+            char: 'c',
+            description: 'Get Never-Ending Support for End-of-Life components',
+            default: false,
+        }),
     };
     async run() {
-        this.checkEolScanDisabled();
         const { flags } = await this.parse(ScanEol);
-        const { dir: _dirFlag, file: _fileFlag } = flags;
-        // Load the SBOM: Only pass the file, dir, and save flags to SbomScan
-        const sbomArgs = SbomScan.getSbomArgs(flags);
-        const sbomCommand = new SbomScan(sbomArgs, this.config);
-        const sbom = await sbomCommand.run();
-        if (!sbom) {
-            throw new Error('SBOM not generated');
-        }
-        // Scan the SBOM for EOL information
-        const { purls, scan } = await scanForEol(sbom);
-        ux.action.stop('Scan completed');
-        if (!scan?.components) {
-            if (_fileFlag) {
-                throw new Error(`Scan failed to generate for file path: ${_fileFlag}`);
+        if (flags.getCustomerSupport) {
+            this.log(ux.colorize('yellow', 'Never-Ending Support is on the way. Please stay tuned for this feature.'));
+        }
+        const scan = await this.getScan(flags, this.config);
+        ux.action.stop('\nScan completed');
+        const filteredComponents = this.getFilteredComponents(scan, flags.all);
+        if (flags.save) {
+            await this.saveReport(filteredComponents);
+        }
+        if (this.jsonEnabled()) {
+            return { components: filteredComponents };
+        }
+        await this.displayResults(scan, flags.all);
+        return { components: filteredComponents };
+    }
+    async getScan(flags, config) {
+        if (flags.purls) {
+            ux.action.start(`Scanning purls from ${flags.purls}`);
+            const purls = this.getPurlsFromFile(flags.purls);
+            return batchSubmitPurls(purls, DEFAULT_SCAN_INPUT_OPTIONS, DEFAULT_SCAN_BATCH_SIZE);
+        }
+        const sbom = await ScanSbom.loadSbom(flags, config);
+        const scan = this.scanSbom(sbom, flags);
+        return scan;
+    }
+    getPurlsFromFile(filePath) {
+        if (typeof filePath !== 'string') {
+            this.error(`Failed to parse file path: ${filePath}`);
+        }
+        try {
+            const purlsFileString = fs.readFileSync(filePath, 'utf8');
+            return parsePurlsFile(purlsFileString);
+        }
+        catch (error) {
+            this.error(`Failed to read purls file. ${getErrorMessage(error)}`);
+        }
+    }
+    async scanSbom(sbom, flags) {
+        let scan;
+        let purls;
+        try {
+            purls = await extractPurls(sbom);
+        }
+        catch (error) {
+            this.error(`Failed to extract purls from sbom. ${getErrorMessage(error)}`);
+        }
+        try {
+            scan = await batchSubmitPurls(purls, DEFAULT_SCAN_INPUT_OPTIONS, DEFAULT_SCAN_BATCH_SIZE);
+        }
+        catch (error) {
+            this.error(`Failed to submit scan to NES from sbom. ${getErrorMessage(error)}`);
+        }
+        if (scan.components.size === 0) {
+            this.warn('No components found in scan');
+        }
+        return scan;
+    }
+    getFilteredComponents(scan, all) {
+        return Array.from(scan.components.entries())
+            .filter(([_, component]) => all || ['EOL', 'LTS'].includes(component.info.status))
+            .map(([_, component]) => component);
+    }
+    async saveReport(components) {
+        try {
+            const { flags } = await this.parse(ScanEol);
+            const reportPath = path.join(flags.dir || process.cwd(), 'nes.eol.json');
+            fs.writeFileSync(reportPath, JSON.stringify({ components }, null, 2));
+            this.log('Report saved to nes.eol.json');
+        }
+        catch (error) {
+            if (isErrnoException(error)) {
+                switch (error.code) {
+                    case 'EACCES':
+                        this.error('Permission denied. Unable to save report to nes.eol.json');
+                        break;
+                    case 'ENOSPC':
+                        this.error('No space left on device. Unable to save report to nes.eol.json');
+                        break;
+                    default:
+                        this.error(`Failed to save report: ${getErrorMessage(error)}`);
+                }
             }
-            if (_dirFlag) {
-                throw new Error(`Scan failed to generate for dir: ${_dirFlag}`);
+            else {
+                this.error(`Failed to save report: ${getErrorMessage(error)}`);
             }
-            throw new Error('Scan failed to generate components.');
         }
-        const lines = await prepareRows(purls, scan);
-        if (lines?.length === 0) {
-            this.log('No dependencies found');
-            return { components: [] };
+    }
+    async displayResults(scan, all) {
+        const { UNKNOWN, OK, LTS, EOL } = createStatusDisplay(scan.components, all);
+        if (!UNKNOWN.length && !OK.length && !LTS.length && !EOL.length) {
+            this.displayNoComponentsMessage(all);
+            return;
+        }
+        this.log(ux.colorize('bold', 'Here are the results of the scan:'));
+        this.logLine();
+        // Display sections in order of increasing severity
+        for (const components of [UNKNOWN, OK, LTS, EOL]) {
+            this.displayStatusSection(components);
+        }
+        this.logLegend();
+    }
+    displayNoComponentsMessage(all) {
+        if (!all) {
+            this.log(ux.colorize('yellow', 'No End-of-Life or Long Term Support components found in scan.'));
+            this.log(ux.colorize('yellow', 'Use --all flag to view all components.'));
+        }
+        else {
+            this.log(ux.colorize('yellow', 'No components found in scan.'));
         }
-        const r = await promptComponentDetails(lines);
-        this.log('What now %o', r);
-        return scan;
     }
-    checkEolScanDisabled(override = true) {
-        // Check if running in beta version or pre v1.0.0
-        const version = this.config.version;
-        const [major] = version.split('.').map(Number);
-        if (version.includes('beta') || major < 1) {
-            this.log(`VERSION=${version}`);
-            throw new Error('The EOL scan feature is not available in beta releases. Please wait for the stable release.');
-        }
-        // Just in case the beta check fails
-        if (override) {
-            this.log(`VERSION=${version}`);
-            this.log('EOL scan is disabled');
-            return { components: [] };
+    logLine() {
+        this.log(ux.colorize('bold', '-'.repeat(50)));
+    }
+    displayStatusSection(components) {
+        if (components.length > 0) {
+            this.log(components.join('\n'));
+            this.logLine();
         }
     }
+    logLegend() {
+        this.log(ux.colorize(`${STATUS_COLORS.UNKNOWN}`, `${INDICATORS.UNKNOWN} = No Known Issues`));
+        this.log(ux.colorize(`${STATUS_COLORS.OK}`, `${INDICATORS.OK} = OK`));
+        this.log(ux.colorize(`${STATUS_COLORS.LTS}`, `${INDICATORS.LTS}= Long Term Support (LTS)`));
+        this.log(ux.colorize(`${STATUS_COLORS.EOL}`, `${INDICATORS.EOL} = End of Life (EOL)`));
+    }
 }

package/dist/commands/scan/sbom.d.ts

@@ -10,6 +10,7 @@ export default class ScanSbom extends Command {
         save: import("@oclif/core/interfaces").BooleanFlag<boolean>;
         background: import("@oclif/core/interfaces").BooleanFlag<boolean>;
     };
+    static loadSbom(flags: Record<string, string>, config: Command['config']): Promise<Sbom>;
     static getSbomArgs(flags: Record<string, string>): string[];
     getScanOptions(): {};
     run(): Promise<Sbom | undefined>;