@herodevs/cli 1.6.0-beta.0 → 2.0.0-beta.1

package/README.md

@@ -10,6 +10,10 @@ The HeroDevs CLI
 * [@herodevs/cli](#herodevscli)
 <!-- tocstop -->
 
+## TERMS
+
+Use of this CLI is governed by the [HeroDevs End of Life Dataset Terms of Service and Data Policy](https://docs.herodevs.com/legal/end-of-life-dataset-terms).
+
 ## Scanning Behavior
 
 The CLI's scanning commands (`hd scan eol` and `hd scan sbom`) are designed to be non-invasive:
@@ -26,7 +30,7 @@ $ npm install -g @herodevs/cli
 $ hd COMMAND
 running command...
 $ hd (--version)
-@herodevs/cli/1.6.0-beta.0 linux-x64 node-v22.14.0
+@herodevs/cli/2.0.0-beta.1 linux-x64 node-v22.15.0
 $ hd --help [COMMAND]
 USAGE
   $ hd COMMAND
@@ -60,7 +64,7 @@ DESCRIPTION
   Display help for hd.
 ```
 
-_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v6.2.27/src/commands/help.ts)_
+_See code: [@oclif/plugin-help](https://github.com/oclif/plugin-help/blob/v6.2.28/src/commands/help.ts)_
 
 ## `hd report committers`
 
@@ -91,7 +95,7 @@ EXAMPLES
   $ hd report committers --csv
 ```
 
-_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/report/committers.ts)_
+_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/report/committers.ts)_
 
 ## `hd report purls`
 
@@ -125,7 +129,7 @@ EXAMPLES
   $ hd report purls --save --csv
 ```
 
-_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/report/purls.ts)_
+_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/report/purls.ts)_
 
 ## `hd scan eol`
 
@@ -159,7 +163,7 @@ EXAMPLES
   $ hd scan eol -a --dir=./my-project
 ```
 
-_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/scan/eol.ts)_
+_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/scan/eol.ts)_
 
 ## `hd scan sbom`
 
@@ -187,7 +191,7 @@ EXAMPLES
   $ hd scan sbom --file=path/to/sbom.json
 ```
 
-_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/scan/sbom.ts)_
+_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/scan/sbom.ts)_
 
 ## `hd update [CHANNEL]`
 
@@ -225,5 +229,5 @@ EXAMPLES
     $ hd update --available
 ```
 
-_See code: [@oclif/plugin-update](https://github.com/oclif/plugin-update/blob/v4.6.38/src/commands/update.ts)_
+_See code: [@oclif/plugin-update](https://github.com/oclif/plugin-update/blob/v4.6.39/src/commands/update.ts)_
 <!-- commandsstop -->

package/bin/dev.js

@@ -1,13 +1,7 @@
 #!/usr/bin/env node
 
-// Localhost
-// process.env.GRAPHQL_HOST = 'http://localhost:3000';
-
-// Dev
 process.env.GRAPHQL_HOST = 'https://api.dev.nes.herodevs.com';
-
-// Prod
-// process.env.GRAPHQL_HOST = 'https://api.nes.herodevs.com';
+process.env.EOL_REPORT_URL = 'https://eol-report-card.stage.apps.herodevs.io/reports';
 
 import main from './main.js';
 

package/dist/api/nes/nes.client.js

@@ -1,4 +1,5 @@
 import { ApolloClient } from "../../api/client.js";
+import { config } from "../../config/constants.js";
 import { debugLogger } from "../../service/log.svc.js";
 import { SbomScanner, buildScanResult } from "../../service/nes/nes.svc.js";
 import { DEFAULT_SCAN_BATCH_SIZE, DEFAULT_SCAN_INPUT_OPTIONS, } from "../types/hd-cli.types.js";
@@ -21,9 +22,8 @@ export class NesApolloClient {
  * Submit a scan for a list of purls after they've been batched by batchSubmitPurls
  */
 function submitScan(purls, options) {
-    // NOTE: GRAPHQL_HOST is set in `./bin/dev.js` or tests
-    const host = process.env.GRAPHQL_HOST || 'https://api.nes.herodevs.com';
-    const path = process.env.GRAPHQL_PATH || '/graphql';
+    const host = config.graphqlHost;
+    const path = config.graphqlPath;
     const url = host + path;
     const client = new NesApolloClient(url);
     return client.scan.purls(purls, options);
@@ -38,6 +38,7 @@ export const batchSubmitPurls = async (purls, options = DEFAULT_SCAN_INPUT_OPTIO
                 message: 'No batches to process',
                 success: true,
                 warnings: [],
+                scanId: undefined,
             };
         }
         const results = await processBatches(batches, options);

package/dist/api/types/hd-cli.types.d.ts

@@ -19,6 +19,7 @@ export interface ScanResult {
     message: string;
     success: boolean;
     warnings: ScanWarning[];
+    scanId: string | undefined;
 }
 export interface ProcessBatchOptions {
     batch: string[];

package/dist/commands/scan/eol.d.ts

@@ -17,6 +17,7 @@ export default class ScanEol extends Command {
     }>;
     private getScan;
     private getPurlsFromFile;
+    private printWebReportUrl;
     private scanSbom;
     private getFilteredComponents;
     private saveReport;

package/dist/commands/scan/eol.js

@@ -2,10 +2,11 @@ import fs from 'node:fs';
 import path from 'node:path';
 import { Command, Flags, ux } from '@oclif/core';
 import { batchSubmitPurls } from "../../api/nes/nes.client.js";
+import { config } from "../../config/constants.js";
 import { getErrorMessage, isErrnoException } from "../../service/error.svc.js";
 import { extractPurls, parsePurlsFile } from "../../service/purls.svc.js";
 import { createStatusDisplay, createTableForStatus, groupComponentsByStatus } from "../../ui/eol.ui.js";
-import { INDICATORS, STATUS_COLORS } from "../../ui/shared.ui.js";
+import { INDICATORS, SCAN_ID_KEY, STATUS_COLORS } from "../../ui/shared.ui.js";
 import ScanSbom from "./sbom.js";
 export default class ScanEol extends Command {
     static description = 'Scan a given sbom for EOL data';
@@ -61,6 +62,9 @@ export default class ScanEol extends Command {
             else {
                 this.displayResults(scan, flags.all);
             }
+            if (scan.scanId) {
+                this.printWebReportUrl(scan.scanId);
+            }
         }
         return { components };
     }
@@ -82,6 +86,13 @@ export default class ScanEol extends Command {
             this.error(`Failed to read purls file. ${getErrorMessage(error)}`);
         }
     }
+    printWebReportUrl(scanId) {
+        this.logLine();
+        const id = scanId.split(SCAN_ID_KEY)[1];
+        const reportCardUrl = config.eolReportUrl;
+        const url = ux.colorize('blue', `${reportCardUrl}/${id}`);
+        this.log(`🌐 View your free EOL report at: ${ux.colorize('blue', url)}`);
+    }
     async scanSbom(sbom) {
         let scan;
         let purls;

package/dist/config/constants.d.ts

@@ -0,0 +1,9 @@
+export declare const EOL_REPORT_URL = "https://eol-report-card.apps.herodevs.com/reports";
+export declare const GRAPHQL_HOST = "https://api.nes.herodevs.com";
+export declare const GRAPHQL_PATH = "/graphql";
+export declare const config: {
+    eolReportUrl: string;
+    graphqlHost: string;
+    graphqlPath: string;
+    showVulnCount: boolean;
+};

package/dist/config/constants.js

@@ -0,0 +1,9 @@
+export const EOL_REPORT_URL = 'https://eol-report-card.apps.herodevs.com/reports';
+export const GRAPHQL_HOST = 'https://api.nes.herodevs.com';
+export const GRAPHQL_PATH = '/graphql';
+export const config = {
+    eolReportUrl: process.env.EOL_REPORT_URL || EOL_REPORT_URL,
+    graphqlHost: process.env.GRAPHQL_HOST || GRAPHQL_HOST,
+    graphqlPath: process.env.GRAPHQL_PATH || GRAPHQL_PATH,
+    showVulnCount: false,
+};

package/dist/hooks/npm-update-notifier.d.ts

@@ -2,6 +2,8 @@ import type { Hook } from '@oclif/core';
 import { type UpdateInfo } from 'update-notifier';
 declare const updateNotifierHook: Hook.Init;
 export default updateNotifierHook;
+type DistTag = 'latest' | 'beta' | 'alpha' | 'next';
+export declare function getDistTag(version: string): DistTag;
 export declare function handleUpdate(update: UpdateInfo, currentVersion: string): {
     message: string;
     defer: boolean;

package/dist/hooks/npm-update-notifier.js

@@ -1,23 +1,43 @@
 import updateNotifier, {} from 'update-notifier';
 import pkg from '../../package.json' with { type: 'json' };
+import { debugLogger } from "../service/log.svc.js";
 const updateNotifierHook = async (options) => {
+    debugLogger('pkg.version', pkg.version);
+    const distTag = getDistTag(pkg.version);
+    debugLogger('distTag', distTag);
+    const ONE_DAY_MS = 1000 * 60 * 60 * 24;
+    // If we're on the latest dist-tag, check for updates every time
+    const updateCheckInterval = distTag === 'latest' ? 0 : ONE_DAY_MS;
+    debugLogger('updateCheckInterval', updateCheckInterval);
     const notifier = updateNotifier({
         pkg,
-        updateCheckInterval: 1000 * 60 * 60 * 24, // Check once per day
+        distTag,
+        updateCheckInterval,
+        shouldNotifyInNpmScript: true,
     });
+    debugLogger('updateNotifierHook', { notifier });
     if (notifier.update) {
         const notification = handleUpdate(notifier.update, pkg.version);
+        debugLogger('notification', notification);
         if (notification) {
             notifier.notify(notification);
         }
     }
 };
 export default updateNotifierHook;
+export function getDistTag(version) {
+    if (version.includes('-beta'))
+        return 'beta';
+    if (version.includes('-alpha'))
+        return 'alpha';
+    if (version.includes('-next'))
+        return 'next';
+    return 'latest';
+}
 export function handleUpdate(update, currentVersion) {
-    const isPreV1 = currentVersion.startsWith('0.');
-    const isBeta = currentVersion.includes('-beta') || update.latest.includes('-beta');
-    const isAlpha = currentVersion.includes('-alpha') || update.latest.includes('-alpha');
-    const isNext = currentVersion.includes('-next') || update.latest.includes('-next');
+    const isPreV1 = currentVersion.startsWith('0.') || update.latest.startsWith('0.');
+    const currentDistTag = getDistTag(currentVersion);
+    const updateDistTag = getDistTag(update.latest);
     let message = `Update available! v${currentVersion} → v${update.latest}`;
     /**
      * Show breaking changes warning for:
@@ -28,7 +48,7 @@ export function handleUpdate(update, currentVersion) {
      * [1]https://semver.org/#spec-item-4
      * [2]https://antfu.me/posts/epoch-semver#leading-zero-major-versioning
      */
-    if (isPreV1 || isBeta || isAlpha || isNext || update.type === 'major') {
+    if (isPreV1 || currentDistTag !== 'latest' || updateDistTag !== 'latest' || update.type === 'major') {
         message += '\nThis update may contain breaking changes.';
     }
     // For all other updates (minor, patch), they should be non-breaking

package/dist/service/nes/nes.svc.js

@@ -10,6 +10,7 @@ export const buildScanResult = (scan) => {
         message: scan.message,
         success: true,
         warnings: scan.warnings || [],
+        scanId: scan.scanId,
     };
 };
 export const SbomScanner = (client) => async (purls, options) => {

package/dist/ui/eol.ui.js

@@ -1,6 +1,7 @@
 import { ux } from '@oclif/core';
 import { makeTable } from '@oclif/table';
 import { PackageURL } from 'packageurl-js';
+import { config } from "../config/constants.js";
 import { resolvePurlPackageName } from "../service/eol/eol.svc.js";
 import { parseMomentToSimpleDate } from "./date.ui.js";
 import { INDICATORS, MAX_PURL_LENGTH, MAX_TABLE_COLUMN_WIDTH, STATUS_COLORS } from "./shared.ui.js";
@@ -19,10 +20,10 @@ function getDaysEolString(daysEol) {
     if (daysEol === null) {
         return '';
     }
-    if (daysEol < 0) {
-        return `${Math.abs(daysEol)} days from now`;
+    if (daysEol <= 0) {
+        return `${Math.abs(daysEol) + 1} days from now`;
     }
-    if (daysEol === 0) {
+    if (daysEol > 0) {
         return 'today';
     }
     return `${daysEol} days ago`;
@@ -32,13 +33,11 @@ function formatDetailedComponent(purl, info) {
     const simpleComponent = formatSimpleComponent(purl, status);
     const eolAtString = parseMomentToSimpleDate(eolAt);
     const daysEolString = getDaysEolString(daysEol);
-    const output = [
-        `${simpleComponent}`,
-        `    ⮑  EOL Date: ${eolAtString} (${daysEolString})`,
-        `    ⮑  # of Vulns: ${vulnCount ?? ''}`,
-    ]
-        .filter(Boolean)
-        .join('\n');
+    const eolString = [`${simpleComponent}`, `    ⮑  EOL Date: ${eolAtString} (${daysEolString})`];
+    if (config.showVulnCount) {
+        eolString.push(`    ⮑  # of Vulns: ${vulnCount ?? ''}`);
+    }
+    const output = eolString.filter(Boolean).join('\n');
     return output;
 }
 export function createStatusDisplay(components, all) {
@@ -65,6 +64,19 @@ export function createStatusDisplay(components, all) {
 export function createTableForStatus(grouped, status) {
     const data = grouped[status].map((component) => convertComponentToTableRow(component));
     if (status === 'EOL' || status === 'SUPPORTED') {
+        if (config.showVulnCount) {
+            return makeTable({
+                data,
+                columns: [
+                    { key: 'name', name: 'NAME', width: MAX_TABLE_COLUMN_WIDTH },
+                    { key: 'version', name: 'VERSION', width: 10 },
+                    { key: 'eol', name: 'EOL', width: 12 },
+                    { key: 'daysEol', name: 'DAYS EOL', width: 10 },
+                    { key: 'type', name: 'TYPE', width: 12 },
+                    { key: 'vulnCount', name: '# OF VULNS', width: 12 },
+                ],
+            });
+        }
         return makeTable({
             data,
             columns: [
@@ -73,6 +85,16 @@ export function createTableForStatus(grouped, status) {
                 { key: 'eol', name: 'EOL', width: 12 },
                 { key: 'daysEol', name: 'DAYS EOL', width: 10 },
                 { key: 'type', name: 'TYPE', width: 12 },
+            ],
+        });
+    }
+    if (config.showVulnCount) {
+        return makeTable({
+            data,
+            columns: [
+                { key: 'name', name: 'NAME', width: MAX_TABLE_COLUMN_WIDTH },
+                { key: 'version', name: 'VERSION', width: 10 },
+                { key: 'type', name: 'TYPE', width: 12 },
                 { key: 'vulnCount', name: '# OF VULNS', width: 12 },
             ],
         });
@@ -83,7 +105,6 @@ export function createTableForStatus(grouped, status) {
             { key: 'name', name: 'NAME', width: MAX_TABLE_COLUMN_WIDTH },
             { key: 'version', name: 'VERSION', width: 10 },
             { key: 'type', name: 'TYPE', width: 12 },
-            { key: 'vulnCount', name: '# OF VULNS', width: 12 },
         ],
     });
 }

package/dist/ui/shared.ui.d.ts

@@ -3,3 +3,4 @@ export declare const STATUS_COLORS: Record<ComponentStatus, string>;
 export declare const INDICATORS: Record<ComponentStatus, string>;
 export declare const MAX_PURL_LENGTH = 60;
 export declare const MAX_TABLE_COLUMN_WIDTH = 30;
+export declare const SCAN_ID_KEY = "eol-scan-v1-";

package/dist/ui/shared.ui.js

@@ -13,3 +13,4 @@ export const INDICATORS = {
 };
 export const MAX_PURL_LENGTH = 60;
 export const MAX_TABLE_COLUMN_WIDTH = 30;
+export const SCAN_ID_KEY = 'eol-scan-v1-';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@herodevs/cli",
-  "version": "1.6.0-beta.0",
+  "version": "2.0.0-beta.1",
   "author": "HeroDevs, Inc",
   "bin": {
     "hd": "./bin/run.js"
@@ -37,19 +37,19 @@
   ],
   "dependencies": {
     "@apollo/client": "^3.13.8",
-    "@cyclonedx/cdxgen": "^11.2.5",
+    "@cyclonedx/cdxgen": "^11.2.7",
     "@oclif/core": "^4",
     "@oclif/plugin-help": "^6",
     "@oclif/plugin-update": "^4",
     "@oclif/table": "^0.4.7",
-    "graphql": "^16.8.1",
+    "graphql": "^16.11.0",
     "packageurl-js": "^2.0.1",
     "update-notifier": "^7.3.1"
   },
   "devDependencies": {
     "@biomejs/biome": "^1.8.3",
     "@oclif/test": "^4",
-    "@types/inquirer": "^9.0.7",
+    "@types/inquirer": "^9.0.8",
     "@types/node": "^22",
     "@types/sinon": "^17.0.4",
     "@types/update-notifier": "^6.0.8",
@@ -58,7 +58,7 @@
     "shx": "^0.4.0",
     "sinon": "^20.0.0",
     "ts-node": "^10",
-    "tsx": "^4.19.3",
+    "tsx": "^4.19.4",
     "typescript": "^5.8.3"
   },
   "engines": {