@herodevs/cli 2.0.0-beta.1 → 2.0.0-beta.3

package/README.md

@@ -10,6 +10,14 @@ The HeroDevs CLI
 * [@herodevs/cli](#herodevscli)
 <!-- tocstop -->
 
+## Installation Instructions
+
+1. Install node v20 or higher: [Download Node](https://nodejs.org/en/download)
+1. Install the CLI using one of the following methods:
+   - Globally: Refer to the [Usage](#usage) instructions on installing the CLI globally
+   - Npx:`npx @herodevs/cli@beta <commands>`
+1. Refer to the [Commands](#commands) section for a list of commands
+
 ## TERMS
 
 Use of this CLI is governed by the [HeroDevs End of Life Dataset Terms of Service and Data Policy](https://docs.herodevs.com/legal/end-of-life-dataset-terms).
@@ -30,7 +38,7 @@ $ npm install -g @herodevs/cli
 $ hd COMMAND
 running command...
 $ hd (--version)
-@herodevs/cli/2.0.0-beta.1 linux-x64 node-v22.15.0
+@herodevs/cli/2.0.0-beta.3 linux-x64 node-v22.16.0
 $ hd --help [COMMAND]
 USAGE
   $ hd COMMAND
@@ -95,7 +103,7 @@ EXAMPLES
   $ hd report committers --csv
 ```
 
-_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/report/committers.ts)_
+_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.3/src/commands/report/committers.ts)_
 
 ## `hd report purls`
 
@@ -129,7 +137,7 @@ EXAMPLES
   $ hd report purls --save --csv
 ```
 
-_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/report/purls.ts)_
+_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.3/src/commands/report/purls.ts)_
 
 ## `hd scan eol`
 
@@ -163,7 +171,7 @@ EXAMPLES
   $ hd scan eol -a --dir=./my-project
 ```
 
-_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/scan/eol.ts)_
+_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.3/src/commands/scan/eol.ts)_
 
 ## `hd scan sbom`
 
@@ -191,7 +199,7 @@ EXAMPLES
   $ hd scan sbom --file=path/to/sbom.json
 ```
 
-_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.1/src/commands/scan/sbom.ts)_
+_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v2.0.0-beta.3/src/commands/scan/sbom.ts)_
 
 ## `hd update [CHANNEL]`
 
@@ -229,5 +237,5 @@ EXAMPLES
     $ hd update --available
 ```
 
-_See code: [@oclif/plugin-update](https://github.com/oclif/plugin-update/blob/v4.6.39/src/commands/update.ts)_
+_See code: [@oclif/plugin-update](https://github.com/oclif/plugin-update/blob/v4.6.42/src/commands/update.ts)_
 <!-- commandsstop -->

package/bin/dev.js

@@ -1,8 +1,5 @@
 #!/usr/bin/env node
 
-process.env.GRAPHQL_HOST = 'https://api.dev.nes.herodevs.com';
-process.env.EOL_REPORT_URL = 'https://eol-report-card.stage.apps.herodevs.io/reports';
-
 import main from './main.js';
 
 try {

package/dist/api/nes/nes.client.d.ts

@@ -16,6 +16,7 @@ export declare class NesApolloClient implements NesClient {
     query<T, V extends Record<string, unknown> | undefined>(query: apollo.DocumentNode, variables?: V): Promise<apollo.ApolloQueryResult<T>>;
 }
 export declare const batchSubmitPurls: (purls: string[], options?: ScanInputOptions, batchSize?: number) => Promise<ScanResult>;
+export declare const dedupeAndEncodePurls: (purls: string[]) => string[];
 export declare const createBatches: (items: string[], batchSize: number) => string[][];
 export declare const processBatch: ({ batch, index, totalPages, scanOptions, previousScanId, }: ProcessBatchOptions) => Promise<InsightsEolScanResult>;
 export declare const processBatches: (batches: string[][], scanOptions: ScanInputOptions) => Promise<InsightsEolScanResult[]>;

package/dist/api/nes/nes.client.js

@@ -1,3 +1,4 @@
+import { PackageURL } from 'packageurl-js';
 import { ApolloClient } from "../../api/client.js";
 import { config } from "../../config/constants.js";
 import { debugLogger } from "../../service/log.svc.js";
@@ -25,12 +26,14 @@ function submitScan(purls, options) {
     const host = config.graphqlHost;
     const path = config.graphqlPath;
     const url = host + path;
+    debugLogger('Submitting scan to %s', url);
     const client = new NesApolloClient(url);
     return client.scan.purls(purls, options);
 }
 export const batchSubmitPurls = async (purls, options = DEFAULT_SCAN_INPUT_OPTIONS, batchSize = DEFAULT_SCAN_BATCH_SIZE) => {
     try {
-        const batches = createBatches(purls, batchSize);
+        const dedupedAndEncodedPurls = dedupeAndEncodePurls(purls);
+        const batches = createBatches(dedupedAndEncodedPurls, batchSize);
         debugLogger('Processing %d batches', batches.length);
         if (batches.length === 0) {
             return {
@@ -39,6 +42,7 @@ export const batchSubmitPurls = async (purls, options = DEFAULT_SCAN_INPUT_OPTIO
                 success: true,
                 warnings: [],
                 scanId: undefined,
+                createdOn: undefined,
             };
         }
         const results = await processBatches(batches, options);
@@ -49,6 +53,22 @@ export const batchSubmitPurls = async (purls, options = DEFAULT_SCAN_INPUT_OPTIO
         throw new Error(`Failed to process purls: ${error instanceof Error ? error.message : String(error)}`);
     }
 };
+export const dedupeAndEncodePurls = (purls) => {
+    const dedupedAndEncodedPurls = new Set();
+    for (const purl of purls) {
+        try {
+            // The PackageURL.fromString method encodes each part of the purl
+            const encodedPurl = PackageURL.fromString(purl).toString();
+            if (!dedupedAndEncodedPurls.has(encodedPurl)) {
+                dedupedAndEncodedPurls.add(encodedPurl);
+            }
+        }
+        catch (error) {
+            debugLogger('Error encoding purl: %s', error);
+        }
+    }
+    return Array.from(dedupedAndEncodedPurls);
+};
 export const createBatches = (items, batchSize) => {
     const numberOfBatches = Math.ceil(items.length / batchSize);
     return Array.from({ length: numberOfBatches }, (_, index) => {

package/dist/api/queries/nes/sbom.js

@@ -19,6 +19,7 @@ export const M_SCAN = {
             diagnostics
             message
             scanId
+            createdOn
             success
             warnings {
               purl

package/dist/api/types/hd-cli.types.d.ts

@@ -15,6 +15,7 @@ export type ScanInput = {
 };
 export interface ScanResult {
     components: ScanResultComponentsMap;
+    createdOn?: string;
     diagnostics?: Record<string, unknown>;
     message: string;
     success: boolean;

package/dist/api/types/nes.types.d.ts

@@ -22,6 +22,7 @@ export interface ScanResponse {
  */
 export interface InsightsEolScanResult {
     scanId?: string;
+    createdOn: string;
     success: boolean;
     message: string;
     components: InsightsEolScanComponent[];

package/dist/commands/scan/eol.d.ts

@@ -14,6 +14,7 @@ export default class ScanEol extends Command {
     };
     run(): Promise<{
         components: InsightsEolScanComponent[];
+        createdOn: string;
     }>;
     private getScan;
     private getPurlsFromFile;

package/dist/commands/scan/eol.js

@@ -52,7 +52,7 @@ export default class ScanEol extends Command {
         ux.action.stop('\nScan completed');
         const components = this.getFilteredComponents(scan, flags.all);
         if (flags.save) {
-            await this.saveReport(components);
+            await this.saveReport(components, scan.createdOn);
         }
         if (!this.jsonEnabled()) {
             if (flags.table) {
@@ -66,7 +66,7 @@ export default class ScanEol extends Command {
                 this.printWebReportUrl(scan.scanId);
             }
         }
-        return { components };
+        return { components, createdOn: scan.createdOn ?? '' };
     }
     async getScan(flags, config) {
         if (flags.purls) {
@@ -116,26 +116,25 @@ export default class ScanEol extends Command {
     getFilteredComponents(scan, all) {
         return Array.from(scan.components.values()).filter((component) => all || ['EOL', 'SUPPORTED'].includes(component.info.status));
     }
-    async saveReport(components) {
+    async saveReport(components, createdOn) {
         const { flags } = await this.parse(ScanEol);
         const reportPath = path.join(flags.dir || process.cwd(), 'eol.report.json');
         try {
-            fs.writeFileSync(reportPath, JSON.stringify({ components }, null, 2));
+            fs.writeFileSync(reportPath, JSON.stringify({ components, createdOn }, null, 2));
             this.log('Report saved to eol.report.json');
         }
         catch (error) {
             if (!isErrnoException(error)) {
                 this.error(`Failed to save report: ${getErrorMessage(error)}`);
             }
-            switch (error.code) {
-                case 'EACCES':
-                    this.error('Permission denied. Unable to save report to eol.report.json');
-                    break;
-                case 'ENOSPC':
-                    this.error('No space left on device. Unable to save report to eol.report.json');
-                    break;
-                default:
-                    this.error(`Failed to save report: ${getErrorMessage(error)}`);
+            if (error.code === 'EACCES') {
+                this.error('Permission denied. Unable to save report to eol.report.json');
+            }
+            else if (error.code === 'ENOSPC') {
+                this.error('No space left on device. Unable to save report to eol.report.json');
+            }
+            else {
+                this.error(`Failed to save report: ${getErrorMessage(error)}`);
             }
         }
     }

package/dist/config/constants.js

@@ -5,5 +5,5 @@ export const config = {
     eolReportUrl: process.env.EOL_REPORT_URL || EOL_REPORT_URL,
     graphqlHost: process.env.GRAPHQL_HOST || GRAPHQL_HOST,
     graphqlPath: process.env.GRAPHQL_PATH || GRAPHQL_PATH,
-    showVulnCount: false,
+    showVulnCount: true,
 };

package/dist/service/nes/nes.svc.js

@@ -11,6 +11,7 @@ export const buildScanResult = (scan) => {
         success: true,
         warnings: scan.warnings || [],
         scanId: scan.scanId,
+        createdOn: scan.createdOn,
     };
 };
 export const SbomScanner = (client) => async (purls, options) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@herodevs/cli",
-  "version": "2.0.0-beta.1",
+  "version": "2.0.0-beta.3",
   "author": "HeroDevs, Inc",
   "bin": {
     "hd": "./bin/run.js"
@@ -37,27 +37,27 @@
   ],
   "dependencies": {
     "@apollo/client": "^3.13.8",
-    "@cyclonedx/cdxgen": "^11.2.7",
-    "@oclif/core": "^4",
-    "@oclif/plugin-help": "^6",
-    "@oclif/plugin-update": "^4",
-    "@oclif/table": "^0.4.7",
+    "@cyclonedx/cdxgen": "^11.3.2",
+    "@oclif/core": "^4.3.1",
+    "@oclif/plugin-help": "^6.2.28",
+    "@oclif/plugin-update": "^4.6.42",
+    "@oclif/table": "^0.4.8",
     "graphql": "^16.11.0",
     "packageurl-js": "^2.0.1",
     "update-notifier": "^7.3.1"
   },
   "devDependencies": {
-    "@biomejs/biome": "^1.8.3",
-    "@oclif/test": "^4",
+    "@biomejs/biome": "^1.9.4",
+    "@oclif/test": "^4.1.13",
     "@types/inquirer": "^9.0.8",
-    "@types/node": "^22",
+    "@types/node": "^22.15.30",
     "@types/sinon": "^17.0.4",
     "@types/update-notifier": "^6.0.8",
     "globstar": "^1.0.0",
-    "oclif": "^4",
+    "oclif": "^4.18.0",
     "shx": "^0.4.0",
     "sinon": "^20.0.0",
-    "ts-node": "^10",
+    "ts-node": "^10.9.2",
     "tsx": "^4.19.4",
     "typescript": "^5.8.3"
   },