@socketsecurity/cli-with-sentry 1.0.103 → 1.0.105

package/dist/types/commands/scan/perform-reachability-analysis.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"perform-reachability-analysis.d.mts","sourceRoot":"","sources":["../../../../src/commands/scan/perform-reachability-analysis.mts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sCAAsC,CAAA;AAEnE,MAAM,MAAM,mBAAmB,GAAG;IAChC,oBAAoB,EAAE,MAAM,CAAA;IAC5B,wBAAwB,EAAE,MAAM,CAAA;IAChC,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,SAAS,EAAE,CAAA;IAC5B,iBAAiB,EAAE,MAAM,EAAE,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG;IACxC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC5B,YAAY,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAA;IACnC,mBAAmB,EAAE,mBAAmB,CAAA;IACxC,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,OAAO,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;IAC7B,eAAe,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;CACtC,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,kBAAkB,EAAE,MAAM,CAAA;IAC1B,uBAAuB,EAAE,MAAM,GAAG,SAAS,CAAA;CAC5C,CAAA;AAED,wBAAsB,2BAA2B,CAC/C,OAAO,CAAC,EAAE,2BAA2B,GAAG,SAAS,GAChD,OAAO,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,CA6J9C"}
+{"version":3,"file":"perform-reachability-analysis.d.mts","sourceRoot":"","sources":["../../../../src/commands/scan/perform-reachability-analysis.mts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sCAAsC,CAAA;AAEnE,MAAM,MAAM,mBAAmB,GAAG;IAChC,oBAAoB,EAAE,MAAM,CAAA;IAC5B,wBAAwB,EAAE,MAAM,CAAA;IAChC,qBAAqB,EAAE,OAAO,CAAA;IAC9B,eAAe,EAAE,SAAS,EAAE,CAAA;IAC5B,iBAAiB,EAAE,MAAM,EAAE,CAAA;CAC5B,CAAA;AAED,MAAM,MAAM,2BAA2B,GAAG;IACxC,UAAU,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC5B,YAAY,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAA;IACnC,mBAAmB,EAAE,mBAAmB,CAAA;IACxC,QAAQ,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,OAAO,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;IAC7B,eAAe,CAAC,EAAE,OAAO,GAAG,SAAS,CAAA;CACtC,CAAA;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,kBAAkB,EAAE,MAAM,CAAA;IAC1B,uBAAuB,EAAE,MAAM,GAAG,SAAS,CAAA;CAC5C,CAAA;AAED,wBAAsB,2BAA2B,CAC/C,OAAO,CAAC,EAAE,2BAA2B,GAAG,SAAS,GAChD,OAAO,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,CA+J9C"}

package/dist/vendor.js

@@ -27442,7 +27442,7 @@ var isInteractiveExports = /*@__PURE__*/ requireIsInteractive();
 var dist$e = {};
 
 var name$2 = "@socketsecurity/sdk";
-var version$5 = "1.4.79";
+var version$5 = "1.4.80";
 var license = "MIT";
 var description = "SDK for the Socket API client";
 var author = {
@@ -175287,5 +175287,5 @@ exports.terminalLinkExports = terminalLinkExports;
 exports.updater = updater$1;
 exports.yargsParser = yargsParser;
 exports.yoctocolorsCjsExports = yoctocolorsCjsExports;
-//# debugId=f5e9f44c-6738-4a2d-947f-077a45beb5d9
+//# debugId=63796303-c4df-4409-b8a5-da5950acd29d
 //# sourceMappingURL=vendor.js.map

package/external/@coana-tech/cli/cli.mjs

@@ -190952,25 +190952,25 @@ var Spinner = class _Spinner {
 };
 
 // ../utils/src/command-utils.ts
-async function execAndLogOnFailure(cmd, dir, options) {
+async function execAndLogOnFailure(cmd, dir, options, logLevel = "info") {
   const result = await execNeverFail(cmd, dir, options);
-  if (result.error) logCommandOutput(result, cmd, dir);
+  if (result.error) logCommandOutput(result, cmd, dir, logLevel);
   return !result.error;
 }
 async function execPipeAndLogOnFailure(cmd, dir, options) {
   return execAndLogOnFailure(cmd, dir, { ...options, pipe: true });
 }
-function logCommandOutput(cmdResult, cmd, dir) {
+function logCommandOutput(cmdResult, cmd, dir, logLevel = "info") {
   const { error, stdout, stderr } = cmdResult;
-  logger.info(error ? `Error running command: ${cmd}` : `Result of running command: ${cmd}`);
-  logger.info(`Directory: ${dir}`);
+  logger[logLevel](error ? `Error running command: ${cmd}` : `Result of running command: ${cmd}`);
+  logger[logLevel](`Directory: ${dir}`);
   if (error) {
     const em = error.message;
-    logger.info(`Error: ${em?.endsWith?.(`
+    logger[logLevel](`Error: ${em?.endsWith?.(`
 ${stderr}`) ? em.slice(0, -stderr.length - 1) : em}`);
   }
-  logger.info(`stdout: ${stdout}`);
-  logger.info(`stderr: ${stderr}`);
+  logger[logLevel](`stdout: ${stdout}`);
+  logger[logLevel](`stderr: ${stderr}`);
 }
 async function execNeverFail(cmd, dir, options) {
   return new Promise((resolve24) => {
@@ -197761,6 +197761,14 @@ function parseSocketResponse(responseData) {
     throw new Error(`Unexpected response type from Socket API: ${typeof responseData}`);
   }
 }
+function parseComputeArtifactsResponse(responseData) {
+  const response = parseSocketResponse(responseData);
+  return {
+    artifacts: response.filter((r2) => r2.type === "artifact").map((r2) => r2.value),
+    metadata: response.filter((r2) => r2.type === "metadata").flatMap((r2) => r2.value)
+    // There should always only be one metadata object
+  };
+}
 async function createSocketTier1Scan(cliOptions, coanaCliVersion) {
   try {
     const url2 = getSocketApiUrl("tier1-reachability-scan");
@@ -197883,6 +197891,7 @@ async function registerAnalysisMetadataSocket(subprojectPath, workspacePath, eco
 }
 async function getLatestBucketsSocket(subprojectPath, workspacePath) {
   try {
+    if (!process.env.SOCKET_REPO_NAME || !process.env.SOCKET_BRANCH_NAME) return void 0;
     const url2 = getSocketApiUrl("tier1-reachability-scan/latest-buckets");
     const params = {
       workspacePath,
@@ -197948,7 +197957,7 @@ async function fetchArtifactsFromManifestsTarHash(manifestsTarHash) {
   try {
     const url2 = getSocketApiUrl(`orgs/${process.env.SOCKET_ORG_SLUG}/compute-artifacts?tarHash=${manifestsTarHash}`);
     const responseData = (await axios2.post(url2, {}, { headers: getAuthHeaders() })).data;
-    return parseSocketResponse(responseData);
+    return parseComputeArtifactsResponse(responseData);
   } catch (e) {
     if (e instanceof AxiosError2) {
       prettyPrintAxiosError(e);
@@ -197975,23 +197984,20 @@ async function computeSocketFactArtifacts(rootDir, relativeManifestFilePaths) {
     if (!uploadData.tarHash) {
       throw new Error("No tarHash received from upload-manifest-files response");
     }
-    const computeUrl = getSocketApiUrl(
-      `orgs/${process.env.SOCKET_ORG_SLUG}/compute-artifacts?tarHash=${uploadData.tarHash}`
-    );
-    const computeResponse = await axios2.post(computeUrl, {}, { headers: getAuthHeaders() });
-    const responseData = computeResponse.data;
-    return parseSocketResponse(responseData);
+    return (await fetchArtifactsFromManifestsTarHash(uploadData.tarHash)).artifacts;
   } catch (error) {
     logger.warn("Failed to compute socket fact artifacts", error);
     return void 0;
   }
 }
-async function registerAutofixOrUpgradePurlRun(manifestsTarHash, repositoryName, options, cliCommand) {
+async function registerAutofixOrUpgradePurlRun(manifestsTarHash, options, cliCommand) {
   try {
     const url2 = getSocketApiUrl(`orgs/${process.env.SOCKET_ORG_SLUG}/fixes/register-autofix-or-upgrade-cli-run`);
     const data2 = {
       manifestsTarHash,
-      repositoryName,
+      // disabling rule to also catch case where process.env.SOCKET_REPO_NAME is the empty string.
+      // eslint-disable-next-line @typescript-eslint/prefer-nullish-coalescing
+      repositoryName: process.env.SOCKET_REPO_NAME || "unknown-repo",
       options,
       cliCommand
     };
@@ -205296,23 +205302,23 @@ var Spinner2 = class _Spinner {
 };
 
 // ../utils/dist/command-utils.js
-async function execAndLogOnFailure2(cmd, dir, options) {
+async function execAndLogOnFailure2(cmd, dir, options, logLevel = "info") {
   const result = await execNeverFail2(cmd, dir, options);
   if (result.error)
-    logCommandOutput2(result, cmd, dir);
+    logCommandOutput2(result, cmd, dir, logLevel);
   return !result.error;
 }
-function logCommandOutput2(cmdResult, cmd, dir) {
+function logCommandOutput2(cmdResult, cmd, dir, logLevel = "info") {
   const { error, stdout, stderr } = cmdResult;
-  logger.info(error ? `Error running command: ${cmd}` : `Result of running command: ${cmd}`);
-  logger.info(`Directory: ${dir}`);
+  logger[logLevel](error ? `Error running command: ${cmd}` : `Result of running command: ${cmd}`);
+  logger[logLevel](`Directory: ${dir}`);
   if (error) {
     const em = error.message;
-    logger.info(`Error: ${em?.endsWith?.(`
+    logger[logLevel](`Error: ${em?.endsWith?.(`
 ${stderr}`) ? em.slice(0, -stderr.length - 1) : em}`);
   }
-  logger.info(`stdout: ${stdout}`);
-  logger.info(`stderr: ${stderr}`);
+  logger[logLevel](`stdout: ${stdout}`);
+  logger[logLevel](`stderr: ${stderr}`);
 }
 async function execNeverFail2(cmd, dir, options) {
   return new Promise((resolve24) => {
@@ -206483,18 +206489,19 @@ import { access as access2, cp, readdir as readdir3, stat as stat2 } from "fs/pr
 import { basename as basename4, join as join11, relative as relative6, resolve as resolve13 } from "path";
 var { uniq } = import_lodash5.default;
 var { isMatch } = import_micromatch.default;
-function findParent(dir, predicate, wholePath) {
-  let curr = dir;
-  let last2 = dir;
+function* parents(dir) {
+  let [curr, last2] = [dir, dir];
   do {
-    const name = wholePath ? curr : basename4(curr);
-    if (predicate(name))
-      return curr;
-    last2 = curr;
-    curr = resolve13(curr, "..");
+    yield curr;
+    [last2, curr] = [curr, resolve13(curr, "..")];
   } while (curr !== last2);
   return void 0;
 }
+function findParent(dir, predicate, wholePath) {
+  for (const parent2 of parents(dir))
+    if (predicate(wholePath ? parent2 : basename4(parent2)))
+      return parent2;
+}
 
 // ../utils/dist/constants.js
 var { once: once2 } = import_lodash6.default;
@@ -207378,17 +207385,18 @@ import { access as access3, cp as cp2, readdir as readdir4, stat as stat3 } from
 import { basename as basename5, join as join16, relative as relative7, resolve as resolve15 } from "path";
 var { uniq: uniq2 } = import_lodash8.default;
 var { isMatch: isMatch2 } = import_micromatch2.default;
-function findParent2(dir, predicate, wholePath) {
-  let curr = dir;
-  let last2 = dir;
+function* parents2(dir) {
+  let [curr, last2] = [dir, dir];
   do {
-    const name = wholePath ? curr : basename5(curr);
-    if (predicate(name)) return curr;
-    last2 = curr;
-    curr = resolve15(curr, "..");
+    yield curr;
+    [last2, curr] = [curr, resolve15(curr, "..")];
   } while (curr !== last2);
   return void 0;
 }
+function findParent2(dir, predicate, wholePath) {
+  for (const parent2 of parents2(dir))
+    if (predicate(wholePath ? parent2 : basename5(parent2))) return parent2;
+}
 async function getFilesRelative(dir, excludeDirs) {
   async function helper(subDir, arrayOfFiles) {
     for (const item of await readdir4(join16(dir, subDir), { withFileTypes: true })) {
@@ -209354,6 +209362,7 @@ import { join as join20, resolve as resolve18 } from "path";
 import util3 from "util";
 var { once: once7 } = import_lodash13.default;
 var systemPython = once7(() => execFileSync2("which", ["python"], { encoding: "utf8" }).trim());
+var hasPyenv = once7(async () => !(await execNeverFail("which pyenv")).error);
 
 // ../utils/src/pip-utils.ts
 async function isSetupPySetuptools(file) {
@@ -210102,8 +210111,8 @@ function getVulnerabilityDependencyType(vulnChainDetails, directDependencies, af
         finalDepType = depType;
       }
     }
-    const parents2 = vcd.parentsMap.get(devIdentifier);
-    for (const p3 of parents2 ?? []) {
+    const parents4 = vcd.parentsMap.get(devIdentifier);
+    for (const p3 of parents4 ?? []) {
       if (p3 === ROOT_NODE_STR) continue;
       const parentNode = vcd.transitiveDependencies[p3];
       if (afd && !afd.has(parentNode)) continue;
@@ -210225,17 +210234,17 @@ function computeVulnChainDetails(dependencyTree, dependencyIdentifier, parentsMa
   function addNode(currentIdentifier, childIdentifier, visited) {
     if (visited.has(currentIdentifier))
       return;
-    const parents2 = parentsMap.get(currentIdentifier);
+    const parents4 = parentsMap.get(currentIdentifier);
     const newCurrentNode = transformToVulnChainNode(dependencyTree.transitiveDependencies[currentIdentifier]);
     res.transitiveDependencies[currentIdentifier] = newCurrentNode;
     if (childIdentifier && !newCurrentNode.children.includes(childIdentifier))
       newCurrentNode.children.push(childIdentifier);
     if (!childIdentifier)
       newCurrentNode.vulnerable = true;
-    if (!parents2)
+    if (!parents4)
       return res;
     visited.add(currentIdentifier);
-    for (const parent2 of parents2) {
+    for (const parent2 of parents4) {
       if (parent2 === ROOT_IDENTIFIER)
         res.children.push(currentIdentifier);
       else
@@ -210339,8 +210348,14 @@ function getAllToplevelAncestors(artifactMap, artifactId) {
 async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash) {
   logger.info("Fetching artifacts from Socket backend using manifests tar hash", manifestsTarHash);
   try {
-    const artifacts = await fetchArtifactsFromManifestsTarHash(manifestsTarHash);
+    const { artifacts } = await fetchArtifactsFromManifestsTarHash(manifestsTarHash);
     const properPythonProjects = [];
+    const pipArtifactToRepresentativeManifest = {};
+    for (const artifact of artifacts) {
+      if (artifact.type === "pypi" && artifact.manifestFiles) {
+        pipArtifactToRepresentativeManifest[simplePurl(artifact.type, artifact.namespace ?? "", artifact.name, artifact.version ?? "")] = artifact;
+      }
+    }
     const venvExcludes = [
       "venv",
       ".venv",
@@ -210379,6 +210394,11 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash)
     const ecosystemToWorkspaceToVulnerabilities = {};
     const purlsFailedToFindWorkspace = /* @__PURE__ */ new Set();
     for (const artifact of artifacts) {
+      let processToplevelAncestors2 = function(artifact2) {
+        const allAncestorIds = getAllToplevelAncestors(artifactMap, artifact2.id);
+        allAncestorIds.forEach((ancestorId) => artifactMap.get(ancestorId)?.manifestFiles?.forEach((ref) => manifestFiles.push(ref.file)));
+      };
+      var processToplevelAncestors = processToplevelAncestors2;
       const ecosystem = getAdvisoryEcosystemFromPurlType(artifact.type);
       if (!ecosystem)
         continue;
@@ -210392,10 +210412,17 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash)
           manifestFiles.push(...(await getFilesRelative(rootWorkingDirectory)).filter((file) => (0, import_picomatch2.default)("{*.csproj,packages.lock.json}")(basename7(file))));
           break;
         }
+        case "PIP": {
+          const sPurl = simplePurl(artifact.type, artifact.namespace ?? "", artifact.name, artifact.version ?? "");
+          if (pipArtifactToRepresentativeManifest[sPurl]) {
+            manifestFiles.push(...(pipArtifactToRepresentativeManifest[sPurl].manifestFiles ?? []).map((ref) => ref.file));
+          }
+          processToplevelAncestors2(artifact);
+          break;
+        }
         default: {
           artifact.manifestFiles?.forEach((ref) => manifestFiles.push(ref.file));
-          const allAncestorIds = getAllToplevelAncestors(artifactMap, artifact.id);
-          allAncestorIds.forEach((ancestorId) => artifactMap.get(ancestorId)?.manifestFiles?.forEach((ref) => manifestFiles.push(ref.file)));
+          processToplevelAncestors2(artifact);
           break;
         }
       }
@@ -210493,7 +210520,7 @@ function computeVulnChainDetails2(artifacts, vulnerableArtifactId) {
     const currentArtifact = artifactMap.get(currentId);
     if (!currentArtifact)
       return;
-    const parents2 = parentsMap.get(currentId);
+    const parents4 = parentsMap.get(currentId);
     const newCurrentNode = {
       packageName: getNameFromNamespaceAndName(currentArtifact.type, currentArtifact.namespace, currentArtifact.name),
       version: currentArtifact.version ?? void 0,
@@ -210512,8 +210539,8 @@ function computeVulnChainDetails2(artifacts, vulnerableArtifactId) {
       }
     }
     visited.add(currentId);
-    if (parents2) {
-      for (const parentId of parents2) {
+    if (parents4) {
+      for (const parentId of parents4) {
         addNode(parentId, currentId, visited);
       }
     }
@@ -213022,7 +213049,7 @@ __export(traversing_exports, {
   nextUntil: () => nextUntil,
   not: () => not,
   parent: () => parent,
-  parents: () => parents,
+  parents: () => parents3,
   parentsUntil: () => parentsUntil,
   prev: () => prev,
   prevAll: () => prevAll,
@@ -214284,7 +214311,7 @@ function _removeDuplicates(elems) {
   return Array.from(new Set(elems));
 }
 var parent = _singleMatcher(({ parent: parent2 }) => parent2 && !isDocument(parent2) ? parent2 : null, _removeDuplicates);
-var parents = _matcher((elem) => {
+var parents3 = _matcher((elem) => {
   const matched = [];
   while (elem.parent && !isDocument(elem.parent)) {
     matched.push(elem.parent);
@@ -225028,10 +225055,10 @@ var FixesTask = class {
           return;
         }
       }
-      const parents2 = this.getParents(pId, vulnChainDetails);
+      const parents4 = this.getParents(pId, vulnChainDetails);
       let allowedVersionsForCId = potentialVersionsForFix[cId] ? [...potentialVersionsForFix[cId]] : await this.getSafeVersionsOfPackage(vulnChainDetails.transitiveDependencies[cId].packageName);
-      if (parents2.length !== 0) {
-        for (const parent2 of parents2) {
+      if (parents4.length !== 0) {
+        for (const parent2 of parents4) {
           await computeFix(parent2, pId, [key, ...visited]);
           if (res[pId])
             allowedVersionsForCId = await this.filterVersionsAllowedByParent(pId, res[pId], cId, allowedVersionsForCId);
@@ -225060,11 +225087,11 @@ var FixesTask = class {
     const deps = vulnChainDetails.transitiveDependencies;
     const vulnerablePackageIdentifiers = Object.entries(deps ?? []).filter(([_identifier, node]) => node.vulnerable).map(([identifier, _node]) => identifier);
     for (const pId of vulnerablePackageIdentifiers) {
-      const parents2 = this.getParents(pId, vulnChainDetails);
-      if (parents2.length === 0) {
+      const parents4 = this.getParents(pId, vulnChainDetails);
+      if (parents4.length === 0) {
         pickVersionWrapper(pId, [...potentialVersionsForFix[pId]]);
       } else {
-        for (const parent2 of parents2) {
+        for (const parent2 of parents4) {
           await computeFix(parent2, pId, []);
         }
       }
@@ -225125,9 +225152,9 @@ var FixesTask = class {
           safeVersionsForC
         );
         const vs = await filterVersions(pId, versionsOfPAllowingSomeSafeVersions);
-        const parents2 = this.getParents(pId, vuln.vulnChainDetails);
-        if (parents2.length !== 0) {
-          for (const parent2 of parents2) {
+        const parents4 = this.getParents(pId, vuln.vulnChainDetails);
+        if (parents4.length !== 0) {
+          for (const parent2 of parents4) {
             await computePotentialVersionsForFixWithCache(parent2, pId, vs);
           }
         } else {
@@ -225139,17 +225166,17 @@ var FixesTask = class {
     const deps = vuln.vulnChainDetails?.transitiveDependencies;
     const vulnerablePackageIdentifiers = Object.entries(deps ?? []).filter(([_identifier, node]) => node.vulnerable).map(([identifier, _node]) => identifier);
     for (const pId of vulnerablePackageIdentifiers) {
-      const parents2 = this.getParents(pId, vuln.vulnChainDetails);
+      const parents4 = this.getParents(pId, vuln.vulnChainDetails);
       const safeVersionsForVulnerablePackage = await safeVersions(pId);
       const { upgrades, downgrades } = this.groupVersionsInUpgradesAndDowngrades(
         assertDefined(this.packageStructure.transitiveDependencies[pId].version),
         safeVersionsForVulnerablePackage
       );
-      if (parents2.length === 0) {
+      if (parents4.length === 0) {
         if (upgrades.length > 0) res[pId] = upgrades;
         else if (downgrades.length > 0) res[pId] = downgrades;
       } else {
-        for (const parent2 of parents2) {
+        for (const parent2 of parents4) {
           const resClone = { ...res };
           const alreadyComputedCacheClone = new Map(alreadyComputedCache);
           try {
@@ -225583,7 +225610,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version2 = "14.12.3";
+var version2 = "14.12.10";
 
 // dist/cli-core.js
 var { mapValues, omit, partition, pick } = import_lodash15.default;
@@ -226274,7 +226301,7 @@ async function upgradePurl(path2, upgrades, options, logFile, cliFixRunId) {
   logger.silent = options.silent;
   let cliRunId = cliFixRunId;
   if (!cliRunId && options.manifestsTarHash) {
-    cliRunId = await getSocketAPI().registerAutofixOrUpgradePurlRun(options.manifestsTarHash, path2, options, "upgrade-purls");
+    cliRunId = await getSocketAPI().registerAutofixOrUpgradePurlRun(options.manifestsTarHash, options, "upgrade-purls");
   }
   const upgradePurlRunId = cliRunId && await getSocketAPI().registerUpgradePurlRun(cliRunId, upgrades);
   Spinner.instance({ text: "Running Coana Upgrade Purl CLI", isSilent: options.silent }).start();
@@ -226404,7 +226431,7 @@ ${vulnerabilityFixes.map((fix) => `	${fix.dependencyName} from ${fix.currentVers
 
 // dist/cli-compute-fixes-and-upgrade-purls.js
 async function computeFixesAndUpgradePurls(path2, options, logFile) {
-  const autofixRunId = options.manifestsTarHash && await getSocketAPI().registerAutofixOrUpgradePurlRun(options.manifestsTarHash, path2, options, "autofix");
+  const autofixRunId = options.manifestsTarHash && await getSocketAPI().registerAutofixOrUpgradePurlRun(options.manifestsTarHash, options, "autofix");
   const { artifacts, ghsaToVulnerableArtifactIds } = await computeInputForComputingFixes(path2, options);
   if (Object.keys(ghsaToVulnerableArtifactIds).length === 0) {
     logger.info("No vulnerabilities to compute fixes for");