@socketsecurity/cli-with-sentry 1.0.41 → 1.0.43
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +36 -31
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/types/commands/fix/agent-fix.d.mts +2 -3
- package/dist/types/commands/fix/agent-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
- package/dist/utils.js +5 -5
- package/dist/utils.js.map +1 -1
- package/external/@coana-tech/cli/cli.mjs +3 -2
- package/external/@socketsecurity/registry/lib/packages.js +50 -3
- package/package.json +4 -4
|
@@ -226296,7 +226296,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
226296
226296
|
}
|
|
226297
226297
|
|
|
226298
226298
|
// dist/version.js
|
|
226299
|
-
var version2 = "14.10.
|
|
226299
|
+
var version2 = "14.10.3";
|
|
226300
226300
|
|
|
226301
226301
|
// ../../node_modules/.pnpm/axios@1.9.0/node_modules/axios/lib/helpers/bind.js
|
|
226302
226302
|
function bind3(fn2, thisArg) {
|
|
@@ -230914,8 +230914,9 @@ async function useSocketComputeFixEndpoint(artifacts, vulnerableArtifactIdsForGh
|
|
|
230914
230914
|
// dist/index.js
|
|
230915
230915
|
var program2 = new Command();
|
|
230916
230916
|
var run2 = new Command();
|
|
230917
|
-
run2.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <relativeDirs...>", "globs for directories to include from the detection of subprojects (space-separated)(use relative paths from the project root). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <relativeDirs...>", "globs for directories to exclude from the detection of subprojects (space-separated)(use relative paths from the project root). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze (space-separated). Currently NPM, PIP, MAVEN and GO are supported. Default is all supported ecosystems."
|
|
230917
|
+
run2.name("run").argument("<path>", "File system path to folder containing the project").option("-o, --output-dir <path>", "Write json report to <path>/coana-report.json").option("-d, --debug", "Enable debug logging", false).option("-s, --silent", "Silence all debug/warning output", false).option("-p, --print-report", "Print the report to the console", false).option("--offline-database <path>", "Path to a coana-offline-db.json file for running the CLI without internet connectivity", void 0).option("-t, --timeout <timeout>", "Set API <timeout> in milliseconds to Coana backend.", "300000").option("-a, --analysis-timeout <timeout>", "Set <timeout> in seconds for each reachability analysis run").option("--memory-limit <memoryInMB>", "Set memory limit for analysis to <memoryInMB> megabytes of memory.", "8192").option("-c, --concurrency <concurrency>", "Set the maximum number of concurrent reachability analysis runs. It's recommended to choose a concurrency level that ensures that each analysis run has at least the --memory-limit amount of memory available.", "1").option("--api-key <key>", "Set the Coana dashboard API key. By setting you also enable the dashboard integration.").addOption(new Option("--write-report-to-file", "Write the report dashboard-compatible report to dashboard-report.json. This report may help the Coana team debug issues with the report insertion mechanism.").default(false).hideHelp()).option("--project-name <repoName>", "Set the name of the repository. Used for dashboard integration.").option("--repo-url <repoUrl>", "Set the URL of the repository. Used for dashboard integration.").option("--include-dirs <relativeDirs...>", "globs for directories to include from the detection of subprojects (space-separated)(use relative paths from the project root). Notice, projects that are not included may still be scanned if they are referenced from included projects.").option("--exclude-dirs <relativeDirs...>", "globs for directories to exclude from the detection of subprojects (space-separated)(use relative paths from the project root). Notice, excluded projects may still be scanned if they are referenced from non-excluded projects.").option("--disable-analysis-splitting", "Limits Coana to at most 1 reachability analysis run per workspace").option("--print-analysis-log-file", "Store log output from the JavaScript/TypeScript reachability analysis in the file js-analysis.log file in the root of each workspace", false).option("--entry-points <entryPoints...>", "List of files to analyze for root workspace. The reachability analysis automatically analyzes all files used by the entry points. If not provided, all JavaScript and TypeScript files are considered entry points. For non-root workspaces, all JavaScript and TypeScript files are analyzed as well.").option("--include-projects-with-no-reachability-support", "Also runs Coana on projects where we support traditional SCA, but does not yet support reachability analysis.", false).option("--ecosystems <ecosystems...>", "List of ecosystems to analyze (space-separated). Currently NPM, PIP, MAVEN, NUGET and GO are supported. Default is all supported ecosystems.").option("--changed-files <files...>", "List of files that have changed. If provided, Coana only analyzes workspaces and modules that contain changed files.").option("--disable-report-submission", "Disable the submission of the report to the Coana dashboard. Used by the pipeline blocking feature.", false).option("--provider-project <path>", "File system path to folder containing the provider project (Only supported for Maven, Gradle, and SBT)").option("--provider-workspaces <dirs...>", "List of workspaces that build the provided runtime environment (Only supported for Maven, Gradle, and SBT)", (paths) => paths.split(" ")).option("--lightweight-reachability", "Runs Coana in lightweight mode. This increases analysis speed but also raises the risk of Coana misclassifying the reachability of certain complex vulnerabilities. Recommended only for use with Coana Guardrail mode.", false).addOption(new Option("--run-without-docker", "Run package managers and reachability analyzers without using docker").default(process.env.RUN_WITHOUT_DOCKER === "true").hideHelp()).addOption(new Option("--run-env <env>", "Specifies the environment in which the CLI is run. So far only MANAGED_SCAN and UNKNOWN are supported.").default("UNKNOWN").choices(["UNKNOWN", "MANAGED_SCAN"]).hideHelp()).addOption(new Option("--guardrail-mode", "Run Coana in guardrail mode. This mode is used to prevent new reachable vulnerabilities from being introduced into the codebase. Usually run as a CI check when pushing new commits to a pull request.")).addOption(new Option("--socket-mode <output-file>", "Run Coana in socket mode and write report to <output-file>").hideHelp()).addOption(new Option("--manifests-tar-hash <hash>", "Hash of the tarball containing all manifest files already uploaded to Socket. If provided, Socket will be used for computing dependency trees.").hideHelp()).version(version2).configureHelp({ sortOptions: true }).action(async (path2, options) => {
|
|
230918
230918
|
process.env.DOCKER_IMAGE_TAG ??= version2;
|
|
230919
|
+
options.ecosystems = options.ecosystems?.map((e) => e.toUpperCase());
|
|
230919
230920
|
await new CliCore(path2, options).main();
|
|
230920
230921
|
});
|
|
230921
230922
|
var applyFixes = new Command();
|
|
@@ -182,10 +182,14 @@ function getEditablePackageJsonClass() {
|
|
|
182
182
|
return this
|
|
183
183
|
}
|
|
184
184
|
|
|
185
|
-
async save(
|
|
186
|
-
if (!this._canSave) {
|
|
185
|
+
async save(options) {
|
|
186
|
+
if (!this._canSave || this.content === undefined) {
|
|
187
187
|
throw new Error('No package.json to save to')
|
|
188
188
|
}
|
|
189
|
+
const { ignoreWhitespace = false, sort = false } = {
|
|
190
|
+
__proto__: null,
|
|
191
|
+
...options
|
|
192
|
+
}
|
|
189
193
|
const {
|
|
190
194
|
[identSymbol]: indent,
|
|
191
195
|
[newlineSymbol]: newline,
|
|
@@ -227,10 +231,14 @@ function getEditablePackageJsonClass() {
|
|
|
227
231
|
return true
|
|
228
232
|
}
|
|
229
233
|
|
|
230
|
-
async saveSync(
|
|
234
|
+
async saveSync(options) {
|
|
231
235
|
if (!this._canSave || this.content === undefined) {
|
|
232
236
|
throw new Error('No package.json to save to')
|
|
233
237
|
}
|
|
238
|
+
const { ignoreWhitespace = false, sort = false } = {
|
|
239
|
+
__proto__: null,
|
|
240
|
+
...options
|
|
241
|
+
}
|
|
234
242
|
const {
|
|
235
243
|
[Symbol.for('indent')]: indent,
|
|
236
244
|
[Symbol.for('newline')]: newline,
|
|
@@ -271,6 +279,45 @@ function getEditablePackageJsonClass() {
|
|
|
271
279
|
super.update(content)
|
|
272
280
|
return this
|
|
273
281
|
}
|
|
282
|
+
|
|
283
|
+
willSave(options) {
|
|
284
|
+
const { ignoreWhitespace = false, sort = false } = {
|
|
285
|
+
__proto__: null,
|
|
286
|
+
...options
|
|
287
|
+
}
|
|
288
|
+
if (!this._canSave || this.content === undefined) {
|
|
289
|
+
return false
|
|
290
|
+
}
|
|
291
|
+
const {
|
|
292
|
+
[Symbol.for('indent')]: indent,
|
|
293
|
+
[Symbol.for('newline')]: newline,
|
|
294
|
+
...rest
|
|
295
|
+
} = this.content
|
|
296
|
+
const content = sort ? packageSort(rest) : rest
|
|
297
|
+
|
|
298
|
+
if (
|
|
299
|
+
ignoreWhitespace &&
|
|
300
|
+
getUtil().isDeepStrictEqual(content, this._readFileJson)
|
|
301
|
+
) {
|
|
302
|
+
return false
|
|
303
|
+
}
|
|
304
|
+
|
|
305
|
+
const format = indent === undefined ? ' ' : indent
|
|
306
|
+
const eol = newline === undefined ? '\n' : newline
|
|
307
|
+
const fileContent = `${JSON.stringify(
|
|
308
|
+
content,
|
|
309
|
+
null,
|
|
310
|
+
format
|
|
311
|
+
)}\n`.replace(/\n/g, eol)
|
|
312
|
+
|
|
313
|
+
if (
|
|
314
|
+
!ignoreWhitespace &&
|
|
315
|
+
fileContent.trim() === this._readFileContent.trim()
|
|
316
|
+
) {
|
|
317
|
+
return false
|
|
318
|
+
}
|
|
319
|
+
return true
|
|
320
|
+
}
|
|
274
321
|
}
|
|
275
322
|
}
|
|
276
323
|
return _EditablePackageJsonClass
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@socketsecurity/cli-with-sentry",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.43",
|
|
4
4
|
"description": "CLI for Socket.dev, includes Sentry error handling, otherwise identical to the regular `socket` package",
|
|
5
5
|
"homepage": "https://github.com/SocketDev/socket-cli",
|
|
6
6
|
"license": "MIT",
|
|
@@ -85,7 +85,7 @@
|
|
|
85
85
|
"@babel/preset-typescript": "7.27.1",
|
|
86
86
|
"@babel/runtime": "7.27.6",
|
|
87
87
|
"@biomejs/biome": "2.1.1",
|
|
88
|
-
"@coana-tech/cli": "14.10.
|
|
88
|
+
"@coana-tech/cli": "14.10.3",
|
|
89
89
|
"@cyclonedx/cdxgen": "11.4.3",
|
|
90
90
|
"@dotenvx/dotenvx": "1.47.3",
|
|
91
91
|
"@eslint/compat": "1.3.1",
|
|
@@ -112,7 +112,7 @@
|
|
|
112
112
|
"@socketregistry/is-interactive": "1.0.6",
|
|
113
113
|
"@socketregistry/packageurl-js": "1.0.8",
|
|
114
114
|
"@socketsecurity/config": "3.0.1",
|
|
115
|
-
"@socketsecurity/registry": "1.0.
|
|
115
|
+
"@socketsecurity/registry": "1.0.227",
|
|
116
116
|
"@socketsecurity/sdk": "1.4.53",
|
|
117
117
|
"@types/blessed": "0.1.25",
|
|
118
118
|
"@types/cmd-shim": "5.0.2",
|
|
@@ -127,7 +127,7 @@
|
|
|
127
127
|
"@types/which": "3.0.4",
|
|
128
128
|
"@types/yargs-parser": "21.0.3",
|
|
129
129
|
"@typescript-eslint/parser": "8.36.0",
|
|
130
|
-
"@typescript/native-preview": "7.0.0-dev.
|
|
130
|
+
"@typescript/native-preview": "7.0.0-dev.20250710.1",
|
|
131
131
|
"@vitest/coverage-v8": "3.2.4",
|
|
132
132
|
"blessed": "0.1.81",
|
|
133
133
|
"blessed-contrib": "4.11.0",
|