npm - @socketsecurity/cli-with-sentry - Versions diffs - 1.1.40 → 1.1.41 - Mend

@socketsecurity/cli-with-sentry 1.1.40 → 1.1.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/CHANGELOG.md +6 -0
package/dist/cli.js +46 -19
package/dist/cli.js.map +1 -1
package/dist/constants.js +3 -3
package/dist/constants.js.map +1 -1
package/dist/tsconfig.dts.tsbuildinfo +1 -1
package/dist/types/commands/ci/handle-ci.d.mts.map +1 -1
package/dist/types/commands/fix/cmd-fix.d.mts.map +1 -1
package/dist/types/commands/fix/coana-fix.d.mts.map +1 -1
package/dist/types/commands/fix/handle-fix.d.mts +2 -1
package/dist/types/commands/fix/handle-fix.d.mts.map +1 -1
package/dist/types/commands/fix/types.d.mts +1 -0
package/dist/types/commands/fix/types.d.mts.map +1 -1
package/dist/types/commands/scan/cmd-scan-create.d.mts.map +1 -1
package/dist/types/commands/scan/cmd-scan-reach.d.mts.map +1 -1
package/dist/types/commands/scan/perform-reachability-analysis.d.mts +3 -2
package/dist/types/commands/scan/perform-reachability-analysis.d.mts.map +1 -1
package/dist/types/commands/scan/reachability-flags.d.mts.map +1 -1
package/dist/types/utils/dlx.d.mts +4 -1
package/dist/types/utils/dlx.d.mts.map +1 -1
package/dist/utils.js +3 -3
package/dist/utils.js.map +1 -1
package/package.json +2 -2

package/CHANGELOG.md CHANGED Viewed

@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
+## [1.1.41](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.40) - 2025-12-02
+### Added
+- Added `--reach-version` flag to `socket scan create` and `socket scan reach` to override the @coana-tech/cli version used for reachability analysis.
+- Added `--fix-version` flag to `socket fix` to override the @coana-tech/cli version used for fix analysis.
 ## [1.1.40](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.40) - 2025-12-02
 ### Fixed

package/dist/cli.js CHANGED Viewed

@@ -1658,6 +1658,7 @@ async function performReachabilityAnalysis(options) {
   // Run Coana with the manifests tar hash.
   const coanaResult = await utils.spawnCoanaDlx(coanaArgs, orgSlug, {
+    coanaVersion: reachabilityOptions.reachVersion,
     cwd,
     env: coanaEnv,
     spinner,
@@ -2380,15 +2381,16 @@ async function handleCi(autoManifest) {
     pendingHead: true,
     pullRequest: 0,
     reach: {
-      reachAnalysisTimeout: 0,
       reachAnalysisMemoryLimit: 0,
+      reachAnalysisTimeout: 0,
       reachConcurrency: 1,
       reachDebug: false,
-      reachDisableAnalytics: false,
       reachDisableAnalysisSplitting: false,
+      reachDisableAnalytics: false,
       reachEcosystems: [],
       reachExcludePaths: [],
       reachSkipCache: false,
+      reachVersion: undefined,
       runReachabilityAnalysis: false
     },
     repoName,
@@ -3700,7 +3702,8 @@ async function discoverGhsaIds(orgSlug, tarHash, options) {
   };
   const foundCResult = await utils.spawnCoanaDlx(['find-vulnerabilities', cwd, '--manifests-tar-hash', tarHash], orgSlug, {
     cwd,
-    spinner
+    spinner,
+    coanaVersion: options?.coanaVersion
   }, {
     stdio: 'pipe'
   });
@@ -3721,6 +3724,7 @@ async function coanaFix(fixConfig) {
   const {
     applyFixes,
     autopilot,
+    coanaVersion,
     cwd,
     disableMajorUpdates,
     exclude,
@@ -3793,7 +3797,8 @@ async function coanaFix(fixConfig) {
       ids = await discoverGhsaIds(orgSlug, tarHash, {
         cwd,
         limit,
-        spinner
+        spinner,
+        coanaVersion
       });
     } else if (limit > 0) {
       ids = ghsas.slice(0, limit);
@@ -3815,6 +3820,7 @@ async function coanaFix(fixConfig) {
     const tmpFile = path.join(tmpDir, `socket-fix-${Date.now()}.json`);
     try {
       const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...ids, ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(include.length ? ['--include', ...include] : []), ...(exclude.length ? ['--exclude', ...exclude] : []), ...(!applyFixes ? [constants.FLAG_DRY_RUN] : []), '--output-file', tmpFile, ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
+        coanaVersion,
         cwd,
         spinner,
         stdio: 'inherit'
@@ -3876,7 +3882,8 @@ async function coanaFix(fixConfig) {
     ids = await discoverGhsaIds(orgSlug, tarHash, {
       cwd,
       limit: adjustedLimit,
-      spinner
+      spinner,
+      coanaVersion
     });
   } else if (shouldSpawnCoana) {
     ids = ghsas.slice(0, adjustedLimit);
@@ -3913,6 +3920,7 @@ async function coanaFix(fixConfig) {
     // Apply fix for single GHSA ID.
     // eslint-disable-next-line no-await-in-loop
     const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ghsaId, ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(include.length ? ['--include', ...include] : []), ...(exclude.length ? ['--exclude', ...exclude] : []), ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
+      coanaVersion,
       cwd,
       spinner,
       stdio: 'inherit'
@@ -4169,6 +4177,7 @@ async function convertIdsToGhsas(ids) {
 async function handleFix({
   applyFixes,
   autopilot,
+  coanaVersion,
   cwd,
   disableMajorUpdates,
   exclude,
@@ -4190,6 +4199,7 @@ async function handleFix({
   require$$9.debugDir('inspect', {
     applyFixes,
     autopilot,
+    coanaVersion,
     cwd,
     disableMajorUpdates,
     exclude,
@@ -4208,6 +4218,7 @@ async function handleFix({
   await outputFixResult(await coanaFix({
     applyFixes,
     autopilot,
+    coanaVersion,
     cwd,
     disableMajorUpdates,
     exclude,
@@ -4242,6 +4253,10 @@ const generalFlags$2 = {
     default: false,
     description: `Enable auto-merge for pull requests that Socket opens.\nSee ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
   },
+  fixVersion: {
+    type: 'string',
+    description: `Override the version of @coana-tech/cli used for fix analysis. Default: ${constants.default.ENV.INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION}.`
+  },
   applyFixes: {
     aliases: ['onlyCompute'],
     type: 'boolean',
@@ -4420,6 +4435,7 @@ async function run$K(argv, importMeta, {
     applyFixes,
     autopilot,
     exclude,
+    fixVersion,
     include,
     json,
     limit,
@@ -4476,6 +4492,7 @@ async function run$K(argv, importMeta, {
   await handleFix({
     applyFixes,
     autopilot,
+    coanaVersion: fixVersion,
     cwd,
     disableMajorUpdates,
     exclude: excludePatterns,
@@ -11068,6 +11085,10 @@ const cmdRepository = {
 };
 const reachabilityFlags = {
+  reachVersion: {
+    type: 'string',
+    description: `Override the version of @coana-tech/cli used for reachability analysis. Default: ${constants.default.ENV.INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION}.`
+  },
   reachAnalysisMemoryLimit: {
     type: 'number',
     default: 8192,
@@ -11356,6 +11377,7 @@ async function run$d(argv, importMeta, {
     reachDisableAnalysisSplitting,
     reachDisableAnalytics,
     reachSkipCache,
+    reachVersion,
     readOnly,
     reportLevel,
     setAsAlertsPage: pendingHeadFlag,
@@ -11483,7 +11505,8 @@ async function run$d(argv, importMeta, {
   const isUsingNonDefaultTimeout = reachAnalysisTimeout !== reachabilityFlags['reachAnalysisTimeout']?.default;
   const isUsingNonDefaultConcurrency = reachConcurrency !== reachabilityFlags['reachConcurrency']?.default;
   const isUsingNonDefaultAnalytics = reachDisableAnalytics !== reachabilityFlags['reachDisableAnalytics']?.default;
-  const isUsingAnyReachabilityFlags = isUsingNonDefaultMemoryLimit || isUsingNonDefaultTimeout || isUsingNonDefaultConcurrency || isUsingNonDefaultAnalytics || hasReachEcosystems || hasReachExcludePaths || reachSkipCache || reachDisableAnalysisSplitting;
+  const isUsingNonDefaultVersion = reachVersion !== reachabilityFlags['reachVersion']?.default;
+  const isUsingAnyReachabilityFlags = hasReachEcosystems || hasReachExcludePaths || isUsingNonDefaultAnalytics || isUsingNonDefaultConcurrency || isUsingNonDefaultMemoryLimit || isUsingNonDefaultTimeout || isUsingNonDefaultVersion || reachDisableAnalysisSplitting || reachSkipCache;
   // Validate target constraints when --reach is enabled.
   const reachTargetValidation = reach ? await validateReachabilityTarget(targets, cwd) : {
@@ -11568,16 +11591,17 @@ async function run$d(argv, importMeta, {
     pendingHead: Boolean(pendingHead),
     pullRequest: Number(pullRequest),
     reach: {
-      runReachabilityAnalysis: Boolean(reach),
-      reachDisableAnalytics: Boolean(reachDisableAnalytics),
-      reachAnalysisTimeout: Number(reachAnalysisTimeout),
       reachAnalysisMemoryLimit: Number(reachAnalysisMemoryLimit),
+      reachAnalysisTimeout: Number(reachAnalysisTimeout),
       reachConcurrency: Number(reachConcurrency),
       reachDebug: Boolean(reachDebug),
       reachDisableAnalysisSplitting: Boolean(reachDisableAnalysisSplitting),
+      reachDisableAnalytics: Boolean(reachDisableAnalytics),
       reachEcosystems,
       reachExcludePaths,
-      reachSkipCache: Boolean(reachSkipCache)
+      reachSkipCache: Boolean(reachSkipCache),
+      reachVersion,
+      runReachabilityAnalysis: Boolean(reach)
     },
     readOnly: Boolean(readOnly),
     repoName,
@@ -12216,16 +12240,17 @@ async function scanOneRepo(repoSlug, {
     pendingHead: true,
     pullRequest: 0,
     reach: {
-      runReachabilityAnalysis: false,
-      reachDisableAnalytics: false,
-      reachAnalysisTimeout: 0,
       reachAnalysisMemoryLimit: 0,
+      reachAnalysisTimeout: 0,
       reachConcurrency: 1,
       reachDebug: false,
       reachDisableAnalysisSplitting: false,
+      reachDisableAnalytics: false,
       reachEcosystems: [],
       reachExcludePaths: [],
-      reachSkipCache: false
+      reachSkipCache: false,
+      reachVersion: undefined,
+      runReachabilityAnalysis: false
     },
     readOnly: false,
     repoName: repoSlug,
@@ -13511,7 +13536,8 @@ async function run$7(argv, importMeta, {
     reachDebug,
     reachDisableAnalysisSplitting,
     reachDisableAnalytics,
-    reachSkipCache
+    reachSkipCache,
+    reachVersion
   } = cli.flags;
   const dryRun = !!cli.flags['dryRun'];
@@ -13601,15 +13627,16 @@ async function run$7(argv, importMeta, {
     outputKind,
     outputPath: outputPath || '',
     reachabilityOptions: {
-      reachAnalysisTimeout: Number(reachAnalysisTimeout),
       reachAnalysisMemoryLimit: Number(reachAnalysisMemoryLimit),
+      reachAnalysisTimeout: Number(reachAnalysisTimeout),
       reachConcurrency: Number(reachConcurrency),
       reachDebug: Boolean(reachDebug),
-      reachDisableAnalytics: Boolean(reachDisableAnalytics),
       reachDisableAnalysisSplitting: Boolean(reachDisableAnalysisSplitting),
+      reachDisableAnalytics: Boolean(reachDisableAnalytics),
       reachEcosystems,
       reachExcludePaths,
-      reachSkipCache: Boolean(reachSkipCache)
+      reachSkipCache: Boolean(reachSkipCache),
+      reachVersion
     },
     targets
   });
@@ -15448,5 +15475,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=abe9e0d9-90ff-4e73-99b1-648bc5ca3347
+//# debugId=3354d2a8-858e-47ae-8d62-34c8832fddf8
 //# sourceMappingURL=cli.js.map