@synkro-sh/cli 1.3.23 → 1.3.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bootstrap.js +30 -6
- package/dist/bootstrap.js.map +1 -1
- package/package.json +1 -1
package/dist/bootstrap.js
CHANGED
|
@@ -3333,7 +3333,7 @@ function writeConfigEnv(opts) {
|
|
|
3333
3333
|
`SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
|
|
3334
3334
|
`SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
|
|
3335
3335
|
`SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
|
|
3336
|
-
`SYNKRO_VERSION=${shellQuoteSingle("1.3.
|
|
3336
|
+
`SYNKRO_VERSION=${shellQuoteSingle("1.3.25")}`
|
|
3337
3337
|
];
|
|
3338
3338
|
if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
|
|
3339
3339
|
if (safeOrgId) lines.push(`SYNKRO_ORG_ID=${shellQuoteSingle(safeOrgId)}`);
|
|
@@ -4381,14 +4381,38 @@ function getPrFiles(repo, prNumber) {
|
|
|
4381
4381
|
]);
|
|
4382
4382
|
return data;
|
|
4383
4383
|
}
|
|
4384
|
+
function getLastReviewedSha(repo, prNumber) {
|
|
4385
|
+
try {
|
|
4386
|
+
const reviews = ghJson([
|
|
4387
|
+
"api",
|
|
4388
|
+
`/repos/${repo}/pulls/${prNumber}/reviews?per_page=100`
|
|
4389
|
+
]);
|
|
4390
|
+
const synkro = reviews.filter((r) => r.body?.includes("Synkro Security Review")).sort((a, b) => new Date(b.submitted_at).getTime() - new Date(a.submitted_at).getTime());
|
|
4391
|
+
return synkro.length > 0 ? synkro[0].commit_id : null;
|
|
4392
|
+
} catch {
|
|
4393
|
+
return null;
|
|
4394
|
+
}
|
|
4395
|
+
}
|
|
4396
|
+
function getChangedFilesSince(repo, baseSha, headSha) {
|
|
4397
|
+
try {
|
|
4398
|
+
const data = ghJson([
|
|
4399
|
+
"api",
|
|
4400
|
+
`/repos/${repo}/compare/${baseSha}...${headSha}`
|
|
4401
|
+
]);
|
|
4402
|
+
return (data.files || []).map((f) => f.filename);
|
|
4403
|
+
} catch {
|
|
4404
|
+
return null;
|
|
4405
|
+
}
|
|
4406
|
+
}
|
|
4384
4407
|
async function fetchScanContext(gatewayUrl, apiKey, repo, prNumber, sha) {
|
|
4408
|
+
const lastSha = getLastReviewedSha(repo, prNumber);
|
|
4409
|
+
const changedFiles = lastSha && lastSha !== sha ? getChangedFilesSince(repo, lastSha, sha) : void 0;
|
|
4385
4410
|
try {
|
|
4386
|
-
const url = `${gatewayUrl.replace(/\/$/, "")}/api/pr-scans/scan-context
|
|
4387
|
-
const headers = { "x-synkro-api-key": apiKey };
|
|
4388
|
-
const ghToken = process.env.GH_TOKEN || process.env.GITHUB_TOKEN || "";
|
|
4389
|
-
if (ghToken) headers["x-github-token"] = ghToken;
|
|
4411
|
+
const url = `${gatewayUrl.replace(/\/$/, "")}/api/pr-scans/scan-context`;
|
|
4390
4412
|
const resp = await fetch(url, {
|
|
4391
|
-
|
|
4413
|
+
method: "POST",
|
|
4414
|
+
headers: { "x-synkro-api-key": apiKey, "Content-Type": "application/json" },
|
|
4415
|
+
body: JSON.stringify({ sha, last_reviewed_sha: lastSha, changed_files: changedFiles }),
|
|
4392
4416
|
signal: AbortSignal.timeout(15e3)
|
|
4393
4417
|
});
|
|
4394
4418
|
if (!resp.ok) return { scan_all: true };
|