@synkro-sh/cli 1.3.24 → 1.3.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bootstrap.js +32 -12
- package/dist/bootstrap.js.map +1 -1
- package/package.json +1 -1
package/dist/bootstrap.js
CHANGED
|
@@ -3333,7 +3333,7 @@ function writeConfigEnv(opts) {
|
|
|
3333
3333
|
`SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
|
|
3334
3334
|
`SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
|
|
3335
3335
|
`SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
|
|
3336
|
-
`SYNKRO_VERSION=${shellQuoteSingle("1.3.
|
|
3336
|
+
`SYNKRO_VERSION=${shellQuoteSingle("1.3.25")}`
|
|
3337
3337
|
];
|
|
3338
3338
|
if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
|
|
3339
3339
|
if (safeOrgId) lines.push(`SYNKRO_ORG_ID=${shellQuoteSingle(safeOrgId)}`);
|
|
@@ -4381,23 +4381,43 @@ function getPrFiles(repo, prNumber) {
|
|
|
4381
4381
|
]);
|
|
4382
4382
|
return data;
|
|
4383
4383
|
}
|
|
4384
|
+
function getLastReviewedSha(repo, prNumber) {
|
|
4385
|
+
try {
|
|
4386
|
+
const reviews = ghJson([
|
|
4387
|
+
"api",
|
|
4388
|
+
`/repos/${repo}/pulls/${prNumber}/reviews?per_page=100`
|
|
4389
|
+
]);
|
|
4390
|
+
const synkro = reviews.filter((r) => r.body?.includes("Synkro Security Review")).sort((a, b) => new Date(b.submitted_at).getTime() - new Date(a.submitted_at).getTime());
|
|
4391
|
+
return synkro.length > 0 ? synkro[0].commit_id : null;
|
|
4392
|
+
} catch {
|
|
4393
|
+
return null;
|
|
4394
|
+
}
|
|
4395
|
+
}
|
|
4396
|
+
function getChangedFilesSince(repo, baseSha, headSha) {
|
|
4397
|
+
try {
|
|
4398
|
+
const data = ghJson([
|
|
4399
|
+
"api",
|
|
4400
|
+
`/repos/${repo}/compare/${baseSha}...${headSha}`
|
|
4401
|
+
]);
|
|
4402
|
+
return (data.files || []).map((f) => f.filename);
|
|
4403
|
+
} catch {
|
|
4404
|
+
return null;
|
|
4405
|
+
}
|
|
4406
|
+
}
|
|
4384
4407
|
async function fetchScanContext(gatewayUrl, apiKey, repo, prNumber, sha) {
|
|
4408
|
+
const lastSha = getLastReviewedSha(repo, prNumber);
|
|
4409
|
+
const changedFiles = lastSha && lastSha !== sha ? getChangedFilesSince(repo, lastSha, sha) : void 0;
|
|
4385
4410
|
try {
|
|
4386
|
-
const url = `${gatewayUrl.replace(/\/$/, "")}/api/pr-scans/scan-context
|
|
4387
|
-
const headers = { "x-synkro-api-key": apiKey };
|
|
4388
|
-
const ghToken = process.env.GH_TOKEN || process.env.GITHUB_TOKEN || "";
|
|
4389
|
-
if (ghToken) headers["x-github-token"] = ghToken;
|
|
4390
|
-
console.log(`[scan-context] POST ${url}`);
|
|
4411
|
+
const url = `${gatewayUrl.replace(/\/$/, "")}/api/pr-scans/scan-context`;
|
|
4391
4412
|
const resp = await fetch(url, {
|
|
4392
|
-
|
|
4413
|
+
method: "POST",
|
|
4414
|
+
headers: { "x-synkro-api-key": apiKey, "Content-Type": "application/json" },
|
|
4415
|
+
body: JSON.stringify({ sha, last_reviewed_sha: lastSha, changed_files: changedFiles }),
|
|
4393
4416
|
signal: AbortSignal.timeout(15e3)
|
|
4394
4417
|
});
|
|
4395
|
-
const body = await resp.text();
|
|
4396
|
-
console.log(`[scan-context] ${resp.status}: ${body.slice(0, 300)}`);
|
|
4397
4418
|
if (!resp.ok) return { scan_all: true };
|
|
4398
|
-
return
|
|
4399
|
-
} catch
|
|
4400
|
-
console.warn(`[scan-context] error: ${err.message}`);
|
|
4419
|
+
return await resp.json();
|
|
4420
|
+
} catch {
|
|
4401
4421
|
return { scan_all: true };
|
|
4402
4422
|
}
|
|
4403
4423
|
}
|