npm - @synkro-sh/cli - Versions diffs - 1.3.40 → 1.3.41 - Mend

@synkro-sh/cli 1.3.40 → 1.3.41

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/bootstrap.js CHANGED Viewed

@@ -3746,7 +3746,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.3.40")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.3.41")}`
   ];
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
   if (safeOrgId) lines.push(`SYNKRO_ORG_ID=${shellQuoteSingle(safeOrgId)}`);
@@ -4793,54 +4793,9 @@ async function ensureOpenPr(repo, prNumber, sha) {
   try {
     pr = ghJson(["api", `/repos/${repo}/pulls/${prNumber}`]);
   } catch {
-    return { prNumber, sha, branched: false };
-  }
-  if (pr.state === "open") {
-    return { prNumber, sha, branched: false };
-  }
-  if (pr.merged) {
-    console.log(`PR #${prNumber} is merged. Scanning original diff and posting findings there.
-`);
-    return { prNumber, sha: pr.head.sha, branched: false };
-  }
-  console.log(`PR #${prNumber} is closed. Creating a scan branch...
-`);
-  const scanBranch = `synkro/scan-${pr.head.ref}-${Date.now()}`;
-  try {
-    execSync5(`gh api -X POST /repos/${repo}/git/refs --input -`, {
-      encoding: "utf-8",
-      input: JSON.stringify({ ref: `refs/heads/${scanBranch}`, sha: pr.head.sha }),
-      stdio: ["pipe", "pipe", "pipe"]
-    });
-  } catch (err) {
-    console.warn(`Failed to create scan branch: ${err.message}`);
-    return { prNumber, sha, branched: false };
-  }
-  try {
-    const newPrBody = `Security scan of closed PR #${prNumber} (\`${pr.head.ref}\`).
-This PR contains no code changes \u2014 it exists so Synkro can post review findings on an active PR.`;
-    const result = ghJson([
-      "api",
-      "-X",
-      "POST",
-      `/repos/${repo}/pulls`,
-      "-f",
-      `title=Synkro Scan: ${pr.title}`,
-      "-f",
-      `body=${newPrBody}`,
-      "-f",
-      `head=${scanBranch}`,
-      "-f",
-      `base=${pr.base.ref}`
-    ]);
-    console.log(`Opened PR #${result.number} for scan findings.
-`);
-    return { prNumber: result.number, sha: result.head.sha, branched: true };
-  } catch (err) {
-    console.warn(`Failed to open scan PR: ${err.message}`);
-    return { prNumber, sha, branched: false };
+    return { prNumber, sha, branched: false, prState: "unknown", merged: false };
   }
+  return { prNumber, sha: pr.head.sha, branched: false, prState: pr.state, merged: pr.merged };
 }
 function getPrFiles(repo, prNumber) {
   const data = ghJson([
@@ -5117,7 +5072,28 @@ ${linesStr}: ${first.description}
     severity: maxSeverity
   };
 }
-function postPrReview(repo, prNumber, sha, review) {
+function postPrReview(repo, prNumber, sha, review, skipLineReview = false) {
+  function postIssueComment() {
+    try {
+      const body = `## \u{1F512} Synkro Security Review
+${review.summary}
+` + review.comments.map((c) => `**${c.path}:${c.line}** \u2014 ${c.body}`).join("\n\n");
+      execSync5(`gh api -X POST /repos/${repo}/issues/${prNumber}/comments --input -`, {
+        encoding: "utf-8",
+        input: JSON.stringify({ body }),
+        stdio: ["pipe", "ignore", "pipe"]
+      });
+      console.log("  \u2713 Posted issue comment with findings.");
+    } catch (err) {
+      console.warn("Failed to post issue comment:", err.message);
+    }
+  }
+  if (skipLineReview) {
+    postIssueComment();
+    return;
+  }
   const preferredEvent = review.severity === "critical" || review.severity === "high" ? "REQUEST_CHANGES" : "COMMENT";
   function tryPost(event) {
     const body = JSON.stringify({
@@ -5143,27 +5119,12 @@ ${review.summary}`,
       if (combined.includes("own pull request") && event === "REQUEST_CHANGES") {
         return false;
       }
-      console.warn(`Failed to post review: ${(stderr || stdout || err.message).slice(0, 200)}`);
       return false;
     }
   }
   if (tryPost(preferredEvent)) return;
   if (preferredEvent === "REQUEST_CHANGES" && tryPost("COMMENT")) return;
-  try {
-    const fallbackBody = `## \u{1F512} Synkro Security Review
-${review.summary}
-` + review.comments.map((c) => `**${c.path}:${c.line}** \u2014 ${c.body}`).join("\n\n");
-    execSync5(`gh api -X POST /repos/${repo}/issues/${prNumber}/comments --input -`, {
-      encoding: "utf-8",
-      input: JSON.stringify({ body: fallbackBody }),
-      stdio: ["pipe", "ignore", "pipe"]
-    });
-    console.log("  \u2713 Posted fallback issue comment.");
-  } catch (err2) {
-    console.warn("Failed to post fallback comment:", err2.message);
-  }
+  postIssueComment();
 }
 function postCheckRun(repo, sha, conclusion, findings) {
   const summary = findings.length === 0 ? "No security findings." : `${findings.length} finding(s):
@@ -5318,7 +5279,8 @@ Total: ${allFindings.length} finding(s) across ${eligible.length} file(s) in ${t
     const review = await spawnOpusConsolidator(allFindings, claudeToken);
     console.log(`  \u2192 ${review.comments.length} review comment(s), severity: ${review.severity}`);
     if (review.comments.length > 0) {
-      postPrReview(repo, activePrNumber, activeSha, review);
+      const skipLineReview = prTarget.prState === "closed" && !prTarget.merged;
+      postPrReview(repo, activePrNumber, activeSha, review, skipLineReview);
     }
   }
   const conclusion = shouldFail(allFindings, failThreshold) ? "failure" : "success";