@vyuhlabs/dxkit 2.6.0 → 2.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +103 -13
- package/README.md +208 -459
- package/dist/analyzers/bom/discovery.d.ts +3 -4
- package/dist/analyzers/bom/discovery.d.ts.map +1 -1
- package/dist/analyzers/bom/discovery.js +3 -4
- package/dist/analyzers/bom/discovery.js.map +1 -1
- package/dist/analyzers/bom/types.d.ts +1 -1
- package/dist/analyzers/dashboard/index.d.ts.map +1 -1
- package/dist/analyzers/dashboard/index.js +42 -5
- package/dist/analyzers/dashboard/index.js.map +1 -1
- package/dist/analyzers/developer/gather.d.ts.map +1 -1
- package/dist/analyzers/developer/gather.js +9 -9
- package/dist/analyzers/developer/gather.js.map +1 -1
- package/dist/analyzers/quality/detailed.d.ts +8 -1
- package/dist/analyzers/quality/detailed.d.ts.map +1 -1
- package/dist/analyzers/quality/detailed.js +43 -10
- package/dist/analyzers/quality/detailed.js.map +1 -1
- package/dist/analyzers/quality/gather.js +3 -3
- package/dist/analyzers/quality/gather.js.map +1 -1
- package/dist/analyzers/security/detailed.d.ts +8 -1
- package/dist/analyzers/security/detailed.d.ts.map +1 -1
- package/dist/analyzers/security/detailed.js +14 -1
- package/dist/analyzers/security/detailed.js.map +1 -1
- package/dist/analyzers/security/gather.d.ts.map +1 -1
- package/dist/analyzers/security/gather.js +12 -3
- package/dist/analyzers/security/gather.js.map +1 -1
- package/dist/analyzers/tests/detailed.d.ts +8 -1
- package/dist/analyzers/tests/detailed.d.ts.map +1 -1
- package/dist/analyzers/tests/detailed.js +26 -7
- package/dist/analyzers/tests/detailed.js.map +1 -1
- package/dist/analyzers/tools/cloc.js +5 -5
- package/dist/analyzers/tools/cloc.js.map +1 -1
- package/dist/analyzers/tools/exclusions.d.ts +12 -12
- package/dist/analyzers/tools/exclusions.d.ts.map +1 -1
- package/dist/analyzers/tools/exclusions.js +27 -13
- package/dist/analyzers/tools/exclusions.js.map +1 -1
- package/dist/analyzers/tools/generic.d.ts.map +1 -1
- package/dist/analyzers/tools/generic.js +52 -14
- package/dist/analyzers/tools/generic.js.map +1 -1
- package/dist/analyzers/tools/gitleaks.d.ts.map +1 -1
- package/dist/analyzers/tools/gitleaks.js +28 -3
- package/dist/analyzers/tools/gitleaks.js.map +1 -1
- package/dist/analyzers/tools/graphify.d.ts +39 -5
- package/dist/analyzers/tools/graphify.d.ts.map +1 -1
- package/dist/analyzers/tools/graphify.js +609 -45
- package/dist/analyzers/tools/graphify.js.map +1 -1
- package/dist/analyzers/tools/grep-secrets.d.ts.map +1 -1
- package/dist/analyzers/tools/grep-secrets.js +1 -1
- package/dist/analyzers/tools/grep-secrets.js.map +1 -1
- package/dist/analyzers/tools/jscpd.d.ts.map +1 -1
- package/dist/analyzers/tools/jscpd.js +2 -1
- package/dist/analyzers/tools/jscpd.js.map +1 -1
- package/dist/analyzers/tools/nuget-package-reference.d.ts +4 -4
- package/dist/analyzers/tools/nuget-package-reference.js +4 -4
- package/dist/analyzers/tools/osv-scanner-deps.d.ts.map +1 -1
- package/dist/analyzers/tools/osv-scanner-deps.js +1 -1
- package/dist/analyzers/tools/osv-scanner-deps.js.map +1 -1
- package/dist/analyzers/tools/osv-scanner-fix.d.ts +4 -5
- package/dist/analyzers/tools/osv-scanner-fix.d.ts.map +1 -1
- package/dist/analyzers/tools/osv-scanner-fix.js +4 -5
- package/dist/analyzers/tools/osv-scanner-fix.js.map +1 -1
- package/dist/analyzers/tools/parallel.d.ts.map +1 -1
- package/dist/analyzers/tools/parallel.js +7 -0
- package/dist/analyzers/tools/parallel.js.map +1 -1
- package/dist/analyzers/tools/runner.d.ts +35 -2
- package/dist/analyzers/tools/runner.d.ts.map +1 -1
- package/dist/analyzers/tools/runner.js +112 -3
- package/dist/analyzers/tools/runner.js.map +1 -1
- package/dist/analyzers/tools/semgrep.d.ts.map +1 -1
- package/dist/analyzers/tools/semgrep.js +3 -1
- package/dist/analyzers/tools/semgrep.js.map +1 -1
- package/dist/analyzers/tools/tool-registry.d.ts +18 -0
- package/dist/analyzers/tools/tool-registry.d.ts.map +1 -1
- package/dist/analyzers/tools/tool-registry.js +140 -53
- package/dist/analyzers/tools/tool-registry.js.map +1 -1
- package/dist/analyzers/tools/tools-config.d.ts +46 -0
- package/dist/analyzers/tools/tools-config.d.ts.map +1 -0
- package/dist/analyzers/tools/tools-config.js +129 -0
- package/dist/analyzers/tools/tools-config.js.map +1 -0
- package/dist/analyzers/tools/vendored-advisor.d.ts.map +1 -1
- package/dist/analyzers/tools/vendored-advisor.js +3 -4
- package/dist/analyzers/tools/vendored-advisor.js.map +1 -1
- package/dist/analyzers/tools/walk-source-files.d.ts +8 -0
- package/dist/analyzers/tools/walk-source-files.d.ts.map +1 -1
- package/dist/analyzers/tools/walk-source-files.js +49 -4
- package/dist/analyzers/tools/walk-source-files.js.map +1 -1
- package/dist/analyzers/xlsx/licenses.d.ts +7 -7
- package/dist/analyzers/xlsx/licenses.js +7 -7
- package/dist/baseline/baseline-file.d.ts +8 -0
- package/dist/baseline/baseline-file.d.ts.map +1 -1
- package/dist/baseline/baseline-file.js.map +1 -1
- package/dist/baseline/check-renderers.d.ts.map +1 -1
- package/dist/baseline/check-renderers.js +10 -0
- package/dist/baseline/check-renderers.js.map +1 -1
- package/dist/baseline/check.d.ts +7 -0
- package/dist/baseline/check.d.ts.map +1 -1
- package/dist/baseline/check.js +2 -0
- package/dist/baseline/check.js.map +1 -1
- package/dist/baseline/coverage.d.ts +57 -0
- package/dist/baseline/coverage.d.ts.map +1 -0
- package/dist/baseline/coverage.js +62 -0
- package/dist/baseline/coverage.js.map +1 -0
- package/dist/baseline/create.d.ts +13 -0
- package/dist/baseline/create.d.ts.map +1 -1
- package/dist/baseline/create.js +21 -0
- package/dist/baseline/create.js.map +1 -1
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +123 -4
- package/dist/cli.js.map +1 -1
- package/dist/dashboard/graph-adapter.d.ts +151 -0
- package/dist/dashboard/graph-adapter.d.ts.map +1 -0
- package/dist/dashboard/graph-adapter.js +415 -0
- package/dist/dashboard/graph-adapter.js.map +1 -0
- package/dist/dashboard/graph-tab.d.ts +109 -0
- package/dist/dashboard/graph-tab.d.ts.map +1 -0
- package/dist/dashboard/graph-tab.js +297 -0
- package/dist/dashboard/graph-tab.js.map +1 -0
- package/dist/dashboard/vendor/vis-network.min.js +34 -0
- package/dist/doctor.d.ts.map +1 -1
- package/dist/doctor.js +6 -7
- package/dist/doctor.js.map +1 -1
- package/dist/explore/cli/api-surface.d.ts +12 -0
- package/dist/explore/cli/api-surface.d.ts.map +1 -0
- package/dist/explore/cli/api-surface.js +57 -0
- package/dist/explore/cli/api-surface.js.map +1 -0
- package/dist/explore/cli/communities.d.ts +10 -0
- package/dist/explore/cli/communities.d.ts.map +1 -0
- package/dist/explore/cli/communities.js +47 -0
- package/dist/explore/cli/communities.js.map +1 -0
- package/dist/explore/cli/context.d.ts +16 -0
- package/dist/explore/cli/context.d.ts.map +1 -0
- package/dist/explore/cli/context.js +118 -0
- package/dist/explore/cli/context.js.map +1 -0
- package/dist/explore/cli/entry-points.d.ts +12 -0
- package/dist/explore/cli/entry-points.d.ts.map +1 -0
- package/dist/explore/cli/entry-points.js +85 -0
- package/dist/explore/cli/entry-points.js.map +1 -0
- package/dist/explore/cli/feature.d.ts +16 -0
- package/dist/explore/cli/feature.d.ts.map +1 -0
- package/dist/explore/cli/feature.js +89 -0
- package/dist/explore/cli/feature.js.map +1 -0
- package/dist/explore/cli/file.d.ts +12 -0
- package/dist/explore/cli/file.d.ts.map +1 -0
- package/dist/explore/cli/file.js +139 -0
- package/dist/explore/cli/file.js.map +1 -0
- package/dist/explore/cli/hot-files.d.ts +11 -0
- package/dist/explore/cli/hot-files.d.ts.map +1 -0
- package/dist/explore/cli/hot-files.js +63 -0
- package/dist/explore/cli/hot-files.js.map +1 -0
- package/dist/explore/context-hook.d.ts +42 -0
- package/dist/explore/context-hook.d.ts.map +1 -0
- package/dist/explore/context-hook.js +131 -0
- package/dist/explore/context-hook.js.map +1 -0
- package/dist/explore/finding-context.d.ts +69 -0
- package/dist/explore/finding-context.d.ts.map +1 -0
- package/dist/explore/finding-context.js +102 -0
- package/dist/explore/finding-context.js.map +1 -0
- package/dist/explore/format.d.ts +64 -0
- package/dist/explore/format.d.ts.map +1 -0
- package/dist/explore/format.js +99 -0
- package/dist/explore/format.js.map +1 -0
- package/dist/explore/load.d.ts +50 -0
- package/dist/explore/load.d.ts.map +1 -0
- package/dist/explore/load.js +197 -0
- package/dist/explore/load.js.map +1 -0
- package/dist/explore/queries.d.ts +413 -0
- package/dist/explore/queries.d.ts.map +1 -0
- package/dist/explore/queries.js +855 -0
- package/dist/explore/queries.js.map +1 -0
- package/dist/explore/types.d.ts +130 -0
- package/dist/explore/types.d.ts.map +1 -0
- package/dist/explore/types.js +28 -0
- package/dist/explore/types.js.map +1 -0
- package/dist/explore-cli.d.ts +45 -0
- package/dist/explore-cli.d.ts.map +1 -0
- package/dist/explore-cli.js +213 -0
- package/dist/explore-cli.js.map +1 -0
- package/dist/generator.d.ts.map +1 -1
- package/dist/generator.js +19 -0
- package/dist/generator.js.map +1 -1
- package/dist/languages/csharp.d.ts.map +1 -1
- package/dist/languages/csharp.js +58 -26
- package/dist/languages/csharp.js.map +1 -1
- package/dist/languages/go.d.ts.map +1 -1
- package/dist/languages/go.js +17 -14
- package/dist/languages/go.js.map +1 -1
- package/dist/languages/index.d.ts +27 -0
- package/dist/languages/index.d.ts.map +1 -1
- package/dist/languages/index.js +35 -0
- package/dist/languages/index.js.map +1 -1
- package/dist/languages/java.d.ts.map +1 -1
- package/dist/languages/java.js +13 -10
- package/dist/languages/java.js.map +1 -1
- package/dist/languages/kotlin.d.ts.map +1 -1
- package/dist/languages/kotlin.js +13 -10
- package/dist/languages/kotlin.js.map +1 -1
- package/dist/languages/python.d.ts.map +1 -1
- package/dist/languages/python.js +31 -20
- package/dist/languages/python.js.map +1 -1
- package/dist/languages/ruby.d.ts.map +1 -1
- package/dist/languages/ruby.js +30 -16
- package/dist/languages/ruby.js.map +1 -1
- package/dist/languages/rust.d.ts.map +1 -1
- package/dist/languages/rust.js +16 -13
- package/dist/languages/rust.js.map +1 -1
- package/dist/languages/types.d.ts +54 -0
- package/dist/languages/types.d.ts.map +1 -1
- package/dist/languages/typescript.d.ts.map +1 -1
- package/dist/languages/typescript.js +22 -19
- package/dist/languages/typescript.js.map +1 -1
- package/dist/tools-cli.d.ts.map +1 -1
- package/dist/tools-cli.js +10 -4
- package/dist/tools-cli.js.map +1 -1
- package/dist/upgrade.js +2 -2
- package/dist/upgrade.js.map +1 -1
- package/package.json +2 -1
- package/templates/.claude/skills/dxkit-action/SKILL.md +21 -1
- package/templates/.claude/skills/dxkit-config/SKILL.md +26 -0
- package/templates/.claude/skills/dxkit-fix/SKILL.md +10 -0
- package/templates/.claude/skills/dxkit-reports/SKILL.md +3 -1
- package/templates/AGENTS.md.template +8 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphify.js","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"graphify.js","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqsBA,oDAKC;AAmBD,kDAWC;AAsLD,sDAiBC;AA/6BD;;;;;;;;;;;;;;;;GAgBG;AACH,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAC7B,qCAAuC;AACvC,mDAAsD;AACtD,6CAAsD;AACtD,mCAA4C;AAG5C,+CAAwE;AAiBxE,8EAA8E;AAC9E,SAAS,mBAAmB,CAAC,GAAW;IACtC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,IAAA,mCAAsB,EAAC,GAAG,CAAC,CAAC;IAC1E,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAqCQ,OAAO;kBACN,SAAS;uBACJ,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2jBnC,CAAC;AACF,CAAC;AAyBD;;;;;;;;GAQG;AACH,MAAM,eAAe,GAAG,IAAI,GAAG,EAAmC,CAAC;AACnE,MAAM,UAAU,GAAG,IAAI,GAAG,EAA8B,CAAC;AAEzD;;;;;;;GAOG;AACH,MAAM,WAAW,GAAG,IAAI,GAAG,EAAyB,CAAC;AAErD;;;;GAIG;AACI,KAAK,UAAU,oBAAoB,CAAC,GAAW;IACpD,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,mEAAmE;IACnE,mBAAmB;IACnB,OAAO,eAAe,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;AACnC,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACI,KAAK,UAAU,mBAAmB,CACvC,GAAW,EACX,OAAkC,EAAE;IAEpC,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;IACrC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,KAAK,KAAK,CAAC;IAC/C,IAAI,WAAW,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC9C,kBAAkB,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,GAAW,EAAE,KAAgB;IACvD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,yBAAiB,CAAC,CAAC;IAClD,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,yBAAiB,KAAK,GAAG,IAAI,CAAC,CAAC;IAChF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAW;IACxC,4DAA4D;IAC5D,IAAI,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO;IAC5D,IAAI,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC,CAAC,EAAE,CAAC;QACP,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE;YACpC,0DAA0D;YAC1D,0DAA0D;YAC1D,qDAAqD;YACrD,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1B,CAAC,CAAC,CAAC;QACH,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAW;IACxC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,eAAe,CAAC;QAC/B,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,oEAAoE;IACpE,gEAAgE;IAChE,mEAAmE;IACnE,iCAAiC;IACjC,MAAM,SAAS,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,iBAAiB,CAAC,CAAC,CAAC;IAC5E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAClD,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,2DAA2D;IAC3D,2DAA2D;IAC3D,+DAA+D;IAC/D,6DAA6D;IAC7D,2DAA2D;IAC3D,2DAA2D;IAC3D,8DAA8D;IAC9D,+CAA+C;IAC/C,EAAE;IACF,gEAAgE;IAChE,iEAAiE;IACjE,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAW,EAAC,SAAS,EAAE,CAAC,UAAU,EAAE,GAAG,CAAC,EAAE;QAC9D,GAAG,EAAE,SAAS;QACd,SAAS,EAAE,MAAM,EAAE,6EAA6E;KACjG,CAAC,CAAC;IACH,IAAI,CAAC;QACH,EAAE,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;IACD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9B,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAE5C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,IAAI,MAAc,CAAC;QACnB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,GAAG,gEAAgE,CAAC;QAC5E,CAAC;aAAM,CAAC;YACN,+DAA+D;YAC/D,+DAA+D;YAC/D,8DAA8D;YAC9D,iDAAiD;YACjD,MAAM,eAAe,GAAG,aAAa;iBAClC,KAAK,CAAC,IAAI,CAAC;iBACX,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;gBACjC,EAAE,IAAI,EAAE,CAAC;YACX,MAAM,GAAG,eAAe;gBACtB,CAAC,CAAC,WAAW,eAAe,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,EAAE;gBACrG,CAAC,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,KAAK,IAAI;oBAC3C,CAAC,CAAC,yBAAyB,OAAO,CAAC,IAAI,2DAA2D;oBAClG,CAAC,CAAC,oCAAoC,CAAC;QAC7C,CAAC;QACD,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,mFAAmF;IACnF,MAAM,QAAQ,GAAG,MAAM;SACpB,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;SAChC,GAAG,EAAE,CAAC;IACT,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,MAAM,GAAG,gBAAgB,CAAC;QAChC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,IAAI,IAAyC,CAAC;IAC9C,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAwC,CAAC;IACrE,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,MAAM,GAAG,aAAa,CAAC;QAC7B,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC;QAC1B,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,qDAAqD;IACrD,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,qBAAqB,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;IAE1F,+DAA+D;IAC/D,8DAA8D;IAC9D,kEAAkE;IAClE,yBAAyB;IACzB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,YAAY,GAAG,gBAAgB,EAAE,CAAC;QACxC,MAAM,aAAa,GAAc;YAC/B,GAAG,IAAI,CAAC,KAAK;YACb,IAAI,EAAE;gBACJ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI;gBAClB,YAAY;aACb;SACF,CAAC;QACF,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC;IACjE,CAAC;SAAM,CAAC;QACN,gEAAgE;QAChE,2DAA2D;QAC3D,0CAA0C;QAC1C,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,wDAAwD;SACjE,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,gBAAgB;IACvB,IAAI,CAAC;QACH,2DAA2D;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QAC1E,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAyB,CAAC;QAClF,OAAO,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAgB,qBAAqB,CAAC,IAAoB,EAAE,GAAW;IACrE,OAAO;QACL,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,UAAU;QAChB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;QAC3C,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;YAC7C,CAAC,CAAC,IAAA,yBAAiB,EAAC,GAAG,EAAE,IAAI,CAAC,oBAAoB,CAAC;YACnD,CAAC,CAAC,EAAE;QACN,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;QACzC,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;KAC5C,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,uEAAuE;AACvE,uEAAuE;AACvE,+DAA+D;AAC/D,gEAAgE;AAChE,oEAAoE;AACpE,qEAAqE;AACxD,QAAA,gBAAgB,GAEzB;IACF,MAAM,EAAE,UAAU;IAClB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAChD,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,CAAC;IACD,KAAK,CAAC,aAAa,CAAC,GAAG;QACrB,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACnC,CAAC;CACF,CAAC;AAEF,sFAAsF;AACtF,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IACjD,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;AAC/C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grep-secrets.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/grep-secrets.ts"],"names":[],"mappings":"AAqBA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,KAAK,EAAiB,aAAa,EAAE,MAAM,oCAAoC,CAAC;AA0BvF,4FAA4F;AAC5F,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI,
|
|
1
|
+
{"version":3,"file":"grep-secrets.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/grep-secrets.ts"],"names":[],"mappings":"AAqBA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,KAAK,EAAiB,aAAa,EAAE,MAAM,oCAAoC,CAAC;AA0BvF,4FAA4F;AAC5F,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI,CAsDzE;AAED,eAAO,MAAM,mBAAmB,EAAE,kBAAkB,CAAC,aAAa,CAKjE,CAAC"}
|
|
@@ -94,7 +94,7 @@ function gatherGrepSecretsResult(cwd) {
|
|
|
94
94
|
const raw = [];
|
|
95
95
|
for (const sp of PATTERNS) {
|
|
96
96
|
// Single-quoted pattern + -E for extended regex. Per the feedback memory.
|
|
97
|
-
const output = (0, runner_1.run)(`grep -rnE '${sp.pattern}' ${includeFlags} ${excludes} .
|
|
97
|
+
const output = (0, runner_1.run)(`grep -rnE '${sp.pattern}' ${includeFlags} ${excludes} . | head -50`, cwd);
|
|
98
98
|
if (!output)
|
|
99
99
|
continue;
|
|
100
100
|
for (const line of output.split('\n').filter((l) => l.trim())) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"grep-secrets.js","sourceRoot":"","sources":["../../../src/analyzers/tools/grep-secrets.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiDA,
|
|
1
|
+
{"version":3,"file":"grep-secrets.js","sourceRoot":"","sources":["../../../src/analyzers/tools/grep-secrets.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiDA,0DAsDC;AAvGD;;;;;;;;;;;;;GAaG;AACH,2CAA6B;AAC7B,qCAA+B;AAC/B,mDAAsD;AACtD,6CAAsE;AACtE,mCAA4C;AAC5C,iDAAqE;AACrE,+CAAsD;AAStD;;;;GAIG;AACH,MAAM,QAAQ,GAAkB;IAC9B,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,oBAAoB,EAAE;IACnE,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,mBAAmB,EAAE;IACrE,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,kBAAkB,EAAE;IAC/D,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,uBAAuB,EAAE;IAChE,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACvD,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,cAAc,EAAE;IACxD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,mBAAmB,EAAE;CAC7D,CAAC;AAEF,SAAS,WAAW,CAAC,IAAY;IAC/B,OAAO,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC;AACzF,CAAC;AAED,4FAA4F;AAC5F,SAAgB,uBAAuB,CAAC,GAAW;IACjD,qEAAqE;IACrE,0EAA0E;IAC1E,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IACnD,IAAI,QAAQ,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAEpC,MAAM,QAAQ,GAAG,IAAA,mCAAsB,EAAC,GAAG,CAAC,CAAC;IAC7C,mEAAmE;IACnE,uDAAuD;IACvD,oEAAoE;IACpE,mEAAmE;IACnE,+DAA+D;IAC/D,8DAA8D;IAC9D,MAAM,YAAY,GAAG,IAAA,+BAAmB,GAAE;SACvC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC;SAC/B,IAAI,CAAC,GAAG,CAAC,CAAC;IAEb,MAAM,GAAG,GAAoB,EAAE,CAAC;IAChC,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC1B,0EAA0E;QAC1E,MAAM,MAAM,GAAG,IAAA,YAAG,EAAC,cAAc,EAAE,CAAC,OAAO,KAAK,YAAY,IAAI,QAAQ,eAAe,EAAE,GAAG,CAAC,CAAC;QAC9F,IAAI,CAAC,MAAM;YAAE,SAAS;QACtB,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9D,8CAA8C;YAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC9C,IAAI,CAAC,KAAK;gBAAE,SAAS;YACrB,MAAM,IAAI,GAAG,IAAA,yBAAiB,EAAC,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9D,IAAI,IAAA,2BAAc,EAAC,GAAG,EAAE,IAAI,CAAC;gBAAE,SAAS;YACxC,GAAG,CAAC,IAAI,CAAC;gBACP,IAAI;gBACJ,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;gBAC5B,IAAI,EAAE,EAAE,CAAC,IAAI;gBACb,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC,IAAI,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wEAAwE;IACxE,sDAAsD;IACtD,MAAM,YAAY,GAAG,IAAA,+BAAgB,EAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,IAAA,gCAAiB,EAC5C,GAAG,EACH,YAAY,CAAC,QAAQ,EACrB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EACb,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CACd,CAAC;IAEF,OAAO;QACL,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,IAAI;QACd,eAAe,EAAE,UAAU,CAAC,MAAM;KACnC,CAAC;AACJ,CAAC;AAEY,QAAA,mBAAmB,GAAsC;IACpE,MAAM,EAAE,cAAc;IACtB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,OAAO,uBAAuB,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jscpd.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/jscpd.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;
|
|
1
|
+
{"version":3,"file":"jscpd.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/jscpd.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAMH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,KAAK,EAAoB,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAuB9F;;;;;GAKG;AACH,MAAM,MAAM,wBAAwB,GAChC;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,QAAQ,EAAE,iBAAiB,CAAA;CAAE,GAChD;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AA8C5C;;;;;;;;;;;GAWG;AACH,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAqGtF;AAED;;;GAGG;AAUH,eAAO,MAAM,aAAa,EAAE,kBAAkB,CAAC,iBAAiB,CAAC,GAAG;IAClE,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAAC;CAU/D,CAAC"}
|
|
@@ -51,6 +51,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
51
51
|
exports.jscpdProvider = void 0;
|
|
52
52
|
exports.gatherJscpdResult = gatherJscpdResult;
|
|
53
53
|
const fs = __importStar(require("fs"));
|
|
54
|
+
const os = __importStar(require("os"));
|
|
54
55
|
const path = __importStar(require("path"));
|
|
55
56
|
const languages_1 = require("../../languages");
|
|
56
57
|
const exclusions_1 = require("./exclusions");
|
|
@@ -114,7 +115,7 @@ async function gatherJscpdResult(cwd) {
|
|
|
114
115
|
const status = (0, tool_registry_1.findTool)(tool_registry_1.TOOL_DEFS.jscpd, cwd);
|
|
115
116
|
if (!status.available || !status.path)
|
|
116
117
|
return { kind: 'unavailable', reason: 'not installed' };
|
|
117
|
-
const reportDir =
|
|
118
|
+
const reportDir = path.join(os.tmpdir(), `dxkit-jscpd-${Date.now()}`);
|
|
118
119
|
const pattern = buildJscpdPattern();
|
|
119
120
|
// jscpd's `--ignore` receives the union of:
|
|
120
121
|
//
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jscpd.js","sourceRoot":"","sources":["../../../src/analyzers/tools/jscpd.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"jscpd.js","sourceRoot":"","sources":["../../../src/analyzers/tools/jscpd.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgGH,8CAqGC;AAnMD,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAC7B,+CAAsE;AAGtE,6CAAsD;AACtD,qCAAuC;AACvC,mDAAsD;AA8BtD;;;;;;;;;;;GAWG;AACH,SAAS,iBAAiB;IACxB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,qBAAS,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;AAChD,CAAC;AAED,0DAA0D;AAC1D,SAAS,aAAa,CAAC,UAA+B,EAAE,KAAK,GAAG,EAAE;IAChE,OAAO,UAAU;SACd,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,IAAI,IAAI,CAAC,CAAC,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC;SACjE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACX,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC;QACnB,MAAM,EAAE,CAAC,CAAC,MAAM,IAAI,CAAC;QACrB,CAAC,EAAE;YACD,IAAI,EAAE,CAAC,CAAC,SAAU,CAAC,IAAK;YACxB,SAAS,EAAE,CAAC,CAAC,SAAU,CAAC,KAAK,IAAI,CAAC;YAClC,OAAO,EAAE,CAAC,CAAC,SAAU,CAAC,GAAG,IAAI,CAAC;SAC/B;QACD,CAAC,EAAE;YACD,IAAI,EAAE,CAAC,CAAC,UAAW,CAAC,IAAK;YACzB,SAAS,EAAE,CAAC,CAAC,UAAW,CAAC,KAAK,IAAI,CAAC;YACnC,OAAO,EAAE,CAAC,CAAC,UAAW,CAAC,GAAG,IAAI,CAAC;SAChC;KACF,CAAC,CAAC;SACF,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;SACjC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AACrB,CAAC;AAED;;;;;;;;;;;GAWG;AACI,KAAK,UAAU,iBAAiB,CAAC,GAAW;IACjD,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAC9C,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAE/F,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,eAAe,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;IACtE,MAAM,OAAO,GAAG,iBAAiB,EAAE,CAAC;IACpC,4CAA4C;IAC5C,EAAE;IACF,sEAAsE;IACtE,iEAAiE;IACjE,+DAA+D;IAC/D,iEAAiE;IACjE,sEAAsE;IACtE,8DAA8D;IAC9D,+DAA+D;IAC/D,gEAAgE;IAChE,mEAAmE;IACnE,uDAAuD;IACvD,EAAE;IACF,4DAA4D;IAC5D,6DAA6D;IAC7D,+DAA+D;IAC/D,gEAAgE;IAChE,gEAAgE;IAChE,mEAAmE;IACnE,6CAA6C;IAC7C,EAAE;IACF,oEAAoE;IACpE,MAAM,eAAe,GAAG,IAAA,mCAAsB,EAAC,GAAG,CAAC,CAAC;IACpD,MAAM,aAAa,GAAG,IAAA,oCAAwB,GAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACvE,MAAM,cAAc,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,aAAa,CAAC,CAAC;IAC9D,MAAM,IAAI,GAAG,CAAC,aAAa,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;IACjG,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,GAAG,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;IAEzD,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAW,EAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;IAEjF,qDAAqD;IACrD,qEAAqE;IACrE,kEAAkE;IAClE,sFAAsF;IACtF,8DAA8D;IAC9D,4DAA4D;IAC5D,kDAAkD;IAClD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC;IAC7D,IAAI,SAAiB,CAAC;IACtB,IAAI,CAAC;QACH,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,SAAS,GAAG,EAAE,CAAC;IACjB,CAAC;IACD,IAAI,CAAC;QACH,EAAE,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,OAAO;gBACL,IAAI,EAAE,aAAa;gBACnB,MAAM,EAAE,gEAAgE;aACzE,CAAC;QACJ,CAAC;QACD,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM;aACnC,KAAK,CAAC,IAAI,CAAC;aACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC7B,IAAI,OAAO,CAAC,IAAI,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YAChD,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,CAAC,aAAa,eAAe,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACnE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,OAAO,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC;QAC5E,CAAC;QACD,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,sBAAsB,eAAe,GAAG,EAAE,CAAC;QACnF,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IACtD,CAAC;IAED,IAAI,IAAiB,CAAC;IACtB,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAgB,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC;IACjC,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAEjE,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC;IACzC,MAAM,QAAQ,GAAsB;QAClC,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,OAAO;QACb,UAAU,EAAE,CAAC,CAAC,KAAK;QACnB,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG;QAChD,UAAU,EAAE,UAAU,CAAC,MAAM;QAC7B,SAAS,EAAE,aAAa,CAAC,UAAU,CAAC;KACrC,CAAC;IACF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AACvC,CAAC;AAED;;;GAGG;AACH,uEAAuE;AACvE,wEAAwE;AACxE,wEAAwE;AACxE,oEAAoE;AACpE,sEAAsE;AACtE,6DAA6D;AAC7D,uEAAuE;AACvE,oEAAoE;AACpE,aAAa;AACA,QAAA,aAAa,GAEtB;IACF,MAAM,EAAE,OAAO;IACf,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;QAC7C,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,CAAC;IACD,KAAK,CAAC,aAAa,CAAC,GAAG;QACrB,OAAO,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;CACF,CAAC"}
|
|
@@ -25,10 +25,10 @@
|
|
|
25
25
|
* Microsoft-recommended non-sudo install) got dotnet discovered.
|
|
26
26
|
* That fix was necessary but not sufficient: `dotnet list package
|
|
27
27
|
* --vulnerable` still requires an explicit `.csproj`/`.sln` in cwd,
|
|
28
|
-
* and
|
|
29
|
-
* `
|
|
30
|
-
* project files
|
|
31
|
-
* `dxkit vulnerabilities
|
|
28
|
+
* and a deeply-nested .NET layout like
|
|
29
|
+
* `app/src/modules/Core/<Module>/<Module>.csproj` puts the
|
|
30
|
+
* project files several levels deeper than the natural
|
|
31
|
+
* `dxkit vulnerabilities app/src/` cwd.
|
|
32
32
|
*
|
|
33
33
|
* D025f sidesteps the dotnet CLI entirely. We walk every `.csproj`
|
|
34
34
|
* reachable from cwd (depth 5, matching csharp.detect()), parse
|
|
@@ -26,10 +26,10 @@
|
|
|
26
26
|
* Microsoft-recommended non-sudo install) got dotnet discovered.
|
|
27
27
|
* That fix was necessary but not sufficient: `dotnet list package
|
|
28
28
|
* --vulnerable` still requires an explicit `.csproj`/`.sln` in cwd,
|
|
29
|
-
* and
|
|
30
|
-
* `
|
|
31
|
-
* project files
|
|
32
|
-
* `dxkit vulnerabilities
|
|
29
|
+
* and a deeply-nested .NET layout like
|
|
30
|
+
* `app/src/modules/Core/<Module>/<Module>.csproj` puts the
|
|
31
|
+
* project files several levels deeper than the natural
|
|
32
|
+
* `dxkit vulnerabilities app/src/` cwd.
|
|
33
33
|
*
|
|
34
34
|
* D025f sidesteps the dotnet CLI entirely. We walk every `.csproj`
|
|
35
35
|
* reachable from cwd (depth 5, matching csharp.detect()), parse
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"osv-scanner-deps.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-deps.ts"],"names":[],"mappings":"AAoCA,OAAO,KAAK,EACV,cAAc,EACd,oBAAoB,EAEpB,cAAc,EACf,MAAM,oCAAoC,CAAC;AAC5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAiB9C;;;;;;;;;;;;GAYG;AACH,wBAAgB,uBAAuB,CACrC,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,EACjB,MAAM,CAAC,EAAE,UAAU,GAClB;IACD,MAAM,EAAE,cAAc,CAAC;IACvB,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,YAAY,EAAE,KAAK,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;CAC5F,CA8EA;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,8BAA8B,CAClD,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,UAAU,EAClB,SAAS,EAAE,MAAM,EACjB,kBAAkB,EAAE,MAAM,EAAE,GAC3B,OAAO,CAAC,oBAAoB,CAAC,
|
|
1
|
+
{"version":3,"file":"osv-scanner-deps.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-deps.ts"],"names":[],"mappings":"AAoCA,OAAO,KAAK,EACV,cAAc,EACd,oBAAoB,EAEpB,cAAc,EACf,MAAM,oCAAoC,CAAC;AAC5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAiB9C;;;;;;;;;;;;GAYG;AACH,wBAAgB,uBAAuB,CACrC,GAAG,EAAE,MAAM,EACX,SAAS,EAAE,MAAM,EACjB,MAAM,CAAC,EAAE,UAAU,GAClB;IACD,MAAM,EAAE,cAAc,CAAC;IACvB,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,YAAY,EAAE,KAAK,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;CAC5F,CA8EA;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,8BAA8B,CAClD,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,UAAU,EAClB,SAAS,EAAE,MAAM,EACjB,kBAAkB,EAAE,MAAM,EAAE,GAC3B,OAAO,CAAC,oBAAoB,CAAC,CA6C/B"}
|
|
@@ -165,7 +165,7 @@ async function gatherOsvScannerDepVulnsResult(cwd, packId, ecosystem, manifestCa
|
|
|
165
165
|
if (!scanner.available || !scanner.path) {
|
|
166
166
|
return { kind: 'unavailable', reason: 'osv-scanner not installed' };
|
|
167
167
|
}
|
|
168
|
-
const raw = (0, runner_1.run)(`${scanner.path} scan source --lockfile ${manifest} --format json
|
|
168
|
+
const raw = (0, runner_1.run)(`${scanner.path} scan source --lockfile ${manifest} --format json`, cwd, 180000);
|
|
169
169
|
if (!raw)
|
|
170
170
|
return { kind: 'unavailable', reason: 'osv-scanner produced no output' };
|
|
171
171
|
const { counts, findings, vulnsForCvss } = parseOsvScannerFindings(raw, ecosystem, packId);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"osv-scanner-deps.js","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-deps.ts"],"names":[],"mappings":";;AAwEA,0DAsFC;AAwBD,
|
|
1
|
+
{"version":3,"file":"osv-scanner-deps.js","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-deps.ts"],"names":[],"mappings":";;AAwEA,0DAsFC;AAwBD,wEAkDC;AAxOD;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,+BAMe;AACf,qCAA2C;AAC3C,mDAAsD;AAwBtD;;;;;;;;;;;;GAYG;AACH,SAAgB,uBAAuB,CACrC,GAAW,EACX,SAAiB,EACjB,MAAmB;IAMnB,MAAM,MAAM,GAAmB,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IAC3E,MAAM,QAAQ,GAAqB,EAAE,CAAC;IACtC,MAAM,YAAY,GAIb,EAAE,CAAC;IACR,IAAI,IAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAqB,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;IAC5C,CAAC;IACD,oEAAoE;IACpE,sEAAsE;IACtE,oEAAoE;IACpE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,IAAI,EAAE,EAAE,CAAC;QACxC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;YACxC,IAAI,GAAG,CAAC,OAAO,EAAE,SAAS,KAAK,SAAS;gBAAE,SAAS;YACnD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,SAAS,CAAC;YAC9C,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC;YACvC,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,eAAe,IAAI,EAAE,EAAE,CAAC;gBAC7C,IAAI,CAAC,IAAI,CAAC,EAAE;oBAAE,SAAS;gBACvB,MAAM,QAAQ,GAAG,GAAG,OAAO,KAAK,UAAU,IAAI,EAAE,KAAK,IAAI,CAAC,EAAE,EAAE,CAAC;gBAC/D,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC;oBAAE,SAAS;gBACjC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAEnB,MAAM,GAAG,GAAG,IAAA,yBAAmB,EAAC,IAAI,CAAC,CAAC;gBACtC,MAAM,IAAI,GACR,GAAG,KAAK,UAAU,IAAI,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,KAAK;oBACvE,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,QAAQ,CAAC;gBACf,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBAEf,MAAM,IAAI,GAAG,IAAA,yBAAmB,EAAC,IAAI,CAAC,CAAC;gBACvC,MAAM,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBACtE,MAAM,OAAO,GAAmB;oBAC9B,EAAE,EAAE,IAAI,CAAC,EAAE;oBACX,OAAO,EAAE,OAAO;oBAChB,gBAAgB,EAAE,UAAU;oBAC5B,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,IAAI;iBACf,CAAC;gBACF,oEAAoE;gBACpE,qEAAqE;gBACrE,kEAAkE;gBAClE,8DAA8D;gBAC9D,IAAI,MAAM;oBAAE,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;gBACpC,IAAI,IAAI,KAAK,IAAI;oBAAE,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;gBAC5C,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;oBAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;gBAClD,IAAI,IAAI,CAAC,OAAO;oBAAE,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;gBACjD,0DAA0D;gBAC1D,gEAAgE;gBAChE,2DAA2D;gBAC3D,+DAA+D;gBAC/D,2DAA2D;gBAC3D,kDAAkD;gBAClD,MAAM,UAAU,GAAG,IAAA,0BAAoB,EAAC,IAAI,CAAC,CAAC;gBAC9C,IAAI,UAAU;oBAAE,OAAO,CAAC,YAAY,GAAG,UAAU,CAAC;gBAClD,8DAA8D;gBAC9D,uDAAuD;gBACvD,sBAAsB;gBACtB,MAAM,OAAO,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1F,OAAO,CAAC,UAAU;oBAChB,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,iCAAiC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC9E,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAEvB,YAAY,CAAC,IAAI,CAAC;oBAChB,SAAS,EAAE,IAAI,CAAC,EAAE;oBAClB,YAAY,EAAE,IAAI;oBAClB,OAAO;iBACR,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;AAC5C,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACI,KAAK,UAAU,8BAA8B,CAClD,GAAW,EACX,MAAkB,EAClB,SAAiB,EACjB,kBAA4B;IAE5B,IAAI,QAAQ,GAAkB,IAAI,CAAC;IACnC,KAAK,MAAM,GAAG,IAAI,kBAAkB,EAAE,CAAC;QACrC,IAAI,IAAA,mBAAU,EAAC,GAAG,EAAE,GAAG,CAAC,EAAE,CAAC;YACzB,QAAQ,GAAG,GAAG,CAAC;YACf,MAAM;QACR,CAAC;IACH,CAAC;IACD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,kCAAkC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;SAC3E,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,aAAa,CAAC,EAAE,GAAG,CAAC,CAAC;IACxD,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACxC,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,2BAA2B,EAAE,CAAC;IACtE,CAAC;IAED,MAAM,GAAG,GAAG,IAAA,YAAG,EAAC,GAAG,OAAO,CAAC,IAAI,2BAA2B,QAAQ,gBAAgB,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IACjG,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,gCAAgC,EAAE,CAAC;IAEnF,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,GAAG,uBAAuB,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IAE3F,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,QAAQ,GAAG,MAAM,IAAA,uBAAiB,EAAC,YAAY,CAAC,CAAC;QACvD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACjC,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS;gBAAE,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC;QACjE,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAkB;QAC9B,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,aAAa;QACnB,UAAU,EAAE,SAAS;QACrB,MAAM;QACN,QAAQ;KACT,CAAC;IACF,uEAAuE;IACvE,0EAA0E;IAC1E,mEAAmE;IACnE,+CAA+C;IAC/C,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AACvC,CAAC"}
|
|
@@ -41,11 +41,10 @@ import type { DepVulnFinding, DepVulnUpgradePlan } from '../../languages/capabil
|
|
|
41
41
|
* cleanly). On dxkit's own repo this caused subsequent dxkit subcommand
|
|
42
42
|
* invocations to crash with `Cannot find module 'hosted-git-info'`
|
|
43
43
|
* because osv-scanner's reinstall left an incomplete tree. On
|
|
44
|
-
*
|
|
45
|
-
* succeed but still mutated state silently — a
|
|
46
|
-
* bug shipped since 2.4.0
|
|
47
|
-
*
|
|
48
|
-
* and tripped the chain.
|
|
44
|
+
* a large reference repo (~800MB node_modules) the reinstall happened to
|
|
45
|
+
* succeed but still mutated state silently — a long-standing data-mutation
|
|
46
|
+
* bug shipped since 2.4.0 and only caught when a pre-ship regression ran
|
|
47
|
+
* reports back-to-back on dxkit's own repo and tripped the chain.
|
|
49
48
|
*
|
|
50
49
|
* Mitigation: we copy `package.json` + `package-lock.json` to a fresh
|
|
51
50
|
* temp dir, run osv-scanner there, and discard the temp dir afterward.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"osv-scanner-fix.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAKH,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAsC7F
|
|
1
|
+
{"version":3,"file":"osv-scanner-fix.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAKH,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAsC7F;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAwC1C;AAED;;;;;;;;;GASG;AACH,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAwCrF;AAED;;;;GAIG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,cAAc,EAAE,EAC1B,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,GACrC,MAAM,CAaR;AAED;;;;;;;4BAO4B;AAC5B,wBAAgB,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,CAEhF"}
|
|
@@ -85,11 +85,10 @@ const tool_registry_1 = require("./tool-registry");
|
|
|
85
85
|
* cleanly). On dxkit's own repo this caused subsequent dxkit subcommand
|
|
86
86
|
* invocations to crash with `Cannot find module 'hosted-git-info'`
|
|
87
87
|
* because osv-scanner's reinstall left an incomplete tree. On
|
|
88
|
-
*
|
|
89
|
-
* succeed but still mutated state silently — a
|
|
90
|
-
* bug shipped since 2.4.0
|
|
91
|
-
*
|
|
92
|
-
* and tripped the chain.
|
|
88
|
+
* a large reference repo (~800MB node_modules) the reinstall happened to
|
|
89
|
+
* succeed but still mutated state silently — a long-standing data-mutation
|
|
90
|
+
* bug shipped since 2.4.0 and only caught when a pre-ship regression ran
|
|
91
|
+
* reports back-to-back on dxkit's own repo and tripped the chain.
|
|
93
92
|
*
|
|
94
93
|
* Mitigation: we copy `package.json` + `package-lock.json` to a fresh
|
|
95
94
|
* temp dir, run osv-scanner there, and discard the temp dir afterward.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"osv-scanner-fix.js","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"osv-scanner-fix.js","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2EH,4DA0CC;AAYD,4DAwCC;AAOD,wDAgBC;AAUD,0BAEC;AA1MD,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAE7B,qCAAuC;AACvC,+CAA4C;AAC5C,mDAAsD;AAmCtD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACI,KAAK,UAAU,wBAAwB,CAC5C,GAAW;IAEX,MAAM,WAAW,GAAG,cAAc,CAAC;IACnC,MAAM,WAAW,GAAG,mBAAmB,CAAC;IACxC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IAChD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/D,OAAO,IAAI,GAAG,EAAE,CAAC;IACnB,CAAC;IACD,MAAM,IAAI,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,aAAa,CAAC,EAAE,GAAG,CAAC,CAAC;IACrD,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,GAAG,EAAE,CAAC;IAEpD,qEAAqE;IACrE,mEAAmE;IACnE,sDAAsD;IACtD,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACzE,IAAI,CAAC;QACH,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;QAC9D,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;QAE9D,oEAAoE;QACpE,qEAAqE;QACrE,+DAA+D;QAC/D,iEAAiE;QACjE,iEAAiE;QACjE,iEAAiE;QACjE,yDAAyD;QACzD,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAW,EAC/B,IAAI,CAAC,IAAI,EACT,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,WAAW,CAAC,EACjF,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,CACrC,CAAC;QACF,kEAAkE;QAClE,kEAAkE;QAClE,kEAAkE;QAClE,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,OAAO,IAAI,GAAG,EAAE,CAAC;QACtC,OAAO,wBAAwB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAClD,CAAC;YAAS,CAAC;QACT,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,wBAAwB,CAAC,GAAW;IAClD,MAAM,KAAK,GAAG,IAAI,GAAG,EAA8B,CAAC;IACpD,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,SAAS,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,MAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAiB,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,KAAK,CAAC,cAAc,CAAC;QACrC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAC/C,MAAM,QAAQ,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7D,oEAAoE;QACpE,oEAAoE;QACpE,mEAAmE;QACnE,gEAAgE;QAChE,gEAAgE;QAChE,uBAAuB;QACvB,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;QACtE,MAAM,IAAI,GAAuB;YAC/B,MAAM,EAAE,YAAY,CAAC,IAAI;YACzB,aAAa,EAAE,gBAAgB,CAAC,YAAY,CAAC,SAAS,CAAC;YACvD,OAAO,EAAE,QAAQ;YACjB,QAAQ,EAAE,IAAA,yBAAW,EACnB,gBAAgB,CAAC,YAAY,CAAC,WAAW,CAAC,EAC1C,gBAAgB,CAAC,YAAY,CAAC,SAAS,CAAC,CACzC;SACF,CAAC;QACF,mEAAmE;QACnE,2BAA2B;QAC3B,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;gBACvC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAgB,sBAAsB,CACpC,QAA0B,EAC1B,KAAsC;IAEtC,IAAI,KAAK,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAC/B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,CAAC,gBAAgB;YAAE,SAAS;QAClC,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QACzD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,IAAI,EAAE,CAAC;YACT,CAAC,CAAC,WAAW,GAAG,IAAI,CAAC;YACrB,KAAK,EAAE,CAAC;QACV,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;4BAO4B;AAC5B,SAAgB,OAAO,CAAC,GAAW,EAAE,OAAe,EAAE,UAAkB;IACtE,OAAO,GAAG,GAAG,KAAK,OAAO,KAAK,UAAU,CAAC,WAAW,EAAE,EAAE,CAAC;AAC3D,CAAC;AAED;;;qCAGqC;AACrC,SAAS,gBAAgB,CAAC,CAAS;IACjC,OAAO,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AAC9C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parallel.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAKzC,wBAAsB,oBAAoB,CACxC,GAAG,EAAE,MAAM,EACX,QAAQ,UAAQ,GACf,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"parallel.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAKzC,wBAAsB,oBAAoB,CACxC,GAAG,EAAE,MAAM,EACX,QAAQ,UAAQ,GACf,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAwCjC"}
|
|
@@ -25,6 +25,13 @@ async function gatherLayer2Parallel(cwd, _verbose = false) {
|
|
|
25
25
|
else {
|
|
26
26
|
toolsUnavailable.push(`graphify (${graphify.reason})`);
|
|
27
27
|
}
|
|
28
|
+
// Trigger the graph.json side-effect write. Shares the Python
|
|
29
|
+
// invocation with gatherGraphifyResult above via the promise-
|
|
30
|
+
// coalesced cache — no second shell-out. The disk write powers
|
|
31
|
+
// the explore CLI (Sprint 2) + dashboard viz (Sprint 3) + future
|
|
32
|
+
// 2.8 context CLI + reachability flows, all of which read from
|
|
33
|
+
// .dxkit/reports/graph.json via the canonical loader.
|
|
34
|
+
await (0, graphify_1.gatherGraphifyGraph)(cwd);
|
|
28
35
|
return {
|
|
29
36
|
sourceFiles: clocPartial.sourceFiles,
|
|
30
37
|
totalLines: clocPartial.totalLines,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parallel.js","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":";;AA2BA,
|
|
1
|
+
{"version":3,"file":"parallel.js","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":";;AA2BA,oDA2CC;AA/CD,iCAA2C;AAC3C,yCAAkD;AAClD,yCAAuE;AAEhE,KAAK,UAAU,oBAAoB,CACxC,GAAW,EACX,QAAQ,GAAG,KAAK;IAEhB,MAAM,WAAW,GAAG,IAAA,wBAAiB,EAAC,GAAG,CAAC,CAAC;IAE3C,MAAM,SAAS,GAAa,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC;IAC/D,MAAM,gBAAgB,GAAa,CAAC,GAAG,CAAC,WAAW,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,IAAA,+BAAoB,EAAC,GAAG,CAAC,CAAC;IAC3C,IAAI,QAAQ,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,kEAAkE;QAClE,iEAAiE;QACjE,0CAA0C;QAC1C,gBAAgB,CAAC,IAAI,CACnB,QAAQ,CAAC,MAAM,KAAK,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,aAAa,QAAQ,CAAC,MAAM,GAAG,CACnF,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,IAAA,+BAAoB,EAAC,GAAG,CAAC,CAAC;IACjD,IAAI,QAAQ,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,IAAI,CAAC,aAAa,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,8DAA8D;IAC9D,8DAA8D;IAC9D,+DAA+D;IAC/D,iEAAiE;IACjE,+DAA+D;IAC/D,sDAAsD;IACtD,MAAM,IAAA,8BAAmB,EAAC,GAAG,CAAC,CAAC;IAE/B,OAAO;QACL,WAAW,EAAE,WAAW,CAAC,WAAW;QACpC,UAAU,EAAE,WAAW,CAAC,UAAU;QAClC,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,SAAS;QACT,gBAAgB;KACjB,CAAC;AACJ,CAAC"}
|
|
@@ -11,14 +11,47 @@
|
|
|
11
11
|
export declare function parseJsonStream(raw: string): unknown[];
|
|
12
12
|
/** Run a command and return stdout. Returns empty string on failure. */
|
|
13
13
|
export declare function run(cmd: string, cwd: string, timeoutMs?: number): string;
|
|
14
|
+
/**
|
|
15
|
+
* Run a binary directly (NO shell) and return stdout, or '' on failure.
|
|
16
|
+
*
|
|
17
|
+
* Synchronous sibling of `runDetached` for single-binary tools that must
|
|
18
|
+
* stay on a synchronous call path (e.g. the memoized `gatherGitleaksResult`).
|
|
19
|
+
* Because there's no shell, there are no cross-platform quoting hazards:
|
|
20
|
+
* pass the resolved binary path plus an args array and Node hands them to
|
|
21
|
+
* the OS verbatim. This is the portable replacement for building a shell
|
|
22
|
+
* string with single-quotes + `2>/dev/null` — both of which are POSIX-only
|
|
23
|
+
* and break under Windows' cmd.exe (single-quotes don't quote; the
|
|
24
|
+
* redirect writes a stray `nul` file instead of discarding stderr).
|
|
25
|
+
*/
|
|
26
|
+
export declare function runFileSync(file: string, args: string[], cwd: string, timeoutMs?: number): string;
|
|
14
27
|
/** Run a command and return the exit code. */
|
|
15
28
|
export declare function runExitCode(cmd: string, cwd: string, timeoutMs?: number): number;
|
|
16
29
|
/** Run a command and parse stdout as JSON. Returns null on failure. */
|
|
17
30
|
export declare function runJSON<T>(cmd: string, cwd: string, timeoutMs?: number): T | null;
|
|
18
31
|
/** Count lines in command output. */
|
|
19
32
|
export declare function countLines(cmd: string, cwd: string): number;
|
|
20
|
-
/**
|
|
21
|
-
|
|
33
|
+
/**
|
|
34
|
+
* Cross-platform "where is this binary on PATH?" resolver. Returns the
|
|
35
|
+
* absolute path of the first match, or null.
|
|
36
|
+
*
|
|
37
|
+
* Pure-Node: walks `process.env.PATH` entries and checks each candidate
|
|
38
|
+
* with `fs`, honoring `%PATHEXT%` on Windows. This replaces the prior
|
|
39
|
+
* `which <binary> 2>/dev/null` shell probe, which silently
|
|
40
|
+
* false-negatived EVERY tool on Windows — cmd.exe has no `which` (it's
|
|
41
|
+
* `where`), and `2>/dev/null` is a POSIX redirect that writes a stray
|
|
42
|
+
* `nul` file rather than discarding stderr. The shell probe is also
|
|
43
|
+
* unnecessary: PATH resolution is a filesystem walk that Node can do
|
|
44
|
+
* directly, with no subprocess to spawn.
|
|
45
|
+
*/
|
|
46
|
+
export declare function resolveOnPath(binary: string): string | null;
|
|
47
|
+
/** Resolve `binary` against an explicit list of directories, honoring
|
|
48
|
+
* `%PATHEXT%` on Windows. Returns the first matching absolute path, or
|
|
49
|
+
* null. Used for system probe dirs and user-configured tool paths so
|
|
50
|
+
* they match `git.exe` / `tool.cmd` on Windows the same way a PATH
|
|
51
|
+
* walk does. */
|
|
52
|
+
export declare function resolveInDirs(binary: string, dirs: string[]): string | null;
|
|
53
|
+
/** Check if a command is available on PATH (cross-platform). */
|
|
54
|
+
export declare function commandExists(cmd: string, _cwd?: string): boolean;
|
|
22
55
|
/** Check if a file exists relative to cwd. */
|
|
23
56
|
export declare function fileExists(cwd: string, ...paths: string[]): boolean;
|
|
24
57
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runner.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/runner.ts"],"names":[],"mappings":"AAOA;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,EAAE,CAqCtD;AAED,wEAAwE;AACxE,wBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,SAAQ,GAAG,MAAM,CA0BvE;AAED,8CAA8C;AAC9C,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,SAAQ,GAAG,MAAM,CAY/E;AAED,uEAAuE;AACvE,wBAAgB,OAAO,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,SAAQ,GAAG,CAAC,GAAG,IAAI,CAQhF;AAED,qCAAqC;AACrC,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAI3D;AAED,
|
|
1
|
+
{"version":3,"file":"runner.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/runner.ts"],"names":[],"mappings":"AAOA;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,EAAE,CAqCtD;AAED,wEAAwE;AACxE,wBAAgB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,SAAQ,GAAG,MAAM,CA0BvE;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,SAAQ,GAAG,MAAM,CAgBhG;AAED,8CAA8C;AAC9C,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,SAAQ,GAAG,MAAM,CAY/E;AAED,uEAAuE;AACvE,wBAAgB,OAAO,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,SAAQ,GAAG,CAAC,GAAG,IAAI,CAQhF;AAED,qCAAqC;AACrC,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAI3D;AAwCD;;;;;;;;;;;;GAYG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAI3D;AAED;;;;iBAIiB;AACjB,wBAAgB,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,GAAG,IAAI,CAS3E;AAED,gEAAgE;AAChE,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,GAAG,OAAO,CAEjE;AAED,8CAA8C;AAC9C,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAEnE;AAED;;;;;GAKG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAsB,WAAW,CAC/B,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM,EAAE,EACd,IAAI,EAAE;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,GACvC,OAAO,CAAC,kBAAkB,CAAC,CAuG7B"}
|
|
@@ -35,9 +35,12 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
36
|
exports.parseJsonStream = parseJsonStream;
|
|
37
37
|
exports.run = run;
|
|
38
|
+
exports.runFileSync = runFileSync;
|
|
38
39
|
exports.runExitCode = runExitCode;
|
|
39
40
|
exports.runJSON = runJSON;
|
|
40
41
|
exports.countLines = countLines;
|
|
42
|
+
exports.resolveOnPath = resolveOnPath;
|
|
43
|
+
exports.resolveInDirs = resolveInDirs;
|
|
41
44
|
exports.commandExists = commandExists;
|
|
42
45
|
exports.fileExists = fileExists;
|
|
43
46
|
exports.runDetached = runDetached;
|
|
@@ -129,6 +132,37 @@ function run(cmd, cwd, timeoutMs = 30000) {
|
|
|
129
132
|
return '';
|
|
130
133
|
}
|
|
131
134
|
}
|
|
135
|
+
/**
|
|
136
|
+
* Run a binary directly (NO shell) and return stdout, or '' on failure.
|
|
137
|
+
*
|
|
138
|
+
* Synchronous sibling of `runDetached` for single-binary tools that must
|
|
139
|
+
* stay on a synchronous call path (e.g. the memoized `gatherGitleaksResult`).
|
|
140
|
+
* Because there's no shell, there are no cross-platform quoting hazards:
|
|
141
|
+
* pass the resolved binary path plus an args array and Node hands them to
|
|
142
|
+
* the OS verbatim. This is the portable replacement for building a shell
|
|
143
|
+
* string with single-quotes + `2>/dev/null` — both of which are POSIX-only
|
|
144
|
+
* and break under Windows' cmd.exe (single-quotes don't quote; the
|
|
145
|
+
* redirect writes a stray `nul` file instead of discarding stderr).
|
|
146
|
+
*/
|
|
147
|
+
function runFileSync(file, args, cwd, timeoutMs = 30000) {
|
|
148
|
+
try {
|
|
149
|
+
return (0, child_process_1.execFileSync)(file, args, {
|
|
150
|
+
cwd,
|
|
151
|
+
encoding: 'utf-8',
|
|
152
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
153
|
+
timeout: timeoutMs,
|
|
154
|
+
maxBuffer: 64 * 1024 * 1024,
|
|
155
|
+
}).trim();
|
|
156
|
+
}
|
|
157
|
+
catch (err) {
|
|
158
|
+
// Mirror `run()`'s graceful degradation: some tools write valid
|
|
159
|
+
// output to stdout even on non-zero exit.
|
|
160
|
+
const e = err;
|
|
161
|
+
if (e.stdout && typeof e.stdout === 'string')
|
|
162
|
+
return e.stdout.trim();
|
|
163
|
+
return '';
|
|
164
|
+
}
|
|
165
|
+
}
|
|
132
166
|
/** Run a command and return the exit code. */
|
|
133
167
|
function runExitCode(cmd, cwd, timeoutMs = 60000) {
|
|
134
168
|
try {
|
|
@@ -163,9 +197,84 @@ function countLines(cmd, cwd) {
|
|
|
163
197
|
return 0;
|
|
164
198
|
return output.split('\n').filter((l) => l.trim()).length;
|
|
165
199
|
}
|
|
166
|
-
/**
|
|
167
|
-
|
|
168
|
-
|
|
200
|
+
/**
|
|
201
|
+
* Candidate filename extensions to try for a bare binary name when
|
|
202
|
+
* resolving it against PATH.
|
|
203
|
+
*
|
|
204
|
+
* On POSIX the binary name is used verbatim (`['']`). On Windows an
|
|
205
|
+
* executable is named `git.exe` / `npm.cmd` / `dotnet.exe`, and the
|
|
206
|
+
* shell finds it by appending each entry of `%PATHEXT%`. We replicate
|
|
207
|
+
* that here so a pure-Node PATH walk matches the same files the OS
|
|
208
|
+
* would. If the caller already passed an extension (`foo.exe`), we
|
|
209
|
+
* don't append more.
|
|
210
|
+
*/
|
|
211
|
+
function pathExtensions(binary) {
|
|
212
|
+
if (process.platform !== 'win32')
|
|
213
|
+
return [''];
|
|
214
|
+
if (path.extname(binary))
|
|
215
|
+
return [''];
|
|
216
|
+
const pathext = process.env.PATHEXT || '.COM;.EXE;.BAT;.CMD';
|
|
217
|
+
const exts = pathext
|
|
218
|
+
.split(';')
|
|
219
|
+
.map((e) => e.trim())
|
|
220
|
+
.filter(Boolean);
|
|
221
|
+
// Try the bare name first (some tools ship extension-less shims),
|
|
222
|
+
// then each PATHEXT candidate.
|
|
223
|
+
return ['', ...exts];
|
|
224
|
+
}
|
|
225
|
+
/** True when `p` exists, is a regular file, and (on POSIX) is executable. */
|
|
226
|
+
function isExecutableFile(p) {
|
|
227
|
+
try {
|
|
228
|
+
const st = fs.statSync(p);
|
|
229
|
+
if (!st.isFile())
|
|
230
|
+
return false;
|
|
231
|
+
// Windows has no executable bit; presence + PATHEXT match is enough.
|
|
232
|
+
if (process.platform === 'win32')
|
|
233
|
+
return true;
|
|
234
|
+
fs.accessSync(p, fs.constants.X_OK);
|
|
235
|
+
return true;
|
|
236
|
+
}
|
|
237
|
+
catch {
|
|
238
|
+
return false;
|
|
239
|
+
}
|
|
240
|
+
}
|
|
241
|
+
/**
|
|
242
|
+
* Cross-platform "where is this binary on PATH?" resolver. Returns the
|
|
243
|
+
* absolute path of the first match, or null.
|
|
244
|
+
*
|
|
245
|
+
* Pure-Node: walks `process.env.PATH` entries and checks each candidate
|
|
246
|
+
* with `fs`, honoring `%PATHEXT%` on Windows. This replaces the prior
|
|
247
|
+
* `which <binary> 2>/dev/null` shell probe, which silently
|
|
248
|
+
* false-negatived EVERY tool on Windows — cmd.exe has no `which` (it's
|
|
249
|
+
* `where`), and `2>/dev/null` is a POSIX redirect that writes a stray
|
|
250
|
+
* `nul` file rather than discarding stderr. The shell probe is also
|
|
251
|
+
* unnecessary: PATH resolution is a filesystem walk that Node can do
|
|
252
|
+
* directly, with no subprocess to spawn.
|
|
253
|
+
*/
|
|
254
|
+
function resolveOnPath(binary) {
|
|
255
|
+
const pathVar = process.env.PATH ?? process.env.Path ?? '';
|
|
256
|
+
const dirs = pathVar.split(path.delimiter).filter(Boolean);
|
|
257
|
+
return resolveInDirs(binary, dirs);
|
|
258
|
+
}
|
|
259
|
+
/** Resolve `binary` against an explicit list of directories, honoring
|
|
260
|
+
* `%PATHEXT%` on Windows. Returns the first matching absolute path, or
|
|
261
|
+
* null. Used for system probe dirs and user-configured tool paths so
|
|
262
|
+
* they match `git.exe` / `tool.cmd` on Windows the same way a PATH
|
|
263
|
+
* walk does. */
|
|
264
|
+
function resolveInDirs(binary, dirs) {
|
|
265
|
+
const exts = pathExtensions(binary);
|
|
266
|
+
for (const dir of dirs) {
|
|
267
|
+
for (const ext of exts) {
|
|
268
|
+
const candidate = path.join(dir, binary + ext);
|
|
269
|
+
if (isExecutableFile(candidate))
|
|
270
|
+
return candidate;
|
|
271
|
+
}
|
|
272
|
+
}
|
|
273
|
+
return null;
|
|
274
|
+
}
|
|
275
|
+
/** Check if a command is available on PATH (cross-platform). */
|
|
276
|
+
function commandExists(cmd, _cwd) {
|
|
277
|
+
return resolveOnPath(cmd) !== null;
|
|
169
278
|
}
|
|
170
279
|
/** Check if a file exists relative to cwd. */
|
|
171
280
|
function fileExists(cwd, ...paths) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"runner.js","sourceRoot":"","sources":["../../../src/analyzers/tools/runner.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA,0CAqCC;AAGD,kBA0BC;AAGD,kCAYC;AAGD,0BAQC;AAGD,gCAIC;AAGD,sCAEC;AAGD,gCAEC;AA8CD,kCA2GC;
|
|
1
|
+
{"version":3,"file":"runner.js","sourceRoot":"","sources":["../../../src/analyzers/tools/runner.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiBA,0CAqCC;AAGD,kBA0BC;AAcD,kCAgBC;AAGD,kCAYC;AAGD,0BAQC;AAGD,gCAIC;AAqDD,sCAIC;AAOD,sCASC;AAGD,sCAEC;AAGD,gCAEC;AA8CD,kCA2GC;AA9XD;;GAEG;AACH,iDAA8D;AAC9D,uCAAyB;AACzB,2CAA6B;AAE7B;;;;;;;;;GASG;AACH,SAAgB,eAAe,CAAC,GAAW;IACzC,MAAM,GAAG,GAAc,EAAE,CAAC;IAC1B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC;IACf,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,GAAG,KAAK,CAAC;YACf,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,EAAE,KAAK,IAAI;gBAAE,MAAM,GAAG,IAAI,CAAC;iBAC1B,IAAI,EAAE,KAAK,GAAG;gBAAE,QAAQ,GAAG,KAAK,CAAC;YACtC,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,QAAQ,GAAG,IAAI,CAAC;YAChB,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,IAAI,KAAK,KAAK,CAAC;gBAAE,KAAK,GAAG,CAAC,CAAC;YAC3B,KAAK,EAAE,CAAC;QACV,CAAC;aAAM,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACtB,KAAK,EAAE,CAAC;YACR,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;gBAC9B,IAAI,CAAC;oBACH,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBAChD,CAAC;gBAAC,MAAM,CAAC;oBACP,4BAA4B;gBAC9B,CAAC;gBACD,KAAK,GAAG,CAAC,CAAC,CAAC;YACb,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,wEAAwE;AACxE,SAAgB,GAAG,CAAC,GAAW,EAAE,GAAW,EAAE,SAAS,GAAG,KAAK;IAC7D,IAAI,CAAC;QACH,OAAO,IAAA,wBAAQ,EAAC,GAAG,EAAE;YACnB,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,SAAS;YAClB,8DAA8D;YAC9D,0DAA0D;YAC1D,8EAA8E;YAC9E,6DAA6D;YAC7D,+DAA+D;YAC/D,yDAAyD;YACzD,8DAA8D;YAC9D,4DAA4D;YAC5D,+DAA+D;YAC/D,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CAAC,CAAC,IAAI,EAAE,CAAC;IACZ,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,4EAA4E;QAC5E,MAAM,CAAC,GAAG,GAA0B,CAAC;QACrC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7C,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACzB,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAgB,WAAW,CAAC,IAAY,EAAE,IAAc,EAAE,GAAW,EAAE,SAAS,GAAG,KAAK;IACtF,IAAI,CAAC;QACH,OAAO,IAAA,4BAAY,EAAC,IAAI,EAAE,IAAI,EAAE;YAC9B,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,SAAS;YAClB,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CAAC,CAAC,IAAI,EAAE,CAAC;IACZ,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,gEAAgE;QAChE,0CAA0C;QAC1C,MAAM,CAAC,GAAG,GAA0B,CAAC;QACrC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ;YAAE,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACrE,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,8CAA8C;AAC9C,SAAgB,WAAW,CAAC,GAAW,EAAE,GAAW,EAAE,SAAS,GAAG,KAAK;IACrE,IAAI,CAAC;QACH,IAAA,wBAAQ,EAAC,GAAG,EAAE;YACZ,GAAG;YACH,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,SAAS;SACnB,CAAC,CAAC;QACH,OAAO,CAAC,CAAC;IACX,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,MAAM,CAAC,GAAG,GAA0B,CAAC;QACrC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC;IACvB,CAAC;AACH,CAAC;AAED,uEAAuE;AACvE,SAAgB,OAAO,CAAI,GAAW,EAAE,GAAW,EAAE,SAAS,GAAG,KAAK;IACpE,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;IACxC,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAM,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,qCAAqC;AACrC,SAAgB,UAAU,CAAC,GAAW,EAAE,GAAW;IACjD,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC,MAAM;QAAE,OAAO,CAAC,CAAC;IACtB,OAAO,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;AAC3D,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,cAAc,CAAC,MAAc;IACpC,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;QAAE,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9C,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QAAE,OAAO,CAAC,EAAE,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,qBAAqB,CAAC;IAC7D,MAAM,IAAI,GAAG,OAAO;SACjB,KAAK,CAAC,GAAG,CAAC;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC,CAAC;IACnB,kEAAkE;IAClE,+BAA+B;IAC/B,OAAO,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,CAAC;AACvB,CAAC;AAED,6EAA6E;AAC7E,SAAS,gBAAgB,CAAC,CAAS;IACjC,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC1B,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE;YAAE,OAAO,KAAK,CAAC;QAC/B,qEAAqE;QACrE,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO;YAAE,OAAO,IAAI,CAAC;QAC9C,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,SAAgB,aAAa,CAAC,MAAc;IAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IAC3D,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC3D,OAAO,aAAa,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC;AAED;;;;iBAIiB;AACjB,SAAgB,aAAa,CAAC,MAAc,EAAE,IAAc;IAC1D,MAAM,IAAI,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IACpC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC,CAAC;YAC/C,IAAI,gBAAgB,CAAC,SAAS,CAAC;gBAAE,OAAO,SAAS,CAAC;QACpD,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,gEAAgE;AAChE,SAAgB,aAAa,CAAC,GAAW,EAAE,IAAa;IACtD,OAAO,aAAa,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC;AACrC,CAAC;AAED,8CAA8C;AAC9C,SAAgB,UAAU,CAAC,GAAW,EAAE,GAAG,KAAe;IACxD,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAeD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACI,KAAK,UAAU,WAAW,CAC/B,GAAW,EACX,IAAc,EACd,IAAwC;IAExC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,QAAQ,GAAG,KAAK,CAAC;QAErB,+DAA+D;QAC/D,+DAA+D;QAC/D,gEAAgE;QAChE,oFAAoF;QACpF,uDAAuD;QACvD,+DAA+D;QAC/D,iEAAiE;QACjE,8DAA8D;QAC9D,6DAA6D;QAC7D,6DAA6D;QAC7D,2DAA2D;QAC3D,MAAM,MAAM,GAAG,CAAC,OAA2B,EAAQ,EAAE;YACnD,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,OAAO,CAAC,OAAO,CAAC,CAAC;QACnB,CAAC,CAAC;QAEF,MAAM,KAAK,GAAG,IAAA,qBAAK,EAAC,GAAG,EAAE,IAAI,EAAE;YAC7B,GAAG,EAAE,IAAI,CAAC,GAAG;YACb,QAAQ,EAAE,IAAI,EAAE,8CAA8C;YAC9D,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;SAClC,CAAC,CAAC;QAEH,kEAAkE;QAClE,8DAA8D;QAC9D,gEAAgE;QAChE,iEAAiE;QACjE,iEAAiE;QACjE,YAAY;QACZ,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,EAAE;YACvB,oDAAoD;YACpD,gEAAgE;YAChE,kDAAkD;YAClD,mCAAmC;YACnC,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,YAAY,CAAC,WAAW,CAAC,CAAC;YAC1B,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE;YACrC,MAAM,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE;YACrC,MAAM,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,QAAQ,GAAG,IAAI,CAAC;YAChB,IAAI,CAAC;gBACH,IAAI,KAAK,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;oBAC5B,6DAA6D;oBAC7D,+DAA+D;oBAC/D,+DAA+D;oBAC/D,6DAA6D;oBAC7D,4DAA4D;oBAC5D,2DAA2D;oBAC3D,SAAS;oBACT,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;gBACtC,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,uCAAuC;YACzC,CAAC;QACH,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAEnB,8DAA8D;QAC9D,8DAA8D;QAC9D,kEAAkE;QAClE,2DAA2D;QAC3D,4DAA4D;QAC5D,+DAA+D;QAC/D,8DAA8D;QAC9D,gEAAgE;QAChE,4DAA4D;QAC5D,6DAA6D;QAC7D,MAAM,WAAW,GAAG,UAAU,CAAC,GAAG,EAAE;YAClC,IAAI,CAAC;gBACH,IAAI,KAAK,CAAC,GAAG,KAAK,SAAS,EAAE,CAAC;oBAC5B,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;gBACtC,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;YACD,MAAM,CAAC;gBACL,MAAM;gBACN,MAAM;gBACN,IAAI,EAAE,IAAI;gBACV,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;QACL,CAAC,EAAE,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,CAAC;QAE5B,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC1B,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,YAAY,CAAC,WAAW,CAAC,CAAC;YAC1B,MAAM,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"semgrep.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/semgrep.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;
|
|
1
|
+
{"version":3,"file":"semgrep.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/semgrep.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAMH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,KAAK,EAAsB,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AA6BjG;;;;;GAKG;AACH,MAAM,MAAM,yBAAyB,GACjC;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,QAAQ,EAAE,kBAAkB,CAAA;CAAE,GACjD;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAE5C;;;;GAIG;AACH;;;;;;;;;;GAUG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,GAAG,MAAM,CAKrE;AA4BD;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAuGzF;AAED;;;GAGG;AAMH,eAAO,MAAM,eAAe,EAAE,kBAAkB,CAAC,kBAAkB,CAAC,GAAG;IACrE,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;CAUhE,CAAC"}
|
|
@@ -50,6 +50,8 @@ exports.semgrepProvider = void 0;
|
|
|
50
50
|
exports.extractCwe = extractCwe;
|
|
51
51
|
exports.gatherSemgrepResult = gatherSemgrepResult;
|
|
52
52
|
const fs = __importStar(require("fs"));
|
|
53
|
+
const os = __importStar(require("os"));
|
|
54
|
+
const path = __importStar(require("path"));
|
|
53
55
|
const languages_1 = require("../../languages");
|
|
54
56
|
const exclusions_1 = require("./exclusions");
|
|
55
57
|
const paths_1 = require("./paths");
|
|
@@ -139,7 +141,7 @@ async function gatherSemgrepResult(cwd) {
|
|
|
139
141
|
const rulesets = collectRulesets(cwd);
|
|
140
142
|
if (rulesets.length === 0)
|
|
141
143
|
return { kind: 'unavailable', reason: 'no rulesets' };
|
|
142
|
-
const reportPath =
|
|
144
|
+
const reportPath = path.join(os.tmpdir(), `dxkit-semgrep-${Date.now()}.json`);
|
|
143
145
|
const args = ['scan'];
|
|
144
146
|
for (const r of rulesets)
|
|
145
147
|
args.push('--config', r);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"semgrep.js","sourceRoot":"","sources":["../../../src/analyzers/tools/semgrep.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"semgrep.js","sourceRoot":"","sources":["../../../src/analyzers/tools/semgrep.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8DH,gCAKC;AAkDD,kDAuGC;AA1ND,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAC7B,+CAAwD;AAGxD,6CAAsD;AACtD,mCAA4C;AAC5C,qCAAuC;AACvC,iDAAqE;AACrE,mDAAsD;AAkCtD;;;;GAIG;AACH;;;;;;;;;;GAUG;AACH,SAAgB,UAAU,CAAC,GAAkC;IAC3D,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC9C,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,EAAE,CAAC;IACvC,OAAO,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;AAClC,CAAC;AAED,SAAS,kBAAkB,CAAC,UAAkB,EAAE,MAAe;IAC7D,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IACzC,IAAI,GAAG,KAAK,MAAM;QAAE,OAAO,UAAU,KAAK,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC;IACxE,IAAI,GAAG,KAAK,QAAQ;QAAE,OAAO,QAAQ,CAAC;IACtC,IAAI,GAAG,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,UAAU,KAAK,OAAO;QAAE,OAAO,MAAM,CAAC;IAC1C,IAAI,UAAU,KAAK,SAAS;QAAE,OAAO,QAAQ,CAAC;IAC9C,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,eAAe,CAAC,GAAW;IAClC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAS,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACvD,KAAK,MAAM,IAAI,IAAI,IAAA,iCAAqB,EAAC,GAAG,CAAC,EAAE,CAAC;QAC9C,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,eAAe;YAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC;AACvB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACI,KAAK,UAAU,mBAAmB,CAAC,GAAW;IACnD,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAChD,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAE/F,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACtC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IAEjF,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,iBAAiB,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IAC9E,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,KAAK,MAAM,CAAC,IAAI,QAAQ;QAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;IACnD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;IACvD,iEAAiE;IACjE,gEAAgE;IAChE,2CAA2C;IAC3C,MAAM,iBAAiB,GAAG,IAAA,mCAAsB,EAAC,GAAG,CAAC,CAAC;IACtD,IAAI,iBAAiB,EAAE,CAAC;QACtB,KAAK,MAAM,GAAG,IAAI,iBAAiB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC;YAC7E,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEf,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAW,EAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,CAAC,CAAC;IACjF,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,GAAG,GAAG,EAAE,CAAC;IACX,CAAC;IACD,mDAAmD;IACnD,IAAI,CAAC;QACH,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,+CAA+C;IACjD,CAAC;IAED,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,OAAO;gBACL,IAAI,EAAE,aAAa;gBACnB,MAAM,EAAE,gEAAgE;aACzE,CAAC;QACJ,CAAC;QACD,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM;aACnC,KAAK,CAAC,IAAI,CAAC;aACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC7B,IAAI,OAAO,CAAC,IAAI,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YAChD,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,CAAC,aAAa,eAAe,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACnE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,OAAO,CAAC,IAAI,GAAG,GAAG,EAAE,EAAE,CAAC;QAC5E,CAAC;QACD,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,sBAAsB,eAAe,GAAG,EAAE,CAAC;QACnF,CAAC;QACD,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IACtD,CAAC;IAED,IAAI,IAAmB,CAAC;IACxB,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAkB,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACxD,CAAC;IACD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,MAAM,QAAQ,GAAuB;YACnC,aAAa,EAAE,CAAC;YAChB,IAAI,EAAE,SAAS;YACf,QAAQ,EAAE,EAAE;YACZ,eAAe,EAAE,CAAC;SACnB,CAAC;QACF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;IACvC,CAAC;IAED,MAAM,YAAY,GAAyB,IAAI,CAAC,OAAO;QACrD,gEAAgE;QAChE,6BAA6B;SAC5B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC;SAC3E,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACX,QAAQ,EAAE,kBAAkB,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC;QACxE,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACxC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;QACnD,GAAG,EAAE,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC;QACtC,IAAI,EAAE,IAAA,yBAAiB,EAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC;QACpC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,IAAI;KACnB,CAAC,CAAC,CAAC;IAEN,mEAAmE;IACnE,uCAAuC;IACvC,MAAM,YAAY,GAAG,IAAA,+BAAgB,EAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,IAAA,gCAAiB,EAC5C,YAAY,EACZ,YAAY,CAAC,OAAO,EACpB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EACb,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CACd,CAAC;IAEF,MAAM,QAAQ,GAAuB;QACnC,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,IAAI;QACd,eAAe,EAAE,UAAU,CAAC,MAAM;KACnC,CAAC;IACF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AACvC,CAAC;AAED;;;GAGG;AACH,uEAAuE;AACvE,kEAAkE;AAClE,qEAAqE;AACrE,mEAAmE;AACnE,mDAAmD;AACtC,QAAA,eAAe,GAExB;IACF,MAAM,EAAE,SAAS;IACjB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,GAAG,CAAC,CAAC;QAC/C,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,CAAC;IACD,KAAK,CAAC,aAAa,CAAC,GAAG;QACrB,OAAO,mBAAmB,CAAC,GAAG,CAAC,CAAC;IAClC,CAAC;CACF,CAAC"}
|
|
@@ -75,6 +75,24 @@ export interface ToolStatus {
|
|
|
75
75
|
export declare function findTool(def: ToolDefinition, cwd?: string): ToolStatus;
|
|
76
76
|
/** Get the install command for the current platform. */
|
|
77
77
|
export declare function getInstallCommand(def: ToolDefinition): string;
|
|
78
|
+
/**
|
|
79
|
+
* Environment overlay that redirects an install into the user's
|
|
80
|
+
* configured `.dxkit/tools.json:installDir`. Empty when no install dir
|
|
81
|
+
* is set. We set every ecosystem's bin-dir variable at once — each is a
|
|
82
|
+
* no-op for the ecosystems an install doesn't touch — rather than
|
|
83
|
+
* parsing the install command to guess which package manager runs:
|
|
84
|
+
*
|
|
85
|
+
* - `PIPX_BIN_DIR` → pipx-installed app binaries
|
|
86
|
+
* - `npm_config_prefix` → npm -g (binaries under `<prefix>/bin`)
|
|
87
|
+
* - `CARGO_INSTALL_ROOT` → cargo install (binaries under `<root>/bin`)
|
|
88
|
+
* - `GOBIN` → go install
|
|
89
|
+
*
|
|
90
|
+
* Passed as an `env` overlay to the install subprocess, so it works
|
|
91
|
+
* identically on POSIX and Windows without shell-specific `VAR=val`
|
|
92
|
+
* prefixing. `loadToolsConfig` already adds both `installDir` and
|
|
93
|
+
* `installDir/bin` to the probe set, so the result is discoverable.
|
|
94
|
+
*/
|
|
95
|
+
export declare function getInstallEnv(cwd: string): Record<string, string>;
|
|
78
96
|
export declare const TOOL_DEFS: Record<string, ToolDefinition>;
|
|
79
97
|
/**
|
|
80
98
|
* Build the list of tools required for a given detected stack.
|