socket 1.1.101 → 1.1.103

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/CHANGELOG.md +17 -2
  2. package/dist/cli.js +1492 -128
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +8 -4
  5. package/dist/constants.js.map +1 -1
  6. package/dist/socket-facts.init.gradle +353 -0
  7. package/dist/tsconfig.dts.tsbuildinfo +1 -1
  8. package/dist/types/commands/manifest/bazel/bazel-pypi-discovery.d.mts +31 -0
  9. package/dist/types/commands/manifest/bazel/bazel-pypi-discovery.d.mts.map +1 -0
  10. package/dist/types/commands/manifest/bazel/bazel-pypi-parser.d.mts +46 -0
  11. package/dist/types/commands/manifest/bazel/bazel-pypi-parser.d.mts.map +1 -0
  12. package/dist/types/commands/manifest/bazel/bazel-query-runner.d.mts +16 -2
  13. package/dist/types/commands/manifest/bazel/bazel-query-runner.d.mts.map +1 -1
  14. package/dist/types/commands/manifest/bazel/bazel-repo-discovery.d.mts +3 -3
  15. package/dist/types/commands/manifest/bazel/bazel-repo-discovery.d.mts.map +1 -1
  16. package/dist/types/commands/manifest/bazel/cmd-manifest-bazel.d.mts +19 -0
  17. package/dist/types/commands/manifest/bazel/cmd-manifest-bazel.d.mts.map +1 -1
  18. package/dist/types/commands/manifest/bazel/extract_bazel_to_maven.d.mts +1 -0
  19. package/dist/types/commands/manifest/bazel/extract_bazel_to_maven.d.mts.map +1 -1
  20. package/dist/types/commands/manifest/bazel/extract_bazel_to_pypi.d.mts +20 -0
  21. package/dist/types/commands/manifest/bazel/extract_bazel_to_pypi.d.mts.map +1 -0
  22. package/dist/types/commands/manifest/cmd-manifest-gradle.d.mts.map +1 -1
  23. package/dist/types/commands/manifest/cmd-manifest-kotlin.d.mts.map +1 -1
  24. package/dist/types/commands/manifest/convert-gradle-to-facts.d.mts +7 -0
  25. package/dist/types/commands/manifest/convert-gradle-to-facts.d.mts.map +1 -0
  26. package/dist/types/commands/manifest/convert_gradle_to_maven.d.mts.map +1 -1
  27. package/dist/types/commands/manifest/generate_auto_manifest.d.mts.map +1 -1
  28. package/dist/types/commands/scan/handle-create-new-scan.d.mts.map +1 -1
  29. package/dist/types/commands/scan/perform-reachability-analysis.d.mts.map +1 -1
  30. package/dist/types/constants.d.mts +4 -0
  31. package/dist/types/constants.d.mts.map +1 -1
  32. package/dist/types/utils/dlx.d.mts.map +1 -1
  33. package/dist/types/utils/socket-json.d.mts +1 -0
  34. package/dist/types/utils/socket-json.d.mts.map +1 -1
  35. package/dist/utils.js.map +1 -1
  36. package/package.json +2 -3
package/CHANGELOG.md CHANGED
@@ -5,10 +5,25 @@ All notable changes to this project will be documented in this file.
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
6
6
 
7
7
  ## [Unreleased]
8
-
9
- ### Added
10
8
  - **`socket manifest bazel [beta]`** — Generate Bazel JVM SBOM manifests by running `bazel query` against discovered Maven repos in a Bazel workspace. Closes the inline-Maven-declaration gap that lockfile-only parsing misses for repos like envoy, ray, tensorflow, tink-java, and or-tools. Auto-detects Bzlmod and legacy `WORKSPACE`.
11
9
  - **`socket scan create --auto-manifest`** now covers Bazel workspaces in addition to Gradle/Scala/Kotlin/Conda. Repos with `MODULE.bazel`, `WORKSPACE`, or `WORKSPACE.bazel` are detected automatically and their Maven dependencies extracted as part of the standard scan-create flow.
10
+ - **Bazel PyPI extraction** — `socket manifest bazel --ecosystem pypi` now generates `requirements.txt` for Python Bazel workspaces. Discovers custom `rules_python` pip hub names with Bazel command output first, queries `py_library` / `py_binary` / `py_test` dependencies, resolves canonical pinned versions from `requirements_lock.txt`, and emits PEP 503-normalized `name==version` lines. Supports both Bzlmod (`pip.parse`) and legacy `WORKSPACE` (`pip_parse` / `pip_install`) configurations. PyPI remains explicit opt-in for `socket scan create --auto-manifest` until real-world no-lockfile recovery is validated.
11
+
12
+ ### Changed
13
+ - **Bazel diagnostics** — `socket manifest bazel --verbose` now emits bounded subprocess traces with argv, cwd, duration, exit status, output sizes, and failure stderr tails to make customer log-only triage safer and faster.
14
+
15
+ ## [1.1.103](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.103) - 2026-05-26
16
+
17
+ ### Changed
18
+ - Updated the Coana CLI to v `15.3.9`.
19
+
20
+ ## [1.1.98](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.98) - 2026-05-22
21
+
22
+ ### Added
23
+ - **`socket manifest gradle --facts [beta]`** (and its `socket manifest kotlin --facts` alias) — Emit a `.socket.facts.json` dependency graph from a Gradle build, consumable by `socket scan create --reach` as pregenerated SBOM input for Tier 1 reachability. Toggle also exposed via the `socket manifest setup` wizard for use with `--auto-manifest`.
24
+
25
+ ### Changed
26
+ - Updated the Coana CLI to v `15.3.8`.
12
27
 
13
28
  ## [1.1.101](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.101) - 2026-05-22
14
29