From 0e481914f868230e9a502f0d11a99d933e77203b Mon Sep 17 00:00:00 2001 From: Jacky Cheung Date: Fri, 13 Sep 2024 18:11:34 +0100 Subject: [PATCH] feat: enable cocoapods to send graphs for cli monitor --- .circleci/config.yml | 26 ++- .snyk | 4 +- cliv2/go.mod | 7 +- cliv2/go.sum | 20 +- cliv2/internal/proxy/proxy_test.go | 6 +- help/cli-commands/config.md | 4 + package-lock.json | 186 ++++++++++++------ package.json | 6 +- src/cli/commands/monitor/index.ts | 14 +- .../test/iac/local-execution/local-cache.ts | 4 +- src/lib/iac/drift/driftctl.ts | 2 +- .../v2/local-cache/policy-engine/download.ts | 2 +- src/lib/monitor/index.ts | 7 +- src/lib/normalize-target-file.ts | 21 ++ src/lib/package-managers.ts | 1 + .../nodejs-plugin/npm-modules-parser.ts | 9 +- src/lib/policy/find-and-load-policy.ts | 9 +- src/lib/policy/pluck-policies.ts | 6 +- src/lib/snyk-test/run-test.ts | 11 +- test/acceptance/workspace-helper.ts | 8 + test/tap/cli-monitor.acceptance.test.ts | 52 +++++ .../cli-monitor.all-projects.spec.ts | 10 + .../test/util/prepareEnvironment.ts | 2 +- 23 files changed, 311 insertions(+), 106 deletions(-) create mode 100644 src/lib/normalize-target-file.ts diff --git a/.circleci/config.yml b/.circleci/config.yml index 1a882ce7bc..fc4bda463f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -3,10 +3,10 @@ version: 2.1 parameters: cli_download_base_url: type: string - default: 'https://static.snyk.io/' + default: 'https://downloads.snyk.io/' fips_cli_download_base_url: type: string - default: 'https://static.snyk.io/fips/' + default: 'https://downloads.snyk.io/fips/' go_download_base_url: type: string default: 'https://storage.googleapis.com/golang/' @@ -60,6 +60,11 @@ executors: - image: snyklabs/cli-build-arm64:20240814-161347 working_directory: /mnt/ramdisk/snyk resource_class: arm.large + docker-arm64-xl: + docker: + - image: snyklabs/cli-build-arm64:20240814-161347 + working_directory: /mnt/ramdisk/snyk + resource_class: arm.xlarge linux-ubuntu-mantic-amd64: docker: - image: ubuntu:mantic @@ -105,6 +110,11 @@ executors: # https://circleci.com/docs/2.0/testing-ios/#supported-xcode-versions xcode: '14.3.1' resource_class: macos.m1.medium.gen1 + macos-arm64-large: + macos: + # https://circleci.com/docs/2.0/testing-ios/#supported-xcode-versions + xcode: '14.3.1' + resource_class: macos.m1.large.gen1 win-server2022-amd64: machine: image: windows-server-2022-gui:2024.01.1 @@ -464,7 +474,7 @@ workflows: go_arch: amd64 go_download_base_url: << pipeline.parameters.fips_go_download_base_url >> make_target: build clean-golang build-fips - executor: docker-amd64 + executor: docker-amd64-xl requires: - prepare-build @@ -475,7 +485,7 @@ workflows: go_arch: arm64 go_download_base_url: << pipeline.parameters.fips_go_download_base_url >> make_target: build clean-golang build-fips - executor: docker-arm64 + executor: docker-arm64-xl requires: - prepare-build @@ -485,7 +495,7 @@ workflows: go_os: linux go_arch: amd64 go_download_base_url: << pipeline.parameters.go_download_base_url >> - executor: docker-amd64 + executor: docker-amd64-xl c_compiler: /usr/bin/musl-gcc requires: - prepare-build @@ -496,7 +506,7 @@ workflows: go_os: linux go_arch: arm64 go_download_base_url: << pipeline.parameters.go_download_base_url >> - executor: docker-arm64 + executor: docker-arm64-xl c_compiler: /usr/bin/musl-gcc requires: - prepare-build @@ -507,7 +517,7 @@ workflows: go_os: darwin go_arch: amd64 go_download_base_url: << pipeline.parameters.go_download_base_url >> - executor: macos-arm64 + executor: macos-arm64-large install_deps_extension: macos-build context: snyk-macos-signing requires: @@ -519,7 +529,7 @@ workflows: go_os: darwin go_arch: arm64 go_download_base_url: << pipeline.parameters.go_download_base_url >> - executor: macos-arm64 + executor: macos-arm64-large install_deps_extension: macos-build context: snyk-macos-signing requires: diff --git a/.snyk b/.snyk index 504111a482..e9fc405e6d 100644 --- a/.snyk +++ b/.snyk @@ -10,7 +10,7 @@ ignore: SNYK-JS-LODASHSET-1320032: - '*': reason: No upgrade path currently available - expires: 2024-09-13T13:14:22.120Z + expires: 2024-09-30T10:00:00.000Z created: 2023-09-13T13:14:22.120Z 'snyk:lic:npm:shescape:MPL-2.0': - '*': @@ -25,7 +25,7 @@ ignore: SNYK-JS-MICROMATCH-6838728: - '*': reason: Direct usage within Snyk CLI are not using vulnerable function - expires: 2024-08-13T04:12:20.523Z + expires: 2024-10-13T04:12:20.523Z created: 2024-05-14T04:12:20.531Z patch: {} exclude: diff --git a/cliv2/go.mod b/cliv2/go.mod index 3078bedd30..8f8211fda8 100644 --- a/cliv2/go.mod +++ b/cliv2/go.mod @@ -17,11 +17,11 @@ require ( github.com/snyk/cli-extension-sbom v0.0.0-20240820111700-68258cba52c7 github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7 github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb - github.com/snyk/go-application-framework v0.0.0-20240913080246-0b338561e8ee + github.com/snyk/go-application-framework v0.0.0-20240916162251-0ac46beed30a github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 github.com/snyk/snyk-iac-capture v0.6.5 - github.com/snyk/snyk-ls v0.0.0-20240903085751-fa9fa4069fc2 - github.com/spf13/cobra v1.8.0 + github.com/snyk/snyk-ls v0.0.0-20240916171826-f45a1a9e861a + github.com/spf13/cobra v1.8.1 github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 ) @@ -170,6 +170,7 @@ require ( github.com/tklauser/numcpus v0.8.0 // indirect github.com/ulikunitz/xz v0.5.12 // indirect github.com/vincent-petithory/dataurl v1.0.0 // indirect + github.com/writeas/go-strip-markdown v2.0.1+incompatible // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect diff --git a/cliv2/go.sum b/cliv2/go.sum index bc572ba5f7..1c9db0e634 100644 --- a/cliv2/go.sum +++ b/cliv2/go.sum @@ -287,7 +287,7 @@ github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWH github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw= github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creachadair/jrpc2 v1.2.1 h1:eIgmguoqLbEjn4Pb/XYMg5U1PhVpAClGdhI/Q4gfC5o= github.com/creachadair/jrpc2 v1.2.1/go.mod h1:RvEKAYVpDBKn3YWlTVQJIFmxG5GuLD7ztp9FMTJx8eI= github.com/creachadair/mds v0.16.0 h1:v6DlvKXClowXFg4hkjLCR1FEFiREMf0qgX+Lm5GsEKk= @@ -713,8 +713,8 @@ github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUc github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= -github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/rogpeppe/go-internal v1.12.1-0.20240709150035-ccf4b4329d21 h1:igWZJluD8KtEtAgRyF4x6lqcxDry1ULztksMJh2mnQE= +github.com/rogpeppe/go-internal v1.12.1-0.20240709150035-ccf4b4329d21/go.mod h1:RMRJLmBOqWacUkmJHRMiPKh1S1m3PA7Zh4W80/kWPpg= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8= github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= @@ -747,16 +747,16 @@ github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7 h1:Zn5BcV76oFAb github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7/go.mod h1:38w+dcAQp9eG3P5t2eNS9eG0reut10AeJjLv5lJ5lpM= github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb h1:w9tJhpTFxWqAhLeraGsMExDjGK9x5Dwj1NRFwb+t+QE= github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb/go.mod h1:Ytttq7Pw4vOCu9NtRQaOeDU2dhBYUyNBe6kX4+nIIQ4= -github.com/snyk/go-application-framework v0.0.0-20240913080246-0b338561e8ee h1:/O6kBSDLDsMc1he2tENvjNR8ecqwm+FmrTYl0rwnim4= -github.com/snyk/go-application-framework v0.0.0-20240913080246-0b338561e8ee/go.mod h1:zgYTVG71nX7zTb3ELeRlnwE/uKQxeOyQmAHtg6bC4uU= +github.com/snyk/go-application-framework v0.0.0-20240916162251-0ac46beed30a h1:0N+A+kBKFAZDL0QWiBnaR9G5WKm90jsq/L0T0aHcEP8= +github.com/snyk/go-application-framework v0.0.0-20240916162251-0ac46beed30a/go.mod h1:LeMsRM1FxIfO/8QpOs9V/dI46ie/RAQl02ulAh6aKys= github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65 h1:CEQuYv0Go6MEyRCD3YjLYM2u3Oxkx8GpCpFBd4rUTUk= github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65/go.mod h1:88KbbvGYlmLgee4OcQ19yr0bNpXpOr2kciOthaSzCAg= github.com/snyk/policy-engine v0.30.11 h1:wUy5LMar2vccMbNM62MSBRdjAQAhAbIm7aNXXO+g2tk= github.com/snyk/policy-engine v0.30.11/go.mod h1:O6nwYXbb+SNDrYVWBwkieOwVuwXNKBHuXLm//fLz9Dw= github.com/snyk/snyk-iac-capture v0.6.5 h1:992DXCAJSN97KtUh8T5ndaWwd/6ZCal2bDkRXqM1u/E= github.com/snyk/snyk-iac-capture v0.6.5/go.mod h1:e47i55EmM0F69ZxyFHC4sCi7vyaJW6DLoaamJJCzWGk= -github.com/snyk/snyk-ls v0.0.0-20240903085751-fa9fa4069fc2 h1:51FkGU1bVEYt2USopshLI6b9TPdPP/hqkaDoIY/NCDI= -github.com/snyk/snyk-ls v0.0.0-20240903085751-fa9fa4069fc2/go.mod h1:Z2q71ZqSmdDJq0mlIVkmquta/z0+P46yBIbmlS2p+74= +github.com/snyk/snyk-ls v0.0.0-20240916171826-f45a1a9e861a h1:q5DhB1lYHBnvZAU24mVBgjIfoCLCfiE9Ay52KOvZOvg= +github.com/snyk/snyk-ls v0.0.0-20240916171826-f45a1a9e861a/go.mod h1:CkqmVcwI/JTXiBEa6I1OWmrdpYUe+keg7nj/VE+6WK8= github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo= github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd h1:Dq5WSzWsP1TbVi10zPWBI5LKEBDg4Y1OhWEph1wr5WQ= @@ -766,8 +766,8 @@ github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= -github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= -github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ= @@ -815,6 +815,8 @@ github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0o github.com/vincent-petithory/dataurl v1.0.0 h1:cXw+kPto8NLuJtlMsI152irrVw9fRDX8AbShPRpg2CI= github.com/vincent-petithory/dataurl v1.0.0/go.mod h1:FHafX5vmDzyP+1CQATJn7WFKc9CvnvxyvZy6I1MrG/U= github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= +github.com/writeas/go-strip-markdown v2.0.1+incompatible h1:IIqxTM5Jr7RzhigcL6FkrCNfXkvbR+Nbu1ls48pXYcw= +github.com/writeas/go-strip-markdown v2.0.1+incompatible/go.mod h1:Rsyu10ZhbEK9pXdk8V6MVnZmTzRG0alMNLMwa0J01fE= github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM= github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= diff --git a/cliv2/internal/proxy/proxy_test.go b/cliv2/internal/proxy/proxy_test.go index ad70d79f31..65ad4830c9 100644 --- a/cliv2/internal/proxy/proxy_test.go +++ b/cliv2/internal/proxy/proxy_test.go @@ -120,7 +120,7 @@ func Test_canGoThroughProxy(t *testing.T) { proxiedClient, err := helper_getHttpClient(wp, useProxyAuth) assert.Nil(t, err) - res, err := proxiedClient.Get("https://static.snyk.io/cli/latest/version") + res, err := proxiedClient.Get("https://downloads.snyk.io/cli/latest/version") if err != nil { t.Fatal(err) } @@ -148,7 +148,7 @@ func Test_proxyRejectsWithoutBasicAuthHeader(t *testing.T) { proxiedClient, err := helper_getHttpClient(wp, useProxyAuth) assert.Nil(t, err) - res, err := proxiedClient.Get("https://static.snyk.io/cli/latest/version") + res, err := proxiedClient.Get("https://downloads.snyk.io/cli/latest/version") assert.Nil(t, res) assert.NotNil(t, err) assert.Contains(t, err.Error(), "Proxy Authentication Required") @@ -264,7 +264,7 @@ func Test_proxyPropagatesAuthFailureHeader(t *testing.T) { proxiedClient, err := helper_getHttpClient(wp, useProxyAuth) assert.Nil(t, err) - res, err := proxiedClient.Get("https://static.snyk.io/cli/latest/version") + res, err := proxiedClient.Get("https://downloads.snyk.io/cli/latest/version") assert.Nil(t, err) // Assert that the proxy propagates the auth failed marker header to the response. assert.Equal(t, res.Header.Get("snyk-auth-failed"), "true") diff --git a/help/cli-commands/config.md b/help/cli-commands/config.md index b46c698e60..e9976f803a 100644 --- a/help/cli-commands/config.md +++ b/help/cli-commands/config.md @@ -34,6 +34,10 @@ Remove a config value. Remove all config values. +### `environment` + +Change the endpoint to use. Run `config environment --help` or see the [Config environment help page](https://docs.snyk.io/snyk-cli/commands/config-environment) + ## Supported `` values ### `api` diff --git a/package-lock.json b/package-lock.json index dcda92b8f8..2fb7e99826 100644 --- a/package-lock.json +++ b/package-lock.json @@ -57,7 +57,7 @@ "lodash.upperfirst": "^4.3.1", "lodash.values": "^4.3.0", "marked": "^4.0.1", - "micromatch": "4.0.7", + "micromatch": "4.0.8", "needle": "^3.3.0", "open": "^7.0.3", "ora": "5.4.0", @@ -75,11 +75,11 @@ "snyk-mvn-plugin": "3.6.0", "snyk-nodejs-lockfile-parser": "1.58.10", "snyk-nodejs-plugin": "1.3.3", - "snyk-nuget-plugin": "2.7.7", + "snyk-nuget-plugin": "2.7.8", "snyk-php-plugin": "1.9.2", "snyk-policy": "^4.0.0", "snyk-python-plugin": "2.2.1", - "snyk-resolve-deps": "4.7.3", + "snyk-resolve-deps": "4.8.0", "snyk-sbt-plugin": "2.18.1", "snyk-swiftpm-plugin": "1.4.1", "strip-ansi": "^6.0.1", @@ -15452,11 +15452,6 @@ "resolved": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz", "integrity": "sha1-DZnzzNem0mHRm9rrkkUAXShYCOc=" }, - "node_modules/lodash.assignin": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.assignin/-/lodash.assignin-4.2.0.tgz", - "integrity": "sha1-uo31+4QesKPoBEIysOJjqNxqKKI=" - }, "node_modules/lodash.camelcase": { "version": "4.3.0", "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", @@ -15650,7 +15645,8 @@ "node_modules/lodash.set": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" + "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=", + "dev": true }, "node_modules/lodash.size": { "version": "4.2.0", @@ -16067,9 +16063,9 @@ } }, "node_modules/micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "dependencies": { "braces": "^3.0.3", "picomatch": "^2.3.1" @@ -21044,6 +21040,18 @@ "yallist": "^2.1.2" } }, + "node_modules/snyk-nodejs-plugin/node_modules/micromatch": { + "version": "4.0.7", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", + "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "dependencies": { + "braces": "^3.0.3", + "picomatch": "^2.3.1" + }, + "engines": { + "node": ">=8.6" + } + }, "node_modules/snyk-nodejs-plugin/node_modules/semver": { "version": "5.7.2", "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", @@ -21084,9 +21092,9 @@ "integrity": "sha512-ncTzHV7NvsQZkYe1DW7cbDLm0YpzHmZF5r/iyP3ZnQtMiJ+pjzisCiMNI+Sj+xQF5pXhSHxSB3uDbsBTzY/c2A==" }, "node_modules/snyk-nuget-plugin": { - "version": "2.7.7", - "resolved": "https://registry.npmjs.org/snyk-nuget-plugin/-/snyk-nuget-plugin-2.7.7.tgz", - "integrity": "sha512-UKVE4Wp7v9sLqaxBnlXqeWMxUBZJ1OMTkmqtaTWRETJraPlKs/T2aRodAu16JcWPVUkNxrtAebzbXc17ji3kgQ==", + "version": "2.7.8", + "resolved": "https://registry.npmjs.org/snyk-nuget-plugin/-/snyk-nuget-plugin-2.7.8.tgz", + "integrity": "sha512-FufhAyRXKky50fMpLwQ9n6MLchv0S+q4lTyvNsSd+yJWnDHLjI/AMnN8hM6cXwsJtl8DwMDWvXu0rUGNES0Brg==", "dependencies": { "@snyk/cli-interface": "^2.14.0", "@snyk/dep-graph": "^2.8.1", @@ -21310,27 +21318,53 @@ } }, "node_modules/snyk-resolve-deps": { - "version": "4.7.3", - "resolved": "https://registry.npmjs.org/snyk-resolve-deps/-/snyk-resolve-deps-4.7.3.tgz", - "integrity": "sha512-UzPCDS4xzcSqahmTpC1o75aIX0t/1voj34X3D3yOn3FvY9doiXC02B4IILpPh75ZFtYgdqkOr7TS2lm/ltgEcg==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/snyk-resolve-deps/-/snyk-resolve-deps-4.8.0.tgz", + "integrity": "sha512-/pXaStapn8ldr68e1Bs2gmxoQpiB3fnjfZSfzY82bxedmSKzQgTJ5vhf1P9kALj3IBEb1wYaQ/MtNH5E9DK0/g==", + "license": "Apache-2.0", "dependencies": { "ansicolors": "^0.3.2", - "debug": "^4.1.1", - "lodash.assign": "^4.2.0", - "lodash.assignin": "^4.2.0", - "lodash.clone": "^4.5.0", - "lodash.flatten": "^4.4.0", - "lodash.get": "^4.4.2", - "lodash.set": "^4.3.2", - "lru-cache": "^4.0.0", - "semver": "^5.5.1", - "snyk-module": "^3.1.0", - "snyk-resolve": "^1.0.0", + "debug": "^4.3.4", + "lodash": "^4.17.21", + "lru-cache": "^4.1.5", + "semver": "^5.7.2", + "snyk-module": "^3.2.0", + "snyk-resolve": "^1.1.0", "snyk-tree": "^1.0.0", "snyk-try-require": "^2.0.2", "then-fs": "^2.0.0" } }, + "node_modules/snyk-resolve-deps/node_modules/hosted-git-info": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.1.0.tgz", + "integrity": "sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA==", + "license": "ISC", + "dependencies": { + "lru-cache": "^6.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/snyk-resolve-deps/node_modules/hosted-git-info/node_modules/lru-cache": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "license": "ISC", + "dependencies": { + "yallist": "^4.0.0" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/snyk-resolve-deps/node_modules/hosted-git-info/node_modules/yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==", + "license": "ISC" + }, "node_modules/snyk-resolve-deps/node_modules/lru-cache": { "version": "4.1.5", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.5.tgz", @@ -21348,6 +21382,16 @@ "semver": "bin/semver" } }, + "node_modules/snyk-resolve-deps/node_modules/snyk-module": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/snyk-module/-/snyk-module-3.2.0.tgz", + "integrity": "sha512-6MLJyi4OMOZtCWTzGgRMEEw9qQ1fAwKoj5XYXfKOjIsohi3ubKsVfvSoScj0IovtiKowm2iCZ+VIRPJab6nCxA==", + "license": "Apache-2.0", + "dependencies": { + "debug": "^4.1.1", + "hosted-git-info": "^4.0.2" + } + }, "node_modules/snyk-resolve-deps/node_modules/yallist": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz", @@ -36006,11 +36050,6 @@ "resolved": "https://registry.npmjs.org/lodash.assign/-/lodash.assign-4.2.0.tgz", "integrity": "sha1-DZnzzNem0mHRm9rrkkUAXShYCOc=" }, - "lodash.assignin": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.assignin/-/lodash.assignin-4.2.0.tgz", - "integrity": "sha1-uo31+4QesKPoBEIysOJjqNxqKKI=" - }, "lodash.camelcase": { "version": "4.3.0", "resolved": "https://registry.npmjs.org/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz", @@ -36204,7 +36243,8 @@ "lodash.set": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" + "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=", + "dev": true }, "lodash.size": { "version": "4.2.0", @@ -36518,9 +36558,9 @@ "dev": true }, "micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "version": "4.0.8", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz", + "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==", "requires": { "braces": "^3.0.3", "picomatch": "^2.3.1" @@ -40249,6 +40289,15 @@ "yallist": "^2.1.2" } }, + "micromatch": { + "version": "4.0.7", + "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", + "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", + "requires": { + "braces": "^3.0.3", + "picomatch": "^2.3.1" + } + }, "semver": { "version": "5.7.2", "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", @@ -40288,9 +40337,9 @@ } }, "snyk-nuget-plugin": { - "version": "2.7.7", - "resolved": "https://registry.npmjs.org/snyk-nuget-plugin/-/snyk-nuget-plugin-2.7.7.tgz", - "integrity": "sha512-UKVE4Wp7v9sLqaxBnlXqeWMxUBZJ1OMTkmqtaTWRETJraPlKs/T2aRodAu16JcWPVUkNxrtAebzbXc17ji3kgQ==", + "version": "2.7.8", + "resolved": "https://registry.npmjs.org/snyk-nuget-plugin/-/snyk-nuget-plugin-2.7.8.tgz", + "integrity": "sha512-FufhAyRXKky50fMpLwQ9n6MLchv0S+q4lTyvNsSd+yJWnDHLjI/AMnN8hM6cXwsJtl8DwMDWvXu0rUGNES0Brg==", "requires": { "@snyk/cli-interface": "^2.14.0", "@snyk/dep-graph": "^2.8.1", @@ -40478,27 +40527,45 @@ } }, "snyk-resolve-deps": { - "version": "4.7.3", - "resolved": "https://registry.npmjs.org/snyk-resolve-deps/-/snyk-resolve-deps-4.7.3.tgz", - "integrity": "sha512-UzPCDS4xzcSqahmTpC1o75aIX0t/1voj34X3D3yOn3FvY9doiXC02B4IILpPh75ZFtYgdqkOr7TS2lm/ltgEcg==", + "version": "4.8.0", + "resolved": "https://registry.npmjs.org/snyk-resolve-deps/-/snyk-resolve-deps-4.8.0.tgz", + "integrity": "sha512-/pXaStapn8ldr68e1Bs2gmxoQpiB3fnjfZSfzY82bxedmSKzQgTJ5vhf1P9kALj3IBEb1wYaQ/MtNH5E9DK0/g==", "requires": { "ansicolors": "^0.3.2", - "debug": "^4.1.1", - "lodash.assign": "^4.2.0", - "lodash.assignin": "^4.2.0", - "lodash.clone": "^4.5.0", - "lodash.flatten": "^4.4.0", - "lodash.get": "^4.4.2", - "lodash.set": "^4.3.2", - "lru-cache": "^4.0.0", - "semver": "^5.5.1", - "snyk-module": "^3.1.0", - "snyk-resolve": "^1.0.0", + "debug": "^4.3.4", + "lodash": "^4.17.21", + "lru-cache": "^4.1.5", + "semver": "^5.7.2", + "snyk-module": "^3.2.0", + "snyk-resolve": "^1.1.0", "snyk-tree": "^1.0.0", "snyk-try-require": "^2.0.2", "then-fs": "^2.0.0" }, "dependencies": { + "hosted-git-info": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.1.0.tgz", + "integrity": "sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA==", + "requires": { + "lru-cache": "^6.0.0" + }, + "dependencies": { + "lru-cache": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", + "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", + "requires": { + "yallist": "^4.0.0" + } + }, + "yallist": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", + "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" + } + } + }, "lru-cache": { "version": "4.1.5", "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.5.tgz", @@ -40513,6 +40580,15 @@ "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz", "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==" }, + "snyk-module": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/snyk-module/-/snyk-module-3.2.0.tgz", + "integrity": "sha512-6MLJyi4OMOZtCWTzGgRMEEw9qQ1fAwKoj5XYXfKOjIsohi3ubKsVfvSoScj0IovtiKowm2iCZ+VIRPJab6nCxA==", + "requires": { + "debug": "^4.1.1", + "hosted-git-info": "^4.0.2" + } + }, "yallist": { "version": "2.1.2", "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz", diff --git a/package.json b/package.json index 2be0ddec2c..3e53e3c127 100644 --- a/package.json +++ b/package.json @@ -105,7 +105,7 @@ "lodash.upperfirst": "^4.3.1", "lodash.values": "^4.3.0", "marked": "^4.0.1", - "micromatch": "4.0.7", + "micromatch": "4.0.8", "needle": "^3.3.0", "open": "^7.0.3", "ora": "5.4.0", @@ -123,11 +123,11 @@ "snyk-mvn-plugin": "3.6.0", "snyk-nodejs-lockfile-parser": "1.58.10", "snyk-nodejs-plugin": "1.3.3", - "snyk-nuget-plugin": "2.7.7", + "snyk-nuget-plugin": "2.7.8", "snyk-php-plugin": "1.9.2", "snyk-policy": "^4.0.0", "snyk-python-plugin": "2.2.1", - "snyk-resolve-deps": "4.7.3", + "snyk-resolve-deps": "4.8.0", "snyk-sbt-plugin": "2.18.1", "snyk-swiftpm-plugin": "1.4.1", "strip-ansi": "^6.0.1", diff --git a/src/cli/commands/monitor/index.ts b/src/cli/commands/monitor/index.ts index 4bbdafae21..a242792e94 100644 --- a/src/cli/commands/monitor/index.ts +++ b/src/cli/commands/monitor/index.ts @@ -50,6 +50,7 @@ import { getFormattedMonitorOutput } from '../../../lib/ecosystems/monitor'; import { processCommandArgs } from '../process-command-args'; import { hasFeatureFlag } from '../../../lib/feature-flags'; import { PNPM_FEATURE_FLAG } from '../../../lib/package-managers'; +import { normalizeTargetFile } from '../../../lib/normalize-target-file'; const SEPARATOR = '\n-------------------------------------------------------\n'; const debug = Debug('snyk'); @@ -294,12 +295,15 @@ export default async function monitor(...args0: MethodArgs): Promise { maybePrintDepTree(options, projectDeps.depTree); } - const tFile = projectDeps.targetFile || targetFile; - const targetFileRelativePath = - projectDeps.plugin.targetFile || - (tFile && pathUtil.join(pathUtil.resolve(path), tFile)) || - ''; + const tFile = normalizeTargetFile( + projectDeps, + projectDeps.plugin, + targetFile, + ); + const targetFileRelativePath = tFile + ? pathUtil.resolve(pathUtil.resolve(path), tFile) + : ''; const res: MonitorResult = await promiseOrCleanup( snykMonitor( path, diff --git a/src/cli/commands/test/iac/local-execution/local-cache.ts b/src/cli/commands/test/iac/local-execution/local-cache.ts index 2ddbcd8556..3962bda4d3 100644 --- a/src/cli/commands/test/iac/local-execution/local-cache.ts +++ b/src/cli/commands/test/iac/local-execution/local-cache.ts @@ -142,7 +142,7 @@ export async function initLocalCache({ // We extract the Snyk rules after the custom rules to ensure our files // always overwrite whatever might be there. try { - const BUNDLE_URL = 'https://static.snyk.io/cli/wasm/bundle.tar.gz'; + const BUNDLE_URL = 'https://downloads.snyk.io/cli/wasm/bundle.tar.gz'; const response = await streamRequest({ method: 'get', url: BUNDLE_URL, @@ -185,7 +185,7 @@ export class FailedToDownloadRulesError extends CustomError { this.code = IaCErrorCodes.FailedToDownloadRulesError; this.strCode = getErrorStringCode(this.code); this.userMessage = - 'We were unable to download the security rules, please ensure the network can access https://static.snyk.io'; + 'We were unable to download the security rules, please ensure the network can access https://downloads.snyk.io'; } } diff --git a/src/lib/iac/drift/driftctl.ts b/src/lib/iac/drift/driftctl.ts index 7f960f5c86..6c78aa48a9 100644 --- a/src/lib/iac/drift/driftctl.ts +++ b/src/lib/iac/drift/driftctl.ts @@ -60,7 +60,7 @@ const driftctlChecksums = { 'e6bbdf341148e81511d30dd5afe2fa2ef08f3b0b75079bf0bde2b790d75beb8a', }; -const dctlBaseUrl = 'https://static.snyk.io/cli/driftctl/'; +const dctlBaseUrl = 'https://downloads.snyk.io/cli/driftctl/'; const driftctlPath: string = path.join( cachePath, diff --git a/src/lib/iac/test/v2/local-cache/policy-engine/download.ts b/src/lib/iac/test/v2/local-cache/policy-engine/download.ts index 95283c66ca..1b2092cd4b 100644 --- a/src/lib/iac/test/v2/local-cache/policy-engine/download.ts +++ b/src/lib/iac/test/v2/local-cache/policy-engine/download.ts @@ -58,7 +58,7 @@ async function fetch(): Promise { return policyEngineDataBuffer; } -export const policyEngineUrl = `https://static.snyk.io/cli/iac/test/v${policyEngineReleaseVersion}/${policyEngineFileName}`; +export const policyEngineUrl = `https://downloads.snyk.io/cli/iac/test/v${policyEngineReleaseVersion}/${policyEngineFileName}`; export class FailedToDownloadPolicyEngineError extends CustomError { constructor() { diff --git a/src/lib/monitor/index.ts b/src/lib/monitor/index.ts index beca7aa38d..61eb390beb 100644 --- a/src/lib/monitor/index.ts +++ b/src/lib/monitor/index.ts @@ -43,6 +43,7 @@ import { getTargetFile, } from './utils'; import { countPathsToGraphRoot } from '../utils'; +import { PackageExpanded } from 'snyk-resolve-deps/dist/types'; const debug = Debug('snyk'); @@ -187,7 +188,9 @@ async function monitorDepTree( root, meta.isDocker ? 'docker' : packageManager!, options, - depTree, + // TODO: fix this and send only send when we used resolve-deps for node + // it should be a ExpandedPkgTree type instead + depTree as unknown as PackageExpanded, targetFileDir, ); @@ -427,7 +430,7 @@ async function monitorDepGraphFromDepTree( options, // TODO: fix this and send only send when we used resolve-deps for node // it should be a ExpandedPkgTree type instead - depTree, + depTree as unknown as PackageExpanded, targetFileDir, ); diff --git a/src/lib/normalize-target-file.ts b/src/lib/normalize-target-file.ts new file mode 100644 index 0000000000..2a4b65abae --- /dev/null +++ b/src/lib/normalize-target-file.ts @@ -0,0 +1,21 @@ +import type { PluginMetadata } from '@snyk/cli-interface/legacy/plugin'; +import type { ScannedProjectCustom } from './plugins/get-multi-plugin-result'; +import type { ScannedProject } from '@snyk/cli-interface/legacy/common'; + +/** + * Normalizes the target file path for a scanned project across + * test and monitor workflows. + * + * @param {ScannedProject | ScannedProjectCustom} scannedProject - The scanned project containing metadata such as the target file path. + * @param {PluginMetadata} plugin - Metadata about the plugin used to scan the project, which may also include the target file path. + * @param {string} [fallback=''] - A fallback value to return if neither the scanned project nor the plugin contain a target file path. Defaults to an empty string. + * + * @returns {string} - The resolved target file path from either the scanned project, plugin, or the provided fallback value if none are available. + */ +export function normalizeTargetFile( + scannedProject: ScannedProject | ScannedProjectCustom, + plugin: PluginMetadata, + fallback = '', +): string { + return scannedProject.targetFile || plugin.targetFile || fallback; +} diff --git a/src/lib/package-managers.ts b/src/lib/package-managers.ts index a42080a7c2..514eb473b7 100644 --- a/src/lib/package-managers.ts +++ b/src/lib/package-managers.ts @@ -85,6 +85,7 @@ export const GRAPH_SUPPORTED_PACKAGE_MANAGERS: SupportedPackageManagers[] = [ 'yarn', 'rubygems', 'poetry', + 'cocoapods', ]; // For ecosystems with a flat set of libraries (e.g. Python, JVM), one can // "pin" a transitive dependency diff --git a/src/lib/plugins/nodejs-plugin/npm-modules-parser.ts b/src/lib/plugins/nodejs-plugin/npm-modules-parser.ts index 7671afa93b..322fd64f19 100644 --- a/src/lib/plugins/nodejs-plugin/npm-modules-parser.ts +++ b/src/lib/plugins/nodejs-plugin/npm-modules-parser.ts @@ -1,6 +1,7 @@ import * as path from 'path'; import * as fs from 'fs'; -import * as resolveNodeDeps from 'snyk-resolve-deps'; +import { PackageExpanded } from 'snyk-resolve-deps/dist/types'; +import * as resolveDeps from 'snyk-resolve-deps'; import * as baseDebug from 'debug'; const isEmpty = require('lodash.isempty'); import { spinner } from '../../spinner'; @@ -14,7 +15,7 @@ export async function parse( root: string, targetFile: string, options: Options, -): Promise { +): Promise { if (targetFile.endsWith('yarn.lock')) { options.file = options.file && options.file.replace('yarn.lock', 'package.json'); @@ -44,7 +45,7 @@ export async function parse( name: packageJson.name || 'package.json', dependencies: {}, version: packageJson.version, - }), + } as unknown as PackageExpanded), ); } } catch (e) { @@ -77,7 +78,7 @@ export async function parse( try { await spinner.clear(resolveModuleSpinnerLabel)(); await spinner(resolveModuleSpinnerLabel); - return resolveNodeDeps( + return resolveDeps( root, Object.assign({}, options, { noFromArrays: true }), ); diff --git a/src/lib/policy/find-and-load-policy.ts b/src/lib/policy/find-and-load-policy.ts index 5e64161695..d811772298 100644 --- a/src/lib/policy/find-and-load-policy.ts +++ b/src/lib/policy/find-and-load-policy.ts @@ -1,10 +1,10 @@ import * as snykPolicyLib from 'snyk-policy'; import * as debugModule from 'debug'; -import { PackageExpanded } from 'snyk-resolve-deps'; +import { PackageExpanded } from 'snyk-resolve-deps/dist/types'; import { pluckPolicies } from '.'; import { SupportedPackageManagers } from '../package-managers'; -import { PackageJson, PolicyOptions } from '../types'; +import { PolicyOptions } from '../types'; import * as analytics from '../analytics'; const debug = debugModule('snyk'); @@ -27,7 +27,10 @@ export async function findAndLoadPolicy( } else if (isNodeProject) { // TODO: pluckPolicies expects a package.json object to // find and apply policies in node_modules - policyLocations = policyLocations.concat(pluckPolicies(pkg as PackageJson)); + // TODO: fix these types, this is a hack and is not correct + policyLocations = policyLocations.concat( + pluckPolicies(pkg as unknown as PackageExpanded), + ); } debug('Potential policy locations found:', policyLocations); diff --git a/src/lib/policy/pluck-policies.ts b/src/lib/policy/pluck-policies.ts index 8a6d83ef9f..93eabafc5d 100644 --- a/src/lib/policy/pluck-policies.ts +++ b/src/lib/policy/pluck-policies.ts @@ -1,12 +1,16 @@ const flatten = require('lodash.flatten'); -import { PackageExpanded } from 'snyk-resolve-deps'; +import { PackageExpanded } from 'snyk-resolve-deps/dist/types'; export function pluckPolicies(pkg: PackageExpanded): string[] | string { if (!pkg) { return []; } + // eslint-disable-next-line @typescript-eslint/ban-ts-comment + // @ts-ignore: broken type if (pkg.snyk) { + // eslint-disable-next-line @typescript-eslint/ban-ts-comment + // @ts-ignore: broken type return pkg.snyk; } diff --git a/src/lib/snyk-test/run-test.ts b/src/lib/snyk-test/run-test.ts index 6f1dca6721..4db89f492b 100644 --- a/src/lib/snyk-test/run-test.ts +++ b/src/lib/snyk-test/run-test.ts @@ -84,6 +84,8 @@ import { PNPM_FEATURE_FLAG, SUPPORTED_MANIFEST_FILES, } from '../package-managers'; +import { PackageExpanded } from 'snyk-resolve-deps/dist/types'; +import { normalizeTargetFile } from '../normalize-target-file'; const debug = debugModule('snyk:run-test'); @@ -725,8 +727,11 @@ async function assembleLocalPayloads( } // todo: normalize what target file gets used across plugins and functions - const targetFile = - scannedProject.targetFile || deps.plugin.targetFile || options.file; + const targetFile = normalizeTargetFile( + scannedProject, + deps.plugin, + options.file, + ); // Forcing options.path to be a string as pathUtil requires is to be stringified const targetFileRelativePath = targetFile @@ -749,7 +754,7 @@ async function assembleLocalPayloads( options, // TODO: fix this and send only send when we used resolve-deps for node // it should be a ExpandedPkgTree type instead - pkg, + pkg as unknown as PackageExpanded, targetFileDir, ); diff --git a/test/acceptance/workspace-helper.ts b/test/acceptance/workspace-helper.ts index 792738ef7d..a689ec0f8f 100644 --- a/test/acceptance/workspace-helper.ts +++ b/test/acceptance/workspace-helper.ts @@ -3,6 +3,14 @@ import { readFileSync } from 'fs'; const workspacePath = path.join(__dirname, 'workspaces'); +/** + * Changes the current working directory to the specified subdirectory within the workspace path. + * + * @param {string} subdir - The subdirectory to navigate to (optional). If not provided, the workspace path itself will be used. + * + * @example + * chdirWorkspaces('project1'); // Changes the working directory to '${workspacePath}/project1' + */ export function chdirWorkspaces(subdir = '') { const dir = path.join(workspacePath, subdir); process.chdir(dir); diff --git a/test/tap/cli-monitor.acceptance.test.ts b/test/tap/cli-monitor.acceptance.test.ts index 57ba729297..7331da9375 100644 --- a/test/tap/cli-monitor.acceptance.test.ts +++ b/test/tap/cli-monitor.acceptance.test.ts @@ -1475,6 +1475,58 @@ if (!isWindows) { ); }); + test('`monitor cocoapods-app with just Podfile.lock`', async (t) => { + chdirWorkspaces('cocoapods-app'); + const plugin = { + async inspect() { + return { + plugin: { + targetFile: 'Podfile.lock', + name: 'snyk-cocoapods-plugin', + runtime: 'cocoapods', + }, + package: {}, + }; + }, + }; + console.log(plugin) + const spyPlugin = sinon.spy(plugin, 'inspect'); + + const loadPlugin = sinon.stub(plugins, 'loadPlugin'); + t.teardown(loadPlugin.restore); + loadPlugin.withArgs('cocoapods').returns(plugin); + + await cli.monitor('./', { + file: 'Podfile.lock', + }); + const req = server.popRequest(); + t.equal(req.method, 'PUT', 'makes PUT request'); + t.equal( + req.headers['x-snyk-cli-version'], + versionNumber, + 'sends version number', + ); + const depGraphJSON = req.body.depGraphJSON; + t.ok(depGraphJSON); + t.match(req.url, '/monitor/cocoapods/graph', 'puts at correct url'); + t.equal(req.body.targetFile, 'Podfile.lock', 'sends the targetFile (Podfile)'); + t.same( + spyPlugin.getCall(0).args, + [ + './', + 'Podfile.lock', + { + args: null, + file: 'Podfile.lock', + packageManager: 'cocoapods', + path: './', + }, + snykHttpClient, + ], + 'calls CocoaPods plugin', + ); + }); + test('`monitor large-mono-repo --file=bundler-app/Gemfile` suggest to use --all-projects', async (t) => { chdirWorkspaces('large-mono-repo'); const res = await cli.monitor({ file: 'bundler-app/Gemfile' }); diff --git a/test/tap/cli-monitor/cli-monitor.all-projects.spec.ts b/test/tap/cli-monitor/cli-monitor.all-projects.spec.ts index 0a91bf47ed..6641a4c694 100644 --- a/test/tap/cli-monitor/cli-monitor.all-projects.spec.ts +++ b/test/tap/cli-monitor/cli-monitor.all-projects.spec.ts @@ -1,6 +1,7 @@ import * as sinon from 'sinon'; import * as path from 'path'; import * as depGraphLib from '@snyk/dep-graph'; +import { getWorkspacePath } from '../../jest/util/getWorkspacePath'; interface AcceptanceTests { language: string; @@ -412,6 +413,9 @@ export const AllProjectsTests: AcceptanceTests = { }, }, depGraph: simpleGradleGraph, + targetFile: + getWorkspacePath('gradle-monorepo') + + '/subproj/build.gradle', }, ], }; @@ -437,6 +441,7 @@ export const AllProjectsTests: AcceptanceTests = { 'gradle project was monitored', ); + let policyCount = 0; const requests = params.server .getRequests() .filter((req) => req.url.includes('/monitor/')); @@ -447,6 +452,10 @@ export const AllProjectsTests: AcceptanceTests = { /\/api\/v1\/monitor\/(npm\/graph|gradle\/graph)/, 'puts at correct url', ); + + if (req.body.policy) { + policyCount++; + } t.notOk(req.body.targetFile, "doesn't send the targetFile"); t.equal(req.method, 'PUT', 'makes PUT request'); t.equal( @@ -455,6 +464,7 @@ export const AllProjectsTests: AcceptanceTests = { 'sends version number', ); }); + t.equal(policyCount, 1, '1 nested policy found in monorepo'); }, '`monitor kotlin-monorepo --all-projects` scans kotlin files': (params, utils) => async (t) => { diff --git a/ts-binary-wrapper/test/util/prepareEnvironment.ts b/ts-binary-wrapper/test/util/prepareEnvironment.ts index 15a1cf3125..5b190bd4fd 100644 --- a/ts-binary-wrapper/test/util/prepareEnvironment.ts +++ b/ts-binary-wrapper/test/util/prepareEnvironment.ts @@ -69,7 +69,7 @@ export class TestEnvironmentSetup { private async downloadShaSum(version: string, shasumFile: string) { await common.downloadExecutable( - 'https://static.snyk.io/cli/v' + version + '/sha256sums.txt.asc', + 'https://downloads.snyk.io/cli/v' + version + '/sha256sums.txt.asc', shasumFile, '', );