Merge pull request #5552 from snyk/release-candidate-conflict-resolution

chore: sync release-candidate-back-to-main

cliv2/go.mod

@@ -12,15 +12,15 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/pkg/errors v0.9.1
 	github.com/rs/zerolog v1.33.0
-	github.com/snyk/cli-extension-dep-graph v0.0.0-20240426125928-8d56ac52821e
+	github.com/snyk/cli-extension-dep-graph v0.0.0-20241014075215-311d3c8a423f
 	github.com/snyk/cli-extension-iac-rules v0.0.0-20241008152401-24c8cf03a1a3
-	github.com/snyk/cli-extension-sbom v0.0.0-20240820111700-68258cba52c7
+	github.com/snyk/cli-extension-sbom v0.0.0-20241016065306-0df2be5b3b8f
 	github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7
 	github.com/snyk/error-catalog-golang-public v0.0.0-20240809094525-c48d19c27edb
 	github.com/snyk/go-application-framework v0.0.0-20241011135148-71eca49aa231
 	github.com/snyk/go-httpauth v0.0.0-20240307114523-1f5ea3f55c65
 	github.com/snyk/snyk-iac-capture v0.6.5
-	github.com/snyk/snyk-ls v0.0.0-20241017063705-68655f0e7f39
+	github.com/snyk/snyk-ls v0.0.0-20241023124225-627b73041471
 	github.com/spf13/cobra v1.8.1
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.9.0

cliv2/go.sum

@@ -750,12 +750,12 @@ github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ
 github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/skeema/knownhosts v1.2.2 h1:Iug2P4fLmDw9f41PB6thxUkNUkJzB5i+1/exaj40L3A=
 github.com/skeema/knownhosts v1.2.2/go.mod h1:xYbVRSPxqBZFrdmDyMmsOs+uX1UZC3nTN3ThzgDxUwo=
-github.com/snyk/cli-extension-dep-graph v0.0.0-20240426125928-8d56ac52821e h1:j17Ujw51/2SC3m1hbNCUwxFc8aNIFyfpnwFAszgEM8c=
-github.com/snyk/cli-extension-dep-graph v0.0.0-20240426125928-8d56ac52821e/go.mod h1:QF3v8HBpOpyudYNCuR8LqfULutO76c91sBdLzD+pBJU=
+github.com/snyk/cli-extension-dep-graph v0.0.0-20241014075215-311d3c8a423f h1:xZK+6ug+pNgnIfPFGkQtxBZwcN/6RoXpQruRHimjfKM=
+github.com/snyk/cli-extension-dep-graph v0.0.0-20241014075215-311d3c8a423f/go.mod h1:QF3v8HBpOpyudYNCuR8LqfULutO76c91sBdLzD+pBJU=
 github.com/snyk/cli-extension-iac-rules v0.0.0-20241008152401-24c8cf03a1a3 h1:AQMi52/aevl9bBSzwxGLz9kxInojkSe/Q6j1s1s6yJg=
 github.com/snyk/cli-extension-iac-rules v0.0.0-20241008152401-24c8cf03a1a3/go.mod h1:A/DNK3ZnUgqOKJ33Lc1z5KbbHqRSBgwCWw9KuyJu0xQ=
-github.com/snyk/cli-extension-sbom v0.0.0-20240820111700-68258cba52c7 h1:+xhigV8lkriZ8riIg79Yx/sDpKZV9ihz2iAM0Xa8/V4=
-github.com/snyk/cli-extension-sbom v0.0.0-20240820111700-68258cba52c7/go.mod h1:5CaY1bgvJY/uoG/1plLOf8T8o9AkwoBIGvw34RfRLZw=
+github.com/snyk/cli-extension-sbom v0.0.0-20241016065306-0df2be5b3b8f h1:dlL+f+5sjHj4JCzW/Evl1x9UREXLyc3M4KjoZvQx0Bs=
+github.com/snyk/cli-extension-sbom v0.0.0-20241016065306-0df2be5b3b8f/go.mod h1:5CaY1bgvJY/uoG/1plLOf8T8o9AkwoBIGvw34RfRLZw=
 github.com/snyk/code-client-go v1.10.0 h1:t/hBINxj4lKvoo681uGhxHBpMued/j68p2sHbB9qbfo=
 github.com/snyk/code-client-go v1.10.0/go.mod h1:orU911flV1kJQOlxxx0InUQkAfpBrcERsb2olfnlI8s=
 github.com/snyk/container-cli v0.0.0-20240821111304-7ca1c415a5d7 h1:Zn5BcV76oFAbJm5tDygU945lvoZ3yY8FoRFDC3YpwF8=
@@ -770,8 +770,8 @@ github.com/snyk/policy-engine v0.31.3 h1:FepCg6QN/X8uvxYjF+WwB2aiBPJB+NENDgKQeI/
 github.com/snyk/policy-engine v0.31.3/go.mod h1:Z9/hcngz+2txX4QfQRwfODk8F7w4mr/IQOvCtIosnLo=
 github.com/snyk/snyk-iac-capture v0.6.5 h1:992DXCAJSN97KtUh8T5ndaWwd/6ZCal2bDkRXqM1u/E=
 github.com/snyk/snyk-iac-capture v0.6.5/go.mod h1:e47i55EmM0F69ZxyFHC4sCi7vyaJW6DLoaamJJCzWGk=
-github.com/snyk/snyk-ls v0.0.0-20241017063705-68655f0e7f39 h1:yZwQfzpNNYmV6p97F2mW14N725Ce5Zem3VNcriKhuJY=
-github.com/snyk/snyk-ls v0.0.0-20241017063705-68655f0e7f39/go.mod h1:ymVHnn1JE/pqWhTHSQEz/1MP8FmYYfYFszaptaaI/PE=
+github.com/snyk/snyk-ls v0.0.0-20241023124225-627b73041471 h1:k2mJ+C7chUf+THMsgbUBFTxxMBNBeGEdz6NrMbZHt/o=
+github.com/snyk/snyk-ls v0.0.0-20241023124225-627b73041471/go.mod h1:ymVHnn1JE/pqWhTHSQEz/1MP8FmYYfYFszaptaaI/PE=
 github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=
 github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
 github.com/sourcegraph/go-lsp v0.0.0-20240223163137-f80c5dd31dfd h1:Dq5WSzWsP1TbVi10zPWBI5LKEBDg4Y1OhWEph1wr5WQ=

package.json

@@ -118,13 +118,13 @@
     "snyk-cpp-plugin": "2.24.0",
     "snyk-docker-plugin": "6.13.2",
     "snyk-go-plugin": "1.23.0",
-    "snyk-gradle-plugin": "4.1.0",
+    "snyk-gradle-plugin": "4.6.0",
     "snyk-module": "3.1.0",
     "snyk-mvn-plugin": "3.6.0",
     "snyk-nodejs-lockfile-parser": "1.58.10",
     "snyk-nodejs-plugin": "1.3.4",
     "snyk-nuget-plugin": "2.7.8",
-    "snyk-php-plugin": "1.9.2",
+    "snyk-php-plugin": "1.10.0",
     "snyk-policy": "^4.0.0",
     "snyk-python-plugin": "2.2.1",
     "snyk-resolve-deps": "4.8.0",

src/lib/constants.ts

@@ -10,6 +10,3 @@ export const CALL_PATH_LEADING_ELEMENTS = 2;
 
 // Number of function names to show in the end of an abbreviated call path
 export const CALL_PATH_TRAILING_ELEMENTS = 2;
-
-// Number of subdirectories to search when running monitor or test
-export const MAX_DETECTION_DEPTH = 4;

src/lib/find-files.ts

@@ -3,14 +3,13 @@ import * as pathLib from 'path';
 
 import * as sortBy from 'lodash.sortby';
 import * as groupBy from 'lodash.groupby';
+import * as assign from 'lodash.assign';
 import { detectPackageManagerFromFile } from './detect';
 import * as debugModule from 'debug';
 import {
   PNPM_FEATURE_FLAG,
   SUPPORTED_MANIFEST_FILES,
 } from './package-managers';
-import * as merge from 'lodash.merge';
-import { MAX_DETECTION_DEPTH } from './constants';
 
 const debug = debugModule('snyk:find-files');
 
@@ -56,12 +55,28 @@ interface FindFilesRes {
 const ignoreFolders = ['node_modules', '.build'];
 
 interface FindFilesConfig {
+  path: string;
+  ignore?: string[];
+  filter?: string[];
+  levelsDeep?: number;
+  featureFlags?: Set<string>;
+}
+
+type DefaultFindConfig = {
   path: string;
   ignore: string[];
   filter: string[];
   levelsDeep: number;
   featureFlags: Set<string>;
-}
+};
+
+const defaultFindConfig: DefaultFindConfig = {
+  path: '',
+  ignore: [],
+  filter: [],
+  levelsDeep: 4,
+  featureFlags: new Set<string>(),
+};
 
 /**
  * Find all files in given search path. Returns paths to files found.
@@ -71,10 +86,8 @@ interface FindFilesConfig {
  * @param filter (optional) file names to find. If not provided all files are returned.
  * @param levelsDeep (optional) how many levels deep to search, defaults to two, this path and one sub directory.
  */
-export async function find(
-  findConfig: Partial<FindFilesConfig>,
-): Promise<FindFilesRes> {
-  const config = getFindConfig(findConfig);
+export async function find(findConfig: FindFilesConfig): Promise<FindFilesRes> {
+  const config: DefaultFindConfig = assign({}, defaultFindConfig, findConfig);
   const found: string[] = [];
   const foundAll: string[] = [];
 
@@ -139,28 +152,10 @@ function findFile(path: string, filter: string[] = []): string | null {
   return null;
 }
 
-function getFindConfig(option: Partial<FindFilesConfig>): FindFilesConfig {
-  const result = merge(
-    {
-      path: '',
-      ignore: [],
-      filter: [],
-      levelsDeep: MAX_DETECTION_DEPTH,
-      featureFlags: new Set<string>(),
-    },
-    option,
-  );
-
-  if (isNaN(result.levelsDeep) || result.levelsDeep === null) {
-    result.levelsDeep = MAX_DETECTION_DEPTH;
-  }
-  return result;
-}
-
 async function findInDirectory(
   findConfig: FindFilesConfig,
 ): Promise<FindFilesRes> {
-  const config = getFindConfig(findConfig);
+  const config: DefaultFindConfig = assign({}, defaultFindConfig, findConfig);
   const files = await readDirectory(config.path);
   const toFind = files
     .filter((file) => !config.ignore.includes(file))

src/lib/plugins/get-deps-from-plugin.ts

@@ -21,7 +21,6 @@ import { convertSingleResultToMultiCustom } from './convert-single-splugin-res-t
 import { convertMultiResultToMultiCustom } from './convert-multi-plugin-res-to-multi-custom';
 import { processYarnWorkspaces } from './nodejs-plugin/yarn-workspaces-parser';
 import { ScannedProject } from '@snyk/cli-interface/legacy/common';
-import { MAX_DETECTION_DEPTH } from '../constants';
 
 const debug = debugModule('snyk-test');
 
@@ -44,7 +43,7 @@ export async function getDepsFromPlugin(
 ): Promise<pluginApi.MultiProjectResult | MultiProjectResultCustom> {
   if (Object.keys(multiProjectProcessors).some((key) => options[key])) {
     const scanType = options.yarnWorkspaces ? 'yarnWorkspaces' : 'allProjects';
-    const levelsDeep = options.detectionDepth || MAX_DETECTION_DEPTH;
+    const levelsDeep = options.detectionDepth;
     const ignore = options.exclude ? options.exclude.split(',') : [];
 
     const { files: targetFiles, allFilesFound } = await find({

src/lib/plugins/get-extra-project-count.ts

@@ -2,7 +2,6 @@ import { legacyPlugin as pluginApi } from '@snyk/cli-interface';
 import { find } from '../find-files';
 import { AUTO_DETECTABLE_FILES } from '../detect';
 import { Options } from '../types';
-import { MAX_DETECTION_DEPTH } from '../constants';
 
 export async function getExtraProjectCount(
   root: string,
@@ -24,8 +23,6 @@ export async function getExtraProjectCount(
       path: root,
       ignore: [],
       filter: AUTO_DETECTABLE_FILES,
-      levelsDeep: MAX_DETECTION_DEPTH,
-      featureFlags: new Set(),
     });
     const foundProjectsCount =
       extraTargetFiles.length > 1 ? extraTargetFiles.length - 1 : undefined;