diff --git a/binary-releases/RELEASE_NOTES.md b/binary-releases/RELEASE_NOTES.md index 22ffbf332a..254c95ac63 100644 --- a/binary-releases/RELEASE_NOTES.md +++ b/binary-releases/RELEASE_NOTES.md @@ -1,45 +1,11 @@ -## [1.1292.0](https://github.com/snyk/snyk/compare/v1.1291.0...v1.1292.0) (2024-06-26) +## [1.1292.2](https://github.com/snyk/snyk/compare/v1.1292.1...v1.1292.2) (2024-08-01) The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see [this documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli) -### News - -This Snyk CLI release delivers an assortment of bug fixes and improvements. - -- We've added support for pnpm, giving you more flexibility in your project setup. -- You can now scan npm/yarn projects even without lockfiles, ensuring comprehensive vulnerability detection regardless of your dependency management approach. -- We're committed to strengthening security. This release includes redaction of additional sensitive data in debug logs, minimizing potential risks. - ## Complete changelog -### Features - -- **test:** Added pnpm support under 'enablePnpmCli' feature flag ([#5181](https://github.com/snyk/snyk/issues/5181)) ([46769cc](https://github.com/snyk/snyk/commit/46769ccefc0c9ca98a44ad4bdd2b4d8161294dbf)) -- **test:** Support scan of npm/yarn projects without lockfiles ([e2d77a9](https://github.com/snyk/snyk/commit/e2d77a93da3701f4ade32e7432f870945c3763b2)) -- **monitor:** Set target-reference in the monitor request ([51ed8f5](https://github.com/snyk/snyk/commit/51ed8f53595d7545537900762836823ced29c958)) -- **code:** Centrally check if code test is enabled ([#5239](https://github.com/snyk/snyk/issues/5239)) ([e5a00e2](https://github.com/snyk/snyk/commit/e5a00e24cbe17b3b9859a39d74f1fe85e773ae4b)) -- **sbom:** Improve depgraph for Maven projects ([fbb33d7](https://github.com/snyk/snyk/commit/fbb33d7e17f5866501abd4e4022e86eecb390415)) -- **sbom:** Use RFC 3339 for all timestamps in sbom test result ([#5204](https://github.com/snyk/snyk/issues/5204)) ([91bf191](https://github.com/snyk/snyk/commit/91bf1911997534c0bc2a6c0e093cf113f1292c49)) -- **language-server:** Add --all-projects flag scans by default [IDE-318](<[#5247](https://github.com/snyk/snyk/issues/5247)>) ([fdcf30e](https://github.com/snyk/snyk/commit/fdcf30e7421b7f8342d11003508f293661264a66)) -- **language-server:** Enable incremental scanning [IDE-275](<[#5291](https://github.com/snyk/snyk/issues/5291)>) ([d198685](https://github.com/snyk/snyk/commit/d1986856b152419e1712fa2c35b9b73303c428f9)) -- **language-server:** Add support for IDE themes ([c1c4d08](https://github.com/snyk/snyk/commit/c1c4d0805252ee96c7e081edd6b4e42a23cee3b8)) -- **language-server:** Consistent styling across intellij and vscode ([#5282](https://github.com/snyk/snyk/issues/5282)) ([9aa6f76](https://github.com/snyk/snyk/commit/9aa6f76201661e8270a92ccc38c75285df435634)) -- **logging:** Redact additional types of sensitive data from debug logs ([#5254](https://github.com/snyk/snyk/issues/5254)) ([056cdab](https://github.com/snyk/snyk/commit/056cdab070102aec927db831090b5bb82df9d31e)) - ### Bug Fixes -- **auth:** Autodetect IDE usage and fallback to API token based authentication ([#5241](https://github.com/snyk/snyk/issues/5241)) ([4c795e0](https://github.com/snyk/snyk/commit/4c795e008e17386ac04466a45a9785e81258853b)) -- **iac:** Upgrade iac custom rules to address Vulnerabilities [IAC-2944](<[#5191](https://github.com/snyk/snyk/issues/5191)>) ([453db24](https://github.com/snyk/snyk/commit/453db24fb3fa8e58e4a69920ba18045ecbd650a2)) -- **language-server:** Caching problem when no vulnerabilities in the IDE ([#5223](https://github.com/snyk/snyk/issues/5223)) ([89c9491](https://github.com/snyk/snyk/commit/89c949162edd89d0553b6e6cbb1c14c62379eae9)) -- **language-server:** Remove incorrect /v1 path ([#5214](https://github.com/snyk/snyk/issues/5214)) ([cf16470](https://github.com/snyk/snyk/commit/cf16470090b6f1db7fd7f7577a243e4d356d843f)) -- **dependencies:** Update dependencies to reduce vulnerabilities ([#5131](https://github.com/snyk/snyk/issues/5131)) ([4c7cb3c](https://github.com/snyk/snyk/commit/4c7cb3cd0931e0b8717425ac4857b116cee001ee)) -- **sbom:** sbom test output padding ([e3b7cac](https://github.com/snyk/snyk/commit/e3b7cac1b3fc628407e1ba520302f3569684d115)) -- **sbom:** Fix container purl generation for apt and rpm ([#5207](https://github.com/snyk/snyk/issues/5207)) ([fa9d512](https://github.com/snyk/snyk/commit/fa9d512512203adcdc133ed988ac260543f8816a)) -- **sbom:** Retain error code during SBOM generation ([#5202](https://github.com/snyk/snyk/issues/5202)) ([5e98aaa](https://github.com/snyk/snyk/commit/5e98aaa6b14fe2d3622a3cc1ce76b655f43bb42c)) -- **test:** support cyclic dependencies in maven with dverbose ([#5208](https://github.com/snyk/snyk/issues/5208)) ([fb24c02](https://github.com/snyk/snyk/commit/fb24c024a8bee69ae59acf79adfac7866255b2b7)) -- **test:** Add tool version and informationUri to sarif output ([#5203](https://github.com/snyk/snyk/issues/5203)) ([b899fd3](https://github.com/snyk/snyk/commit/b899fd3af211e8b95656a08b9b0ecefc086ef5d5)) -- **test:** fixing several .NET bugs ([#5217](https://github.com/snyk/snyk/issues/5217)) ([c27d767](https://github.com/snyk/snyk/commit/c27d7671c1c9d20089f10663b71875e6bcf05481)) -- **test:** fixing a bug causing .NET beta scanning to fail on older versions of .NET ([#5228](https://github.com/snyk/snyk/issues/5228)) ([5fdecf7](https://github.com/snyk/snyk/commit/5fdecf72e6f370bd31baadce6d1e5273018798c1)) -- **test:** .NET runtime resolution testing now supports projects targeting .NET Standard frameworks ([#5169](https://github.com/snyk/snyk/issues/5169)) ([44d0861](https://github.com/snyk/snyk/commit/44d0861e41de81f847c6b57c74a67c5fc816e9df)) -- **test:** fix issues of type 'Cannot find module ...' in snyk-docker-plugin ([#5301](https://github.com/snyk/snyk/issues/5301)) ([88efd54](https://github.com/snyk/snyk/commit/88efd549956513fd3052de8af47da5d0a1bfb477)) -- **monitor:** fix project name when using assets-project-name flag ([#5077](https://github.com/snyk/snyk/issues/5077)) ([57dc718](https://github.com/snyk/snyk/commit/57dc7189eb6c353041b8526af3fe939b0526d996)) +- **container test:** Improve the accuracy of identifying npm projects within docker images by removing the explicit folder ignore rules + ([#5384](https://github.com/snyk/snyk/issues/5384)) +- **container test:** Pass platform parameter when pulling an image from a container registry ([#5360](https://github.com/snyk/snyk/issues/5360)) diff --git a/package-lock.json b/package-lock.json index ed39854679..7d5096a34d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -68,7 +68,7 @@ "semver": "^6.0.0", "snyk-config": "^5.0.0", "snyk-cpp-plugin": "2.24.0", - "snyk-docker-plugin": "6.12.3", + "snyk-docker-plugin": "6.13.1", "snyk-go-plugin": "1.23.0", "snyk-gradle-plugin": "4.1.0", "snyk-module": "3.1.0", @@ -3066,9 +3066,9 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/@snyk/docker-registry-v2-client": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.11.0.tgz", - "integrity": "sha512-X3eJWJzdwjUHb2alXg0njY1CilDx9og1O242f2Qx4BiUxnw73VPjKnOinU9QQNcImIxSjLAaTxwZczm/oC0WcQ==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.15.0.tgz", + "integrity": "sha512-h81cwwoX6rxYHuCSD4+KeTHSIQZz8RSOuszS8QfC+FDoKROmM2H02hnqxsYPY247GZVTK+NN1iK5cHwBQeBP+Q==", "dependencies": { "needle": "^3.2.0", "parse-link-header": "^2.0.0", @@ -3392,11 +3392,11 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/@snyk/snyk-docker-pull": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.11.0.tgz", - "integrity": "sha512-QBCRcEEqpeA0MWXD+BZ7YFdURBfrVJ77YFRLmi6jCZCnvNID0jGnz2QKZrfAT4GboB72VXYcmrSjo6+kXpBa8Q==", + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.13.0.tgz", + "integrity": "sha512-S0UyBnhozdP03Qfu10gCCCRmnDLMPbbEEpCjogsPywjLFOjpG3EYa2x8H84S+Wu/a0Ft8uw9ng4QGD555pDdAg==", "dependencies": { - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "child-process": "^1.0.2", "tar-fs": "^3.0.4" }, @@ -3405,19 +3405,22 @@ } }, "node_modules/@snyk/snyk-docker-pull/node_modules/tar-fs": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.4.tgz", - "integrity": "sha512-5AFQU8b9qLfZCX9zp2duONhPmZv0hGYiBPJsyUdqMjzq/mqVpy/rEUSeHk1+YitmxugaptgBh5oDGU3VsAJq4w==", + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.6.tgz", + "integrity": "sha512-iokBDQQkUyeXhgPYaZxmczGPhnhXZ0CmrqI+MOb/WFGS9DW5wnfrLgtjUJBvz50vQ3qfRwJ62QVoCFu8mPVu5w==", "dependencies": { - "mkdirp-classic": "^0.5.2", "pump": "^3.0.0", "tar-stream": "^3.1.5" + }, + "optionalDependencies": { + "bare-fs": "^2.1.1", + "bare-path": "^2.1.0" } }, "node_modules/@snyk/snyk-docker-pull/node_modules/tar-stream": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.6.tgz", - "integrity": "sha512-B/UyjYwPpMBv+PaFSWAmtYjwdrlEaZQEhMIBFNC5oEG8lpiW8XjcSdmEaClj28ArfKScKHs2nshz3k2le6crsg==", + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "dependencies": { "b4a": "^1.6.4", "fast-fifo": "^1.2.0", @@ -6668,9 +6671,9 @@ } }, "node_modules/b4a": { - "version": "1.6.4", - "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.4.tgz", - "integrity": "sha512-fpWrvyVHEKyeEvbKZTVOeZF3VSKKWtJxFIxX/jaVPf+cLbGUSitjb49pHLqPV2BUNNZ0LcoeEGfE/YCpyDYHIw==" + "version": "1.6.6", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.6.tgz", + "integrity": "sha512-5Tk1HLk6b6ctmjIkAcU/Ujv/1WqiDl0F0JdRCR80VsOcUlHcu7pWeWRlOqQLHfDEsVx9YH/aif5AG4ehoCtTmg==" }, "node_modules/babel-plugin-istanbul": { "version": "6.1.1", @@ -6732,6 +6735,47 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" }, + "node_modules/bare-events": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.4.2.tgz", + "integrity": "sha512-qMKFd2qG/36aA4GwvKq8MxnPgCQAmBWmSyLWsJcbn8v03wvIPQ/hG1Ms8bPzndZxMDoHpxez5VOS+gC9Yi24/Q==", + "optional": true + }, + "node_modules/bare-fs": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-2.3.1.tgz", + "integrity": "sha512-W/Hfxc/6VehXlsgFtbB5B4xFcsCl+pAh30cYhoFyXErf6oGrwjh8SwiPAdHgpmWonKuYpZgGywN0SXt7dgsADA==", + "optional": true, + "dependencies": { + "bare-events": "^2.0.0", + "bare-path": "^2.0.0", + "bare-stream": "^2.0.0" + } + }, + "node_modules/bare-os": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-2.4.0.tgz", + "integrity": "sha512-v8DTT08AS/G0F9xrhyLtepoo9EJBJ85FRSMbu1pQUlAf6A8T0tEEQGMVObWeqpjhSPXsE0VGlluFBJu2fdoTNg==", + "optional": true + }, + "node_modules/bare-path": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-2.1.3.tgz", + "integrity": "sha512-lh/eITfU8hrj9Ru5quUp0Io1kJWIk1bTjzo7JH1P5dWmQ2EL4hFUlfI8FonAhSlgIfhn63p84CDY/x+PisgcXA==", + "optional": true, + "dependencies": { + "bare-os": "^2.1.0" + } + }, + "node_modules/bare-stream": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.1.3.tgz", + "integrity": "sha512-tiDAH9H/kP+tvNO5sczyn9ZAA7utrSMobyDchsnyyXBuUe2FSQWbxhtuHB8jwpHYYevVo2UJpcmvvjrbHboUUQ==", + "optional": true, + "dependencies": { + "streamx": "^2.18.0" + } + }, "node_modules/base64-js": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", @@ -16248,7 +16292,8 @@ "node_modules/mkdirp-classic": { "version": "0.5.3", "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", - "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==" + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", + "dev": true }, "node_modules/mock-fs": { "version": "4.14.0", @@ -20236,15 +20281,15 @@ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" }, "node_modules/snyk-docker-plugin": { - "version": "6.12.3", - "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.12.3.tgz", - "integrity": "sha512-PU2vHUuZ9hprSlqe/DjKXqOffqhmBnDpZH6RqVdEb+RrEOxF3pHJ+JrqCl8npw8KKbassaXXuNoJ7CgJvgCW0A==", + "version": "6.13.1", + "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.13.1.tgz", + "integrity": "sha512-BojEnE0Rb8a00A2P/INXPDAE6rXL5pghv/6NRfrGjoc1OPu7HWbA/a+Vv5loAi2MYCRLryrA7IN6TlzMW7T/+A==", "dependencies": { "@snyk/composer-lockfile-parser": "^1.4.1", "@snyk/dep-graph": "^2.8.1", - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "@snyk/rpm-parser": "3.1.0", - "@snyk/snyk-docker-pull": "^3.11.0", + "@snyk/snyk-docker-pull": "3.13.0", "@swimlane/docker-reference": "^2.0.1", "adm-zip": "^0.5.5", "chalk": "^2.4.2", @@ -20324,18 +20369,6 @@ "node": ">=10" } }, - "node_modules/snyk-docker-plugin/node_modules/micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", - "dependencies": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - }, - "engines": { - "node": ">=8.6" - } - }, "node_modules/snyk-docker-plugin/node_modules/mkdirp": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", @@ -21769,12 +21802,16 @@ } }, "node_modules/streamx": { - "version": "2.15.6", - "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.15.6.tgz", - "integrity": "sha512-q+vQL4AAz+FdfT137VF69Cc/APqUbxy+MDOImRrMvchJpigHj9GksgDU2LYbO9rx7RX6osWgxJB2WxhYv4SZAw==", + "version": "2.18.0", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.18.0.tgz", + "integrity": "sha512-LLUC1TWdjVdn1weXGcSxyTR3T4+acB6tVGXT95y0nGbca4t4o/ng1wKAGTljm9VicuCVLvRlqFYXYy5GwgM7sQ==", "dependencies": { - "fast-fifo": "^1.1.0", - "queue-tick": "^1.0.1" + "fast-fifo": "^1.3.2", + "queue-tick": "^1.0.1", + "text-decoder": "^1.1.0" + }, + "optionalDependencies": { + "bare-events": "^2.2.0" } }, "node_modules/strict-uri-encode": { @@ -22469,6 +22506,14 @@ "node": ">=8" } }, + "node_modules/text-decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.1.1.tgz", + "integrity": "sha512-8zll7REEv4GDD3x4/0pW+ppIxSNs7H1J10IKFZsuOMscumCdM2a+toDGLPA3T+1+fLBql4zbt5z83GEQGGV5VA==", + "dependencies": { + "b4a": "^1.6.4" + } + }, "node_modules/text-extensions": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/text-extensions/-/text-extensions-2.4.0.tgz", @@ -26649,9 +26694,9 @@ } }, "@snyk/docker-registry-v2-client": { - "version": "2.11.0", - "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.11.0.tgz", - "integrity": "sha512-X3eJWJzdwjUHb2alXg0njY1CilDx9og1O242f2Qx4BiUxnw73VPjKnOinU9QQNcImIxSjLAaTxwZczm/oC0WcQ==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/@snyk/docker-registry-v2-client/-/docker-registry-v2-client-2.15.0.tgz", + "integrity": "sha512-h81cwwoX6rxYHuCSD4+KeTHSIQZz8RSOuszS8QfC+FDoKROmM2H02hnqxsYPY247GZVTK+NN1iK5cHwBQeBP+Q==", "requires": { "needle": "^3.2.0", "parse-link-header": "^2.0.0", @@ -27017,29 +27062,30 @@ } }, "@snyk/snyk-docker-pull": { - "version": "3.11.0", - "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.11.0.tgz", - "integrity": "sha512-QBCRcEEqpeA0MWXD+BZ7YFdURBfrVJ77YFRLmi6jCZCnvNID0jGnz2QKZrfAT4GboB72VXYcmrSjo6+kXpBa8Q==", + "version": "3.13.0", + "resolved": "https://registry.npmjs.org/@snyk/snyk-docker-pull/-/snyk-docker-pull-3.13.0.tgz", + "integrity": "sha512-S0UyBnhozdP03Qfu10gCCCRmnDLMPbbEEpCjogsPywjLFOjpG3EYa2x8H84S+Wu/a0Ft8uw9ng4QGD555pDdAg==", "requires": { - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "child-process": "^1.0.2", "tar-fs": "^3.0.4" }, "dependencies": { "tar-fs": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.4.tgz", - "integrity": "sha512-5AFQU8b9qLfZCX9zp2duONhPmZv0hGYiBPJsyUdqMjzq/mqVpy/rEUSeHk1+YitmxugaptgBh5oDGU3VsAJq4w==", + "version": "3.0.6", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-3.0.6.tgz", + "integrity": "sha512-iokBDQQkUyeXhgPYaZxmczGPhnhXZ0CmrqI+MOb/WFGS9DW5wnfrLgtjUJBvz50vQ3qfRwJ62QVoCFu8mPVu5w==", "requires": { - "mkdirp-classic": "^0.5.2", + "bare-fs": "^2.1.1", + "bare-path": "^2.1.0", "pump": "^3.0.0", "tar-stream": "^3.1.5" } }, "tar-stream": { - "version": "3.1.6", - "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.6.tgz", - "integrity": "sha512-B/UyjYwPpMBv+PaFSWAmtYjwdrlEaZQEhMIBFNC5oEG8lpiW8XjcSdmEaClj28ArfKScKHs2nshz3k2le6crsg==", + "version": "3.1.7", + "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.7.tgz", + "integrity": "sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==", "requires": { "b4a": "^1.6.4", "fast-fifo": "^1.2.0", @@ -29492,9 +29538,9 @@ } }, "b4a": { - "version": "1.6.4", - "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.4.tgz", - "integrity": "sha512-fpWrvyVHEKyeEvbKZTVOeZF3VSKKWtJxFIxX/jaVPf+cLbGUSitjb49pHLqPV2BUNNZ0LcoeEGfE/YCpyDYHIw==" + "version": "1.6.6", + "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.6.tgz", + "integrity": "sha512-5Tk1HLk6b6ctmjIkAcU/Ujv/1WqiDl0F0JdRCR80VsOcUlHcu7pWeWRlOqQLHfDEsVx9YH/aif5AG4ehoCtTmg==" }, "babel-plugin-istanbul": { "version": "6.1.1", @@ -29549,6 +29595,47 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.2.tgz", "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==" }, + "bare-events": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/bare-events/-/bare-events-2.4.2.tgz", + "integrity": "sha512-qMKFd2qG/36aA4GwvKq8MxnPgCQAmBWmSyLWsJcbn8v03wvIPQ/hG1Ms8bPzndZxMDoHpxez5VOS+gC9Yi24/Q==", + "optional": true + }, + "bare-fs": { + "version": "2.3.1", + "resolved": "https://registry.npmjs.org/bare-fs/-/bare-fs-2.3.1.tgz", + "integrity": "sha512-W/Hfxc/6VehXlsgFtbB5B4xFcsCl+pAh30cYhoFyXErf6oGrwjh8SwiPAdHgpmWonKuYpZgGywN0SXt7dgsADA==", + "optional": true, + "requires": { + "bare-events": "^2.0.0", + "bare-path": "^2.0.0", + "bare-stream": "^2.0.0" + } + }, + "bare-os": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/bare-os/-/bare-os-2.4.0.tgz", + "integrity": "sha512-v8DTT08AS/G0F9xrhyLtepoo9EJBJ85FRSMbu1pQUlAf6A8T0tEEQGMVObWeqpjhSPXsE0VGlluFBJu2fdoTNg==", + "optional": true + }, + "bare-path": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-path/-/bare-path-2.1.3.tgz", + "integrity": "sha512-lh/eITfU8hrj9Ru5quUp0Io1kJWIk1bTjzo7JH1P5dWmQ2EL4hFUlfI8FonAhSlgIfhn63p84CDY/x+PisgcXA==", + "optional": true, + "requires": { + "bare-os": "^2.1.0" + } + }, + "bare-stream": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/bare-stream/-/bare-stream-2.1.3.tgz", + "integrity": "sha512-tiDAH9H/kP+tvNO5sczyn9ZAA7utrSMobyDchsnyyXBuUe2FSQWbxhtuHB8jwpHYYevVo2UJpcmvvjrbHboUUQ==", + "optional": true, + "requires": { + "streamx": "^2.18.0" + } + }, "base64-js": { "version": "1.5.1", "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", @@ -36697,7 +36784,8 @@ "mkdirp-classic": { "version": "0.5.3", "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz", - "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==" + "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==", + "dev": true }, "mock-fs": { "version": "4.14.0", @@ -39646,15 +39734,15 @@ } }, "snyk-docker-plugin": { - "version": "6.12.3", - "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.12.3.tgz", - "integrity": "sha512-PU2vHUuZ9hprSlqe/DjKXqOffqhmBnDpZH6RqVdEb+RrEOxF3pHJ+JrqCl8npw8KKbassaXXuNoJ7CgJvgCW0A==", + "version": "6.13.1", + "resolved": "https://registry.npmjs.org/snyk-docker-plugin/-/snyk-docker-plugin-6.13.1.tgz", + "integrity": "sha512-BojEnE0Rb8a00A2P/INXPDAE6rXL5pghv/6NRfrGjoc1OPu7HWbA/a+Vv5loAi2MYCRLryrA7IN6TlzMW7T/+A==", "requires": { "@snyk/composer-lockfile-parser": "^1.4.1", "@snyk/dep-graph": "^2.8.1", - "@snyk/docker-registry-v2-client": "^2.11.0", + "@snyk/docker-registry-v2-client": "2.15.0", "@snyk/rpm-parser": "3.1.0", - "@snyk/snyk-docker-pull": "^3.11.0", + "@snyk/snyk-docker-pull": "3.13.0", "@swimlane/docker-reference": "^2.0.1", "adm-zip": "^0.5.5", "chalk": "^2.4.2", @@ -39720,15 +39808,6 @@ "yallist": "^4.0.0" } }, - "micromatch": { - "version": "4.0.7", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.7.tgz", - "integrity": "sha512-LPP/3KorzCwBxfeUuZmaR6bG2kdeHSbe0P2tY3FLRU4vYrjYz5hI4QZwV0njUx3jeuKe67YukQ1LSPZBKDqO/Q==", - "requires": { - "braces": "^3.0.3", - "picomatch": "^2.3.1" - } - }, "mkdirp": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz", @@ -40927,12 +41006,14 @@ } }, "streamx": { - "version": "2.15.6", - "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.15.6.tgz", - "integrity": "sha512-q+vQL4AAz+FdfT137VF69Cc/APqUbxy+MDOImRrMvchJpigHj9GksgDU2LYbO9rx7RX6osWgxJB2WxhYv4SZAw==", + "version": "2.18.0", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.18.0.tgz", + "integrity": "sha512-LLUC1TWdjVdn1weXGcSxyTR3T4+acB6tVGXT95y0nGbca4t4o/ng1wKAGTljm9VicuCVLvRlqFYXYy5GwgM7sQ==", "requires": { - "fast-fifo": "^1.1.0", - "queue-tick": "^1.0.1" + "bare-events": "^2.2.0", + "fast-fifo": "^1.3.2", + "queue-tick": "^1.0.1", + "text-decoder": "^1.1.0" } }, "strict-uri-encode": { @@ -41419,6 +41500,14 @@ "minimatch": "^3.0.4" } }, + "text-decoder": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/text-decoder/-/text-decoder-1.1.1.tgz", + "integrity": "sha512-8zll7REEv4GDD3x4/0pW+ppIxSNs7H1J10IKFZsuOMscumCdM2a+toDGLPA3T+1+fLBql4zbt5z83GEQGGV5VA==", + "requires": { + "b4a": "^1.6.4" + } + }, "text-extensions": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/text-extensions/-/text-extensions-2.4.0.tgz", diff --git a/package.json b/package.json index 96bda68515..ee9a36679b 100644 --- a/package.json +++ b/package.json @@ -116,7 +116,7 @@ "semver": "^6.0.0", "snyk-config": "^5.0.0", "snyk-cpp-plugin": "2.24.0", - "snyk-docker-plugin": "6.12.3", + "snyk-docker-plugin": "6.13.1", "snyk-go-plugin": "1.23.0", "snyk-gradle-plugin": "4.1.0", "snyk-module": "3.1.0", diff --git a/test/fixtures/container-projects/multi-project-image.tar b/test/fixtures/container-projects/multi-project-image.tar new file mode 100644 index 0000000000..e12bc4d72c Binary files /dev/null and b/test/fixtures/container-projects/multi-project-image.tar differ diff --git a/test/jest/acceptance/snyk-container/container.spec.ts b/test/jest/acceptance/snyk-container/container.spec.ts index 8194fb3e38..be553c60c7 100644 --- a/test/jest/acceptance/snyk-container/container.spec.ts +++ b/test/jest/acceptance/snyk-container/container.spec.ts @@ -145,6 +145,20 @@ describe('snyk container', () => { expect(stdout).toContain('Package manager: npm'); }); + it('npm projects target file are found in container image', async () => { + const { code, stdout, stderr } = await runSnykCLIWithDebug( + `container test docker-archive:test/fixtures/container-projects//multi-project-image.tar`, + ); + + assertCliExitCode(code, 1, stderr); + expect(stdout).toContain('Target file: /usr/goof2/package.json'); + expect(stdout).toContain('Target file: /usr/goof3/node_modules'); + expect(stdout).toContain('Target file: /usr/goof/package.json'); + expect(stdout).toContain( + 'Target file: /usr/local/lib/node_modules', + ); + }); + it('npm depGraph is generated in an npm image with lockfiles image', async () => { const { code, stdout, stderr } = await runSnykCLIWithDebug( `container test docker-archive:test/fixtures/container-projects/npm7-without-package-lock-file.tar --print-deps`, diff --git a/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts b/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts index 9c0efb2419..f323f3c83b 100644 --- a/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts +++ b/test/jest/acceptance/snyk-test/app-vuln-container-project.spec.ts @@ -163,7 +163,7 @@ describe('container test projects behavior with --json flag', () => { const jsonOutput = JSON.parse(stdout); expect(Array.isArray(jsonOutput)).toBeTruthy(); - expect(jsonOutput).toHaveLength(2); + expect(jsonOutput).toHaveLength(3); expect(code).toEqual(0); }); }); diff --git a/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts b/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts index d2c3dd26ff..a91eb36145 100644 --- a/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts +++ b/test/jest/acceptance/snyk-test/basic-test-all-languages.spec.ts @@ -219,19 +219,32 @@ describe('`snyk test` of basic projects for each language/ecosystem', () => { const project = await createProjectFromWorkspace(fixture); const { code, stderr, stdout } = await runSnykCLI( - 'test -d --dotnet-runtime-resolution', + 'test --dotnet-runtime-resolution --json', { cwd: project.path(), }, ); - if (code !== 0) { + // Debug output on an unexpected exit code + if (code !== 0 && code !== 1) { console.debug(stderr); console.debug('---------------------------'); console.debug(stdout); } - expect(code).toEqual(0); + // Expect an exit code of 0 or 1. Exit code 1 is possible if a new + // vulnerability is discovered in the installed version of dotnet's system + // libraries. + expect([0, 1]).toContain(code); + + // Note: dotnet plugin can print a warning about runtime resolution, which breaks JSON output. + // This replacement regex is a temporary workaround until the dotnet plugin can be fixed. + const sanitizedStdout = stdout.replace(/^[\s\S]*?{/, '{'); + const result = JSON.parse(sanitizedStdout); + expect(result?.ok).toBeDefined(); + + // Expect 'ok' to be true if exit 0, false if exit 1. + expect(result.ok).toBe(code === 0); }, );