snyk-mvn-plugin/dist/index.js

Snyk CLI Maven plugin

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.debug = debug;
exports.inspect = inspect;
const fs = require("fs");
const path = require("path");
const errors_1 = require("./maven/errors");
const context_1 = require("./maven/context");
const executor_1 = require("./maven/executor");
const archive_1 = require("./archive");
const error_format_1 = require("./error-format");
const debugModule = require("debug");
const dependency_tree_parser_1 = require("./parse/dependency-tree-parser");
const scanned_project_builder_1 = require("./parse/scanned-project-builder");
const fingerprint_1 = require("./fingerprint");
// To enable debugging output, use `snyk -d`
let logger = null;
function debug(...messages) {
    if (logger === null) {
        if (process.env.DEBUG) {
            debugModule.enable(process.env.DEBUG);
        }
        logger = debugModule('snyk-mvn-plugin');
    }
    messages.forEach((m) => logger?.(m));
}
function buildFingerprintOptions(options) {
    if (!options.includeProvenance) {
        return undefined;
    }
    return {
        enabled: true,
        algorithm: options.fingerprintAlgorithm || 'sha1',
        mavenRepository: options.mavenRepository,
    };
}
async function inspect(root, targetFile, options, snykHttpClient) {
    const targetPath = targetFile
        ? path.resolve(root, targetFile)
        : path.resolve(root);
    if (!fs.existsSync(targetPath)) {
        throw new Error('Could not find file or directory ' + targetPath);
    }
    if (!options) {
        options = {
            dev: false,
            scanAllUnmanaged: false,
            'print-graph': false,
            mavenVerboseIncludeAllVersions: false,
        };
    }
    const fingerprintOptions = buildFingerprintOptions(options);
    if (targetPath && (0, archive_1.isArchive)(targetPath)) {
        debug(`Creating dep-graph from ${targetPath}`);
        const depGraph = await (0, archive_1.createDepGraphFromArchive)(root, targetPath, snykHttpClient, fingerprintOptions);
        return {
            plugin: {
                name: 'bundled:maven',
                runtime: 'unknown',
                meta: {},
            },
            package: {}, // using dep-graph over depTree
            dependencyGraph: depGraph,
        };
    }
    if (options.scanAllUnmanaged) {
        const archives = (0, archive_1.findArchives)(root);
        if (archives.length > 0) {
            debug(`Creating dep-graph from archives in ${root}`);
            const depGraph = await (0, archive_1.createDepGraphFromArchives)(root, archives, snykHttpClient, fingerprintOptions);
            return {
                plugin: {
                    name: 'bundled:maven',
                    runtime: 'unknown',
                    meta: {},
                },
                package: {}, // using dep-graph over depTree
                dependencyGraph: depGraph,
            };
        }
        else {
            throw Error(`Could not find any supported files in '${root}'.`);
        }
    }
    // Create Maven context once - handles command detection and working directory
    const mavenContext = (0, context_1.createMavenContext)(root, targetFile, {
        skipWrapper: options.mavenSkipWrapper,
    });
    const args = options.args || [];
    const verboseEnabled = args.includes('-Dverbose') ||
        args.includes('-Dverbose=true') ||
        !!options['print-graph'];
    let executionResult;
    try {
        // Execute Maven pipeline (resolve + tree)
        executionResult = await (0, executor_1.executeMavenPipeline)(mavenContext, options.mavenAggregateProject, verboseEnabled, args);
        debug(`Verbose enabled with all versions: ${options.mavenVerboseIncludeAllVersions}`);
        const { mavenGraphs } = (0, dependency_tree_parser_1.parseMavenDependencyTree)(executionResult.dependencyTreeResult, options.mavenVerboseIncludeAllVersions, executionResult.versionResolver);
        // Generate fingerprints if enabled
        let fingerprintMap = new Map();
        if (fingerprintOptions?.enabled) {
            fingerprintMap = await (0, fingerprint_1.generateMavenFingerprints)(mavenGraphs, fingerprintOptions, mavenContext.command);
        }
        // Build scanned projects
        const { scannedProjects } = (0, scanned_project_builder_1.buildScannedProjects)(mavenGraphs, options.dev, verboseEnabled, fingerprintMap, !!fingerprintOptions?.enabled, !!options.showMavenBuildScope);
        return {
            plugin: {
                name: 'bundled:maven',
                runtime: 'unknown',
                meta: {
                    versionBuildInfo: {
                        metaBuildVersion: {
                            mavenVersion: executionResult.mavenVersion || '',
                            javaVersion: executionResult.javaVersion || '',
                            mavenPluginVersion: executionResult.mavenPluginVersion || '',
                        },
                    },
                },
            },
            ...{ scannedProjects },
        };
    }
    catch (err) {
        if (executionResult) {
            debug(`>>> Output from mvn: ${executionResult.dependencyTreeResult}`);
        }
        // Handle Maven execution errors with proper command information
        if (err instanceof errors_1.DependencyTreeError) {
            const msg = (0, error_format_1.formatGenericPluginError)(err.originalError, err.command, err.args);
            throw new Error(msg);
        }
        // Handle parsing errors (when Maven succeeded but output can't be parsed)
        if (err instanceof Error && executionResult) {
            const msg = (0, error_format_1.formatGenericPluginError)(err, executionResult.command, executionResult.args);
            throw new Error(msg);
        }
        // Handle other errors generically
        throw err;
    }
}
//# sourceMappingURL=index.js.map