(...args0: MethodArgs)
| 96 | // Returns an array of Registry responses (one per every sub-project scanned), a single response, |
| 97 | // or an error message. |
| 98 | export default async function monitor(...args0: MethodArgs): Promise<any> { |
| 99 | const { options, paths } = processCommandArgs(...args0); |
| 100 | const results: Array<GoodResult | BadResult> = []; |
| 101 | |
| 102 | if (options.id) { |
| 103 | (snyk as any).id = options.id; |
| 104 | } |
| 105 | |
| 106 | if (options.allSubProjects && options['project-name']) { |
| 107 | throw new Error( |
| 108 | '`--all-sub-projects` is currently not compatible with `--project-name`', |
| 109 | ); |
| 110 | } |
| 111 | |
| 112 | if (!options.docker) { |
| 113 | checkOSSPaths(paths, options); |
| 114 | } |
| 115 | |
| 116 | if (options.docker && options['remote-repo-url']) { |
| 117 | throw new Error('`--remote-repo-url` is not supported for container scans'); |
| 118 | } |
| 119 | if (options.docker) { |
| 120 | // order is important here, we want: |
| 121 | // 1) exclude-app-vulns set -> no app vulns |
| 122 | // 2) app-vulns set -> app-vulns |
| 123 | // 3) neither set -> containerAppVulnsEnabled |
| 124 | if (options[EXCLUDE_APP_VULNS_OPTION]) { |
| 125 | options[EXCLUDE_APP_VULNS_OPTION] = true; |
| 126 | } else if (options[APP_VULNS_OPTION]) { |
| 127 | options[EXCLUDE_APP_VULNS_OPTION] = false; |
| 128 | } else { |
| 129 | options[EXCLUDE_APP_VULNS_OPTION] = !(await hasFeatureFlagOrDefault( |
| 130 | CONTAINER_CLI_APP_VULNS_ENABLED_FEATURE_FLAG, |
| 131 | options, |
| 132 | false, |
| 133 | )); |
| 134 | |
| 135 | // we can't print the warning message with JSON output as that would make |
| 136 | // the JSON output invalid. |
| 137 | // We also only want to print the message if the user did not overwrite |
| 138 | // the default with one of the flags. |
| 139 | if ( |
| 140 | options[EXCLUDE_APP_VULNS_OPTION] && |
| 141 | !options['json'] && |
| 142 | !options['sarif'] |
| 143 | ) { |
| 144 | console.log(theme.color.status.warn(appVulnsReleaseWarningMsg)); |
| 145 | } |
| 146 | } |
| 147 | |
| 148 | // Check scanUsrLibJars feature flag and add --include-system-jars parameter |
| 149 | const scanUsrLibJarsEnabled = await hasFeatureFlagOrDefault( |
| 150 | SCAN_USR_LIB_JARS_FEATURE_FLAG, |
| 151 | options, |
| 152 | false, |
| 153 | ); |
| 154 | if (scanUsrLibJarsEnabled) { |
| 155 | options[INCLUDE_SYSTEM_JARS_OPTION] = true; |
nothing calls this directly
no test coverage detected