From 00ee6a7ce39f3dc7e90134c5d052c9a9d398ba18 Mon Sep 17 00:00:00 2001 From: Douglas Coburn Date: Wed, 26 Nov 2025 13:23:28 -0800 Subject: [PATCH 1/2] Changed variable from cwd to target_directory to ensure that the reachability engine writes the .socket.facts.json to the correct path --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/tools/reachability.py | 16 +++++++++++----- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index ebc1d5d..93d9206 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.36" +version = "2.2.37" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index e8d9874..b169894 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.2.36' +__version__ = '2.2.37' USER_AGENT = f'SocketPythonCLI/{__version__}' diff --git a/socketsecurity/core/tools/reachability.py b/socketsecurity/core/tools/reachability.py index c2db837..5caaf9b 100644 --- a/socketsecurity/core/tools/reachability.py +++ b/socketsecurity/core/tools/reachability.py @@ -136,10 +136,16 @@ def run_reachability_analysis( cmd = ["npx", cli_package, "run", target_directory] # Add required arguments - output_dir = str(pathlib.Path(output_path).parent) + # If output_path is relative, it should be relative to target_directory + if not os.path.isabs(output_path): + full_output_path = os.path.join(target_directory, output_path) + else: + full_output_path = output_path + + output_dir = str(pathlib.Path(full_output_path).parent) cmd.extend([ "--output-dir", output_dir, - "--socket-mode", output_path, + "--socket-mode", full_output_path, "--disable-report-submission" ]) @@ -210,7 +216,7 @@ def run_reachability_analysis( result = subprocess.run( cmd, env=env, - cwd=os.getcwd(), + cwd=target_directory, stdout=sys.stderr, # Send stdout to stderr so user sees it stderr=sys.stderr, # Send stderr to stderr timeout=timeout + 60 if timeout else None # Add buffer to subprocess timeout @@ -221,7 +227,7 @@ def run_reachability_analysis( raise Exception(f"Reachability analysis failed with exit code {result.returncode}") # Extract scan ID from output file - scan_id = self._extract_scan_id(output_path) + scan_id = self._extract_scan_id(full_output_path) log.info(f"Reachability analysis completed successfully") if scan_id: @@ -229,7 +235,7 @@ def run_reachability_analysis( return { "scan_id": scan_id, - "report_path": output_path, + "report_path": full_output_path, "tar_hash_used": tar_hash } From b057fa4e510cdef40474fc9589d263978d0b44d9 Mon Sep 17 00:00:00 2001 From: Douglas Coburn Date: Wed, 26 Nov 2025 13:34:29 -0800 Subject: [PATCH 2/2] Additional fix for CLI Path --- pyproject.toml | 2 +- socketsecurity/__init__.py | 2 +- socketsecurity/core/tools/reachability.py | 18 +++++++----------- 3 files changed, 9 insertions(+), 13 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 93d9206..86fb4bd 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,7 +6,7 @@ build-backend = "hatchling.build" [project] name = "socketsecurity" -version = "2.2.37" +version = "2.2.38" requires-python = ">= 3.10" license = {"file" = "LICENSE"} dependencies = [ diff --git a/socketsecurity/__init__.py b/socketsecurity/__init__.py index b169894..db4d3e0 100644 --- a/socketsecurity/__init__.py +++ b/socketsecurity/__init__.py @@ -1,3 +1,3 @@ __author__ = 'socket.dev' -__version__ = '2.2.37' +__version__ = '2.2.38' USER_AGENT = f'SocketPythonCLI/{__version__}' diff --git a/socketsecurity/core/tools/reachability.py b/socketsecurity/core/tools/reachability.py index 5caaf9b..e3ad9e0 100644 --- a/socketsecurity/core/tools/reachability.py +++ b/socketsecurity/core/tools/reachability.py @@ -133,19 +133,15 @@ def run_reachability_analysis( cli_package = self._ensure_coana_cli_installed(version) # Build CLI command arguments - cmd = ["npx", cli_package, "run", target_directory] + cmd = ["npx", cli_package, "run", "."] # Add required arguments - # If output_path is relative, it should be relative to target_directory - if not os.path.isabs(output_path): - full_output_path = os.path.join(target_directory, output_path) - else: - full_output_path = output_path - - output_dir = str(pathlib.Path(full_output_path).parent) + output_dir = str(pathlib.Path(output_path).parent) + log.warning(f"output_dir: {output_dir}") + log.warning(f"output_path: {output_path}") cmd.extend([ "--output-dir", output_dir, - "--socket-mode", full_output_path, + "--socket-mode", output_path, "--disable-report-submission" ]) @@ -227,7 +223,7 @@ def run_reachability_analysis( raise Exception(f"Reachability analysis failed with exit code {result.returncode}") # Extract scan ID from output file - scan_id = self._extract_scan_id(full_output_path) + scan_id = self._extract_scan_id(output_path) log.info(f"Reachability analysis completed successfully") if scan_id: @@ -235,7 +231,7 @@ def run_reachability_analysis( return { "scan_id": scan_id, - "report_path": full_output_path, + "report_path": output_path, "tar_hash_used": tar_hash }