diff --git a/CHANGELOG.md b/CHANGELOG.md index d9d527f2a..2db542341 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/). - **`socket manifest bazel [beta]`** — Generate Bazel JVM SBOM manifests by running `bazel query` against discovered Maven repos in a Bazel workspace. Closes the inline-Maven-declaration gap that lockfile-only parsing misses for repos like envoy, ray, tensorflow, tink-java, and or-tools. Auto-detects Bzlmod and legacy `WORKSPACE`. - **`socket scan create --auto-manifest`** now covers Bazel workspaces in addition to Gradle/Scala/Kotlin/Conda. Repos with `MODULE.bazel`, `WORKSPACE`, or `WORKSPACE.bazel` are detected automatically and their Maven dependencies extracted as part of the standard scan-create flow. +## [1.1.99](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.99) - 2026-05-20 + +### Changed +- Updated the Coana CLI to v `15.3.1`. +- Forward a `SOCKET_CALLER_USER_AGENT` env var (`socket/ node/ /`) to the Coana CLI on spawn. Coana appends this to its outbound axios `User-Agent` so backend traffic identifies the originating Socket CLI alongside the Coana version. + ## [1.1.98](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.98) - 2026-05-20 ### Changed diff --git a/package.json b/package.json index 1b2127153..9094d265c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "socket", - "version": "1.1.98", + "version": "1.1.99", "description": "CLI for Socket.dev", "homepage": "https://github.com/SocketDev/socket-cli", "license": "MIT AND OFL-1.1", @@ -97,7 +97,7 @@ "@babel/preset-typescript": "7.27.1", "@babel/runtime": "7.28.4", "@biomejs/biome": "2.2.4", - "@coana-tech/cli": "15.3.0", + "@coana-tech/cli": "15.3.1", "@cyclonedx/cdxgen": "12.1.2", "@dotenvx/dotenvx": "1.49.0", "@eslint/compat": "1.3.2", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index eb5f99c15..2a3362da3 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -128,8 +128,8 @@ importers: specifier: 2.2.4 version: 2.2.4 '@coana-tech/cli': - specifier: 15.3.0 - version: 15.3.0 + specifier: 15.3.1 + version: 15.3.1 '@cyclonedx/cdxgen': specifier: 12.1.2 version: 12.1.2 @@ -749,8 +749,8 @@ packages: resolution: {integrity: sha512-hAs5PPKPCQ3/Nha+1fo4A4/gL85fIfxZwHPehsjCJ+BhQH2/yw6/xReuaPA/RfNQr6iz1PcD7BZcE3ctyyl3EA==} cpu: [x64] - '@coana-tech/cli@15.3.0': - resolution: {integrity: sha512-AgwIOsZ2TeLMGKhD1GXZqfmRPEX1Ups9l8kYPIfbJ7XvqUCT//NoyE2KUBs/jP20CFcbu1x8+at6CbqAix7rcw==} + '@coana-tech/cli@15.3.1': + resolution: {integrity: sha512-57aRuG3pei2SzvPR8YN7nhCvxIK4H6hXvp7lWLJ2UJHmE1u4s+/KOUap6FGSm3hOXBX59IcAEw0Ps4EZ0DYkmA==} hasBin: true '@colors/colors@1.5.0': @@ -5385,7 +5385,7 @@ snapshots: '@cdxgen/cdxgen-plugins-bin@2.0.2': optional: true - '@coana-tech/cli@15.3.0': {} + '@coana-tech/cli@15.3.1': {} '@colors/colors@1.5.0': optional: true diff --git a/src/utils/dlx.mts b/src/utils/dlx.mts index acb167af6..6feac628d 100644 --- a/src/utils/dlx.mts +++ b/src/utils/dlx.mts @@ -207,6 +207,10 @@ export async function spawnCoanaDlx( const mixinsEnv: Record = { SOCKET_CLI_VERSION: constants.ENV.INLINED_SOCKET_CLI_VERSION, + // Forwarded to the Coana CLI so it can append our product token to its + // outbound axios User-Agent header. Format mirrors Coana's base UA: + // `socket/ node/ /`. + SOCKET_CALLER_USER_AGENT: `socket/${constants.ENV.INLINED_SOCKET_CLI_VERSION} node/${process.version} ${process.platform}/${process.arch}`, } const defaultApiToken = getDefaultApiToken() if (defaultApiToken) {