Fixes #1824

Signed-off-by: Prabhu Subramanian <[email protected]>

Author: prabhu

lib/cli/index.js

@@ -1,5 +1,4 @@
 import { Buffer } from "node:buffer";
-import { spawnSync } from "node:child_process";
 import {
   constants,
   accessSync,
@@ -163,6 +162,7 @@ import {
   recomputeScope,
   safeExistsSync,
   safeMkdirSync,
+  safeSpawnSync,
   shouldFetchLicense,
   splitOutputByGradleProjects,
 } from "../helpers/utils.js";
@@ -1660,7 +1660,7 @@ export async function createJavaBom(path, options) {
           `Executing '${mavenCmd} ${mvnArgs.join(" ")}' in`,
           basePath,
         );
-        result = spawnSync(mavenCmd, mvnArgs, {
+        result = safeSpawnSync(mavenCmd, mvnArgs, {
           cwd: basePath,
           shell: true,
           encoding: "utf-8",
@@ -1709,7 +1709,7 @@ export async function createJavaBom(path, options) {
           thoughtLog(
             "What is the parent component here? Let's use maven command to find out.",
           );
-          result = spawnSync(
+          result = safeSpawnSync(
             "mvn",
             ["dependency:tree", "-N", `-DoutputFile=${tempMvnParentTree}`],
             {
@@ -1748,7 +1748,7 @@ export async function createJavaBom(path, options) {
           );
         }
         // Prefer the built-in maven
-        result = spawnSync(
+        result = safeSpawnSync(
           PREFER_MAVEN_DEPS_TREE ? "mvn" : mavenCmd,
           mvnTreeArgs,
           {
@@ -2147,7 +2147,7 @@ export async function createJavaBom(path, options) {
       thoughtLog(
         `Let's invoke '${basename(gradleCmd)}' with the arguments '${gradleArg.join(" ").substring(0, 100)} ...'.`,
       );
-      const sresult = spawnSync(gradleCmd, gradleArg, {
+      const sresult = safeSpawnSync(gradleCmd, gradleArg, {
         cwd: gradleRootPath,
         encoding: "utf-8",
         shell: isWin,
@@ -2232,7 +2232,7 @@ export async function createJavaBom(path, options) {
       if (DEBUG_MODE) {
         console.log("Stopping gradle daemon...");
       }
-      const sresult = spawnSync(gradleCmd, ["--stop"], {
+      const sresult = safeSpawnSync(gradleCmd, ["--stop"], {
         cwd: gradleRootPath,
         encoding: "utf-8",
         shell: isWin,
@@ -2293,7 +2293,7 @@ export async function createJavaBom(path, options) {
         bArgs = ["--bazelrc=.bazelrc", "build", bazelTarget];
       }
       console.log("Executing", BAZEL_CMD, bArgs.join(" "), "in", basePath);
-      let result = spawnSync(BAZEL_CMD, bArgs, {
+      let result = safeSpawnSync(BAZEL_CMD, bArgs, {
         cwd: basePath,
         shell: true,
         encoding: "utf-8",
@@ -2331,7 +2331,7 @@ export async function createJavaBom(path, options) {
           bazelParser = parseBazelSkyframe;
         }
         console.log("Executing", BAZEL_CMD, `${query.join(" ")} in`, basePath);
-        result = spawnSync(BAZEL_CMD, query, {
+        result = safeSpawnSync(BAZEL_CMD, query, {
           cwd: basePath,
           encoding: "utf-8",
           timeout: TIMEOUT_MS,
@@ -2509,7 +2509,7 @@ export async function createJavaBom(path, options) {
           tempSbtgDir,
         );
         // Note that the command has to be invoked with `shell: true` to properly execut sbt
-        const result = spawnSync(SBT_CMD, sbtArgs, {
+        const result = safeSpawnSync(SBT_CMD, sbtArgs, {
           cwd: basePath,
           shell: true,
           encoding: "utf-8",
@@ -2628,7 +2628,7 @@ export async function createJavaBom(path, options) {
     if (DEBUG_MODE) {
       console.log("Executing", millCmd, millArgs.join(" "), "in", millRootPath);
     }
-    let sresult = spawnSync(millCmd, millArgs, {
+    let sresult = safeSpawnSync(millCmd, millArgs, {
       cwd: millRootPath,
       encoding: "utf-8",
       shell: isWin,
@@ -2651,7 +2651,7 @@ export async function createJavaBom(path, options) {
         millRootPath,
       );
     }
-    sresult = spawnSync(millCmd, millResolveArgs, {
+    sresult = safeSpawnSync(millCmd, millResolveArgs, {
       cwd: millRootPath,
       encoding: "utf-8",
       shell: isWin,
@@ -2717,7 +2717,7 @@ export async function createJavaBom(path, options) {
       if (DEBUG_MODE) {
         console.log("Shutting down mill server...");
       }
-      const sresult = spawnSync(millCmd, ["shutdown"], {
+      const sresult = safeSpawnSync(millCmd, ["shutdown"], {
         cwd: millRootPath,
         encoding: "utf-8",
         shell: isWin,
@@ -2943,7 +2943,7 @@ export async function createNodejsBom(path, options) {
         `Executing '${pkgMgr} ${installArgs.join(" ")}' in`,
         basePath,
       );
-      const result = spawnSync(pkgMgr, installArgs, {
+      const result = safeSpawnSync(pkgMgr, installArgs, {
         cwd: basePath,
         encoding: "utf-8",
         timeout: TIMEOUT_MS,
@@ -3270,7 +3270,7 @@ export async function createNodejsBom(path, options) {
     // Do rush install if we don't have node_modules directory
     if (!safeExistsSync(nmDir)) {
       console.log("Executing 'rush install --no-link'", path);
-      const result = spawnSync(
+      const result = safeSpawnSync(
         "rush",
         ["install", "--no-link", "--bypass-policy"],
         {
@@ -3806,7 +3806,7 @@ export async function createPythonBom(path, options) {
   if (requirementsMode || pipenvMode) {
     if (pipenvMode) {
       // TODO: Support for nested directories
-      spawnSync("pipenv", ["install"], { cwd: path, encoding: "utf-8" });
+      safeSpawnSync("pipenv", ["install"], { cwd: path, encoding: "utf-8" });
       const piplockFile = join(path, "Pipfile.lock");
       if (safeExistsSync(piplockFile)) {
         const lockData = JSON.parse(readFileSync(piplockFile));
@@ -4148,7 +4148,7 @@ export async function createGoBom(path, options) {
       if (DEBUG_MODE) {
         console.log(`go mod why -m -vendor ${pkgFullName}`);
       }
-      const mresult = spawnSync(
+      const mresult = safeSpawnSync(
         "go",
         ["mod", "why", "-m", "-vendor", pkgFullName],
         {
@@ -4250,7 +4250,7 @@ export async function createGoBom(path, options) {
         if (DEBUG_MODE) {
           console.log("Executing go list -deps in", basePath);
         }
-        let result = spawnSync(
+        let result = safeSpawnSync(
           "go",
           [
             "list",
@@ -4298,7 +4298,7 @@ export async function createGoBom(path, options) {
             console.log("Executing go mod graph in", basePath);
           }
           // Next we use the go mod graph command to construct the dependency tree
-          result = spawnSync("go", ["mod", "graph"], {
+          result = safeSpawnSync("go", ["mod", "graph"], {
             cwd: basePath,
             encoding: "utf-8",
             timeout: TIMEOUT_MS,
@@ -4351,7 +4351,7 @@ export async function createGoBom(path, options) {
             console.log("Executing go mod graph in", basePath);
           }
           // Next we use the go mod graph command to construct the dependency tree
-          result = spawnSync("go", ["mod", "graph"], {
+          result = safeSpawnSync("go", ["mod", "graph"], {
             cwd: basePath,
             encoding: "utf-8",
             timeout: TIMEOUT_MS,
@@ -4541,7 +4541,7 @@ export async function createRustBom(path, options) {
           basePath,
         );
       }
-      const cargoInstallResult = spawnSync(CARGO_CMD, cargoArgs, {
+      const cargoInstallResult = safeSpawnSync(CARGO_CMD, cargoArgs, {
         cwd: basePath,
         encoding: "utf-8",
         shell: isWin,
@@ -4907,7 +4907,7 @@ export function createClojureBom(path, options) {
       }
       const basePath = dirname(f);
       console.log("Executing", LEIN_CMD, LEIN_ARGS.join(" "), "in", basePath);
-      const result = spawnSync(LEIN_CMD, LEIN_ARGS, {
+      const result = safeSpawnSync(LEIN_CMD, LEIN_ARGS, {
         cwd: basePath,
         encoding: "utf-8",
         timeout: TIMEOUT_MS,
@@ -4956,7 +4956,7 @@ export function createClojureBom(path, options) {
     for (const f of ednFiles) {
       const basePath = dirname(f);
       console.log("Executing", CLJ_CMD, CLJ_ARGS.join(" "), "in", basePath);
-      const result = spawnSync(CLJ_CMD, CLJ_ARGS, {
+      const result = safeSpawnSync(CLJ_CMD, CLJ_ARGS, {
         cwd: basePath,
         encoding: "utf-8",
         timeout: TIMEOUT_MS,
@@ -5339,7 +5339,7 @@ export async function createSwiftBom(path, options) {
           `Executing '${swiftCommand} ${packageArgs.join(" ")}' in ${basePath}. Please wait ...`,
         );
       }
-      const result = spawnSync(swiftCommand, packageArgs, {
+      const result = safeSpawnSync(swiftCommand, packageArgs, {
         cwd: basePath,
         encoding: "utf-8",
         timeout: TIMEOUT_MS,
@@ -5923,7 +5923,7 @@ export function createPHPBom(path, options) {
     if (DEBUG_MODE) {
       console.log("About to invoke composer --version");
     }
-    const versionResult = spawnSync("composer", ["--version"], {
+    const versionResult = safeSpawnSync("composer", ["--version"], {
       encoding: "utf-8",
     });
     if (versionResult.status !== 0 || versionResult.error) {
@@ -5956,7 +5956,7 @@ export function createPHPBom(path, options) {
         console.log("Executing 'composer install' in", basePath);
         args = ["install", "--ignore-platform-reqs"];
       }
-      const result = spawnSync("composer", args, {
+      const result = safeSpawnSync("composer", args, {
         cwd: basePath,
         encoding: "utf-8",
       });
@@ -6108,7 +6108,7 @@ export async function createRubyBom(path, options) {
     for (const f of gemFiles) {
       const basePath = dirname(f);
       console.log("Executing 'bundle install' in", basePath);
-      const result = spawnSync("bundle", ["install"], {
+      const result = safeSpawnSync("bundle", ["install"], {
         cwd: basePath,
         encoding: "utf-8",
       });
@@ -6368,7 +6368,7 @@ export async function createCsharpBom(path, options) {
           `Executing '${buildCmd} ${buildArgs.join(" ")}' in ${basePath}`,
         );
       }
-      const result = spawnSync(buildCmd, buildArgs, {
+      const result = safeSpawnSync(buildCmd, buildArgs, {
         cwd: path,
         encoding: "utf-8",
         env: { ...process.env, DOTNET_ROLL_FORWARD: "Major" },

lib/helpers/envcontext.js

@@ -1,5 +1,4 @@
 import { Buffer } from "node:buffer";
-import { spawnSync } from "node:child_process";
 import { arch, homedir } from "node:os";
 import { delimiter, dirname, join } from "node:path";
 import process from "node:process";
@@ -23,6 +22,7 @@ import {
   isMac,
   isWin,
   safeExistsSync,
+  safeSpawnSync,
 } from "./utils.js";
 
 export const GIT_COMMAND = process.env.GIT_CMD || "git";
@@ -399,7 +399,7 @@ const getCommandOutput = (cmd, dir, args) => {
   if (DEBUG_MODE) {
     console.log(`Executing ${commandToUse} ${args.join(" ")} in ${dir}`);
   }
-  const result = spawnSync(commandToUse, args, {
+  const result = safeSpawnSync(commandToUse, args, {
     cwd: dir,
     encoding: "utf-8",
     shell: isWin,
@@ -440,7 +440,7 @@ export function isSdkmanAvailable() {
  * Method to check if nvm is available.
  */
 export function isNvmAvailable() {
-  const result = spawnSync(
+  const result = safeSpawnSync(
     process.env.SHELL || "bash",
     ["-i", "-c", process.env.NVM_CMD || "nvm"],
     {
@@ -502,7 +502,7 @@ export function installSdkmanTool(toolType, toolName) {
       installDir = join(process.env.SDKMAN_CANDIDATES_DIR, toolType);
     }
     console.log("About to install", toolType, toolName, installDir);
-    result = spawnSync(
+    result = safeSpawnSync(
       process.env.SHELL || "bash",
       [
         "-i",
@@ -597,7 +597,7 @@ export function installSdkmanTool(toolType, toolName) {
  * @returns {String} path of nvm if present, otherwise false
  */
 export function getNvmToolDirectory(toolName) {
-  const resultWhichNode = spawnSync(
+  const resultWhichNode = safeSpawnSync(
     process.env.SHELL || "bash",
     ["-i", "-c", `"nvm which ${toolName}"`],
     {
@@ -632,7 +632,7 @@ export function getOrInstallNvmTool(toolVersion) {
   const nvmNodePath = getNvmToolDirectory(toolVersion);
   if (!nvmNodePath) {
     // nvm couldn't directly use toolName so maybe needs to be installed
-    const resultInstall = spawnSync(
+    const resultInstall = safeSpawnSync(
       process.env.SHELL || "bash",
       ["-i", "-c", `"nvm install ${toolVersion}"`],
       {
@@ -678,7 +678,7 @@ function getSdkmanToolFullname(toolName) {
  * @returns {Boolean} true if rbenv is available. false otherwise.
  */
 export function isRbenvAvailable() {
-  let result = spawnSync(
+  let result = safeSpawnSync(
     process.env.SHELL || "bash",
     ["-i", "-c", process.env.RBENV_CMD || "rbenv", "--version"],
     {
@@ -688,7 +688,7 @@ export function isRbenvAvailable() {
     },
   );
   if (result.status !== 0) {
-    result = spawnSync(process.env.RBENV_CMD || "rbenv", ["--version"], {
+    result = safeSpawnSync(process.env.RBENV_CMD || "rbenv", ["--version"], {
       shell: isWin,
       encoding: "utf-8",
     });
@@ -732,7 +732,7 @@ export function bundleInstallWithDocker(rubyVersion, cdxgenGemHome, filePath) {
     "install",
   ];
   console.log(`Performing bundle install with: ${ociCmd} ${ociArgs.join(" ")}`);
-  const result = spawnSync(ociCmd, ociArgs, {
+  const result = safeSpawnSync(ociCmd, ociArgs, {
     encoding: "utf-8",
     shell: isWin,
     timeout: TIMEOUT_MS,
@@ -765,7 +765,7 @@ export function installRubyVersion(rubyVersion, filePath) {
   }
   const fullToolBinDir = rubyVersionDir(rubyVersion);
   if (safeExistsSync(fullToolBinDir)) {
-    const result = spawnSync(
+    const result = safeSpawnSync(
       process.env.RBENV_CMD || "rbenv",
       ["local", rubyVersion],
       {
@@ -809,7 +809,7 @@ export function installRubyVersion(rubyVersion, filePath) {
       `To speed up this step, use bind mounts. Example: "--mount type=bind,src=/tmp/rbenv,dst=/root/.rbenv/versions/${rubyVersion}"`,
     );
   }
-  const result = spawnSync(
+  const result = safeSpawnSync(
     process.env.RBENV_CMD || "rbenv",
     ["install", rubyVersion],
     {
@@ -879,7 +879,7 @@ export function installRubyBundler(rubyVersion, bundlerVersion) {
         );
       }
     }
-    const result = spawnSync(join(fullToolBinDir, "gem"), gemInstallArgs, {
+    const result = safeSpawnSync(join(fullToolBinDir, "gem"), gemInstallArgs, {
       encoding: "utf-8",
       shell: isWin,
       timeout: TIMEOUT_MS,
@@ -946,7 +946,7 @@ export function performBundleInstall(
   console.log(
     `Invoking ${bundleCommand} ${installArgs.join(" ")} from ${basePath} with GEM_HOME ${cdxgenGemHome}. Please wait ...`,
   );
-  let result = spawnSync(bundleCommand, installArgs, {
+  let result = safeSpawnSync(bundleCommand, installArgs, {
     encoding: "utf-8",
     shell: isWin,
     timeout: TIMEOUT_MS,
@@ -1003,7 +1003,7 @@ export function performBundleInstall(
         );
       }
       console.log(`${bundleCommand} ${updateArgs.join(" ")}`);
-      result = spawnSync(bundleCommand, updateArgs, {
+      result = safeSpawnSync(bundleCommand, updateArgs, {
         encoding: "utf-8",
         shell: isWin,
         timeout: TIMEOUT_MS,