Add hidden reach-continue-on-* flags for Coana v15 (#1251)

Coana v15 introduces four new halt-by-default behaviors in socket mode
and corresponding --reach-continue-on-* opt-outs. Expose them as hidden
flags on `socket scan create` and `socket scan reach` so the Socket CLI
is ready to forward them when Coana v15 becomes the default.

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: mtorp

src/commands/ci/handle-ci.mts

@@ -54,6 +54,10 @@ export async function handleCi(autoManifest: boolean): Promise<void> {
       reachAnalysisMemoryLimit: 0,
       reachAnalysisTimeout: 0,
       reachConcurrency: 1,
+      reachContinueOnAnalysisErrors: false,
+      reachContinueOnInstallErrors: false,
+      reachContinueOnMissingLockFiles: false,
+      reachContinueOnNoSourceFiles: false,
       reachDebug: false,
       reachDetailedAnalysisLogFile: false,
       reachDisableAnalytics: false,

src/commands/scan/cmd-scan-create.mts

@@ -245,6 +245,10 @@ async function run(
     reachAnalysisMemoryLimit,
     reachAnalysisTimeout,
     reachConcurrency,
+    reachContinueOnAnalysisErrors,
+    reachContinueOnInstallErrors,
+    reachContinueOnMissingLockFiles,
+    reachContinueOnNoSourceFiles,
     reachDebug,
     reachDetailedAnalysisLogFile,
     reachDisableAnalysisSplitting: _reachDisableAnalysisSplitting,
@@ -279,6 +283,10 @@ async function run(
     reachAnalysisMemoryLimit: number
     reachAnalysisTimeout: number
     reachConcurrency: number
+    reachContinueOnAnalysisErrors: boolean
+    reachContinueOnInstallErrors: boolean
+    reachContinueOnMissingLockFiles: boolean
+    reachContinueOnNoSourceFiles: boolean
     reachDebug: boolean
     reachDetailedAnalysisLogFile: boolean
     reachDisableAnalysisSplitting: boolean
@@ -487,6 +495,10 @@ async function run(
     isUsingNonDefaultMemoryLimit ||
     isUsingNonDefaultTimeout ||
     isUsingNonDefaultVersion ||
+    reachContinueOnAnalysisErrors ||
+    reachContinueOnInstallErrors ||
+    reachContinueOnMissingLockFiles ||
+    reachContinueOnNoSourceFiles ||
     reachEnableAnalysisSplitting ||
     reachLazyMode ||
     reachSkipCache ||
@@ -599,6 +611,10 @@ async function run(
       reachAnalysisMemoryLimit: Number(reachAnalysisMemoryLimit),
       reachAnalysisTimeout: Number(reachAnalysisTimeout),
       reachConcurrency: Number(reachConcurrency),
+      reachContinueOnAnalysisErrors: Boolean(reachContinueOnAnalysisErrors),
+      reachContinueOnInstallErrors: Boolean(reachContinueOnInstallErrors),
+      reachContinueOnMissingLockFiles: Boolean(reachContinueOnMissingLockFiles),
+      reachContinueOnNoSourceFiles: Boolean(reachContinueOnNoSourceFiles),
       reachDebug: Boolean(reachDebug),
       reachDetailedAnalysisLogFile: Boolean(reachDetailedAnalysisLogFile),
       reachDisableAnalytics: Boolean(reachDisableAnalytics),

src/commands/scan/cmd-scan-reach.mts

@@ -124,6 +124,10 @@ async function run(
     reachAnalysisMemoryLimit,
     reachAnalysisTimeout,
     reachConcurrency,
+    reachContinueOnAnalysisErrors,
+    reachContinueOnInstallErrors,
+    reachContinueOnMissingLockFiles,
+    reachContinueOnNoSourceFiles,
     reachDebug,
     reachDetailedAnalysisLogFile,
     reachDisableAnalysisSplitting: _reachDisableAnalysisSplitting,
@@ -144,6 +148,10 @@ async function run(
     reachAnalysisMemoryLimit: number
     reachAnalysisTimeout: number
     reachConcurrency: number
+    reachContinueOnAnalysisErrors: boolean
+    reachContinueOnInstallErrors: boolean
+    reachContinueOnMissingLockFiles: boolean
+    reachContinueOnNoSourceFiles: boolean
     reachDebug: boolean
     reachDetailedAnalysisLogFile: boolean
     reachDisableAnalysisSplitting: boolean
@@ -267,6 +275,10 @@ async function run(
       reachAnalysisMemoryLimit: Number(reachAnalysisMemoryLimit),
       reachAnalysisTimeout: Number(reachAnalysisTimeout),
       reachConcurrency: Number(reachConcurrency),
+      reachContinueOnAnalysisErrors: Boolean(reachContinueOnAnalysisErrors),
+      reachContinueOnInstallErrors: Boolean(reachContinueOnInstallErrors),
+      reachContinueOnMissingLockFiles: Boolean(reachContinueOnMissingLockFiles),
+      reachContinueOnNoSourceFiles: Boolean(reachContinueOnNoSourceFiles),
       reachDebug: Boolean(reachDebug),
       reachDetailedAnalysisLogFile: Boolean(reachDetailedAnalysisLogFile),
       reachDisableAnalytics: Boolean(reachDisableAnalytics),

src/commands/scan/create-scan-from-github.mts

@@ -253,6 +253,10 @@ async function scanOneRepo(
       reachAnalysisMemoryLimit: 0,
       reachAnalysisTimeout: 0,
       reachConcurrency: 1,
+      reachContinueOnAnalysisErrors: false,
+      reachContinueOnInstallErrors: false,
+      reachContinueOnMissingLockFiles: false,
+      reachContinueOnNoSourceFiles: false,
       reachDebug: false,
       reachDetailedAnalysisLogFile: false,
       reachDisableAnalytics: false,

src/commands/scan/perform-reachability-analysis.mts

@@ -19,6 +19,10 @@ export type ReachabilityOptions = {
   reachAnalysisMemoryLimit: number
   reachAnalysisTimeout: number
   reachConcurrency: number
+  reachContinueOnAnalysisErrors: boolean
+  reachContinueOnInstallErrors: boolean
+  reachContinueOnMissingLockFiles: boolean
+  reachContinueOnNoSourceFiles: boolean
   reachDebug: boolean
   reachDetailedAnalysisLogFile: boolean
   reachDisableExternalToolChecks: boolean
@@ -184,6 +188,18 @@ export async function performReachabilityAnalysis(
     ...(reachabilityOptions.reachConcurrency
       ? ['--concurrency', `${reachabilityOptions.reachConcurrency}`]
       : []),
+    ...(reachabilityOptions.reachContinueOnAnalysisErrors
+      ? ['--reach-continue-on-analysis-errors']
+      : []),
+    ...(reachabilityOptions.reachContinueOnInstallErrors
+      ? ['--reach-continue-on-install-errors']
+      : []),
+    ...(reachabilityOptions.reachContinueOnMissingLockFiles
+      ? ['--reach-continue-on-missing-lock-files']
+      : []),
+    ...(reachabilityOptions.reachContinueOnNoSourceFiles
+      ? ['--reach-continue-on-no-source-files']
+      : []),
     ...(reachabilityOptions.reachDebug ? ['--debug'] : []),
     ...(reachabilityOptions.reachDetailedAnalysisLogFile
       ? ['--print-analysis-log-file']

src/commands/scan/reachability-flags.mts

@@ -25,6 +25,34 @@ export const reachabilityFlags: MeowFlags = {
     description:
       'Set the maximum number of concurrent reachability analysis runs. It is recommended to choose a concurrency level that ensures each analysis run has at least the --reach-analysis-memory-limit amount of memory available. NPM reachability analysis does not support concurrent execution, so the concurrency level is ignored for NPM.',
   },
+  reachContinueOnAnalysisErrors: {
+    type: 'boolean',
+    default: false,
+    hidden: true,
+    description:
+      'Continue reachability analysis when errors occur (timeouts, OOM, parse errors, etc.), falling back to precomputed (Tier 2) results. By default, the CLI halts on analysis errors.',
+  },
+  reachContinueOnInstallErrors: {
+    type: 'boolean',
+    default: false,
+    hidden: true,
+    description:
+      'Continue reachability analysis when package installation fails, falling back to precomputed (Tier 2) results. By default, the CLI halts on installation errors.',
+  },
+  reachContinueOnMissingLockFiles: {
+    type: 'boolean',
+    default: false,
+    hidden: true,
+    description:
+      'Continue reachability analysis when a Gradle or SBT project is missing its lock file (or version catalog / pre-generated SBOM). By default, the CLI halts.',
+  },
+  reachContinueOnNoSourceFiles: {
+    type: 'boolean',
+    default: false,
+    hidden: true,
+    description:
+      'Continue reachability analysis when a workspace contains no source files for its ecosystem. By default, the CLI halts.',
+  },
   reachDisableExternalToolChecks: {
     type: 'boolean',
     default: false,