upload manifest files relative to target for coana-fix and perform-r… (#943)

* upload manifest filess relative to target for coana-fix and perform-reachability-analysis

* slightly more verbose, but hopefully more intuitive relative path argument for uploadManifestFiles
add comment

Author: jfblaa

package.json

@@ -1,6 +1,6 @@
 {
   "name": "socket",
-  "version": "1.1.35",
+  "version": "1.1.36",
   "description": "CLI for Socket.dev",
   "homepage": "https://github.com/SocketDev/socket-cli",
   "license": "MIT AND OFL-1.1",

src/commands/fix/coana-fix.mts

@@ -155,7 +155,7 @@ export async function coanaFix(
     p => path.basename(p).toLowerCase() !== DOT_SOCKET_DOT_FACTS_JSON,
   )
   const uploadCResult = await handleApiCall(
-    sockSdk.uploadManifestFiles(orgSlug, filepathsToUpload),
+    sockSdk.uploadManifestFiles(orgSlug, filepathsToUpload, cwd),
     {
       description: 'upload manifests',
       spinner,

src/commands/scan/perform-reachability-analysis.mts

@@ -106,8 +106,13 @@ export async function performReachabilityAnalysis(
 
     spinner?.start('Uploading manifests for reachability analysis...')
 
+    // Ensure uploaded manifest files are relative to analysis target as coana resolves SBOM manifest files relative to this path
     const uploadCResult = await handleApiCall(
-      sockSdk.uploadManifestFiles(orgSlug, filepathsToUpload),
+      sockSdk.uploadManifestFiles(
+        orgSlug,
+        filepathsToUpload,
+        path.resolve(cwd, analysisTarget),
+      ),
       {
         description: 'upload manifests',
         spinner,