@nodesecure/scanner 10.5.0 → 10.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/registry/fetchNpmAvatars.d.ts.map +1 -1
  2. package/dist/registry/fetchNpmAvatars.js +44 -28
  3. package/dist/registry/fetchNpmAvatars.js.map +1 -1
  4. package/package.json +3 -3
package/dist/registry/fetchNpmAvatars.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"fetchNpmAvatars.d.ts","sourceRoot":"","sources":["../../src/registry/fetchNpmAvatars.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,UAAU,EAGX,MAAM,aAAa,CAAC;AAIrB,wBAAsB,eAAe,CACnC,QAAQ,EAAE,UAAU,CAAC,UAAU,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC,CAsBf"}
1
+ {"version":3,"file":"fetchNpmAvatars.d.ts","sourceRoot":"","sources":["../../src/registry/fetchNpmAvatars.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,UAAU,EAGX,MAAM,aAAa,CAAC;AAIrB,wBAAsB,eAAe,CACnC,QAAQ,EAAE,UAAU,CAAC,UAAU,CAAC,GAC/B,OAAO,CAAC,IAAI,CAAC,CA2Bf"}
package/dist/registry/fetchNpmAvatars.js CHANGED
@@ -1,5 +1,5 @@
1
1
  // Import Third-party Dependencies
2
- import * as npmRegistrySDK from "@nodesecure/npm-registry-sdk";
2
+ // import * as npmRegistrySDK from "@nodesecure/npm-registry-sdk";
3
3
  export async function fetchNpmAvatars(metadata) {
4
4
  const contributors = [
5
5
  ...metadata.maintainers,
@@ -7,7 +7,14 @@ export async function fetchNpmAvatars(metadata) {
7
7
  ...(metadata.author ? [metadata.author] : [])
8
8
  ];
9
9
  const avatarCache = new Map();
10
- await Promise.all(contributors.map((contributor) => enrichContributorWithAvatar(contributor, avatarCache)));
10
+ /**
11
+ * @deprecated
12
+ * NPM website user API is no longer exploitable for avatar
13
+ * We need to find an alternative way to fetch avatars
14
+ */
15
+ // await Promise.all(
16
+ // contributors.map((contributor) => enrichContributorWithAvatar(contributor, avatarCache))
17
+ // );
11
18
  // Backfill missing avatars: some contributors may have failed username lookup
12
19
  // but their email might match a cached avatar from a successful contributor
13
20
  contributors
@@ -19,30 +26,39 @@ export async function fetchNpmAvatars(metadata) {
19
26
  }
20
27
  });
21
28
  }
22
- async function enrichContributorWithAvatar(contributor, avatarCache) {
23
- if (trySetAvatarFromCache(contributor, avatarCache)) {
24
- return;
25
- }
26
- try {
27
- const profile = await npmRegistrySDK.user(contributor.name, { perPage: 1 });
28
- contributor.npmAvatar = profile.avatars.small;
29
- if (contributor.email && contributor.npmAvatar) {
30
- avatarCache.set(contributor.email, contributor.npmAvatar);
31
- }
32
- }
33
- catch {
34
- contributor.npmAvatar = undefined;
35
- }
36
- }
37
- function trySetAvatarFromCache(contributor, avatarCache) {
38
- if (!contributor.email) {
39
- return false;
40
- }
41
- const cachedAvatar = avatarCache.get(contributor.email);
42
- if (cachedAvatar) {
43
- contributor.npmAvatar = cachedAvatar;
44
- return true;
45
- }
46
- return false;
47
- }
29
+ // async function enrichContributorWithAvatar(
30
+ // contributor: Contributor,
31
+ // avatarCache: Map<string, string>
32
+ // ): Promise<void> {
33
+ // if (trySetAvatarFromCache(contributor, avatarCache)) {
34
+ // return;
35
+ // }
36
+ // try {
37
+ // const profile = await npmRegistrySDK.user(
38
+ // contributor.name,
39
+ // { perPage: 1 }
40
+ // );
41
+ // contributor.npmAvatar = profile.avatars.small;
42
+ // if (contributor.email && contributor.npmAvatar) {
43
+ // avatarCache.set(contributor.email, contributor.npmAvatar);
44
+ // }
45
+ // }
46
+ // catch {
47
+ // contributor.npmAvatar = undefined;
48
+ // }
49
+ // }
50
+ // function trySetAvatarFromCache(
51
+ // contributor: Contributor,
52
+ // avatarCache: Map<string, string>
53
+ // ): boolean {
54
+ // if (!contributor.email) {
55
+ // return false;
56
+ // }
57
+ // const cachedAvatar = avatarCache.get(contributor.email);
58
+ // if (cachedAvatar) {
59
+ // contributor.npmAvatar = cachedAvatar;
60
+ // return true;
61
+ // }
62
+ // return false;
63
+ // }
48
64
  //# sourceMappingURL=fetchNpmAvatars.js.map
package/dist/registry/fetchNpmAvatars.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"fetchNpmAvatars.js","sourceRoot":"","sources":["../../src/registry/fetchNpmAvatars.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,KAAK,cAAc,MAAM,8BAA8B,CAAC;AAW/D,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,QAAgC;IAEhC,MAAM,YAAY,GAAkB;QAClC,GAAG,QAAQ,CAAC,WAAW;QACvB,GAAG,QAAQ,CAAC,UAAU;QACtB,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9C,CAAC;IACF,MAAM,WAAW,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE9C,MAAM,OAAO,CAAC,GAAG,CACf,YAAY,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,2BAA2B,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,CACzF,CAAC;IAEF,8EAA8E;IAC9E,4EAA4E;IAC5E,YAAY;SACT,MAAM,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,SAAS,IAAI,WAAW,CAAC,KAAK,CAAC;SACpE,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QACvB,MAAM,YAAY,GAAG,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,KAAM,CAAC,CAAC;QACzD,IAAI,YAAY,EAAE,CAAC;YACjB,WAAW,CAAC,SAAS,GAAG,YAAY,CAAC;QACvC,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,2BAA2B,CACxC,WAAwB,EACxB,WAAgC;IAEhC,IAAI,qBAAqB,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC;QACpD,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,IAAI,CACvC,WAAW,CAAC,IAAI,EAChB,EAAE,OAAO,EAAE,CAAC,EAAE,CACf,CAAC;QACF,WAAW,CAAC,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC;QAE9C,IAAI,WAAW,CAAC,KAAK,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;YAC/C,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,SAAS,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IACD,MAAM,CAAC;QACL,WAAW,CAAC,SAAS,GAAG,SAAS,CAAC;IACpC,CAAC;AACH,CAAC;AAED,SAAS,qBAAqB,CAC5B,WAAwB,EACxB,WAAgC;IAEhC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,YAAY,GAAG,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IACxD,IAAI,YAAY,EAAE,CAAC;QACjB,WAAW,CAAC,SAAS,GAAG,YAAY,CAAC;QAErC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}
1
+ {"version":3,"file":"fetchNpmAvatars.js","sourceRoot":"","sources":["../../src/registry/fetchNpmAvatars.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,kEAAkE;AAWlE,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,QAAgC;IAEhC,MAAM,YAAY,GAAkB;QAClC,GAAG,QAAQ,CAAC,WAAW;QACvB,GAAG,QAAQ,CAAC,UAAU;QACtB,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9C,CAAC;IACF,MAAM,WAAW,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE9C;;;;OAIG;IACH,qBAAqB;IACrB,6FAA6F;IAC7F,KAAK;IAEL,8EAA8E;IAC9E,4EAA4E;IAC5E,YAAY;SACT,MAAM,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,SAAS,IAAI,WAAW,CAAC,KAAK,CAAC;SACpE,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QACvB,MAAM,YAAY,GAAG,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,KAAM,CAAC,CAAC;QACzD,IAAI,YAAY,EAAE,CAAC;YACjB,WAAW,CAAC,SAAS,GAAG,YAAY,CAAC;QACvC,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC;AAED,8CAA8C;AAC9C,8BAA8B;AAC9B,qCAAqC;AACrC,qBAAqB;AACrB,2DAA2D;AAC3D,cAAc;AACd,MAAM;AAEN,UAAU;AACV,iDAAiD;AACjD,0BAA0B;AAC1B,uBAAuB;AACvB,SAAS;AACT,qDAAqD;AAErD,wDAAwD;AACxD,mEAAmE;AACnE,QAAQ;AACR,MAAM;AACN,YAAY;AACZ,yCAAyC;AACzC,MAAM;AACN,IAAI;AAEJ,kCAAkC;AAClC,8BAA8B;AAC9B,qCAAqC;AACrC,eAAe;AACf,8BAA8B;AAC9B,oBAAoB;AACpB,MAAM;AAEN,6DAA6D;AAC7D,wBAAwB;AACxB,4CAA4C;AAE5C,mBAAmB;AACnB,MAAM;AAEN,kBAAkB;AAClB,IAAI"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@nodesecure/scanner",
3
- "version": "10.5.0",
3
+ "version": "10.5.1",
4
4
  "description": "A package API to run a static analysis of your module's dependencies.",
5
5
  "type": "module",
6
6
  "exports": {
@@ -68,12 +68,12 @@
68
68
  "@nodesecure/contact": "^3.0.0",
69
69
  "@nodesecure/flags": "^3.0.3",
70
70
  "@nodesecure/i18n": "^4.1.0",
71
- "@nodesecure/js-x-ray": "14.1.0",
71
+ "@nodesecure/js-x-ray": "14.2.0",
72
72
  "@nodesecure/mama": "^2.1.1",
73
73
  "@nodesecure/npm-registry-sdk": "^4.4.0",
74
74
  "@nodesecure/npm-types": "^1.3.0",
75
75
  "@nodesecure/rc": "^5.5.0",
76
- "@nodesecure/tarball": "^3.6.0",
76
+ "@nodesecure/tarball": "^3.6.1",
77
77
  "@nodesecure/tree-walker": "^2.6.0",
78
78
  "@nodesecure/utils": "^2.3.0",
79
79
  "@nodesecure/vulnera": "3.0.0",