npm - @nodesecure/scanner - Versions diffs - 3.1.0 → 3.3.0 - Mend

@nodesecure/scanner 3.1.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -49,9 +49,9 @@ await Promise.allSettled(promises);
 See `types/api.d.ts` for a complete TypeScript definition.
 ```ts
-function cwd(path: string, options?: Scanner.Options): Promise<Scanner.Payload>;
+function cwd(location: string, options?: Scanner.Options): Promise<Scanner.Payload>;
 function from(packageName: string, options?: Scanner.Options): Promise<Scanner.Payload>;
-function verify(packageName: string): Promise<Scanner.VerifyPayload>;
+function verify(packageName?: string | null): Promise<Scanner.VerifyPayload>;
 ```
 `Options` is described with the following TypeScript interface:

package/index.js CHANGED Viewed

@@ -1,63 +1,63 @@
-// Import Node.js Dependencies
-import path from "path";
-import fs from "fs/promises";
-import timers from "timers/promises";
-import os from "os";
-// Import Third-party Dependencies
-import pacote from "pacote";
-import { getLocalRegistryURL } from "@nodesecure/npm-registry-sdk";
-// Import Internal Dependencies
-import { depWalker } from "./src/depWalker.js";
-import { NPM_TOKEN } from "./src/utils/index.js";
-import { ScannerLoggerEvents } from "./src/constants.js";
-import Logger from "./src/class/logger.class.js";
-import * as tarball from "./src/tarball.js";
-// CONSTANTS
-const kDefaultCwdOptions = { forceRootAnalysis: true, usePackageLock: true };
-export async function cwd(cwd = process.cwd(), options = {}, logger = new Logger()) {
-  const finalizedOptions = Object.assign({}, kDefaultCwdOptions, options);
-  logger.start(ScannerLoggerEvents.manifest.read);
-  const packagePath = path.join(cwd, "package.json");
-  const str = await fs.readFile(packagePath, "utf-8");
-  logger.end(ScannerLoggerEvents.manifest.read);
-  return depWalker(JSON.parse(str), finalizedOptions, logger);
-}
-export async function from(packageName, options, logger = new Logger()) {
-  logger.start(ScannerLoggerEvents.manifest.fetch);
-  const manifest = await pacote.manifest(packageName, {
-    ...NPM_TOKEN, registry: getLocalRegistryURL(), cache: `${os.homedir()}/.npm`
-  });
-  logger.end(ScannerLoggerEvents.manifest.fetch);
-  return depWalker(manifest, options, logger);
-}
-export async function verify(packageName = null) {
-  if (typeof packageName === "undefined" || packageName === null) {
-    return await tarball.scanPackage(process.cwd());
-  }
-  const tmpLocation = await fs.mkdtemp(path.join(os.tmpdir(), "/"));
-  const dest = path.join(tmpLocation, packageName);
-  try {
-    await pacote.extract(packageName, dest, {
-      ...NPM_TOKEN, registry: getLocalRegistryURL(), cache: `${os.homedir()}/.npm`
-    });
-    return await tarball.scanPackage(dest, packageName);
-  }
-  finally {
-    await timers.setImmediate();
-    await fs.rm(tmpLocation, { recursive: true, force: true });
-  }
-}
-export { depWalker, tarball, Logger, ScannerLoggerEvents };
+// Import Node.js Dependencies
+import path from "path";
+import fs from "fs/promises";
+import timers from "timers/promises";
+import os from "os";
+// Import Third-party Dependencies
+import pacote from "pacote";
+import { getLocalRegistryURL } from "@nodesecure/npm-registry-sdk";
+// Import Internal Dependencies
+import { depWalker } from "./src/depWalker.js";
+import { NPM_TOKEN } from "./src/utils/index.js";
+import { ScannerLoggerEvents } from "./src/constants.js";
+import Logger from "./src/class/logger.class.js";
+import * as tarball from "./src/tarball.js";
+// CONSTANTS
+const kDefaultCwdOptions = { forceRootAnalysis: true, usePackageLock: true };
+export async function cwd(location = process.cwd(), options = {}, logger = new Logger()) {
+  const finalizedOptions = Object.assign({ location }, kDefaultCwdOptions, options);
+  logger.start(ScannerLoggerEvents.manifest.read);
+  const packagePath = path.join(location, "package.json");
+  const str = await fs.readFile(packagePath, "utf-8");
+  logger.end(ScannerLoggerEvents.manifest.read);
+  return depWalker(JSON.parse(str), finalizedOptions, logger);
+}
+export async function from(packageName, options, logger = new Logger()) {
+  logger.start(ScannerLoggerEvents.manifest.fetch);
+  const manifest = await pacote.manifest(packageName, {
+    ...NPM_TOKEN, registry: getLocalRegistryURL(), cache: `${os.homedir()}/.npm`
+  });
+  logger.end(ScannerLoggerEvents.manifest.fetch);
+  return depWalker(manifest, options, logger);
+}
+export async function verify(packageName = null) {
+  if (typeof packageName === "undefined" || packageName === null) {
+    return await tarball.scanPackage(process.cwd());
+  }
+  const tmpLocation = await fs.mkdtemp(path.join(os.tmpdir(), "/"));
+  const dest = path.join(tmpLocation, packageName);
+  try {
+    await pacote.extract(packageName, dest, {
+      ...NPM_TOKEN, registry: getLocalRegistryURL(), cache: `${os.homedir()}/.npm`
+    });
+    return await tarball.scanPackage(dest, packageName);
+  }
+  finally {
+    await timers.setImmediate();
+    await fs.rm(tmpLocation, { recursive: true, force: true });
+  }
+}
+export { depWalker, tarball, Logger, ScannerLoggerEvents };

package/package.json CHANGED Viewed

@@ -1,86 +1,86 @@
-{
-  "name": "@nodesecure/scanner",
-  "version": "3.1.0",
-  "description": "A package API to run a static analysis of your module's dependencies.",
-  "exports": "./index.js",
-  "engines": {
-    "node": ">=16"
-  },
-  "scripts": {
-    "lint": "eslint src test",
-    "prepublishOnly": "pkg-ok",
-    "test": "npm run lint && npm run test-only",
-    "test-only": "cross-env esm-tape-runner 'test/**/*.spec.js' | tap-monkey",
-    "coverage": "c8 -r html npm run test-only"
-  },
-  "files": [
-    "src",
-    "types",
-    "index.js",
-    "index.d.ts"
-  ],
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/NodeSecure/scanner.git"
-  },
-  "keywords": [
-    "node",
-    "nodejs",
-    "security",
-    "cli",
-    "sast",
-    "scanner",
-    "static",
-    "code",
-    "analysis",
-    "node_modules",
-    "tree",
-    "npm",
-    "registry",
-    "graph",
-    "visualization",
-    "dependencies"
-  ],
-  "author": "NodeSecure",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/NodeSecure/scanner/issues"
-  },
-  "homepage": "https://github.com/NodeSecure/scanner#readme",
-  "devDependencies": {
-    "@nodesecure/eslint-config": "^1.3.0",
-    "@slimio/is": "^1.5.1",
-    "@small-tech/esm-tape-runner": "^1.0.3",
-    "@small-tech/tap-monkey": "^1.3.0",
-    "@types/node": "^16.11.10",
-    "c8": "^7.10.0",
-    "cross-env": "^7.0.3",
-    "dotenv": "^10.0.0",
-    "eslint": "^8.3.0",
-    "get-folder-size": "^3.1.0",
-    "pkg-ok": "^2.3.1",
-    "sinon": "^12.0.1",
-    "snap-shot-core": "^10.2.4",
-    "tape": "^5.3.2"
-  },
-  "dependencies": {
-    "@nodesecure/flags": "^2.2.0",
-    "@nodesecure/fs-walk": "^1.0.0",
-    "@nodesecure/i18n": "^1.2.1",
-    "@nodesecure/js-x-ray": "^4.2.0",
-    "@nodesecure/npm-registry-sdk": "^1.3.0",
-    "@nodesecure/ntlp": "^2.1.0",
-    "@nodesecure/utils": "^1.0.0",
-    "@nodesecure/vuln": "^1.4.1",
-    "@npm/types": "^1.0.1",
-    "@npmcli/arborist": "^4.1.0",
-    "@slimio/lock": "^1.0.0",
-    "builtins": "^4.0.0",
-    "combine-async-iterators": "^2.0.1",
-    "itertools": "^1.7.1",
-    "lodash.difference": "^4.5.0",
-    "pacote": "^12.0.2",
-    "semver": "^7.3.4"
-  },
-  "type": "module"
-}
+{
+  "name": "@nodesecure/scanner",
+  "version": "3.3.0",
+  "description": "A package API to run a static analysis of your module's dependencies.",
+  "exports": "./index.js",
+  "engines": {
+    "node": ">=16"
+  },
+  "scripts": {
+    "lint": "eslint src test",
+    "prepublishOnly": "pkg-ok",
+    "test": "npm run lint && npm run test-only",
+    "test-only": "cross-env esm-tape-runner 'test/**/*.spec.js' | tap-monkey",
+    "coverage": "c8 -r html npm run test-only"
+  },
+  "files": [
+    "src",
+    "types",
+    "index.js",
+    "index.d.ts"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/NodeSecure/scanner.git"
+  },
+  "keywords": [
+    "node",
+    "nodejs",
+    "security",
+    "cli",
+    "sast",
+    "scanner",
+    "static",
+    "code",
+    "analysis",
+    "node_modules",
+    "tree",
+    "npm",
+    "registry",
+    "graph",
+    "visualization",
+    "dependencies"
+  ],
+  "author": "NodeSecure",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/NodeSecure/scanner/issues"
+  },
+  "homepage": "https://github.com/NodeSecure/scanner#readme",
+  "devDependencies": {
+    "@nodesecure/eslint-config": "^1.3.1",
+    "@slimio/is": "^1.5.1",
+    "@small-tech/esm-tape-runner": "^1.0.3",
+    "@small-tech/tap-monkey": "^1.3.0",
+    "@types/node": "^17.0.13",
+    "c8": "^7.11.0",
+    "cross-env": "^7.0.3",
+    "dotenv": "^14.3.2",
+    "eslint": "^8.7.0",
+    "get-folder-size": "^3.1.0",
+    "pkg-ok": "^2.3.1",
+    "sinon": "^12.0.1",
+    "snap-shot-core": "^10.2.4",
+    "tape": "^5.5.0"
+  },
+  "dependencies": {
+    "@nodesecure/flags": "^2.2.0",
+    "@nodesecure/fs-walk": "^1.0.0",
+    "@nodesecure/i18n": "^1.2.1",
+    "@nodesecure/js-x-ray": "^4.2.0",
+    "@nodesecure/npm-registry-sdk": "^1.3.0",
+    "@nodesecure/ntlp": "^2.1.0",
+    "@nodesecure/utils": "^1.0.0",
+    "@nodesecure/vuln": "^1.5.0",
+    "@npm/types": "^1.0.1",
+    "@npmcli/arborist": "^4.3.0",
+    "@slimio/lock": "^1.0.0",
+    "builtins": "^4.0.0",
+    "combine-async-iterators": "^2.0.1",
+    "itertools": "^1.7.1",
+    "lodash.difference": "^4.5.0",
+    "pacote": "^12.0.3",
+    "semver": "^7.3.4"
+  },
+  "type": "module"
+}