npm - @nodesecure/scanner - Versions diffs - 6.10.0 → 6.12.0 - Mend

@nodesecure/scanner 6.10.0 → 6.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

package/dist/class/TopPackages.class.d.ts +10 -0
package/dist/class/TopPackages.class.d.ts.map +1 -0
package/dist/class/TopPackages.class.js +36 -0
package/dist/class/TopPackages.class.js.map +1 -0
package/dist/data/top-packages.json +50000 -0
package/dist/depWalker.d.ts.map +1 -1
package/dist/depWalker.js +23 -19
package/dist/depWalker.js.map +1 -1
package/dist/i18n/english.d.ts +1 -0
package/dist/i18n/english.js +4 -1
package/dist/i18n/english.js.map +1 -1
package/dist/i18n/french.d.ts +1 -0
package/dist/i18n/french.js +4 -1
package/dist/i18n/french.js.map +1 -1
package/dist/registry/NpmRegistryProvider.d.ts +54 -0
package/dist/registry/NpmRegistryProvider.d.ts.map +1 -0
package/dist/registry/NpmRegistryProvider.js +80 -0
package/dist/registry/NpmRegistryProvider.js.map +1 -0
package/dist/registry/PackumentExtractor.d.ts +14 -0
package/dist/registry/PackumentExtractor.d.ts.map +1 -0
package/dist/registry/PackumentExtractor.js +70 -0
package/dist/registry/PackumentExtractor.js.map +1 -0
package/dist/registry/fetchNpmAvatars.d.ts +3 -0
package/dist/registry/fetchNpmAvatars.d.ts.map +1 -0
package/dist/registry/fetchNpmAvatars.js +48 -0
package/dist/registry/fetchNpmAvatars.js.map +1 -0
package/dist/utils/warnings.d.ts.map +1 -1
package/dist/utils/warnings.js +9 -1
package/dist/utils/warnings.js.map +1 -1
package/package.json +8 -7
package/dist/npmRegistry.d.ts +0 -9
package/dist/npmRegistry.d.ts.map +0 -1
package/dist/npmRegistry.js +0 -127
package/dist/npmRegistry.js.map +0 -1

package/dist/npmRegistry.js DELETED Viewed

@@ -1,127 +0,0 @@
-// Import Third-party Dependencies
-import semver from "semver";
-import * as npmRegistrySDK from "@nodesecure/npm-registry-sdk";
-import { packageJSONIntegrityHash } from "@nodesecure/mama";
-// Import Internal Dependencies
-import { getLinks } from "./utils/index.js";
-import { Logger } from "./class/logger.class.js";
-export async function manifestMetadata(name, version, dependency) {
-    try {
-        const pkgVersion = await npmRegistrySDK.packumentVersion(name, version);
-        const integrity = packageJSONIntegrityHash(pkgVersion, {
-            isFromRemoteRegistry: true
-        });
-        Object.assign(dependency.versions[version], {
-            links: getLinks(pkgVersion)
-        });
-        dependency.metadata.integrity[version] = integrity;
-    }
-    catch {
-        // Ignore
-    }
-}
-export async function packageMetadata(name, version, options) {
-    const { dependency, logger } = options;
-    const spec = `${name}:${version}`;
-    try {
-        const pkg = await npmRegistrySDK.packument(name);
-        const oneYearFromToday = new Date();
-        oneYearFromToday.setFullYear(oneYearFromToday.getFullYear() - 1);
-        const lastVersion = pkg["dist-tags"].latest;
-        const lastUpdateAt = new Date(pkg.time[lastVersion]);
-        const metadata = {
-            author: pkg.author ?? null,
-            homepage: pkg.homepage || null,
-            publishedCount: Object.values(pkg.versions).length,
-            lastVersion,
-            lastUpdateAt,
-            hasReceivedUpdateInOneYear: !(oneYearFromToday > lastUpdateAt),
-            hasManyPublishers: false,
-            hasChangedAuthor: false,
-            maintainers: pkg.maintainers ?? [],
-            publishers: [],
-            integrity: {}
-        };
-        const isOutdated = semver.neq(version, lastVersion);
-        const dependencyVersion = dependency.versions[version];
-        const flags = dependencyVersion.flags;
-        if (isOutdated) {
-            flags.push("isOutdated");
-        }
-        const publishers = new Set();
-        let searchForMaintainersInVersions = metadata.maintainers.length === 0;
-        for (const ver of Object.values(pkg.versions).reverse()) {
-            if (spec === `${ver.name}:${ver.version}`) {
-                if ("deprecated" in ver && !flags.includes("isDeprecated")) {
-                    flags.push("isDeprecated");
-                    dependencyVersion.deprecated = ver.deprecated;
-                }
-                metadata.integrity[ver.version] = packageJSONIntegrityHash(ver, { isFromRemoteRegistry: true });
-            }
-            const { _npmUser = null, version, maintainers = [] } = ver;
-            if (_npmUser !== null) {
-                const authorName = metadata.author?.name ?? null;
-                if (authorName === null) {
-                    metadata.author = _npmUser;
-                }
-                else if (authorName !== null && _npmUser.name !== authorName) {
-                    metadata.hasManyPublishers = true;
-                }
-                if (!publishers.has(_npmUser.name)) {
-                    publishers.add(_npmUser.name);
-                    metadata.publishers.push({
-                        ..._npmUser,
-                        version,
-                        at: new Date(pkg.time[version]).toISOString()
-                    });
-                }
-            }
-            if (searchForMaintainersInVersions) {
-                metadata.maintainers.push(...maintainers);
-                searchForMaintainersInVersions = false;
-            }
-        }
-        await addNpmAvatar(metadata);
-        Object.assign(dependency.versions[version], { links: getLinks(pkg.versions[version]) });
-        dependency.metadata = metadata;
-    }
-    catch {
-        // ignore
-    }
-    finally {
-        logger.tick("registry");
-    }
-}
-async function addNpmAvatar(metadata) {
-    const contributors = [
-        ...metadata.maintainers,
-        ...metadata.publishers
-    ];
-    if (metadata.author !== null) {
-        contributors.push(metadata.author);
-    }
-    const emailToAvatar = {};
-    const promises = contributors.map((contributor) => {
-        if (contributor.email && emailToAvatar[contributor.email]) {
-            contributor.npmAvatar = emailToAvatar[contributor.email];
-            return Promise.resolve();
-        }
-        return npmRegistrySDK.user(contributor.name, { perPage: 1 })
-            .then((profile) => {
-            contributor.npmAvatar = profile.avatars.small;
-            if (contributor.email && contributor.npmAvatar) {
-                emailToAvatar[contributor.email] = contributor.npmAvatar;
-            }
-        }).catch(() => {
-            contributor.npmAvatar = undefined;
-        });
-    });
-    await Promise.all(promises);
-    // back fill npmAvatar if any name property was not npm username in first pass
-    for (const contributor of contributors) {
-        if (!contributor.npmAvatar && contributor.email && emailToAvatar[contributor.email]) {
-            contributor.npmAvatar = emailToAvatar[contributor.email];
-        }
-    }
-}
-//# sourceMappingURL=npmRegistry.js.map

package/dist/npmRegistry.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"npmRegistry.js","sourceRoot":"","sources":["../src/npmRegistry.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,KAAK,cAAc,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,wBAAwB,EAAE,MAAM,kBAAkB,CAAC;AAE5D,+BAA+B;AAC/B,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAOjD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,IAAY,EACZ,OAAe,EACf,UAAe;IAEf,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,cAAc,CAAC,gBAAgB,CACtD,IAAI,EACJ,OAAO,CACR,CAAC;QAEF,MAAM,SAAS,GAAG,wBAAwB,CAAC,UAAU,EAAE;YACrD,oBAAoB,EAAE,IAAI;SAC3B,CAAC,CAAC;QACH,MAAM,CAAC,MAAM,CACX,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,EAC5B;YACE,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC;SAC5B,CACF,CAAC;QAEF,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC,OAAO,CAAC,GAAG,SAAS,CAAC;IACrD,CAAC;IACD,MAAM,CAAC;QACL,SAAS;IACX,CAAC;AACH,CAAC;AAOD,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAY,EACZ,OAAe,EACf,OAA+B;IAE/B,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IACvC,MAAM,IAAI,GAAG,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;IAElC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QAEjD,MAAM,gBAAgB,GAAG,IAAI,IAAI,EAAE,CAAC;QACpC,gBAAgB,CAAC,WAAW,CAAC,gBAAgB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QAEjE,MAAM,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC,CAAC,MAAO,CAAC;QAC7C,MAAM,YAAY,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAE,CAAC,CAAC;QACtD,MAAM,QAAQ,GAA2B;YACvC,MAAM,EAAE,GAAG,CAAC,MAAM,IAAI,IAAI;YAC1B,QAAQ,EAAE,GAAG,CAAC,QAAQ,IAAI,IAAI;YAC9B,cAAc,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,MAAM;YAClD,WAAW;YACX,YAAY;YACZ,0BAA0B,EAAE,CAAC,CAAC,gBAAgB,GAAG,YAAY,CAAC;YAC9D,iBAAiB,EAAE,KAAK;YACxB,gBAAgB,EAAE,KAAK;YACvB,WAAW,EAAE,GAAG,CAAC,WAAW,IAAI,EAAE;YAClC,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,EAAE;SACd,CAAC;QAEF,MAAM,UAAU,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QACpD,MAAM,iBAAiB,GAAG,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,iBAAkB,CAAC,KAAK,CAAC;QACvC,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,GAAG,EAAE,CAAC;QAC7B,IAAI,8BAA8B,GAAG,QAAQ,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,CAAC;QACvE,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC;YACxD,IAAI,IAAI,KAAK,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC;gBAC1C,IAAI,YAAY,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBAC3D,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBAC3B,iBAAiB,CAAC,UAAU,GAAG,GAAG,CAAC,UAAU,CAAC;gBAChD,CAAC;gBAED,QAAQ,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,wBAAwB,CACxD,GAAG,EAAE,EAAE,oBAAoB,EAAE,IAAI,EAAE,CACpC,CAAC;YACJ,CAAC;YAED,MAAM,EAAE,QAAQ,GAAG,IAAI,EAAE,OAAO,EAAE,WAAW,GAAG,EAAE,EAAE,GAAG,GAAG,CAAC;YAE3D,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;gBACtB,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,EAAE,IAAI,IAAI,IAAI,CAAC;gBACjD,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;oBACxB,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC;gBAC7B,CAAC;qBACI,IAAI,UAAU,KAAK,IAAI,IAAI,QAAQ,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBAC7D,QAAQ,CAAC,iBAAiB,GAAG,IAAI,CAAC;gBACpC,CAAC;gBAED,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;oBAC9B,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC;wBACvB,GAAG,QAAQ;wBACX,OAAO;wBACP,EAAE,EAAE,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE;qBAC9C,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,IAAI,8BAA8B,EAAE,CAAC;gBACnC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;gBAC1C,8BAA8B,GAAG,KAAK,CAAC;YACzC,CAAC;QACH,CAAC;QAED,MAAM,YAAY,CAAC,QAAQ,CAAC,CAAC;QAC7B,MAAM,CAAC,MAAM,CACX,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAE,EAC7B,EAAE,KAAK,EAAE,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAE,CAAC,EAAE,CAC5C,CAAC;QACF,UAAU,CAAC,QAAQ,GAAG,QAAQ,CAAC;IACjC,CAAC;IACD,MAAM,CAAC;QACL,SAAS;IACX,CAAC;YACO,CAAC;QACP,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1B,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,QAAgC;IAEhC,MAAM,YAAY,GAA+B;QAC/C,GAAG,QAAQ,CAAC,WAAW;QACvB,GAAG,QAAQ,CAAC,UAAU;KACvB,CAAC;IACF,IAAI,QAAQ,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;QAC7B,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IACD,MAAM,aAAa,GAA2B,EAAE,CAAC;IAEjD,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE;QAChD,IAAI,WAAW,CAAC,KAAK,IAAI,aAAa,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1D,WAAW,CAAC,SAAS,GAAG,aAAa,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YAEzD,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;aACzD,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;YAChB,WAAW,CAAC,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC;YAC9C,IAAI,WAAW,CAAC,KAAK,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;gBAC/C,aAAa,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,SAAS,CAAC;YAC3D,CAAC;QACH,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;YACZ,WAAW,CAAC,SAAS,GAAG,SAAS,CAAC;QACpC,CAAC,CAAC,CAAC;IACP,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAE5B,8EAA8E;IAC9E,KAAK,MAAM,WAAW,IAAI,YAAY,EAAE,CAAC;QACvC,IAAI,CAAC,WAAW,CAAC,SAAS,IAAI,WAAW,CAAC,KAAK,IAAI,aAAa,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YACpF,WAAW,CAAC,SAAS,GAAG,aAAa,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;AACH,CAAC"}