@nodesecure/scanner 6.7.0 → 6.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/class/TempDirectory.class.d.ts +8 -0
- package/dist/class/TempDirectory.class.d.ts.map +1 -0
- package/dist/class/TempDirectory.class.js +21 -0
- package/dist/class/TempDirectory.class.js.map +1 -0
- package/dist/depWalker.d.ts.map +1 -1
- package/dist/depWalker.js +18 -11
- package/dist/depWalker.js.map +1 -1
- package/dist/extractors/probes/NodeDependenciesExtractor.class.d.ts +14 -0
- package/dist/extractors/probes/NodeDependenciesExtractor.class.d.ts.map +1 -0
- package/dist/extractors/probes/NodeDependenciesExtractor.class.js +16 -0
- package/dist/extractors/probes/NodeDependenciesExtractor.class.js.map +1 -0
- package/dist/extractors/probes/index.d.ts +1 -0
- package/dist/extractors/probes/index.d.ts.map +1 -1
- package/dist/extractors/probes/index.js +1 -0
- package/dist/extractors/probes/index.js.map +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +7 -6
- package/dist/index.js.map +1 -1
- package/package.json +7 -6
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"TempDirectory.class.d.ts","sourceRoot":"","sources":["../../src/class/TempDirectory.class.ts"],"names":[],"mappings":"AAKA,qBAAa,aAAa;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,EAAE,EAAE,MAAM,CAAC;gBAGT,QAAQ,EAAE,MAAM,EAChB,EAAE,EAAE,MAAM;WAMC,MAAM;IAWb,KAAK;CAQZ"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
// Import Node.js Dependencies
|
|
2
|
+
import fs from "node:fs/promises";
|
|
3
|
+
import path from "node:path";
|
|
4
|
+
import os from "node:os";
|
|
5
|
+
export class TempDirectory {
|
|
6
|
+
location;
|
|
7
|
+
id;
|
|
8
|
+
constructor(location, id) {
|
|
9
|
+
this.location = location;
|
|
10
|
+
this.id = id;
|
|
11
|
+
}
|
|
12
|
+
static async create() {
|
|
13
|
+
const location = await fs.mkdtemp(path.join(os.tmpdir(), "/"));
|
|
14
|
+
return new TempDirectory(location, location.slice(-6));
|
|
15
|
+
}
|
|
16
|
+
async clear() {
|
|
17
|
+
await fs.rm(this.location, { recursive: true, force: true });
|
|
18
|
+
return this;
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=TempDirectory.class.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"TempDirectory.class.js","sourceRoot":"","sources":["../../src/class/TempDirectory.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,MAAM,OAAO,aAAa;IACxB,QAAQ,CAAS;IACjB,EAAE,CAAS;IAEX,YACE,QAAgB,EAChB,EAAU;QAEV,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAM;QACjB,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,OAAO,CAC/B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,CAC5B,CAAC;QAEF,OAAO,IAAI,aAAa,CACtB,QAAQ,EACR,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CACnB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,EAAE,CAAC,EAAE,CACT,IAAI,CAAC,QAAQ,EACb,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CACjC,CAAC;QAEF,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
|
package/dist/depWalker.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"depWalker.d.ts","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"depWalker.d.ts","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAW1E,OAAO,EAAE,MAAM,EAAuB,MAAM,yBAAyB,CAAC;AACtE,OAAO,KAAK,EAGV,OAAO,EACP,OAAO,EACR,MAAM,YAAY,CAAC;AA4CpB,KAAK,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,CAAC;AAEF,wBAAsB,SAAS,CAC7B,QAAQ,EAAE,WAAW,GAAG,eAAe,EACvC,OAAO,EAAE,aAAa,EACtB,MAAM,SAAe,GACpB,OAAO,CAAC,OAAO,CAAC,CA6MlB"}
|
package/dist/depWalker.js
CHANGED
|
@@ -1,17 +1,18 @@
|
|
|
1
1
|
// Import Node.js Dependencies
|
|
2
2
|
import path from "node:path";
|
|
3
|
-
import { readFileSync
|
|
3
|
+
import { readFileSync } from "node:fs";
|
|
4
4
|
import timers from "node:timers/promises";
|
|
5
|
-
import os from "node:os";
|
|
6
5
|
// Import Third-party Dependencies
|
|
7
6
|
import { Mutex, MutexRelease } from "@openally/mutex";
|
|
8
|
-
import { scanDirOrArchive } from "@nodesecure/tarball";
|
|
7
|
+
import { extractAndResolve, scanDirOrArchive } from "@nodesecure/tarball";
|
|
9
8
|
import * as Vulnera from "@nodesecure/vulnera";
|
|
10
9
|
import { npm } from "@nodesecure/tree-walker";
|
|
11
10
|
import { parseAuthor } from "@nodesecure/utils";
|
|
11
|
+
import { ManifestManager } from "@nodesecure/mama";
|
|
12
12
|
// Import Internal Dependencies
|
|
13
13
|
import { getDependenciesWarnings, addMissingVersionFlags, getUsedDeps, getManifestLinks } from "./utils/index.js";
|
|
14
14
|
import { packageMetadata, manifestMetadata } from "./npmRegistry.js";
|
|
15
|
+
import { TempDirectory } from "./class/TempDirectory.class.js";
|
|
15
16
|
import { Logger, ScannerLoggerEvents } from "./class/logger.class.js";
|
|
16
17
|
// CONSTANTS
|
|
17
18
|
const kDefaultDependencyVersionFields = {
|
|
@@ -50,10 +51,9 @@ const kDefaultDependencyMetadata = {
|
|
|
50
51
|
const { version: packageVersion } = JSON.parse(readFileSync(new URL(path.join("..", "package.json"), import.meta.url), "utf-8"));
|
|
51
52
|
export async function depWalker(manifest, options, logger = new Logger()) {
|
|
52
53
|
const { scanRootNode = false, includeDevDeps = false, packageLock, maxDepth, location, vulnerabilityStrategy = Vulnera.strategies.NONE, registry } = options;
|
|
53
|
-
|
|
54
|
-
const tmpLocation = await fs.mkdtemp(path.join(os.tmpdir(), "/"));
|
|
54
|
+
const tempDir = await TempDirectory.create();
|
|
55
55
|
const payload = {
|
|
56
|
-
id:
|
|
56
|
+
id: tempDir.id,
|
|
57
57
|
rootDependencyName: manifest.name,
|
|
58
58
|
scannerVersion: packageVersion,
|
|
59
59
|
vulnerabilityStrategy,
|
|
@@ -124,10 +124,10 @@ export async function depWalker(manifest, options, logger = new Logger()) {
|
|
|
124
124
|
const scanDirOptions = {
|
|
125
125
|
ref: dependency.versions[version],
|
|
126
126
|
location,
|
|
127
|
-
|
|
127
|
+
isRootNode: scanRootNode && name === manifest.name,
|
|
128
128
|
registry
|
|
129
129
|
};
|
|
130
|
-
operationsQueue.push(scanDirOrArchiveEx(name, version, locker, scanDirOptions));
|
|
130
|
+
operationsQueue.push(scanDirOrArchiveEx(name, version, locker, tempDir, scanDirOptions));
|
|
131
131
|
}
|
|
132
132
|
logger.end(ScannerLoggerEvents.analysis.tree);
|
|
133
133
|
await Promise.allSettled(operationsQueue);
|
|
@@ -201,15 +201,22 @@ export async function depWalker(manifest, options, logger = new Logger()) {
|
|
|
201
201
|
}
|
|
202
202
|
finally {
|
|
203
203
|
await timers.setImmediate();
|
|
204
|
-
await
|
|
204
|
+
await tempDir.clear();
|
|
205
205
|
logger.emit(ScannerLoggerEvents.done);
|
|
206
206
|
}
|
|
207
207
|
}
|
|
208
208
|
// eslint-disable-next-line max-params
|
|
209
|
-
async function scanDirOrArchiveEx(name, version, locker, options) {
|
|
209
|
+
async function scanDirOrArchiveEx(name, version, locker, tempDir, options) {
|
|
210
210
|
const free = await locker.acquire();
|
|
211
211
|
try {
|
|
212
|
-
|
|
212
|
+
const { registry, location = process.cwd(), isRootNode, ref } = options;
|
|
213
|
+
const mama = await (isRootNode ?
|
|
214
|
+
ManifestManager.fromPackageJSON(location) :
|
|
215
|
+
extractAndResolve(tempDir.location, {
|
|
216
|
+
spec: `${name}@${version}`,
|
|
217
|
+
registry
|
|
218
|
+
}));
|
|
219
|
+
await scanDirOrArchive(mama, ref);
|
|
213
220
|
}
|
|
214
221
|
catch {
|
|
215
222
|
// ignore
|
package/dist/depWalker.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"depWalker.js","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,
|
|
1
|
+
{"version":3,"file":"depWalker.js","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,MAAM,MAAM,sBAAsB,CAAC;AAE1C,kCAAkC;AAClC,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAGnD,+BAA+B;AAC/B,OAAO,EACL,uBAAuB,EACvB,sBAAsB,EACtB,WAAW,EACX,gBAAgB,EACjB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAQtE,YAAY;AACZ,MAAM,+BAA+B,GAAG;IACtC,WAAW,EAAE,EAAE;IACf,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAE;IACX,OAAO,EAAE,EAAE;IACX,QAAQ,EAAE,EAAE;IACZ,gBAAgB,EAAE,EAAE;IACpB,WAAW,EAAE;QACX,UAAU,EAAE,EAAE;QACd,KAAK,EAAE,EAAE;QACT,QAAQ,EAAE,EAAE;QACZ,MAAM,EAAE,EAAE;QACV,OAAO,EAAE,EAAE;QACX,cAAc,EAAE,EAAE;QAClB,eAAe,EAAE,EAAE;QACnB,mBAAmB,EAAE,EAAE;QACvB,gBAAgB,EAAE,EAAE;KACrB;CACF,CAAC;AACF,MAAM,0BAA0B,GAA2B;IACzD,cAAc,EAAE,CAAC;IACjB,YAAY,EAAE,IAAI,IAAI,EAAE;IACxB,WAAW,EAAE,KAAK;IAClB,gBAAgB,EAAE,KAAK;IACvB,iBAAiB,EAAE,KAAK;IACxB,0BAA0B,EAAE,IAAI;IAChC,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,IAAI;IACZ,UAAU,EAAE,EAAE;IACd,WAAW,EAAE,EAAE;IACf,SAAS,EAAE,EAAE;CACd,CAAC;AAEF,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAC5C,YAAY,CACV,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EACzD,OAAO,CACR,CACF,CAAC;AAOF,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,QAAuC,EACvC,OAAsB,EACtB,MAAM,GAAG,IAAI,MAAM,EAAE;IAErB,MAAM,EACJ,YAAY,GAAG,KAAK,EACpB,cAAc,GAAG,KAAK,EACtB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,qBAAqB,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,EAC/C,QAAQ,EACT,GAAG,OAAO,CAAC;IAEZ,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,CAAC;IAE7C,MAAM,OAAO,GAAqB;QAChC,EAAE,EAAE,OAAO,CAAC,EAAE;QACd,kBAAkB,EAAE,QAAQ,CAAC,IAAI;QACjC,cAAc,EAAE,cAAc;QAC9B,qBAAqB;QACrB,QAAQ,EAAE,EAAE;KACb,CAAC;IAEF,MAAM,YAAY,GAA4B,IAAI,GAAG,EAAE,CAAC;IACxD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC;QACvC,QAAQ;KACT,CAAC,CAAC;IACH,CAAC;QACC,MAAM;aACH,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC;aACxC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC;aAC3C,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,uBAAuB,GAAG,IAAI,GAAG,EAAU,CAAC;QAClD,MAAM,eAAe,GAAoB,EAAE,CAAC;QAE5C,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QAC7C,MAAM,CAAC,EAAE,CACP,YAAY,EACZ,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC,CACxD,CAAC;QAEF,MAAM,eAAe,GAAoB;YACvC,QAAQ;YACR,cAAc;YACd,WAAW;SACZ,CAAC;QACF,IAAI,KAAK,EAAE,MAAM,OAAO,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,EAAE,CAAC;YAC1E,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,CAAC;YACrD,MAAM,UAAU,GAAe;gBAC7B,QAAQ,EAAE;oBACR,CAAC,OAAO,CAAC,EAAE;wBACT,GAAG,cAAc;wBACjB,GAAG,eAAe,CAAC,+BAA+B,CAAC;qBACpD;iBACF;gBACD,eAAe,EAAE,EAAE;gBACnB,QAAQ,EAAE,eAAe,CAAC,0BAA0B,CAAC;aACtD,CAAC;YAEF,IAAI,qBAAqB,GAAG,IAAI,CAAC;YACjC,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3B,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,IAAI,CAAE,CAAC;gBACpC,eAAe,CAAC,IAAI,CAClB,gBAAgB,CAAC,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,CACrC,CAAC;gBAEF,IAAI,OAAO,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;oBAC5B,kDAAkD;oBAClD,uEAAuE;oBACvE,qBAAqB,GAAG,KAAK,CAAC;gBAChC,CAAC;qBACI,CAAC;oBACJ,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBACvD,CAAC;YACH,CAAC;iBACI,CAAC;gBACJ,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;YACrC,CAAC;YAED,uDAAuD;YACvD,IAAI,OAAO,CAAC,eAAe,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBACtD,SAAS;YACX,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAE/C,6EAA6E;YAC7E,IAAI,uBAAuB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC;gBACxE,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACrD,CAAC;iBACI,CAAC;gBACJ,uBAAuB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAClC,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,OAAO,EAAE;oBAClD,UAAU;oBACV,MAAM;iBACP,CAAC,CAAC,CAAC;YACN,CAAC;YAED,MAAM,cAAc,GAAG;gBACrB,GAAG,EAAE,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAQ;gBACxC,QAAQ;gBACR,UAAU,EAAE,YAAY,IAAI,IAAI,KAAK,QAAQ,CAAC,IAAI;gBAClD,QAAQ;aACT,CAAC;YACF,eAAe,CAAC,IAAI,CAClB,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,CAAC,CACnE,CAAC;QACJ,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;QAC1C,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;QAE5B,MAAM;aACH,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC;aACzC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChD,CAAC;IAED,MAAM,EAAE,0BAA0B,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,WAAW,CAClE,qBAAqB,CACtB,CAAC;IAEF,MAAM,gBAAgB,GAAG,CAAC,QAAQ,KAAK,iBAAiB,IAAI,QAAQ,KAAK,MAAM,CAAC;WAC3E,OAAO,QAAQ,KAAK,WAAW,CAAC;IACrC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,MAAM,0BAA0B,CAAC,YAAmB,EAAE;YACpD,iBAAiB,EAAE,IAAI;YACvB,IAAI,EAAE,QAAQ;SACf,CAAC,CAAC;IACL,CAAC;IAED,OAAO,CAAC,qBAAqB,GAAG,QAAQ,CAAC;IAEzC,sFAAsF;IACtF,6EAA6E;IAC7E,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,KAAK,MAAM,CAAC,WAAW,EAAE,UAAU,CAAC,IAAI,YAAY,EAAE,CAAC;QACrD,MAAM,mBAAmB,GAAG,UAAU,CAAC,QAAQ,EAAE,SAAS,IAAI,EAAE,CAAC;QAEjE,KAAK,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC;YACvE,MAAM,aAAa,GAAG,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAsB,CAAC;YAExE,aAAa;YACb,MAAM,cAAc,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;YAClG,IAAI,cAAc,EAAE,CAAC;gBACnB,cAAc,CAAC,IAAI,CAAC,GAAG,WAAW,IAAI,OAAO,oCAAoC,CAAC,CAAC;YACrF,CAAC;YAED,IAAI,CAAC,CAAC,WAAW,IAAI,aAAa,CAAC,IAAI,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7E,SAAS;YACX,CAAC;YAED,IAAI,aAAa,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;gBAC1C,cAAc,CAAC,IAAI,CAAC,GAAG,WAAW,IAAI,OAAO,8CAA8C,CAAC,CAAC;YAC/F,CAAC;QACH,CAAC;QACD,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1D,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,GAAG,OAAsC,CAAC;YACvE,aAAa,CAAC,KAAK,CAAC,IAAI,CACtB,GAAG,sBAAsB,CAAC,IAAI,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,CACpE,CAAC;YAEF,IAAI,eAAe,CAAC,aAAa,EAAE,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC;gBAC1D,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE;oBACjC,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;oBACpC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;iBAC5B,CAAC,CAAC;gBAEH,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE;oBAC3B,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;oBACpC,KAAK,EAAE,gBAAgB,CAAC,QAAQ,CAAC;oBACjC,UAAU,EAAE,QAAQ,CAAC,UAAU;iBAChC,CAAC,CAAC;YACL,CAAC;YAED,MAAM,QAAQ,GAAG,aAAa,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,WAAW,IAAI,MAAM,EAAE,CAAC,IAAI,IAAI,GAAG,EAAE,CAAC;YACzF,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACxB,SAAS;YACX,CAAC;YAED,MAAM,MAAM,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC3D,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACpD,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC;YACzB,CAAC;YACD,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,MAAM,uBAAuB,CAC7D,YAAY,EACZ,OAAO,CAAC,SAAS,EAAE,QAAQ,CAC5B,CAAC;QACF,OAAO,CAAC,QAAQ,GAAG,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACnD,OAAO,CAAC,WAAW,GAAG;YACpB,QAAQ,EAAE,WAAW;SACtB,CAAC;QACF,OAAO,CAAC,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QAExD,OAAO,OAAkB,CAAC;IAC5B,CAAC;YACO,CAAC;QACP,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;QAC5B,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;QAEtB,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;IACxC,CAAC;AACH,CAAC;AAED,sCAAsC;AACtC,KAAK,UAAU,kBAAkB,CAC/B,IAAY,EACZ,OAAe,EACf,MAAa,EACb,OAAsB,EACtB,OAKC;IAED,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,OAAO,EAAE,CAAC;IAEpC,IAAI,CAAC;QACH,MAAM,EACJ,QAAQ,EACR,QAAQ,GAAG,OAAO,CAAC,GAAG,EAAE,EACxB,UAAU,EACV,GAAG,EACJ,GAAG,OAAO,CAAC;QAEZ,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;YAC9B,eAAe,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC3C,iBAAiB,CAAC,OAAO,CAAC,QAAQ,EAAE;gBAClC,IAAI,EAAE,GAAG,IAAI,IAAI,OAAO,EAAE;gBAC1B,QAAQ;aACT,CAAC,CACH,CAAC;QAEF,MAAM,gBAAgB,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,CAAC;QACL,SAAS;IACX,CAAC;YACO,CAAC;QACP,IAAI,EAAE,CAAC;IACT,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CACtB,aAAgC,EAChC,QAAuC,EACvC,WAAmB;IAEnB,OAAO,aAAa,CAAC,qBAAqB,KAAK,KAAK,IAAI,WAAW,KAAK,QAAQ,CAAC,IAAI,CAAC;AACxF,CAAC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import type { ManifestProbeExtractor } from "../payload.js";
|
|
2
|
+
import type { DependencyVersion } from "../../types.js";
|
|
3
|
+
export type NodeDependenciesResult = {
|
|
4
|
+
nodeDeps: string[];
|
|
5
|
+
};
|
|
6
|
+
export declare class NodeDependencies implements ManifestProbeExtractor<NodeDependenciesResult> {
|
|
7
|
+
#private;
|
|
8
|
+
level: "manifest";
|
|
9
|
+
next(_: string, version: DependencyVersion): void;
|
|
10
|
+
done(): {
|
|
11
|
+
nodeDeps: string[];
|
|
12
|
+
};
|
|
13
|
+
}
|
|
14
|
+
//# sourceMappingURL=NodeDependenciesExtractor.class.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NodeDependenciesExtractor.class.d.ts","sourceRoot":"","sources":["../../../src/extractors/probes/NodeDependenciesExtractor.class.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,sBAAsB,EACvB,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AAExD,MAAM,MAAM,sBAAsB,GAAG;IACnC,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB,CAAC;AAEF,qBAAa,gBAAiB,YAAW,sBAAsB,CAAC,sBAAsB,CAAC;;IACrF,KAAK,EAAG,UAAU,CAAU;IAI5B,IAAI,CACF,CAAC,EAAE,MAAM,EACT,OAAO,EAAE,iBAAiB;IAS5B,IAAI;;;CAKL"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
export class NodeDependencies {
|
|
2
|
+
level = "manifest";
|
|
3
|
+
#nodeDeps = new Set();
|
|
4
|
+
next(_, version) {
|
|
5
|
+
const { composition } = version;
|
|
6
|
+
composition.required_nodejs.forEach((dep) => {
|
|
7
|
+
this.#nodeDeps.add(dep);
|
|
8
|
+
});
|
|
9
|
+
}
|
|
10
|
+
done() {
|
|
11
|
+
return {
|
|
12
|
+
nodeDeps: [...this.#nodeDeps]
|
|
13
|
+
};
|
|
14
|
+
}
|
|
15
|
+
}
|
|
16
|
+
//# sourceMappingURL=NodeDependenciesExtractor.class.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NodeDependenciesExtractor.class.js","sourceRoot":"","sources":["../../../src/extractors/probes/NodeDependenciesExtractor.class.ts"],"names":[],"mappings":"AAWA,MAAM,OAAO,gBAAgB;IAC3B,KAAK,GAAG,UAAmB,CAAC;IAE5B,SAAS,GAAG,IAAI,GAAG,EAAU,CAAC;IAE9B,IAAI,CACF,CAAS,EACT,OAA0B;QAE1B,MAAM,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;QAEhC,WAAW,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC1C,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC1B,CAAC,CAAC,CAAC;IACL,CAAC;IAED,IAAI;QACF,OAAO;YACL,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC;SAC9B,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -5,4 +5,5 @@ export * from "./WarningsExtractor.class.js";
|
|
|
5
5
|
export * from "./VulnerabilitiesExtractor.class.js";
|
|
6
6
|
export * from "./FlagsExtractor.class.js";
|
|
7
7
|
export * from "./ExtensionsExtractor.class.js";
|
|
8
|
+
export * from "./NodeDependenciesExtractor.class.js";
|
|
8
9
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/extractors/probes/index.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC;AACzC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,qCAAqC,CAAC;AACpD,cAAc,2BAA2B,CAAC;AAC1C,cAAc,gCAAgC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/extractors/probes/index.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC;AACzC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,qCAAqC,CAAC;AACpD,cAAc,2BAA2B,CAAC;AAC1C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,sCAAsC,CAAC"}
|
|
@@ -5,4 +5,5 @@ export * from "./WarningsExtractor.class.js";
|
|
|
5
5
|
export * from "./VulnerabilitiesExtractor.class.js";
|
|
6
6
|
export * from "./FlagsExtractor.class.js";
|
|
7
7
|
export * from "./ExtensionsExtractor.class.js";
|
|
8
|
+
export * from "./NodeDependenciesExtractor.class.js";
|
|
8
9
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/extractors/probes/index.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC;AACzC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,qCAAqC,CAAC;AACpD,cAAc,2BAA2B,CAAC;AAC1C,cAAc,gCAAgC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/extractors/probes/index.ts"],"names":[],"mappings":"AAAA,cAAc,0BAA0B,CAAC;AACzC,cAAc,8BAA8B,CAAC;AAC7C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,qCAAqC,CAAC;AACpD,cAAc,2BAA2B,CAAC;AAC1C,cAAc,gCAAgC,CAAC;AAC/C,cAAc,sCAAsC,CAAC"}
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAI/C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAI/C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAEtE,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAS1C,cAAc,YAAY,CAAC;AAC3B,cAAc,uBAAuB,CAAC;AAEtC,wBAAsB,GAAG,CACvB,QAAQ,SAAgB,EACxB,OAAO,GAAE,OAAY,EACrB,MAAM,SAAe,yCAyBtB;AAED,wBAAsB,IAAI,CACxB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,IAAI,CAAC,OAAO,EAAE,gBAAgB,CAAM,EAC7C,MAAM,SAAe,yCAkBtB;AAED,wBAAsB,MAAM,CAC1B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAoBvC;AAED,OAAO,EACL,SAAS,EACT,OAAO,EACP,eAAe,EACf,MAAM,EACN,mBAAmB,EACpB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -11,6 +11,7 @@ import * as tarball from "@nodesecure/tarball";
|
|
|
11
11
|
import { depWalker } from "./depWalker.js";
|
|
12
12
|
import { NPM_TOKEN, urlToString } from "./utils/index.js";
|
|
13
13
|
import { Logger, ScannerLoggerEvents } from "./class/logger.class.js";
|
|
14
|
+
import { TempDirectory } from "./class/TempDirectory.class.js";
|
|
14
15
|
import { comparePayloads } from "./comparePayloads.js";
|
|
15
16
|
// CONSTANTS
|
|
16
17
|
const kDefaultCwdOptions = {
|
|
@@ -51,18 +52,18 @@ export async function verify(packageName) {
|
|
|
51
52
|
if (typeof packageName === "undefined") {
|
|
52
53
|
return tarball.scanPackage(process.cwd());
|
|
53
54
|
}
|
|
54
|
-
const
|
|
55
|
-
const dest = path.join(tmpLocation, packageName);
|
|
55
|
+
const tempDir = await TempDirectory.create();
|
|
56
56
|
try {
|
|
57
|
-
await
|
|
58
|
-
|
|
57
|
+
const mama = await tarball.extractAndResolve(tempDir.location, {
|
|
58
|
+
spec: packageName,
|
|
59
|
+
registry: getLocalRegistryURL()
|
|
59
60
|
});
|
|
60
|
-
const scanResult = await tarball.scanPackage(
|
|
61
|
+
const scanResult = await tarball.scanPackage(mama);
|
|
61
62
|
return scanResult;
|
|
62
63
|
}
|
|
63
64
|
finally {
|
|
64
65
|
await timers.setImmediate();
|
|
65
|
-
await
|
|
66
|
+
await tempDir.clear();
|
|
66
67
|
}
|
|
67
68
|
}
|
|
68
69
|
export { depWalker, tarball, comparePayloads, Logger, ScannerLoggerEvents };
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,MAAM,MAAM,sBAAsB,CAAC;AAC1C,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAG/C,+BAA+B;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAGvD,YAAY;AACZ,MAAM,kBAAkB,GAAG;IACzB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,IAAI;IACpB,cAAc,EAAE,KAAK;CACtB,CAAC;AAEF,cAAc,YAAY,CAAC;AAC3B,cAAc,uBAAuB,CAAC;AAEtC,MAAM,CAAC,KAAK,UAAU,GAAG,CACvB,QAAQ,GAAG,OAAO,CAAC,GAAG,EAAE,EACxB,UAAmB,EAAE,EACrB,MAAM,GAAG,IAAI,MAAM,EAAE;IAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/B,mBAAmB,EAAE,CAAC;IAExB,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CACpC,EAAE,QAAQ,EAAE,EACZ,kBAAkB,EAClB;QACE,GAAG,OAAO;QACV,QAAQ;KACT,CACF,CAAC;IAEF,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAE9C,OAAO,SAAS,CACd,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,EAC9B,gBAAgB,EAChB,MAAM,CACP,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CACxB,WAAmB,EACnB,UAA2C,EAAE,EAC7C,MAAM,GAAG,IAAI,MAAM,EAAE;IAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/B,mBAAmB,EAAE,CAAC;IAExB,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE;QAClD,GAAG,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;KACtD,CAAC,CAAC;IACH,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE/C,OAAO,SAAS;IACd,wDAAwD;IACxD,QAAsC,EACtC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EACpC,MAAM,CACP,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,WAAoB;IAEpB,IAAI,OAAO,WAAW,KAAK,WAAW,EAAE,CAAC;QACvC,OAAO,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,MAAM,MAAM,sBAAsB,CAAC;AAC1C,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAG/C,+BAA+B;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAGvD,YAAY;AACZ,MAAM,kBAAkB,GAAG;IACzB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,IAAI;IACpB,cAAc,EAAE,KAAK;CACtB,CAAC;AAEF,cAAc,YAAY,CAAC;AAC3B,cAAc,uBAAuB,CAAC;AAEtC,MAAM,CAAC,KAAK,UAAU,GAAG,CACvB,QAAQ,GAAG,OAAO,CAAC,GAAG,EAAE,EACxB,UAAmB,EAAE,EACrB,MAAM,GAAG,IAAI,MAAM,EAAE;IAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/B,mBAAmB,EAAE,CAAC;IAExB,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CACpC,EAAE,QAAQ,EAAE,EACZ,kBAAkB,EAClB;QACE,GAAG,OAAO;QACV,QAAQ;KACT,CACF,CAAC;IAEF,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAE9C,OAAO,SAAS,CACd,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,EAC9B,gBAAgB,EAChB,MAAM,CACP,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,IAAI,CACxB,WAAmB,EACnB,UAA2C,EAAE,EAC7C,MAAM,GAAG,IAAI,MAAM,EAAE;IAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/B,mBAAmB,EAAE,CAAC;IAExB,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE;QAClD,GAAG,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;KACtD,CAAC,CAAC;IACH,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE/C,OAAO,SAAS;IACd,wDAAwD;IACxD,QAAsC,EACtC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EACpC,MAAM,CACP,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,WAAoB;IAEpB,IAAI,OAAO,WAAW,KAAK,WAAW,EAAE,CAAC;QACvC,OAAO,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,MAAM,EAAE,CAAC;IAE7C,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,iBAAiB,CAAC,OAAO,CAAC,QAAQ,EAAE;YAC7D,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,mBAAmB,EAAE;SAChC,CAAC,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAEnD,OAAO,UAAU,CAAC;IACpB,CAAC;YACO,CAAC;QACP,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;QAC5B,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC;IACxB,CAAC;AACH,CAAC;AAED,OAAO,EACL,SAAS,EACT,OAAO,EACP,eAAe,EACf,MAAM,EACN,mBAAmB,EACpB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nodesecure/scanner",
|
|
3
|
-
"version": "6.
|
|
3
|
+
"version": "6.9.0",
|
|
4
4
|
"description": "A package API to run a static analysis of your module's dependencies.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": "./dist/index.js",
|
|
@@ -53,13 +53,14 @@
|
|
|
53
53
|
"@nodesecure/contact": "^2.0.0",
|
|
54
54
|
"@nodesecure/flags": "^3.0.3",
|
|
55
55
|
"@nodesecure/i18n": "^4.0.1",
|
|
56
|
-
"@nodesecure/js-x-ray": "^
|
|
57
|
-
"@nodesecure/mama": "^1.
|
|
56
|
+
"@nodesecure/js-x-ray": "^9.0.0",
|
|
57
|
+
"@nodesecure/mama": "^1.6.0",
|
|
58
58
|
"@nodesecure/npm-registry-sdk": "^3.0.0",
|
|
59
59
|
"@nodesecure/npm-types": "^1.2.0",
|
|
60
|
-
"@nodesecure/rc": "^
|
|
61
|
-
"@nodesecure/tarball": "^
|
|
60
|
+
"@nodesecure/rc": "^5.0.0",
|
|
61
|
+
"@nodesecure/tarball": "^2.0.0",
|
|
62
62
|
"@nodesecure/tree-walker": "^1.3.0",
|
|
63
|
+
"@nodesecure/utils": "^2.3.0",
|
|
63
64
|
"@nodesecure/vulnera": "^2.0.1",
|
|
64
65
|
"@openally/mutex": "^1.0.0",
|
|
65
66
|
"frequency-set": "^1.0.2",
|
|
@@ -68,7 +69,7 @@
|
|
|
68
69
|
"type-fest": "^4.41.0"
|
|
69
70
|
},
|
|
70
71
|
"devDependencies": {
|
|
71
|
-
"@types/node": "^
|
|
72
|
+
"@types/node": "^24.0.2",
|
|
72
73
|
"c8": "^10.1.3",
|
|
73
74
|
"tsx": "^4.19.4",
|
|
74
75
|
"typescript": "^5.8.3"
|