@nodesecure/scanner 7.2.0 → 8.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/comparePayloads.js +5 -5
- package/dist/comparePayloads.js.map +1 -1
- package/dist/depWalker.d.ts.map +1 -1
- package/dist/depWalker.js +33 -6
- package/dist/depWalker.js.map +1 -1
- package/dist/extractors/payload.d.ts +6 -2
- package/dist/extractors/payload.d.ts.map +1 -1
- package/dist/extractors/payload.js +15 -3
- package/dist/extractors/payload.js.map +1 -1
- package/dist/index.d.ts +6 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -1
- package/dist/index.js.map +1 -1
- package/dist/types.d.ts +17 -3
- package/dist/types.d.ts.map +1 -1
- package/package.json +16 -6
package/dist/comparePayloads.js
CHANGED
|
@@ -3,13 +3,13 @@ export function comparePayloads(payload, comparedPayload) {
|
|
|
3
3
|
if (payload.id === comparedPayload.id) {
|
|
4
4
|
throw new Error(`You try to compare two payloads with the same id '${payload.id}'`);
|
|
5
5
|
}
|
|
6
|
-
if (payload.
|
|
7
|
-
throw new Error(`You can't compare different package payloads '${payload.
|
|
6
|
+
if (payload.rootDependency.name !== comparedPayload.rootDependency.name) {
|
|
7
|
+
throw new Error(`You can't compare different package payloads '${payload.rootDependency.name}' and '${comparedPayload.rootDependency.name}'`);
|
|
8
8
|
}
|
|
9
|
-
const givenVersion =
|
|
10
|
-
const comparedVersion =
|
|
9
|
+
const givenVersion = payload.rootDependency.version;
|
|
10
|
+
const comparedVersion = comparedPayload.rootDependency.version;
|
|
11
11
|
return {
|
|
12
|
-
title: `'${payload.
|
|
12
|
+
title: `'${payload.rootDependency.name}@${givenVersion}' -> '${comparedPayload.rootDependency.name}@${comparedVersion}'`,
|
|
13
13
|
warnings: arrayDiff(payload.warnings, comparedPayload.warnings),
|
|
14
14
|
scannerVersion: compareValues(payload.scannerVersion, comparedPayload.scannerVersion),
|
|
15
15
|
vulnerabilityStrategy: compareValues(payload.vulnerabilityStrategy, comparedPayload.vulnerabilityStrategy),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"comparePayloads.js","sourceRoot":"","sources":["../src/comparePayloads.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAoF/C,MAAM,UAAU,eAAe,CAC7B,OAAgB,EAChB,eAAwB;IAExB,IAAI,OAAO,CAAC,EAAE,KAAK,eAAe,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CACb,qDAAqD,OAAO,CAAC,EAAE,GAAG,CACnE,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,
|
|
1
|
+
{"version":3,"file":"comparePayloads.js","sourceRoot":"","sources":["../src/comparePayloads.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAoF/C,MAAM,UAAU,eAAe,CAC7B,OAAgB,EAChB,eAAwB;IAExB,IAAI,OAAO,CAAC,EAAE,KAAK,eAAe,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CACb,qDAAqD,OAAO,CAAC,EAAE,GAAG,CACnE,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,cAAc,CAAC,IAAI,KAAK,eAAe,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QACxE,MAAM,IAAI,KAAK,CACb,iDAAiD,OAAO,CAAC,cAAc,CAAC,IAAI,UAAU,eAAe,CAAC,cAAc,CAAC,IAAI,GAAG,CAC7H,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC;IACpD,MAAM,eAAe,GAAG,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC;IAE/D,OAAO;QACL,KAAK,EAAE,IAAI,OAAO,CAAC,cAAc,CAAC,IAAI,IAAI,YAAY,SAAS,eAAe,CAAC,cAAc,CAAC,IAAI,IAAI,eAAe,GAAG;QACxH,QAAQ,EAAE,SAAS,CACjB,OAAO,CAAC,QAAQ,EAChB,eAAe,CAAC,QAAQ,CACzB;QACD,cAAc,EAAE,aAAa,CAC3B,OAAO,CAAC,cAAc,EACtB,eAAe,CAAC,cAAc,CAC/B;QACD,qBAAqB,EAAE,aAAa,CAClC,OAAO,CAAC,qBAAqB,EAC7B,eAAe,CAAC,qBAAqB,CACtC;QACD,YAAY,EAAE,mBAAmB,CAC/B,OAAO,CAAC,YAAY,EACpB,eAAe,CAAC,YAAY,CAC7B;KACF,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAC1B,QAAsB,EACtB,SAAuB;IAEvB,MAAM,EACJ,UAAU,EACV,GAAG,YAAY,EAChB,GAAG,gBAAgB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAE1C,MAAM,oBAAoB,GAAG,IAAI,GAAG,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,IAAI,UAAU,EAAE,CAAC;QACpD,MAAM,IAAI,GAAG;YACX,UAAU,EAAE,uBAAuB,CAAC,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAC,UAAU,EAAE,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC;YACrG,WAAW,EAAE,uBAAuB,CAAC,MAAM,EAAE,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC;YACxG,QAAQ,EAAE,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC;YAC7D,eAAe,EAAE,uBAAuB,CAAC,IAAI,EAAE,GAAG,CAAC,eAAe,EAAE,WAAW,CAAC,eAAe,CAAC;SACjG,CAAC;QAEF,oBAAoB,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACvC,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,oBAAoB,EAAE,GAAG,YAAY,EAAE,CAAC;AAC7D,CAAC;AAED,SAAS,eAAe,CACtB,QAA2C,EAC3C,SAA4C;IAE5C,MAAM,EAAE,UAAU,EAAE,GAAG,QAAQ,EAAE,GAAG,gBAAgB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAE1E,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAuC,CAAC;IACxE,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC,IAAI,UAAU,EAAE,CAAC;QAC5D,MAAM,IAAI,GAAgC;YACxC,EAAE,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,EAAE,eAAe,CAAC,EAAE,CAAC;YACjD,IAAI,EAAE,aAAa,CAAC,OAAO,CAAC,IAAI,EAAE,eAAe,CAAC,IAAI,CAAC;YACvD,MAAM,EAAE,oBAAoB,CAAC,OAAO,CAAC,MAAM,EAAE,eAAe,CAAC,MAAM,CAAC;YACpE,eAAe,EAAE,aAAa,CAAC,OAAO,CAAC,eAAe,EAAE,eAAe,CAAC,eAAe,CAAC;YACxF,qBAAqB,EAAE,aAAa,CAAC,OAAO,CAAC,qBAAqB,EAAE,eAAe,CAAC,qBAAqB,CAAC;YAC1G,WAAW,EAAE,aAAa,CAAC,OAAO,CAAC,WAAW,EAAE,eAAe,CAAC,WAAW,CAAC;YAC5E,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;YAC1H,aAAa;YACb,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC;YACvE,wGAAwG;YACxG,UAAU,EAAE,cAAc,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,eAAe,CAAC,UAAU,CAAC;mBAC7E,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,UAAU,EAAE,eAAe,CAAC,UAAU,CAAC;YAC1E,OAAO,EAAE,oBAAoB,CAAC,OAAO,CAAC,OAAO,EAAE,eAAe,CAAC,OAAO,CAAC;YACvE,QAAQ,EAAE,SAAS,CAAC,OAAO,CAAC,QAAQ,EAAE,eAAe,CAAC,QAAQ,CAAC;YAC/D,WAAW,EAAE,kBAAkB,CAAC,OAAO,CAAC,WAAW,EAAE,eAAe,CAAC,WAAW,CAAC;YACjF,gBAAgB,EAAE,SAAS,CAAC,OAAO,CAAC,gBAAgB,EAAE,eAAe,CAAC,gBAAgB,CAAC;YACvF,KAAK,EAAE,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC;YACtD,KAAK,EAAE,aAAa,CAAC,OAAO,CAAC,KAAM,EAAE,eAAe,CAAC,KAAM,CAAC;SAC7D,CAAC;QAEF,gBAAgB,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,gBAAgB;QAC1B,GAAG,QAAQ;KACZ,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,QAA0C,EAC1C,SAA2C;IAE3C,OAAO;QACL,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC,QAAQ,EAAE,SAAS,CAAC,QAAQ,CAAC;QAC1D,mBAAmB,EAAE,SAAS,CAAC,QAAQ,CAAC,mBAAmB,EAAE,SAAS,CAAC,mBAAmB,CAAC;QAC3F,eAAe,EAAE,SAAS,CAAC,QAAQ,CAAC,eAAe,EAAE,SAAS,CAAC,eAAe,CAAC;QAC/E,MAAM,EAAE,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC;QACpD,OAAO,EAAE,SAAS,CAAC,QAAQ,CAAC,OAAO,EAAE,SAAS,CAAC,OAAO,CAAC;KACxD,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAC3B,QAAsB,EACtB,SAAuB;IAEvB,MAAM,EAAE,UAAU,EAAE,GAAG,IAAI,EAAE,GAAG,gBAAgB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAEtE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA8B,CAAC;IACvD,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,IAAI,UAAU,EAAE,CAAC;QAC1D,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO;QACL,QAAQ;QACR,GAAG,IAAI;KACR,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CACrB,GAAY,EACZ,WAAc,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EACjC,YAAe,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC;IAElC,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,GAAG,EAAE,SAAS;KACf,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CACpB,QAAW,EACX,SAAY;IAEZ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,IAAI,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3D,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;SACI,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAChC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,GAAG,EAAE,SAAS;KACf,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CACvB,WAA8B,EAAE,EAChC,YAA+B,EAAE;IAEjC,MAAM,KAAK,GAAG,IAAI,GAAG,EAAa,CAAC;IACnC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAa,CAAC;IACrC,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE7C,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;QACpC,IAAI,GAAG,IAAI,SAAS,EAAE,CAAC;YACrB,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACvD,CAAC;aACI,CAAC;YACJ,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAClC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;QACrC,IAAI,CAAC,CAAC,GAAG,IAAI,QAAQ,CAAC,EAAE,CAAC;YACvB,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,SAAS,CAChB,WAAgB,EAAE,EAClB,YAAiB,EAAE;IAEnB,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACtC,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1B,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvC,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;YAC1B,OAAO,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC;QAC5B,CAAC;QAED,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,GAAW,EACX,WAAgB,EAAE,EAClB,YAAiB,EAAE;IAEnB,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IACzE,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IAEvE,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IACtE,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;IAExE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;AAC5B,CAAC"}
|
package/dist/depWalker.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"depWalker.d.ts","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAEjG,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"depWalker.d.ts","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,eAAe,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAEjG,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAczC,OAAO,EAAE,MAAM,EAAuB,MAAM,yBAAyB,CAAC;AACtE,OAAO,KAAK,EAKV,OAAO,EACP,OAAO,EACR,MAAM,YAAY,CAAC;AA8CpB,KAAK,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG;IAC/C,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AASF,wBAAsB,SAAS,CAC7B,QAAQ,EAAE,WAAW,GAAG,qBAAqB,GAAG,eAAe,EAC/D,OAAO,EAAE,aAAa,EACtB,MAAM,SAAe,GACpB,OAAO,CAAC,OAAO,CAAC,CAyPlB"}
|
package/dist/depWalker.js
CHANGED
|
@@ -61,6 +61,7 @@ import { npm } from "@nodesecure/tree-walker";
|
|
|
61
61
|
import { parseAuthor } from "@nodesecure/utils";
|
|
62
62
|
import { ManifestManager, parseNpmSpec } from "@nodesecure/mama";
|
|
63
63
|
import { getNpmRegistryURL } from "@nodesecure/npm-registry-sdk";
|
|
64
|
+
import { fromData } from "ssri";
|
|
64
65
|
// Import Internal Dependencies
|
|
65
66
|
import { getDependenciesWarnings, addMissingVersionFlags, getUsedDeps, getManifestLinks, NPM_TOKEN } from "./utils/index.js";
|
|
66
67
|
import { NpmRegistryProvider } from "./registry/NpmRegistryProvider.js";
|
|
@@ -101,20 +102,31 @@ const kDefaultDependencyMetadata = {
|
|
|
101
102
|
maintainers: [],
|
|
102
103
|
integrity: {}
|
|
103
104
|
};
|
|
105
|
+
const kRootDependencyId = 0;
|
|
104
106
|
const { version: packageVersion } = JSON.parse(readFileSync(new URL(path.join("..", "package.json"), import.meta.url), "utf-8"));
|
|
105
107
|
export async function depWalker(manifest, options, logger = new Logger()) {
|
|
106
108
|
const env_1 = { stack: [], error: void 0, hasError: false };
|
|
107
109
|
try {
|
|
108
110
|
const { scanRootNode = false, includeDevDeps = false, packageLock, maxDepth, location, vulnerabilityStrategy = Vulnera.strategies.NONE, registry, npmRcConfig } = options;
|
|
111
|
+
const startedAt = Date.now();
|
|
112
|
+
const isRemoteScanning = typeof location === "undefined";
|
|
109
113
|
const tokenStore = new RegistryTokenStore(npmRcConfig, NPM_TOKEN.token);
|
|
110
114
|
const tempDir = __addDisposableResource(env_1, await TempDirectory.create(), true);
|
|
111
115
|
const dependencyConfusionWarnings = [];
|
|
112
116
|
const payload = {
|
|
113
117
|
id: tempDir.id,
|
|
114
|
-
|
|
118
|
+
rootDependency: {
|
|
119
|
+
name: manifest.name ?? "workspace",
|
|
120
|
+
version: manifest.version ?? "0.0.0",
|
|
121
|
+
integrity: null
|
|
122
|
+
},
|
|
115
123
|
scannerVersion: packageVersion,
|
|
116
124
|
vulnerabilityStrategy,
|
|
117
|
-
warnings: []
|
|
125
|
+
warnings: [],
|
|
126
|
+
metadata: {
|
|
127
|
+
startedAt,
|
|
128
|
+
executionTime: 0
|
|
129
|
+
}
|
|
118
130
|
};
|
|
119
131
|
const dependencies = new Map();
|
|
120
132
|
const npmTreeWalker = new npm.TreeWalker({
|
|
@@ -135,7 +147,7 @@ export async function depWalker(manifest, options, logger = new Logger()) {
|
|
|
135
147
|
packageLock
|
|
136
148
|
};
|
|
137
149
|
for await (const current of npmTreeWalker.walk(manifest, rootDepsOptions)) {
|
|
138
|
-
const { name, version, ...currentVersion } = current;
|
|
150
|
+
const { name, version, integrity, ...currentVersion } = current;
|
|
139
151
|
const dependency = {
|
|
140
152
|
versions: {
|
|
141
153
|
[version]: {
|
|
@@ -166,6 +178,16 @@ export async function depWalker(manifest, options, logger = new Logger()) {
|
|
|
166
178
|
else {
|
|
167
179
|
dependencies.set(name, dependency);
|
|
168
180
|
}
|
|
181
|
+
const isRoot = current.id === kRootDependencyId;
|
|
182
|
+
if (isRoot && payload.rootDependency.integrity) {
|
|
183
|
+
payload.rootDependency.integrity = integrity;
|
|
184
|
+
}
|
|
185
|
+
else if (isRoot) {
|
|
186
|
+
const isWorkspace = options.location && "workspaces" in manifest;
|
|
187
|
+
payload.rootDependency.integrity = isWorkspace ?
|
|
188
|
+
null :
|
|
189
|
+
fromData(JSON.stringify(manifest), { algorithms: ["sha512"] }).toString();
|
|
190
|
+
}
|
|
169
191
|
// If the dependency is a DevDependencies we ignore it.
|
|
170
192
|
if (current.isDevDependency || !proceedDependencyScan) {
|
|
171
193
|
continue;
|
|
@@ -205,7 +227,7 @@ export async function depWalker(manifest, options, logger = new Logger()) {
|
|
|
205
227
|
}
|
|
206
228
|
const { hydratePayloadDependencies, strategy } = Vulnera.setStrategy(vulnerabilityStrategy);
|
|
207
229
|
const isVulnHydratable = (strategy === "github-advisory" || strategy === "snyk")
|
|
208
|
-
&&
|
|
230
|
+
&& isRemoteScanning;
|
|
209
231
|
if (!isVulnHydratable) {
|
|
210
232
|
await hydratePayloadDependencies(dependencies, {
|
|
211
233
|
useStandardFormat: true,
|
|
@@ -263,12 +285,13 @@ export async function depWalker(manifest, options, logger = new Logger()) {
|
|
|
263
285
|
}
|
|
264
286
|
}
|
|
265
287
|
try {
|
|
266
|
-
const { warnings, illuminated } = await getDependenciesWarnings(dependencies, options.highlight?.contacts,
|
|
288
|
+
const { warnings, illuminated } = await getDependenciesWarnings(dependencies, options.highlight?.contacts, isRemoteScanning);
|
|
267
289
|
payload.warnings = globalWarnings.concat(dependencyConfusionWarnings).concat(warnings);
|
|
268
290
|
payload.highlighted = {
|
|
269
291
|
contacts: illuminated
|
|
270
292
|
};
|
|
271
293
|
payload.dependencies = Object.fromEntries(dependencies);
|
|
294
|
+
payload.metadata.executionTime = Date.now() - startedAt;
|
|
272
295
|
return payload;
|
|
273
296
|
}
|
|
274
297
|
finally {
|
|
@@ -298,7 +321,11 @@ async function scanDirOrArchiveEx(name, version, locker, tempDir, options) {
|
|
|
298
321
|
spec: `${name}@${version}`,
|
|
299
322
|
registry
|
|
300
323
|
}));
|
|
301
|
-
await scanDirOrArchive(mama, ref
|
|
324
|
+
await scanDirOrArchive(mama, ref, {
|
|
325
|
+
astAnalyserOptions: {
|
|
326
|
+
optionalWarnings: typeof location !== "undefined"
|
|
327
|
+
}
|
|
328
|
+
});
|
|
302
329
|
}
|
|
303
330
|
catch {
|
|
304
331
|
// ignore
|
package/dist/depWalker.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"depWalker.js","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,kCAAkC;AAClC,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;
|
|
1
|
+
{"version":3,"file":"depWalker.js","sourceRoot":"","sources":["../src/depWalker.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,kCAAkC;AAClC,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EACjB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAEjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AAEjE,OAAO,EAAE,QAAQ,EAAE,MAAM,MAAM,CAAC;AAEhC,+BAA+B;AAC/B,OAAO,EACL,uBAAuB,EACvB,sBAAsB,EACtB,WAAW,EACX,gBAAgB,EAChB,SAAS,EACV,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AACxE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAUtE,YAAY;AACZ,MAAM,+BAA+B,GAAG;IACtC,WAAW,EAAE,EAAE;IACf,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,IAAI;IACZ,OAAO,EAAE,EAAE;IACX,OAAO,EAAE,EAAE;IACX,QAAQ,EAAE,EAAE;IACZ,gBAAgB,EAAE,EAAE;IACpB,WAAW,EAAE;QACX,UAAU,EAAE,EAAE;QACd,KAAK,EAAE,EAAE;QACT,QAAQ,EAAE,EAAE;QACZ,MAAM,EAAE,EAAE;QACV,OAAO,EAAE,EAAE;QACX,cAAc,EAAE,EAAE;QAClB,eAAe,EAAE,EAAE;QACnB,mBAAmB,EAAE,EAAE;QACvB,gBAAgB,EAAE,EAAE;KACrB;CACF,CAAC;AACF,MAAM,0BAA0B,GAA2B;IACzD,cAAc,EAAE,CAAC;IACjB,YAAY,EAAE,IAAI,IAAI,EAAE;IACxB,WAAW,EAAE,KAAK;IAClB,gBAAgB,EAAE,KAAK;IACvB,iBAAiB,EAAE,KAAK;IACxB,0BAA0B,EAAE,IAAI;IAChC,QAAQ,EAAE,IAAI;IACd,MAAM,EAAE,IAAI;IACZ,UAAU,EAAE,EAAE;IACd,WAAW,EAAE,EAAE;IACf,SAAS,EAAE,EAAE;CACd,CAAC;AAEF,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAE5B,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAC5C,YAAY,CACV,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EACzD,OAAO,CACR,CACF,CAAC;AAeF,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,QAA+D,EAC/D,OAAsB,EACtB,MAAM,GAAG,IAAI,MAAM,EAAE;;;QAErB,MAAM,EACJ,YAAY,GAAG,KAAK,EACpB,cAAc,GAAG,KAAK,EACtB,WAAW,EACX,QAAQ,EACR,QAAQ,EACR,qBAAqB,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,EAC/C,QAAQ,EACR,WAAW,EACZ,GAAG,OAAO,CAAC;QAEZ,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,gBAAgB,GAAG,OAAO,QAAQ,KAAK,WAAW,CAAC;QACzD,MAAM,UAAU,GAAG,IAAI,kBAAkB,CAAC,WAAW,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;QAExE,MAAY,OAAO,kCAAG,MAAM,aAAa,CAAC,MAAM,EAAE,OAAA,CAAC;QAEnD,MAAM,2BAA2B,GAAiC,EAAE,CAAC;QAErE,MAAM,OAAO,GAAmB;YAC9B,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,cAAc,EAAE;gBACd,IAAI,EAAE,QAAQ,CAAC,IAAI,IAAI,WAAW;gBAClC,OAAO,EAAE,QAAQ,CAAC,OAAO,IAAI,OAAO;gBACpC,SAAS,EAAE,IAAI;aAChB;YACD,cAAc,EAAE,cAAc;YAC9B,qBAAqB;YACrB,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE;gBACR,SAAS;gBACT,aAAa,EAAE,CAAC;aACjB;SACF,CAAC;QAEF,MAAM,YAAY,GAA4B,IAAI,GAAG,EAAE,CAAC;QACxD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC;YACvC,QAAQ;SACT,CAAC,CAAC;QACH,CAAC;YACC,MAAM;iBACH,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC;iBACxC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC;iBAC3C,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAChD,MAAM,uBAAuB,GAAG,IAAI,GAAG,EAAU,CAAC;YAClD,MAAM,eAAe,GAAoB,EAAE,CAAC;YAE5C,MAAM,MAAM,GAAG,IAAI,KAAK,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;YAC7C,MAAM,CAAC,EAAE,CACP,YAAY,EACZ,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC,CACxD,CAAC;YAEF,MAAM,eAAe,GAAoB;gBACvC,QAAQ;gBACR,cAAc;gBACd,WAAW;aACZ,CAAC;YACF,IAAI,KAAK,EAAE,MAAM,OAAO,IAAI,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,EAAE,CAAC;gBAC1E,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,CAAC;gBAChE,MAAM,UAAU,GAAe;oBAC7B,QAAQ,EAAE;wBACR,CAAC,OAAO,CAAC,EAAE;4BACT,GAAG,cAAc;4BACjB,GAAG,eAAe,CAAC,+BAA+B,CAAC;yBACpD;qBACF;oBACD,eAAe,EAAE,EAAE;oBACnB,QAAQ,EAAE,eAAe,CAAC,0BAA0B,CAAC;iBACtD,CAAC;gBAEF,IAAI,qBAAqB,GAAG,IAAI,CAAC;gBACjC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,EAAE,GAAG,CAAC;gBACpC,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC3B,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,IAAI,CAAE,CAAC;oBACpC,eAAe,CAAC,IAAI,CAClB,IAAI,mBAAmB,CAAC,IAAI,EAAE,OAAO,EAAE;wBACrC,QAAQ;wBACR,UAAU;qBACX,CAAC,CAAC,uBAAuB,CAAC,GAAG,EAAE,2BAA2B,EAAE,GAAG,CAAC,CAClE,CAAC;oBAEF,IAAI,OAAO,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;wBAC5B,kDAAkD;wBAClD,uEAAuE;wBACvE,qBAAqB,GAAG,KAAK,CAAC;oBAChC,CAAC;yBACI,CAAC;wBACJ,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;oBACvD,CAAC;gBACH,CAAC;qBACI,CAAC;oBACJ,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBACrC,CAAC;gBAED,MAAM,MAAM,GAAG,OAAO,CAAC,EAAE,KAAK,iBAAiB,CAAC;gBAEhD,IAAI,MAAM,IAAI,OAAO,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC;oBAC/C,OAAO,CAAC,cAAc,CAAC,SAAS,GAAG,SAAS,CAAC;gBAC/C,CAAC;qBACI,IAAI,MAAM,EAAE,CAAC;oBAChB,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,IAAI,YAAY,IAAI,QAAQ,CAAC;oBACjE,OAAO,CAAC,cAAc,CAAC,SAAS,GAAG,WAAW,CAAC,CAAC;wBAC9C,IAAI,CAAC,CAAC;wBACN,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,EAAE,UAAU,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC;gBAC9E,CAAC;gBAED,uDAAuD;gBACvD,IAAI,OAAO,CAAC,eAAe,IAAI,CAAC,qBAAqB,EAAE,CAAC;oBACtD,SAAS;gBACX,CAAC;gBAED,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;gBAE/C,6EAA6E;gBAC7E,IAAI,uBAAuB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,qBAAqB,EAAE,CAAC;oBACxE,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBACrD,CAAC;qBACI,CAAC;oBACJ,uBAAuB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAClC,MAAM,QAAQ,GAAG,IAAI,mBAAmB,CAAC,IAAI,EAAE,OAAO,EAAE;wBACtD,QAAQ;wBACR,UAAU;qBACX,CAAC,CAAC;oBAEH,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;oBACpE,IAAI,QAAQ,KAAK,iBAAiB,EAAE,IAAI,GAAG,EAAE,CAAC;wBAC5C,eAAe,CAAC,IAAI,CAClB,IAAI,mBAAmB,CAAC,IAAI,EAAE,OAAO,EAAE;4BACrC,QAAQ;4BACR,UAAU;yBACX,CAAC,CAAC,uCAAuC,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAC7E,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAED,MAAM,cAAc,GAAG;oBACrB,GAAG,EAAE,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAQ;oBACxC,QAAQ;oBACR,UAAU,EAAE,YAAY,IAAI,IAAI,KAAK,QAAQ,CAAC,IAAI;oBAClD,QAAQ;iBACT,CAAC;gBACF,eAAe,CAAC,IAAI,CAClB,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,CAAC,CACnE,CAAC;YACJ,CAAC;YAED,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC9C,MAAM,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;YAE1C,MAAM;iBACH,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC;iBACzC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAChD,CAAC;QAED,MAAM,EAAE,0BAA0B,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,WAAW,CAClE,qBAAqB,CACtB,CAAC;QAEF,MAAM,gBAAgB,GAAG,CAAC,QAAQ,KAAK,iBAAiB,IAAI,QAAQ,KAAK,MAAM,CAAC;eAC3E,gBAAgB,CAAC;QACtB,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,MAAM,0BAA0B,CAAC,YAAmB,EAAE;gBACpD,iBAAiB,EAAE,IAAI;gBACvB,IAAI,EAAE,QAAQ;aACf,CAAC,CAAC;QACL,CAAC;QAED,OAAO,CAAC,qBAAqB,GAAG,QAAQ,CAAC;QAEzC,sFAAsF;QACtF,6EAA6E;QAC7E,MAAM,cAAc,GAAoB,EAAE,CAAC;QAC3C,KAAK,MAAM,CAAC,WAAW,EAAE,UAAU,CAAC,IAAI,YAAY,EAAE,CAAC;YACrD,MAAM,mBAAmB,GAAG,UAAU,CAAC,QAAQ,EAAE,SAAS,IAAI,EAAE,CAAC;YAEjE,KAAK,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBACvE,MAAM,aAAa,GAAG,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAsB,CAAC;gBAExE,MAAM,cAAc,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;gBAClG,IAAI,cAAc,EAAE,CAAC;oBACnB,cAAc,CAAC,IAAI,CAAC;wBAClB,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,WAAW,IAAI,OAAO,oCAAoC;qBACvE,CAAC,CAAC;gBACL,CAAC;gBAED,IAAI,CAAC,CAAC,WAAW,IAAI,aAAa,CAAC,IAAI,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC7E,SAAS;gBACX,CAAC;gBAED,IAAI,aAAa,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;oBAC1C,cAAc,CAAC,IAAI,CAAC;wBAClB,IAAI,EAAE,oBAAoB;wBAC1B,OAAO,EAAE,GAAG,WAAW,IAAI,OAAO,8CAA8C;qBACjF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YACD,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1D,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,GAAG,OAAsC,CAAC;gBACvE,aAAa,CAAC,KAAK,CAAC,IAAI,CACtB,GAAG,sBAAsB,CAAC,IAAI,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,UAAU,CAAC,CACpE,CAAC;gBAEF,IAAI,eAAe,CAAC,aAAa,EAAE,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC;oBAC1D,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE;wBACjC,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;wBACpC,QAAQ,EAAE,QAAQ,CAAC,QAAQ;qBAC5B,CAAC,CAAC;oBAEH,MAAM,CAAC,MAAM,CAAC,aAAa,EAAE;wBAC3B,MAAM,EAAE,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;wBACpC,KAAK,EAAE,gBAAgB,CAAC,QAAQ,CAAC;wBACjC,UAAU,EAAE,QAAQ,CAAC,UAAU;qBAChC,CAAC,CAAC;gBACL,CAAC;gBAED,MAAM,QAAQ,GAAG,aAAa,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,WAAW,IAAI,MAAM,EAAE,CAAC,IAAI,IAAI,GAAG,EAAE,CAAC;gBACzF,IAAI,QAAQ,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;oBACxB,SAAS;gBACX,CAAC;gBAED,MAAM,MAAM,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAC3D,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACpD,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC;gBACzB,CAAC;gBACD,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,MAAM,uBAAuB,CAC7D,YAAY,EACZ,OAAO,CAAC,SAAS,EAAE,QAAQ,EAC3B,gBAAgB,CACjB,CAAC;YACF,OAAO,CAAC,QAAQ,GAAG,cAAc,CAAC,MAAM,CAAC,2BAA8C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC1G,OAAO,CAAC,WAAW,GAAG;gBACpB,QAAQ,EAAE,WAAW;aACtB,CAAC;YACF,OAAO,CAAC,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;YACxD,OAAO,CAAC,QAAQ,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAExD,OAAO,OAAkB,CAAC;QAC5B,CAAC;gBACO,CAAC;YACP,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;QACxC,CAAC;;;;;;;;;;;CACF;AAED,sCAAsC;AACtC,KAAK,UAAU,kBAAkB,CAC/B,IAAY,EACZ,OAAe,EACf,MAAa,EACb,OAAsB,EACtB,OAKC;;;QAED,MAAM,CAAC,kCAAG,MAAM,MAAM,CAAC,OAAO,EAAE,QAAA,CAAC;QAEjC,IAAI,CAAC;YACH,MAAM,EACJ,QAAQ,EACR,QAAQ,GAAG,OAAO,CAAC,GAAG,EAAE,EACxB,UAAU,EACV,GAAG,EACJ,GAAG,OAAO,CAAC;YAEZ,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC;gBAC9B,eAAe,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAC3C,iBAAiB,CAAC,OAAO,CAAC,QAAQ,EAAE;oBAClC,IAAI,EAAE,GAAG,IAAI,IAAI,OAAO,EAAE;oBAC1B,QAAQ;iBACT,CAAC,CACH,CAAC;YAEF,MAAM,gBAAgB,CAAC,IAAI,EAAE,GAAG,EAAE;gBAChC,kBAAkB,EAAE;oBAClB,gBAAgB,EAAE,OAAO,QAAQ,KAAK,WAAW;iBAClD;aACF,CAAC,CAAC;QACL,CAAC;QACD,MAAM,CAAC;YACL,SAAS;QACX,CAAC;;;;;;;;;CACF;AAED,SAAS,eAAe,CACtB,aAAgC,EAChC,QAA+D,EAC/D,WAAmB;IAEnB,OAAO,aAAa,CAAC,qBAAqB,KAAK,KAAK,IAAI,CACtD,WAAW,KAAK,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,KAAK,SAAS,CAC7D,CAAC;AACJ,CAAC"}
|
|
@@ -1,4 +1,3 @@
|
|
|
1
|
-
import { EventEmitter } from "node:events";
|
|
2
1
|
import type { Simplify } from "type-fest";
|
|
3
2
|
import * as Scanner from "../types.js";
|
|
4
3
|
type MergeDeep<T extends unknown[]> = T extends [a: infer A, ...rest: infer R] ? A & MergeDeep<R> : {};
|
|
@@ -26,17 +25,22 @@ export interface ManifestProbeExtractor<Defs> extends ProbeExtractor<Defs> {
|
|
|
26
25
|
level: "manifest";
|
|
27
26
|
next: ManifestProbeNextCallback;
|
|
28
27
|
}
|
|
29
|
-
export declare class Payload<T extends ProbeExtractor<any>[]> extends
|
|
28
|
+
export declare class Payload<T extends ProbeExtractor<any>[]> extends EventTarget {
|
|
30
29
|
private dependencies;
|
|
31
30
|
private probes;
|
|
32
31
|
private cachedResult;
|
|
33
32
|
constructor(data: Scanner.Payload | Scanner.Payload["dependencies"], probes: [...T]);
|
|
34
33
|
extract(): ExtractProbeResult<T>;
|
|
35
34
|
extractAndMerge(): MergedExtractProbeResult<T>;
|
|
35
|
+
emit<T extends ProbeExtractorLevel>(event: T, ...extractionDetails: unknown[]): void;
|
|
36
|
+
on<T extends ProbeExtractorLevel>(e: T, listener: ExtractorListener<T>): this;
|
|
36
37
|
}
|
|
37
38
|
export declare const Callbacks: {
|
|
38
39
|
readonly packument: (callback: PackumentProbeNextCallback) => PackumentProbeExtractor<void>;
|
|
39
40
|
readonly manifest: (callback: ManifestProbeNextCallback) => ManifestProbeExtractor<void>;
|
|
40
41
|
};
|
|
42
|
+
type ExtractorCallback<T extends ProbeExtractorLevel> = Parameters<(typeof Callbacks)[T]>[0];
|
|
43
|
+
export type ExtractorCallbackParams<T extends ProbeExtractorLevel> = Parameters<ExtractorCallback<T>>;
|
|
44
|
+
export type ExtractorListener<T extends ProbeExtractorLevel> = (...events: CustomEvent<ExtractorCallbackParams<T>>["detail"]) => void;
|
|
41
45
|
export {};
|
|
42
46
|
//# sourceMappingURL=payload.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../src/extractors/payload.ts"],"names":[],"mappings":"AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"payload.d.ts","sourceRoot":"","sources":["../../src/extractors/payload.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAK1C,OAAO,KAAK,OAAO,MAAM,aAAa,CAAC;AAMvC,KAAK,SAAS,CAAC,CAAC,SAAS,OAAO,EAAE,IAC9B,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,EAAE,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;AAErE,MAAM,MAAM,kBAAkB,CAC5B,CAAC,SAAS,cAAc,CAAC,GAAG,CAAC,EAAE,IAC7B;KACD,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,cAAc,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,KAAK;CACpF,CAAC;AACF,MAAM,MAAM,wBAAwB,CAClC,CAAC,SAAS,cAAc,CAAC,GAAG,CAAC,EAAE,IAC7B,QAAQ,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAE/C,MAAM,MAAM,mBAAmB,GAAG,WAAW,GAAG,UAAU,CAAC;AAC3D,MAAM,MAAM,4BAA4B,GAAG;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC;CAChC,CAAC;AAEF,MAAM,MAAM,0BAA0B,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,UAAU,KAAK,IAAI,CAAC;AAChG,MAAM,MAAM,yBAAyB,GAAG,CACtC,IAAI,EAAE,MAAM,EACZ,iBAAiB,EAAE,OAAO,CAAC,iBAAiB,EAC5C,MAAM,EAAE,4BAA4B,KAAK,IAAI,CAAC;AAEhD,MAAM,WAAW,cAAc,CAAC,IAAI;IAClC,KAAK,EAAE,mBAAmB,CAAC;IAC3B,IAAI,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAC3B,IAAI,IAAI,IAAI,CAAC;CACd;AAED,MAAM,WAAW,uBAAuB,CAAC,IAAI,CAAE,SAAQ,cAAc,CAAC,IAAI,CAAC;IACzE,KAAK,EAAE,WAAW,CAAC;IACnB,IAAI,EAAE,0BAA0B,CAAC;CAClC;AAED,MAAM,WAAW,sBAAsB,CAAC,IAAI,CAAE,SAAQ,cAAc,CAAC,IAAI,CAAC;IACxE,KAAK,EAAE,UAAU,CAAC;IAClB,IAAI,EAAE,yBAAyB,CAAC;CACjC;AAED,qBAAa,OAAO,CAAC,CAAC,SAAS,cAAc,CAAC,GAAG,CAAC,EAAE,CAAE,SAAQ,WAAW;IACvE,OAAO,CAAC,YAAY,CAAkC;IACtD,OAAO,CAAC,MAAM,CAAiC;IAC/C,OAAO,CAAC,YAAY,CAAwB;gBAG1C,IAAI,EAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,EACvD,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC;IAchB,OAAO;IAyBP,eAAe,IAGG,wBAAwB,CAAC,CAAC,CAAC;IAG7C,IAAI,CAAC,CAAC,SAAS,mBAAmB,EAChC,KAAK,EAAE,CAAC,EACR,GAAG,iBAAiB,EAAE,OAAO,EAAE;IAQjC,EAAE,CAAC,CAAC,SAAS,mBAAmB,EAC9B,CAAC,EAAE,CAAC,EACJ,QAAQ,EAAE,iBAAiB,CAAC,CAAC,CAAC,GAC7B,IAAI;CASR;AAED,eAAO,MAAM,SAAS;mCAER,0BAA0B,KACnC,uBAAuB,CAAC,IAAI,CAAC;kCAQpB,yBAAyB,KAClC,sBAAsB,CAAC,IAAI,CAAC;CAOvB,CAAC;AAEX,KAAK,iBAAiB,CAAC,CAAC,SAAS,mBAAmB,IAAI,UAAU,CAChE,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CACtB,CAAC,CAAC,CAAC,CAAC;AAEL,MAAM,MAAM,uBAAuB,CAAC,CAAC,SAAS,mBAAmB,IAAI,UAAU,CAC7E,iBAAiB,CAAC,CAAC,CAAC,CACrB,CAAC;AAEF,MAAM,MAAM,iBAAiB,CAAC,CAAC,SAAS,mBAAmB,IAAI,CAC7D,GAAG,MAAM,EAAE,WAAW,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KACzD,IAAI,CAAC"}
|
|
@@ -1,5 +1,3 @@
|
|
|
1
|
-
// Import Node.js Dependencies
|
|
2
|
-
import { EventEmitter } from "node:events";
|
|
3
1
|
// @ts-ignore
|
|
4
2
|
import deepmerge from "@fastify/deepmerge";
|
|
5
3
|
// Import Internal Dependencies
|
|
@@ -7,7 +5,7 @@ import * as Scanner from "../types.js";
|
|
|
7
5
|
import { isNodesecurePayload } from "../utils/index.js";
|
|
8
6
|
// CONSTANTS
|
|
9
7
|
const kFastMerge = deepmerge({ all: true });
|
|
10
|
-
export class Payload extends
|
|
8
|
+
export class Payload extends EventTarget {
|
|
11
9
|
dependencies;
|
|
12
10
|
probes;
|
|
13
11
|
cachedResult;
|
|
@@ -44,6 +42,20 @@ export class Payload extends EventEmitter {
|
|
|
44
42
|
extractAndMerge() {
|
|
45
43
|
return kFastMerge(...this.extract());
|
|
46
44
|
}
|
|
45
|
+
emit(event, ...extractionDetails) {
|
|
46
|
+
const customEvent = new CustomEvent(event, {
|
|
47
|
+
detail: extractionDetails
|
|
48
|
+
});
|
|
49
|
+
this.dispatchEvent(customEvent);
|
|
50
|
+
}
|
|
51
|
+
on(e, listener) {
|
|
52
|
+
function wrappedListener(event) {
|
|
53
|
+
const customEvent = event;
|
|
54
|
+
listener(...customEvent.detail);
|
|
55
|
+
}
|
|
56
|
+
this.addEventListener(e, wrappedListener);
|
|
57
|
+
return this;
|
|
58
|
+
}
|
|
47
59
|
}
|
|
48
60
|
export const Callbacks = {
|
|
49
61
|
packument(callback) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../../src/extractors/payload.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"payload.js","sourceRoot":"","sources":["../../src/extractors/payload.ts"],"names":[],"mappings":"AAEA,aAAa;AACb,OAAO,SAAS,MAAM,oBAAoB,CAAC;AAE3C,+BAA+B;AAC/B,OAAO,KAAK,OAAO,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAExD,YAAY;AACZ,MAAM,UAAU,GAAG,SAAS,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;AA0C5C,MAAM,OAAO,OAAyC,SAAQ,WAAW;IAC/D,YAAY,CAAkC;IAC9C,MAAM,CAAiC;IACvC,YAAY,CAAwB;IAE5C,YACE,IAAuD,EACvD,MAAc;QAEd,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,YAAY,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7C,IAAI,CAAC,YAAY,CAAC,CAAC;YACnB,IAAI,CAAC;QAEP,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC1C,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAE9B,OAAO,IAAI,CAAC;QACd,CAAC,EAAE,EAAE,SAAS,EAAE,EAAkB,EAAE,QAAQ,EAAE,EAAkB,EAAE,CAAC,CAAC;IACtE,CAAC;IAED,OAAO;QACL,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,OAAO,IAAI,CAAC,YAAY,CAAC;QAC3B,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;YACnE,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;YACvE,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;YAEzC,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACrE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;oBAC5F,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;gBAChE,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,YAAY,GAAG;YAClB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;YACrD,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;SAC5B,CAAC;QAE3B,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;IAED,eAAe;QACb,OAAO,UAAU,CACf,GAAG,IAAI,CAAC,OAAO,EAAE,CACwB,CAAC;IAC9C,CAAC;IAED,IAAI,CACF,KAAQ,EACR,GAAG,iBAA4B;QAE/B,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,KAAK,EAAE;YACzC,MAAM,EAAE,iBAAiB;SAC1B,CAAC,CAAC;QACH,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;IAClC,CAAC;IAED,EAAE,CACA,CAAI,EACJ,QAA8B;QAE9B,SAAS,eAAe,CAAC,KAAY;YACnC,MAAM,WAAW,GAAG,KAAgD,CAAC;YACrE,QAAQ,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,CAAC,gBAAgB,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC;QAE1C,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,MAAM,CAAC,MAAM,SAAS,GAAG;IACvB,SAAS,CACP,QAAoC;QAEpC,OAAO;YACL,KAAK,EAAE,WAAoB;YAC3B,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,IAAI;SACX,CAAC;IACJ,CAAC;IACD,QAAQ,CACN,QAAmC;QAEnC,OAAO;YACL,KAAK,EAAE,UAAmB;YAC1B,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,IAAI;SACX,CAAC;IACJ,CAAC;CACO,CAAC;AAcX,SAAS,IAAI;IACX,OAAO,KAAK,CAAC,CAAC;AAChB,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -7,10 +7,15 @@ import type { Options } from "./types.js";
|
|
|
7
7
|
export * from "./types.js";
|
|
8
8
|
export * from "./extractors/index.js";
|
|
9
9
|
export type CwdOptions = Options & {
|
|
10
|
+
/**
|
|
11
|
+
* NPM runtime configuration (such as local .npmrc file)
|
|
12
|
+
* It is optionally used to fetch registry authentication tokens
|
|
13
|
+
*/
|
|
10
14
|
npmRcConfig?: Config;
|
|
11
15
|
};
|
|
12
16
|
export declare function cwd(location?: string, options?: CwdOptions, logger?: Logger): Promise<import("./types.js").Payload>;
|
|
13
|
-
export
|
|
17
|
+
export type FromOptions = Omit<Options, "includeDevDeps">;
|
|
18
|
+
export declare function from(packageName: string, options?: FromOptions, logger?: Logger): Promise<import("./types.js").Payload>;
|
|
14
19
|
export declare function verify(packageName?: string): Promise<tarball.ScannedPackageResult>;
|
|
15
20
|
export { depWalker, tarball, comparePayloads, Logger, ScannerLoggerEvents };
|
|
16
21
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAE/C,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAGzC,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAEtE,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAE/C,OAAO,KAAK,MAAM,MAAM,gBAAgB,CAAC;AAGzC,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAEtE,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAQ1C,cAAc,YAAY,CAAC;AAC3B,cAAc,uBAAuB,CAAC;AAEtC,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG;IACjC;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,wBAAsB,GAAG,CACvB,QAAQ,SAAgB,EACxB,OAAO,GAAE,UAAe,EACxB,MAAM,SAAe,yCA8BtB;AAED,MAAM,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;AAE1D,wBAAsB,IAAI,CACxB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,WAAgB,EACzB,MAAM,SAAe,yCAkBtB;AAED,wBAAsB,MAAM,CAC1B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAevC;AAED,OAAO,EACL,SAAS,EACT,OAAO,EACP,eAAe,EACf,MAAM,EACN,mBAAmB,EACpB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -67,7 +67,6 @@ import { comparePayloads } from "./comparePayloads.js";
|
|
|
67
67
|
// CONSTANTS
|
|
68
68
|
const kDefaultCwdOptions = {
|
|
69
69
|
forceRootAnalysis: true,
|
|
70
|
-
usePackageLock: true,
|
|
71
70
|
includeDevDeps: false
|
|
72
71
|
};
|
|
73
72
|
export * from "./types.js";
|
|
@@ -76,8 +75,12 @@ export async function cwd(location = process.cwd(), options = {}, logger = new L
|
|
|
76
75
|
const registry = options.registry ?
|
|
77
76
|
urlToString(options.registry) :
|
|
78
77
|
getLocalRegistryURL();
|
|
78
|
+
const packageLock = options.packageLock ?? {
|
|
79
|
+
location
|
|
80
|
+
};
|
|
79
81
|
const finalizedOptions = Object.assign({ location }, kDefaultCwdOptions, {
|
|
80
82
|
...options,
|
|
83
|
+
packageLock,
|
|
81
84
|
registry
|
|
82
85
|
});
|
|
83
86
|
logger.start(ScannerLoggerEvents.manifest.read);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAI/C,+BAA+B;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAGvD,YAAY;AACZ,MAAM,kBAAkB,GAAG;IACzB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AACnE,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAI/C,+BAA+B;AAC/B,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,MAAM,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAC/D,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAGvD,YAAY;AACZ,MAAM,kBAAkB,GAAG;IACzB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,KAAK;CACtB,CAAC;AAEF,cAAc,YAAY,CAAC;AAC3B,cAAc,uBAAuB,CAAC;AAUtC,MAAM,CAAC,KAAK,UAAU,GAAG,CACvB,QAAQ,GAAG,OAAO,CAAC,GAAG,EAAE,EACxB,UAAsB,EAAE,EACxB,MAAM,GAAG,IAAI,MAAM,EAAE;IAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/B,mBAAmB,EAAE,CAAC;IAExB,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI;QACzC,QAAQ;KACT,CAAC;IAEF,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CACpC,EAAE,QAAQ,EAAE,EACZ,kBAAkB,EAClB;QACE,GAAG,OAAO;QACV,WAAW;QACX,QAAQ;KACT,CACF,CAAC;IAEF,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAE9C,OAAO,SAAS,CACd,IAAI,CAAC,KAAK,CAAC,GAAG,CAAgB,EAC9B,gBAAgB,EAChB,MAAM,CACP,CAAC;AACJ,CAAC;AAID,MAAM,CAAC,KAAK,UAAU,IAAI,CACxB,WAAmB,EACnB,UAAuB,EAAE,EACzB,MAAM,GAAG,IAAI,MAAM,EAAE;IAErB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QACjC,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC/B,mBAAmB,EAAE,CAAC;IAExB,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACjD,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE;QAClD,GAAG,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;KACtD,CAAC,CAAC;IACH,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAE/C,OAAO,SAAS;IACd,wDAAwD;IACxD,QAAsC,EACtC,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EACpC,MAAM,CACP,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,WAAoB;;;QAEpB,IAAI,OAAO,WAAW,KAAK,WAAW,EAAE,CAAC;YACvC,OAAO,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;QAC5C,CAAC;QAED,MAAY,OAAO,kCAAG,MAAM,aAAa,CAAC,MAAM,EAAE,OAAA,CAAC;QAEnD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,iBAAiB,CAAC,OAAO,CAAC,QAAQ,EAAE;YAC7D,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,mBAAmB,EAAE;SAChC,CAAC,CAAC;QAEH,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAEnD,OAAO,UAAU,CAAC;;;;;;;;;;;CACnB;AAED,OAAO,EACL,SAAS,EACT,OAAO,EACP,eAAe,EACf,MAAM,EACN,mBAAmB,EACpB,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -170,7 +170,12 @@ export interface Payload {
|
|
|
170
170
|
/** Payload unique id */
|
|
171
171
|
id: string;
|
|
172
172
|
/** Name of the analyzed package */
|
|
173
|
-
|
|
173
|
+
rootDependency: {
|
|
174
|
+
name: string;
|
|
175
|
+
version: string;
|
|
176
|
+
/** The integrity of the scanned package */
|
|
177
|
+
integrity: string | null;
|
|
178
|
+
};
|
|
174
179
|
/** Global warnings list */
|
|
175
180
|
warnings: GlobalWarning[];
|
|
176
181
|
highlighted: {
|
|
@@ -182,12 +187,22 @@ export interface Payload {
|
|
|
182
187
|
scannerVersion: string;
|
|
183
188
|
/** Vulnerability strategy name (npm, snyk, node) */
|
|
184
189
|
vulnerabilityStrategy: Vulnera.Kind;
|
|
190
|
+
metadata: {
|
|
191
|
+
/**
|
|
192
|
+
* UNIX Timestamp when the scan started
|
|
193
|
+
*/
|
|
194
|
+
startedAt: number;
|
|
195
|
+
/**
|
|
196
|
+
* Execution time in milliseconds
|
|
197
|
+
*/
|
|
198
|
+
executionTime: number;
|
|
199
|
+
};
|
|
185
200
|
}
|
|
186
201
|
export interface Options {
|
|
187
202
|
/**
|
|
188
203
|
* Maximum tree depth
|
|
189
204
|
*
|
|
190
|
-
* @default
|
|
205
|
+
* @default Infinity
|
|
191
206
|
*/
|
|
192
207
|
readonly maxDepth?: number;
|
|
193
208
|
readonly registry?: string | URL;
|
|
@@ -202,7 +217,6 @@ export interface Options {
|
|
|
202
217
|
packageLock?: {
|
|
203
218
|
/**
|
|
204
219
|
* Fetches all manifests for additional metadata.
|
|
205
|
-
* This option is useful only when `usePackageLock` is enabled.
|
|
206
220
|
*
|
|
207
221
|
* @default false
|
|
208
222
|
*/
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAC/C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAE1D,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,yBAAyB,CAAC;AAC1E,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAE3D,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG;IACjC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,GAAG;IAChD;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,EAAE,EAAE,MAAM,CAAC;CACZ,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,wBAAwB;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,mBAAmB;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,yBAAyB;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,iBAAiB;IAChC,qDAAqD;IACrD,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,iBAAiB,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB;;;OAGG;IACH,qBAAqB,EAAE,OAAO,CAAC;IAC/B,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,uDAAuD;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,eAAe,EAAE,MAAM,CAAC;IACxB,0BAA0B;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,iFAAiF;IACjF,MAAM,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC;;;;OAIG;IACH,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,mDAAmD;IACnD,WAAW,EAAE;QACX,8CAA8C;QAC9C,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,cAAc,EAAE,MAAM,EAAE,CAAC;QACzB,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;IACF;;OAEG;IACH,QAAQ,EAAE,0BAA0B,EAAE,CAAC;IACvC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B;;;;OAIG;IACH,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB;;OAEG;IACH,MAAM,EAAE,IAAI,GAAG,MAAM,CAAC;IACtB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,eAAe,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;CACrC;AAED,MAAM,WAAW,UAAU;IACzB,4BAA4B;IAC5B,QAAQ,EAAE;QACR,0CAA0C;QAC1C,cAAc,EAAE,MAAM,CAAC;QACvB,YAAY,EAAE,IAAI,CAAC;QACnB,0BAA0B;QAC1B,WAAW,EAAE,MAAM,CAAC;QACpB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,iBAAiB,EAAE,OAAO,CAAC;QAC3B,0BAA0B,EAAE,OAAO,CAAC;QACpC,iFAAiF;QACjF,MAAM,EAAE,UAAU,GAAG,IAAI,CAAC;QAC1B,wBAAwB;QACxB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;QACxB;;WAEG;QACH,WAAW,EAAE,UAAU,EAAE,CAAC;QAC1B;;WAEG;QACH,UAAU,EAAE,SAAS,EAAE,CAAC;QACxB;;;WAGG;QACH,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACnC,CAAC;IACF,yFAAyF;IACzF,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAC5C;;;;OAIG;IACH,eAAe,EAAE,OAAO,CAAC,qBAAqB,EAAE,CAAC;CAClD;AAED,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;AAEtD,MAAM,MAAM,0BAA0B,GAAG;IACvC,IAAI,EAAE,sBAAsB,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAAE,OAAO,EAAE,MAAM,CAAC;CAAE,GAAG,CACjD;IACE,IAAI,EACA,sBAAsB,GACtB,oBAAoB,GACpB,eAAe,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC,GACD;IACE,IAAI,EAAE,gBAAgB,CAAC;IACvB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;CACH,GAED,0BAA0B,CAAC,CAAC;AAE9B,MAAM,WAAW,OAAO;IACtB,wBAAwB;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,mCAAmC;IACnC,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,KAAK,OAAO,MAAM,qBAAqB,CAAC;AAC/C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAE1D,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,yBAAyB,CAAC;AAC1E,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAC9D,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,uBAAuB,CAAC;AAE3D,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG;IACjC;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,GAAG;IAChD;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAChB;;;OAGG;IACH,EAAE,EAAE,MAAM,CAAC;CACZ,CAAC;AAEF,MAAM,WAAW,eAAe;IAC9B,wBAAwB;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,mBAAmB;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,yBAAyB;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;CACb;AAED,MAAM,WAAW,iBAAiB;IAChC,qDAAqD;IACrD,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,iBAAiB,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB;;;OAGG;IACH,qBAAqB,EAAE,OAAO,CAAC;IAC/B,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,uDAAuD;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,eAAe,EAAE,MAAM,CAAC;IACxB,0BAA0B;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,iFAAiF;IACjF,MAAM,EAAE,UAAU,GAAG,IAAI,CAAC;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC;;;;OAIG;IACH,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,mDAAmD;IACnD,WAAW,EAAE;QACX,8CAA8C;QAC9C,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,cAAc,EAAE,MAAM,EAAE,CAAC;QACzB,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,gBAAgB,EAAE,MAAM,EAAE,CAAC;QAC3B,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;IACF;;OAEG;IACH,QAAQ,EAAE,0BAA0B,EAAE,CAAC;IACvC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B;;;;OAIG;IACH,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB;;OAEG;IACH,MAAM,EAAE,IAAI,GAAG,MAAM,CAAC;IACtB;;;;;OAKG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,eAAe,CAAC;IACxB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;CACrC;AAED,MAAM,WAAW,UAAU;IACzB,4BAA4B;IAC5B,QAAQ,EAAE;QACR,0CAA0C;QAC1C,cAAc,EAAE,MAAM,CAAC;QACvB,YAAY,EAAE,IAAI,CAAC;QACnB,0BAA0B;QAC1B,WAAW,EAAE,MAAM,CAAC;QACpB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,iBAAiB,EAAE,OAAO,CAAC;QAC3B,0BAA0B,EAAE,OAAO,CAAC;QACpC,iFAAiF;QACjF,MAAM,EAAE,UAAU,GAAG,IAAI,CAAC;QAC1B,wBAAwB;QACxB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;QACxB;;WAEG;QACH,WAAW,EAAE,UAAU,EAAE,CAAC;QAC1B;;WAEG;QACH,UAAU,EAAE,SAAS,EAAE,CAAC;QACxB;;;WAGG;QACH,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACnC,CAAC;IACF,yFAAyF;IACzF,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;IAC5C;;;;OAIG;IACH,eAAe,EAAE,OAAO,CAAC,qBAAqB,EAAE,CAAC;CAClD;AAED,MAAM,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;AAEtD,MAAM,MAAM,0BAA0B,GAAG;IACvC,IAAI,EAAE,sBAAsB,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;CACH,CAAC;AAEF,MAAM,MAAM,aAAa,GAAG;IAAE,OAAO,EAAE,MAAM,CAAC;CAAE,GAAG,CACjD;IACE,IAAI,EACA,sBAAsB,GACtB,oBAAoB,GACpB,eAAe,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC,GACD;IACE,IAAI,EAAE,gBAAgB,CAAC;IACvB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;CACH,GAED,0BAA0B,CAAC,CAAC;AAE9B,MAAM,WAAW,OAAO;IACtB,wBAAwB;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,mCAAmC;IACnC,cAAc,EAAE;QACd,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,2CAA2C;QAC3C,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;KAC1B,CAAC;IACF,2BAA2B;IAC3B,QAAQ,EAAE,aAAa,EAAE,CAAC;IAC1B,WAAW,EAAE;QACX,QAAQ,EAAE,kBAAkB,EAAE,CAAC;KAChC,CAAC;IACF,sDAAsD;IACtD,YAAY,EAAE,YAAY,CAAC;IAC3B,yDAAyD;IACzD,cAAc,EAAE,MAAM,CAAC;IACvB,oDAAoD;IACpD,qBAAqB,EAAE,OAAO,CAAC,IAAI,CAAC;IAEpC,QAAQ,EAAE;QACR;;WAEG;QACH,SAAS,EAAE,MAAM,CAAC;QAClB;;WAEG;QACH,aAAa,EAAE,MAAM,CAAC;KACvB,CAAC;CACH;AAED,MAAM,WAAW,OAAO;IACtB;;;;OAIG;IACH,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAE3B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;IAEjC;;;;;;;OAOG;IACH,WAAW,CAAC,EAAE;QACZ;;;;WAIG;QACH,aAAa,CAAC,EAAE,OAAO,CAAC;QAExB;;;WAGG;QACH,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IAEF,SAAS,CAAC,EAAE;QACV,QAAQ,EAAE,OAAO,EAAE,CAAC;KACrB,CAAC;IAEF;;;;OAIG;IACH,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;IAElC;;;;OAIG;IACH,QAAQ,CAAC,qBAAqB,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC;IAE9C;;;;;OAKG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;CACjC;AAED,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,GAAG,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CAC3C"}
|
package/package.json
CHANGED
|
@@ -1,15 +1,24 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nodesecure/scanner",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "8.1.0",
|
|
4
4
|
"description": "A package API to run a static analysis of your module's dependencies.",
|
|
5
5
|
"type": "module",
|
|
6
|
-
"exports":
|
|
7
|
-
|
|
6
|
+
"exports": {
|
|
7
|
+
".": {
|
|
8
|
+
"types": "./dist/index.d.ts",
|
|
9
|
+
"import": "./dist/index.js"
|
|
10
|
+
},
|
|
11
|
+
"./extractors": {
|
|
12
|
+
"types": "./dist/extractors/index.d.ts",
|
|
13
|
+
"import": "./dist/extractors/index.js"
|
|
14
|
+
},
|
|
15
|
+
"./package.json": "./package.json"
|
|
16
|
+
},
|
|
8
17
|
"engines": {
|
|
9
18
|
"node": ">=20"
|
|
10
19
|
},
|
|
11
20
|
"scripts": {
|
|
12
|
-
"build": "tsc -b
|
|
21
|
+
"build": "tsc -b && cp -R ./src/data ./dist/data",
|
|
13
22
|
"lint": "eslint src test",
|
|
14
23
|
"prepublishOnly": "npm run build && pkg-ok",
|
|
15
24
|
"test": "c8 -r html npm run test-only && npm run test-types",
|
|
@@ -58,8 +67,8 @@
|
|
|
58
67
|
"@nodesecure/npm-registry-sdk": "^4.4.0",
|
|
59
68
|
"@nodesecure/npm-types": "^1.3.0",
|
|
60
69
|
"@nodesecure/rc": "^5.0.1",
|
|
61
|
-
"@nodesecure/tarball": "^2.
|
|
62
|
-
"@nodesecure/tree-walker": "^
|
|
70
|
+
"@nodesecure/tarball": "^2.3.0",
|
|
71
|
+
"@nodesecure/tree-walker": "^2.0.0",
|
|
63
72
|
"@nodesecure/utils": "^2.3.0",
|
|
64
73
|
"@nodesecure/vulnera": "^2.0.1",
|
|
65
74
|
"@openally/mutex": "^2.0.0",
|
|
@@ -67,6 +76,7 @@
|
|
|
67
76
|
"frequency-set": "^2.1.0",
|
|
68
77
|
"pacote": "^21.0.0",
|
|
69
78
|
"semver": "^7.5.4",
|
|
79
|
+
"ssri": "13.0.0",
|
|
70
80
|
"type-fest": "^5.0.1"
|
|
71
81
|
},
|
|
72
82
|
"devDependencies": {
|