@nodesecure/tarball 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/class/NpmTarball.class.d.ts.map +1 -1
- package/dist/class/NpmTarball.class.js +12 -6
- package/dist/class/NpmTarball.class.js.map +1 -1
- package/dist/tarball.d.ts.map +1 -1
- package/dist/tarball.js +7 -1
- package/dist/tarball.js.map +1 -1
- package/dist/utils/analyzeDependencies.d.ts.map +1 -1
- package/dist/utils/analyzeDependencies.js +15 -2
- package/dist/utils/analyzeDependencies.js.map +1 -1
- package/dist/warnings.d.ts +3 -3
- package/dist/warnings.d.ts.map +1 -1
- package/dist/warnings.js +2 -2
- package/dist/warnings.js.map +1 -1
- package/package.json +4 -4
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NpmTarball.class.d.ts","sourceRoot":"","sources":["../../src/class/NpmTarball.class.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EACf,KAAK,sBAAsB,EAC5B,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,gBAAgB,EAEjB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAEL,KAAK,kBAAkB,EACxB,MAAM,mBAAmB,CAAC;AAE3B,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,kBAAkB,CAAC;IAChC,WAAW,EAAE,WAAW,CAAC,mBAAmB,CAAC;IAC7C,IAAI,EAAE,gBAAgB,CAAC;CACxB;AAED,qBAAa,UAAU;IACrB,MAAM,CAAC,aAAa,cAAoC;IAExD,QAAQ,EAAE,sBAAsB,CAAC;gBAG/B,IAAI,EAAE,eAAe;IASjB,SAAS,IAAI,OAAO,CAAC,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"NpmTarball.class.d.ts","sourceRoot":"","sources":["../../src/class/NpmTarball.class.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EACf,KAAK,sBAAsB,EAC5B,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,gBAAgB,EAEjB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAEL,KAAK,kBAAkB,EACxB,MAAM,mBAAmB,CAAC;AAE3B,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,kBAAkB,CAAC;IAChC,WAAW,EAAE,WAAW,CAAC,mBAAmB,CAAC;IAC7C,IAAI,EAAE,gBAAgB,CAAC;CACxB;AAED,qBAAa,UAAU;IACrB,MAAM,CAAC,aAAa,cAAoC;IAExD,QAAQ,EAAE,sBAAsB,CAAC;gBAG/B,IAAI,EAAE,eAAe;IASjB,SAAS,IAAI,OAAO,CAAC,kBAAkB,CAAC;CA6B/C"}
|
|
@@ -21,12 +21,18 @@ export class NpmTarball {
|
|
|
21
21
|
getTarballComposition(location),
|
|
22
22
|
conformance.extractLicenses(location)
|
|
23
23
|
]);
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
24
|
+
let code;
|
|
25
|
+
if (composition.files.length === 1 && composition.files.includes("package.json")) {
|
|
26
|
+
code = new SourceCodeReport();
|
|
27
|
+
}
|
|
28
|
+
else {
|
|
29
|
+
code = await new SourceCodeScanner(this.manifest).iterate({
|
|
30
|
+
manifest: [...this.manifest.getEntryFiles()]
|
|
31
|
+
.flatMap(filterJavaScriptFiles()),
|
|
32
|
+
javascript: composition.files
|
|
33
|
+
.flatMap(filterJavaScriptFiles())
|
|
34
|
+
});
|
|
35
|
+
}
|
|
30
36
|
return {
|
|
31
37
|
conformance: spdx,
|
|
32
38
|
composition,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"NpmTarball.class.js","sourceRoot":"","sources":["../../src/class/NpmTarball.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,kCAAkC;AAClC,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EAEhB,MAAM,kBAAkB,CAAC;AAE1B,+BAA+B;AAC/B,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,qBAAqB,EAEtB,MAAM,mBAAmB,CAAC;AAQ3B,MAAM,OAAO,UAAU;IACrB,MAAM,CAAC,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAExD,QAAQ,CAAyB;IAEjC,YACE,IAAqB;QAErB,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,SAAS;QACb,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxC,MAAM,CACJ,WAAW,EACX,IAAI,CACL,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACpB,qBAAqB,CAAC,QAAQ,CAAC;YAC/B,WAAW,CAAC,eAAe,CAAC,QAAQ,CAAC;SACtC,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,MAAM,IAAI,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"NpmTarball.class.js","sourceRoot":"","sources":["../../src/class/NpmTarball.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,kCAAkC;AAClC,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EAEhB,MAAM,kBAAkB,CAAC;AAE1B,+BAA+B;AAC/B,OAAO,EACL,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACL,qBAAqB,EAEtB,MAAM,mBAAmB,CAAC;AAQ3B,MAAM,OAAO,UAAU;IACrB,MAAM,CAAC,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAExD,QAAQ,CAAyB;IAEjC,YACE,IAAqB;QAErB,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAC1D,CAAC;QAED,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,SAAS;QACb,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxC,MAAM,CACJ,WAAW,EACX,IAAI,CACL,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACpB,qBAAqB,CAAC,QAAQ,CAAC;YAC/B,WAAW,CAAC,eAAe,CAAC,QAAQ,CAAC;SACtC,CAAC,CAAC;QAEH,IAAI,IAAsB,CAAC;QAC3B,IAAI,WAAW,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YACjF,IAAI,GAAG,IAAI,gBAAgB,EAAE,CAAC;QAChC,CAAC;aACI,CAAC;YACJ,IAAI,GAAG,MAAM,IAAI,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC;gBACxD,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;qBACzC,OAAO,CAAC,qBAAqB,EAAE,CAAC;gBACnC,UAAU,EAAE,WAAW,CAAC,KAAK;qBAC1B,OAAO,CAAC,qBAAqB,EAAE,CAAC;aACpC,CAAC,CAAC;QACL,CAAC;QAED,OAAO;YACL,WAAW,EAAE,IAAI;YACjB,WAAW;YACX,IAAI;SACL,CAAC;IACJ,CAAC;;AAGH,SAAS,qBAAqB;IAC5B,OAAO,CAAC,IAAY,EAAE,EAAE;QACtB,IAAI,UAAU,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YACrD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC;AACJ,CAAC"}
|
package/dist/tarball.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tarball.d.ts","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAKA,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,UAAU,EAChB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EACf,KAAK,iBAAiB,EACvB,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"tarball.d.ts","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAKA,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,UAAU,EAChB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EACf,KAAK,iBAAiB,EACvB,MAAM,kBAAkB,CAAC;AAY1B,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,iBAAiB,CAAC;IACxB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,eAAe,EAAE,OAAO,CAAC;IACzB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC7B,UAAU,EAAE,GAAG,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,QAAQ,EAAE,GAAG,CAAC;IACd,QAAQ,EAAE,WAAW,CAAC,0BAA0B,EAAE,CAAC;IACnD,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,WAAW,EAAE;QACX,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,KAAK,EAAE,MAAM,EAAE,CAAC;QAChB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,cAAc,EAAE,MAAM,EAAE,CAAC;QACzB,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC1C,CAAC;CACH;AAQD,wBAAsB,gBAAgB,CACpC,kBAAkB,EAAE,MAAM,GAAG,eAAe,EAC5C,GAAG,EAAE,aAAa,GACjB,OAAO,CAAC,IAAI,CAAC,CAiEf;AAED,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE;QACL,mDAAmD;QACnD,IAAI,EAAE,MAAM,EAAE,CAAC;QACf,kDAAkD;QAClD,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,EAAE,CAAC;KACpB,CAAC;IACF,qCAAqC;IACrC,aAAa,EAAE,MAAM,CAAC;IACtB,4DAA4D;IAC5D,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,mCAAmC;IACnC,QAAQ,EAAE,WAAW,CAAC,0BAA0B,EAAE,CAAC;IACnD,GAAG,EAAE;QACH,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;QACzD,QAAQ,EAAE,OAAO,EAAE,CAAC;KACrB,CAAC;CACH;AAED,wBAAsB,WAAW,CAC/B,kBAAkB,EAAE,MAAM,GAAG,eAAe,GAC3C,OAAO,CAAC,oBAAoB,CAAC,CAgC/B;AAED,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,eAAe,CAAC,CAiB1B"}
|
package/dist/tarball.js
CHANGED
|
@@ -10,6 +10,7 @@ import pacote from "pacote";
|
|
|
10
10
|
import { isSensitiveFile, booleanToFlags } from "./utils/index.js";
|
|
11
11
|
import { NpmTarball } from "./class/NpmTarball.class.js";
|
|
12
12
|
import * as warnings from "./warnings.js";
|
|
13
|
+
import { getEmptyPackageWarning } from "./warnings.js";
|
|
13
14
|
// CONSTANTS
|
|
14
15
|
const kNativeCodeExtensions = new Set([".gyp", ".c", ".cpp", ".node", ".so", ".h"]);
|
|
15
16
|
const kNpmToken = typeof process.env.NODE_SECURE_TOKEN === "string" ?
|
|
@@ -66,6 +67,11 @@ export async function scanPackage(manifestOrLocation) {
|
|
|
66
67
|
const mama = await ManifestManager.fromPackageJSON(manifestOrLocation);
|
|
67
68
|
const extractor = new NpmTarball(mama);
|
|
68
69
|
const { composition, conformance, code } = await extractor.scanFiles();
|
|
70
|
+
// Check for empty package
|
|
71
|
+
const warnings = [...code.warnings];
|
|
72
|
+
if (composition.files.length === 1 && composition.files.includes("package.json")) {
|
|
73
|
+
warnings.push(getEmptyPackageWarning());
|
|
74
|
+
}
|
|
69
75
|
return {
|
|
70
76
|
files: {
|
|
71
77
|
list: composition.files,
|
|
@@ -77,7 +83,7 @@ export async function scanPackage(manifestOrLocation) {
|
|
|
77
83
|
licenses: conformance.licenses,
|
|
78
84
|
ast: {
|
|
79
85
|
dependencies: code.dependencies,
|
|
80
|
-
warnings
|
|
86
|
+
warnings
|
|
81
87
|
}
|
|
82
88
|
};
|
|
83
89
|
}
|
package/dist/tarball.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tarball.js","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,EAGN,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EAEhB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,+BAA+B;AAC/B,OAAO,EACL,eAAe,EACf,cAAc,EACf,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"tarball.js","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,EAGN,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,eAAe,EAEhB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,+BAA+B;AAC/B,OAAO,EACL,eAAe,EACf,cAAc,EACf,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,KAAK,QAAQ,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAiCvD,YAAY;AACZ,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;AACpF,MAAM,SAAS,GAAG,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC;IACnE,EAAE,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC1C,EAAE,CAAC;AAEL,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,kBAA4C,EAC5C,GAAkB;IAElB,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,eAAe,CAChD,kBAAkB,CACnB,CAAC;IACF,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IAEnC,MAAM,EACJ,WAAW,EACX,WAAW,EACX,IAAI,EACL,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE,CAAC;IAE5B,CAAC;QACC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QACpE,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE;YACjB,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO;YACzC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS;SACpD,CAAC,CAAC;IACL,CAAC;IAED,IACE,WAAW,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC;QAC9B,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAC1C,CAAC;QACD,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAQ,CAAC,CAAC,CAAC;IACvE,CAAC;IACD,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;IAEpC,MAAM,EACJ,KAAK,EACL,YAAY,EACZ,KAAK,EACN,GAAG,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,CAAC;IAE3C,GAAG,CAAC,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC;IACpC,GAAG,CAAC,gBAAgB,GAAG,WAAW,CAAC,gBAAgB,CAAC;IACpD,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;IAC3B,GAAG,CAAC,IAAI,GAAG,WAAW,CAAC,IAAI,CAAC;IAC5B,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IACpD,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACjD,GAAG,CAAC,WAAW,CAAC,mBAAmB,GAAG,YAAY,CAAC,UAAU,CAAC;IAC9D,GAAG,CAAC,WAAW,CAAC,gBAAgB,GAAG,YAAY,CAAC,cAAc,CAAC;IAC/D,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;IACpD,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IACtD,GAAG,CAAC,WAAW,CAAC,cAAc,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC;IAC5C,GAAG,CAAC,WAAW,CAAC,eAAe,GAAG,YAAY,CAAC,MAAM,CAAC;IACtD,GAAG,CAAC,WAAW,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;IAEzC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC;QAC/B,GAAG,KAAK;QACR,mBAAmB,EAAE,IAAI,CAAC,KAAK,CAAC,mBAAmB,IAAI,KAAK,CAAC,mBAAmB;QAChF,YAAY,EAAE,WAAW,CAAC,gBAAgB,CAAC,MAAM,KAAK,CAAC;QACvD,mBAAmB,EAAE,WAAW,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC;QAC5D,eAAe,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;QACzC,WAAW,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC;QAC1E,aAAa,EAAE,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACtE,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ;YAChC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACjF,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB;KACvC,CAAC,CAAC,CAAC;AACN,CAAC;AAuBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,kBAA4C;IAE5C,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,eAAe,CAChD,kBAAkB,CACnB,CAAC;IACF,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IAEvC,MAAM,EACJ,WAAW,EACX,WAAW,EACX,IAAI,EACL,GAAG,MAAM,SAAS,CAAC,SAAS,EAAE,CAAC;IAEhC,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;IACpC,IAAI,WAAW,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACjF,QAAQ,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO;QACL,KAAK,EAAE;YACL,IAAI,EAAE,WAAW,CAAC,KAAK;YACvB,UAAU,EAAE,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC;YAChC,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB;QACD,aAAa,EAAE,WAAW,CAAC,IAAI;QAC/B,gBAAgB,EAAE,WAAW,CAAC,gBAAgB;QAC9C,QAAQ,EAAE,WAAW,CAAC,QAAQ;QAC9B,GAAG,EAAE;YACH,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,QAAQ;SACT;KACF,CAAC;AACJ,CAAC;AAOD,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,OAAiC;IAEjC,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAEnC,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IACvE,MAAM,MAAM,CAAC,OAAO,CAClB,IAAI,EACJ,eAAe,EACf;QACE,GAAG,SAAS;QACZ,QAAQ;QACR,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;KAC9B,CACF,CAAC;IAEF,OAAO,eAAe,CAAC,eAAe,CACpC,eAAe,CAChB,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyzeDependencies.d.ts","sourceRoot":"","sources":["../../src/utils/analyzeDependencies.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAgB,MAAM,kBAAkB,CAAC;AAIjE,eAAO,MAAM,aAAa,aA6CxB,CAAC;
|
|
1
|
+
{"version":3,"file":"analyzeDependencies.d.ts","sourceRoot":"","sources":["../../src/utils/analyzeDependencies.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAgB,MAAM,kBAAkB,CAAC;AAIjE,eAAO,MAAM,aAAa,aA6CxB,CAAC;AAgBH,MAAM,WAAW,0BAA0B;IACzC,IAAI,EACF,IAAI,CAAC,eAAe,EAAE,cAAc,GAAG,iBAAiB,CAAC,GACzD,OAAO,CAAC,IAAI,CAAC,eAAe,EAAE,eAAe,CAAC,CAAC,CAAC;IAClD,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,yBAAyB;IACxC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,sBAAsB,EAAE,MAAM,EAAE,CAAC;IACjC,0BAA0B,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnD,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,mBAAmB,EAAE,MAAM,EAAE,CAAC;IAC9B,KAAK,EAAE;QACL,mBAAmB,EAAE,OAAO,CAAC;QAC7B,4BAA4B,EAAE,OAAO,CAAC;KACvC,CAAC;CACH;AAED,wBAAgB,mBAAmB,CACjC,kBAAkB,EAAE,MAAM,EAAE,EAC5B,OAAO,EAAE,0BAA0B,GAClC,yBAAyB,CAuD3B"}
|
|
@@ -49,6 +49,17 @@ export const NODE_BUILTINS = new Set([
|
|
|
49
49
|
]);
|
|
50
50
|
const kFileExtensions = [".js", ".jsx", ".ts", ".tsx", ".mjs", ".cjs", ".node", ".json"];
|
|
51
51
|
const kExternalModules = new Set(["http", "https", "net", "http2", "dgram", "child_process"]);
|
|
52
|
+
const kExternalThirdPartyDeps = new Set([
|
|
53
|
+
"undici",
|
|
54
|
+
"node-fetch",
|
|
55
|
+
"execa",
|
|
56
|
+
"cross-spawn",
|
|
57
|
+
"got",
|
|
58
|
+
"axios",
|
|
59
|
+
"ky",
|
|
60
|
+
"superagent",
|
|
61
|
+
"cross-fetch"
|
|
62
|
+
]);
|
|
52
63
|
export function analyzeDependencies(sourceDependencies, options) {
|
|
53
64
|
const { mama, tryDependencies } = options;
|
|
54
65
|
const { dependencies, devDependencies, nodejsImports = {} } = mama;
|
|
@@ -75,14 +86,16 @@ export function analyzeDependencies(sourceDependencies, options) {
|
|
|
75
86
|
const nodeDependencies = sourceDependencies.filter((name) => isCoreModule(name));
|
|
76
87
|
const hasMissingOrUnusedDependency = unusedDependencies.length > 0 ||
|
|
77
88
|
missingDependencies.length > 0;
|
|
89
|
+
const thirdPartyDependenciesWithoutDuplicate = [...new Set(thirdPartyDependencies)];
|
|
78
90
|
return {
|
|
79
91
|
nodeDependencies,
|
|
80
|
-
thirdPartyDependencies:
|
|
92
|
+
thirdPartyDependencies: thirdPartyDependenciesWithoutDuplicate,
|
|
81
93
|
subpathImportsDependencies,
|
|
82
94
|
unusedDependencies,
|
|
83
95
|
missingDependencies,
|
|
84
96
|
flags: {
|
|
85
|
-
hasExternalCapacity: nodeDependencies.some((depName) => kExternalModules.has(depName))
|
|
97
|
+
hasExternalCapacity: nodeDependencies.some((depName) => kExternalModules.has(depName)) ||
|
|
98
|
+
thirdPartyDependenciesWithoutDuplicate.some((depName) => kExternalThirdPartyDeps.has(depName)),
|
|
86
99
|
hasMissingOrUnusedDependency
|
|
87
100
|
}
|
|
88
101
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyzeDependencies.js","sourceRoot":"","sources":["../../src/utils/analyzeDependencies.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAGjE,YAAY;AACZ,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IACnC,QAAQ;IACR,QAAQ;IACR,eAAe;IACf,SAAS;IACT,SAAS;IACT,WAAW;IACX,QAAQ;IACR,OAAO;IACP,KAAK;IACL,QAAQ;IACR,QAAQ;IACR,IAAI;IACJ,MAAM;IACN,OAAO;IACP,QAAQ;IACR,KAAK;IACL,IAAI;IACJ,MAAM;IACN,UAAU;IACV,aAAa;IACb,UAAU;IACV,MAAM;IACN,QAAQ;IACR,gBAAgB;IAChB,KAAK;IACL,QAAQ;IACR,KAAK;IACL,KAAK;IACL,KAAK;IACL,MAAM;IACN,IAAI;IACJ,MAAM;IACN,UAAU;IACV,IAAI;IACJ,SAAS;IACT,WAAW;IACX,aAAa;IACb,OAAO;IACP,YAAY;IACZ,cAAc;IACd,gBAAgB;IAChB,WAAW;IACX,MAAM;IACN,qBAAqB;CACtB,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;AACzF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"analyzeDependencies.js","sourceRoot":"","sources":["../../src/utils/analyzeDependencies.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAGjE,YAAY;AACZ,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IACnC,QAAQ;IACR,QAAQ;IACR,eAAe;IACf,SAAS;IACT,SAAS;IACT,WAAW;IACX,QAAQ;IACR,OAAO;IACP,KAAK;IACL,QAAQ;IACR,QAAQ;IACR,IAAI;IACJ,MAAM;IACN,OAAO;IACP,QAAQ;IACR,KAAK;IACL,IAAI;IACJ,MAAM;IACN,UAAU;IACV,aAAa;IACb,UAAU;IACV,MAAM;IACN,QAAQ;IACR,gBAAgB;IAChB,KAAK;IACL,QAAQ;IACR,KAAK;IACL,KAAK;IACL,KAAK;IACL,MAAM;IACN,IAAI;IACJ,MAAM;IACN,UAAU;IACV,IAAI;IACJ,SAAS;IACT,WAAW;IACX,aAAa;IACb,OAAO;IACP,YAAY;IACZ,cAAc;IACd,gBAAgB;IAChB,WAAW;IACX,MAAM;IACN,qBAAqB;CACtB,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;AACzF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC,CAAC,CAAC;AAC9F,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAC;IACtC,QAAQ;IACR,YAAY;IACZ,OAAO;IACP,aAAa;IACb,KAAK;IACL,OAAO;IACP,IAAI;IACJ,YAAY;IACZ,aAAa;CACd,CAAC,CAAC;AAqBH,MAAM,UAAU,mBAAmB,CACjC,kBAA4B,EAC5B,OAAmC;IAEnC,MAAM,EAAE,IAAI,EAAE,eAAe,EAAE,GAAG,OAAO,CAAC;IAC1C,MAAM,EAAE,YAAY,EAAE,eAAe,EAAE,aAAa,GAAG,EAAE,EAAE,GAAG,IAAI,CAAC;IAEnE,4DAA4D;IAC5D,MAAM,0BAA0B,GAAG,MAAM,CAAC,WAAW,CACnD,kBAAkB;SACf,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,IAAI,IAAI,aAAa,CAAC;SAClE,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,sBAAsB,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAC9D,CAAC;IACF,MAAM,6BAA6B,GAAG,IAAI,GAAG,CAC3C,MAAM,CAAC,MAAM,CAAC,0BAA0B,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CACxE,CAAC;IAEF,MAAM,sBAAsB,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;QACvE,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;YAC9C,UAAU,CAAC,CAAC;YACZ,YAAY,CAAC,UAAU,CAAC,EAAE,IAAI,IAAI,UAAU,CAAC;QAE/C,OAAO,MAAM,CAAC,IAAI,CAAC;YACjB,YAAY,CAAC,IAAI,CAAC;YAClB,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC;YAC9B,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;YAC3B,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IAEH,MAAM,kBAAkB,GAAG,UAAU,CACnC,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,EACzD,CAAC,GAAG,sBAAsB,EAAE,GAAG,6BAA6B,CAAC,CAC9D,CAAC;IACF,MAAM,mBAAmB,GAAG;QAC1B,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,sBAAsB,EAAE,YAAY,CAAC,CAAC;KAC7D;SACE,MAAM,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI,aAAa,CAAC,IAAI,CAAC,6BAA6B,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;IAClG,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;IAEjF,MAAM,4BAA4B,GAChC,kBAAkB,CAAC,MAAM,GAAG,CAAC;QAC7B,mBAAmB,CAAC,MAAM,GAAG,CAAC,CAAC;IAEjC,MAAM,sCAAsC,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,sBAAsB,CAAC,CAAC,CAAC;IAEpF,OAAO;QACL,gBAAgB;QAChB,sBAAsB,EAAE,sCAAsC;QAC9D,0BAA0B;QAC1B,kBAAkB;QAClB,mBAAmB;QAEnB,KAAK,EAAE;YACL,mBAAmB,EAAE,gBAAgB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBACpF,sCAAsC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,uBAAuB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAChG,4BAA4B;SAC7B;KACF,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAI,IAAS,EAAE,IAAS;IACzC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,MAAM,CACb,QAAgB;IAEhB,OAAO,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC;WAC1B,eAAe,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,YAAY,CACnB,UAAkB;IAElB,MAAM,eAAe,GAAG,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;IAE1F,oGAAoG;IACpG,OAAO,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,iBAAiB,CACxB,UAAkB;IAElB,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;AACtC,CAAC;AAED,SAAS,sBAAsB,CAC7B,KAAa,EACb,WAAgD;IAEhD,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAE,CAAC;IAExC,OAAO,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC;QACtC,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC;QACtB,CAAC,KAAK,EAAE,MAAM,IAAI,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;AAC5E,CAAC"}
|
package/dist/warnings.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import type {
|
|
2
|
-
export declare function getSemVerWarning(value: string):
|
|
3
|
-
export declare function getEmptyPackageWarning():
|
|
1
|
+
import type { Warning } from "@nodesecure/js-x-ray";
|
|
2
|
+
export declare function getSemVerWarning(value: string): Warning;
|
|
3
|
+
export declare function getEmptyPackageWarning(): Warning;
|
|
4
4
|
//# sourceMappingURL=warnings.d.ts.map
|
package/dist/warnings.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"warnings.d.ts","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"warnings.d.ts","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAEpD,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,MAAM,GACZ,OAAO,CAWT;AAED,wBAAgB,sBAAsB,IAAI,OAAO,CAWhD"}
|
package/dist/warnings.js
CHANGED
|
@@ -4,7 +4,7 @@ export function getSemVerWarning(value) {
|
|
|
4
4
|
file: "package.json",
|
|
5
5
|
value,
|
|
6
6
|
location: null,
|
|
7
|
-
i18n: "sast_warnings.
|
|
7
|
+
i18n: "sast_warnings.zero_semver",
|
|
8
8
|
severity: "Information",
|
|
9
9
|
source: "Scanner",
|
|
10
10
|
experimental: false
|
|
@@ -16,7 +16,7 @@ export function getEmptyPackageWarning() {
|
|
|
16
16
|
file: "package.json",
|
|
17
17
|
value: "package.json",
|
|
18
18
|
location: null,
|
|
19
|
-
i18n: "sast_warnings.
|
|
19
|
+
i18n: "sast_warnings.empty_package",
|
|
20
20
|
severity: "Critical",
|
|
21
21
|
source: "Scanner",
|
|
22
22
|
experimental: false
|
package/dist/warnings.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"warnings.js","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AAGA,MAAM,UAAU,gBAAgB,CAC9B,KAAa;IAEb,OAAO;QACL,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,cAAc;QACpB,KAAK;QACL,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,
|
|
1
|
+
{"version":3,"file":"warnings.js","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AAGA,MAAM,UAAU,gBAAgB,CAC9B,KAAa;IAEb,OAAO;QACL,IAAI,EAAE,aAAa;QACnB,IAAI,EAAE,cAAc;QACpB,KAAK;QACL,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,aAAa;QACvB,MAAM,EAAE,SAAS;QACjB,YAAY,EAAE,KAAK;KACpB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,sBAAsB;IACpC,OAAO;QACL,IAAI,EAAE,eAAe;QACrB,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,UAAU;QACpB,MAAM,EAAE,SAAS;QACjB,YAAY,EAAE,KAAK;KACpB,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nodesecure/tarball",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.1.0",
|
|
4
4
|
"description": "NodeSecure tarball scanner",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": "./dist/index.js",
|
|
@@ -29,10 +29,10 @@
|
|
|
29
29
|
},
|
|
30
30
|
"homepage": "https://github.com/NodeSecure/tree/master/workspaces/tarball#readme",
|
|
31
31
|
"dependencies": {
|
|
32
|
-
"@nodesecure/conformance": "^1.
|
|
32
|
+
"@nodesecure/conformance": "^1.1.1",
|
|
33
33
|
"@nodesecure/fs-walk": "^2.0.0",
|
|
34
|
-
"@nodesecure/js-x-ray": "^9.
|
|
35
|
-
"@nodesecure/mama": "^
|
|
34
|
+
"@nodesecure/js-x-ray": "^9.2.0",
|
|
35
|
+
"@nodesecure/mama": "^2.0.0",
|
|
36
36
|
"@nodesecure/npm-types": "^1.2.0",
|
|
37
37
|
"@nodesecure/utils": "^2.3.0",
|
|
38
38
|
"pacote": "^21.0.0"
|