@nodesecure/tarball 3.6.1 → 4.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/class/DependencyCollectableSet.class.d.ts +6 -3
- package/dist/class/DependencyCollectableSet.class.d.ts.map +1 -1
- package/dist/class/DependencyCollectableSet.class.js +9 -2
- package/dist/class/DependencyCollectableSet.class.js.map +1 -1
- package/dist/class/DnsResolver.class.d.ts +2 -0
- package/dist/class/DnsResolver.class.d.ts.map +1 -1
- package/dist/class/DnsResolver.class.js +26 -5
- package/dist/class/DnsResolver.class.js.map +1 -1
- package/dist/class/NpmTarballWorkerPool.class.d.ts +56 -0
- package/dist/class/NpmTarballWorkerPool.class.d.ts.map +1 -0
- package/dist/class/NpmTarballWorkerPool.class.js +127 -0
- package/dist/class/NpmTarballWorkerPool.class.js.map +1 -0
- package/dist/class/NpmTarballWorkerScript.d.ts +2 -0
- package/dist/class/NpmTarballWorkerScript.d.ts.map +1 -0
- package/dist/class/NpmTarballWorkerScript.js +38 -0
- package/dist/class/NpmTarballWorkerScript.js.map +1 -0
- package/dist/class/PooledWorker.class.d.ts +18 -0
- package/dist/class/PooledWorker.class.d.ts.map +1 -0
- package/dist/class/PooledWorker.class.js +34 -0
- package/dist/class/PooledWorker.class.js.map +1 -0
- package/dist/constants.d.ts +7 -0
- package/dist/constants.d.ts.map +1 -0
- package/dist/constants.js +5 -0
- package/dist/constants.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/tarball.d.ts +3 -31
- package/dist/tarball.d.ts.map +1 -1
- package/dist/tarball.js +79 -54
- package/dist/tarball.js.map +1 -1
- package/dist/types.d.ts +55 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -0
- package/dist/warnings.d.ts +5 -0
- package/dist/warnings.d.ts.map +1 -1
- package/package.json +6 -4
package/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { ManifestManager } from "@nodesecure/mama";
|
|
2
|
-
import { type Dependency, type CollectableSet, type CollectableInfos } from "@nodesecure/js-x-ray";
|
|
2
|
+
import { type Dependency, type CollectableSet, type CollectableSetData, type CollectableInfos, type SourceArrayLocation } from "@nodesecure/js-x-ray";
|
|
3
3
|
export declare const NODE_BUILTINS: Set<string>;
|
|
4
4
|
export type DependencyCollectableSetMetadata = Dependency & {
|
|
5
5
|
relativeFile: string;
|
|
@@ -7,7 +7,9 @@ export type DependencyCollectableSetMetadata = Dependency & {
|
|
|
7
7
|
export declare class DependencyCollectableSet implements CollectableSet<DependencyCollectableSetMetadata> {
|
|
8
8
|
#private;
|
|
9
9
|
type: string;
|
|
10
|
-
dependencies: Record<string, Record<string, Dependency
|
|
10
|
+
dependencies: Record<string, Record<string, Dependency & {
|
|
11
|
+
location: SourceArrayLocation;
|
|
12
|
+
}>>;
|
|
11
13
|
constructor(mama: Pick<ManifestManager, "dependencies" | "devDependencies" | "nodejsImports">);
|
|
12
14
|
extract(): {
|
|
13
15
|
files: Set<string>;
|
|
@@ -24,7 +26,8 @@ export declare class DependencyCollectableSet implements CollectableSet<Dependen
|
|
|
24
26
|
hasMissingOrUnusedDependency: boolean;
|
|
25
27
|
};
|
|
26
28
|
};
|
|
27
|
-
add(value: string, { metadata }: CollectableInfos<DependencyCollectableSetMetadata>): void;
|
|
29
|
+
add(value: string, { metadata, location }: CollectableInfos<DependencyCollectableSetMetadata>): void;
|
|
28
30
|
values(): Set<string>;
|
|
31
|
+
toJSON(): CollectableSetData<DependencyCollectableSetMetadata>;
|
|
29
32
|
}
|
|
30
33
|
//# sourceMappingURL=DependencyCollectableSet.class.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"DependencyCollectableSet.class.d.ts","sourceRoot":"","sources":["../../src/class/DependencyCollectableSet.class.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,eAAe,EAAgB,MAAM,kBAAkB,CAAC;AACjE,OAAO,EACL,KAAK,UAAU,EACf,KAAK,cAAc,EACnB,KAAK,gBAAgB,
|
|
1
|
+
{"version":3,"file":"DependencyCollectableSet.class.d.ts","sourceRoot":"","sources":["../../src/class/DependencyCollectableSet.class.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,eAAe,EAAgB,MAAM,kBAAkB,CAAC;AACjE,OAAO,EACL,KAAK,UAAU,EACf,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACzB,MAAM,sBAAsB,CAAC;AAG9B,eAAO,MAAM,aAAa,aA2ExB,CAAC;AAiBH,MAAM,MAAM,gCAAgC,GAAG,UAAU,GAAG;IAC1D,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,qBAAa,wBAAyB,YAAW,cAAc,CAAC,gCAAgC,CAAC;;IAC/F,IAAI,SAAgB;IACpB,YAAY,EAAE,MAAM,CAClB,MAAM,EACN,MAAM,CAAC,MAAM,EAAE,UAAU,GAAG;QAAE,QAAQ,EAAE,mBAAmB,CAAC;KAAE,CAAC,CAChE,CAAuB;gBAatB,IAAI,EAAE,IAAI,CAAC,eAAe,EAAE,cAAc,GAAG,iBAAiB,GAAG,eAAe,CAAC;IAKnF,OAAO;;;;;;;;;;;;;;;IA0BP,GAAG,CACD,KAAK,EAAE,MAAM,EACb,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,gBAAgB,CAAC,gCAAgC,CAAC;IA4L5E,MAAM;IAIN,MAAM,IAAI,kBAAkB,CAAC,gCAAgC,CAAC;CAM/D"}
|
|
@@ -129,7 +129,7 @@ export class DependencyCollectableSet {
|
|
|
129
129
|
}
|
|
130
130
|
};
|
|
131
131
|
}
|
|
132
|
-
add(value, { metadata }) {
|
|
132
|
+
add(value, { metadata, location }) {
|
|
133
133
|
if (!metadata) {
|
|
134
134
|
return;
|
|
135
135
|
}
|
|
@@ -139,7 +139,8 @@ export class DependencyCollectableSet {
|
|
|
139
139
|
}
|
|
140
140
|
this.dependencies[relativeFile][value] = {
|
|
141
141
|
unsafe: Boolean(metadata?.unsafe),
|
|
142
|
-
inTry: Boolean(metadata?.inTry)
|
|
142
|
+
inTry: Boolean(metadata?.inTry),
|
|
143
|
+
location
|
|
143
144
|
};
|
|
144
145
|
if (metadata?.inTry) {
|
|
145
146
|
this.#dependenciesInTryBlock.add(value);
|
|
@@ -254,5 +255,11 @@ export class DependencyCollectableSet {
|
|
|
254
255
|
values() {
|
|
255
256
|
return this.#values;
|
|
256
257
|
}
|
|
258
|
+
toJSON() {
|
|
259
|
+
return {
|
|
260
|
+
type: this.type,
|
|
261
|
+
entries: []
|
|
262
|
+
};
|
|
263
|
+
}
|
|
257
264
|
}
|
|
258
265
|
//# sourceMappingURL=DependencyCollectableSet.class.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"DependencyCollectableSet.class.js","sourceRoot":"","sources":["../../src/class/DependencyCollectableSet.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,kCAAkC;AAClC,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AACjE,OAAO,
|
|
1
|
+
{"version":3,"file":"DependencyCollectableSet.class.js","sourceRoot":"","sources":["../../src/class/DependencyCollectableSet.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,kCAAkC;AAClC,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AACjE,OAAO,EAMN,MAAM,sBAAsB,CAAC;AAG9B,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IACnC,QAAQ;IACR,eAAe;IACf,QAAQ;IACR,eAAe;IACf,SAAS;IACT,SAAS;IACT,WAAW;IACX,QAAQ;IACR,OAAO;IACP,KAAK;IACL,cAAc;IACd,QAAQ;IACR,QAAQ;IACR,IAAI;IACJ,aAAa;IACb,MAAM;IACN,OAAO;IACP,QAAQ;IACR,KAAK;IACL,IAAI;IACJ,SAAS;IACT,MAAM;IACN,YAAY;IACZ,YAAY;IACZ,UAAU;IACV,aAAa;IACb,UAAU;IACV,mBAAmB;IACnB,MAAM;IACN,QAAQ;IACR,YAAY;IACZ,iBAAiB;IACjB,kBAAkB;IAClB,gBAAgB;IAChB,qBAAqB;IACrB,kBAAkB;IAClB,mBAAmB;IACnB,kBAAkB;IAClB,cAAc;IACd,gBAAgB;IAChB,KAAK;IACL,QAAQ;IACR,iBAAiB;IACjB,KAAK;IACL,KAAK;IACL,KAAK;IACL,MAAM;IACN,YAAY;IACZ,IAAI;IACJ,MAAM;IACN,UAAU;IACV,IAAI;IACJ,oBAAoB;IACpB,kBAAkB;IAClB,oBAAoB;IACpB,oBAAoB;IACpB,oBAAoB;IACpB,uBAAuB;IACvB,oBAAoB;IACpB,SAAS;IACT,WAAW;IACX,oBAAoB;IACpB,aAAa;IACb,OAAO;IACP,YAAY;IACZ,cAAc;IACd,gBAAgB;IAChB,WAAW;IACX,gBAAgB;IAChB,kBAAkB;IAClB,UAAU;IACV,aAAa;IACb,MAAM;IACN,qBAAqB;CACtB,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;AACzF,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC,CAAC,CAAC;AAC9F,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAC;IACtC,QAAQ;IACR,YAAY;IACZ,OAAO;IACP,aAAa;IACb,KAAK;IACL,OAAO;IACP,IAAI;IACJ,YAAY;IACZ,aAAa;CACd,CAAC,CAAC;AACH,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;AAM9D,MAAM,OAAO,wBAAwB;IACnC,IAAI,GAAG,YAAY,CAAC;IACpB,YAAY,GAGR,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACxB,OAAO,GAAgB,IAAI,GAAG,EAAE,CAAC;IACjC,MAAM,GAAgB,IAAI,GAAG,EAAE,CAAC;IAChC,uBAAuB,GAAgB,IAAI,GAAG,EAAE,CAAC;IACjD,2BAA2B,GAA2B,EAAE,CAAC;IACzD,uBAAuB,GAAgB,IAAI,GAAG,EAAE,CAAC;IACjD,8BAA8B,GAAgB,IAAI,GAAG,EAAE,CAAC;IACxD,oBAAoB,GAAgB,IAAI,GAAG,EAAE,CAAC;IAC9C,iBAAiB,GAAgB,IAAI,GAAG,EAAE,CAAC;IAC3C,KAAK,CAA8E;IACnF,oBAAoB,GAAY,KAAK,CAAC;IAEtC,YACE,IAAiF;QAEjF,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;IAED,OAAO;QACL,MAAM,kBAAkB,GAAG,IAAI,CAAC,WAAW,CACzC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,EACpE,CAAC,GAAG,IAAI,CAAC,uBAAuB,EAAE,GAAG,IAAI,CAAC,8BAA8B,CAAC,CAC1E,CAAC;QACF,MAAM,4BAA4B,GAChC,kBAAkB,CAAC,MAAM,GAAG,CAAC;YAC7B,IAAI,CAAC,oBAAoB,CAAC,IAAI,GAAG,CAAC,CAAC;QAErC,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,MAAM;YAClB,sBAAsB,EAAE,CAAC,GAAG,IAAI,CAAC,uBAAuB,CAAC;YACzD,YAAY,EAAE;gBACZ,MAAM,EAAE,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC;gBACnC,UAAU,EAAE,CAAC,GAAG,IAAI,CAAC,uBAAuB,CAAC;gBAC7C,cAAc,EAAE,IAAI,CAAC,2BAA2B;gBAChD,MAAM,EAAE,kBAAkB;gBAC1B,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC;aACxC;YACD,KAAK,EAAE;gBACL,mBAAmB,EAAE,IAAI,CAAC,oBAAoB;gBAC9C,4BAA4B;aAC7B;SACF,CAAC;IACJ,CAAC;IAED,GAAG,CACD,KAAa,EACb,EAAE,QAAQ,EAAE,QAAQ,EAAsD;QAE1E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO;QACT,CAAC;QAED,MAAM,YAAY,GAAG,QAAQ,CAAC,YAAY,CAAC;QAC3C,IAAI,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;YACzC,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,GAAG;YACvC,MAAM,EAAE,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC;YACjC,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC;YAC/B,QAAQ;SACT,CAAC;QAEF,IAAI,QAAQ,EAAE,KAAK,EAAE,CAAC;YACpB,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,sBAAsB,CAC1C,KAAK,EACL,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAC3B,CAAC;QAEF,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QACD,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACrB,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;QACtE,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IAED,sBAAsB,CACpB,UAAkB,EAClB,oBAA4B;QAE5B,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;QAEvC;;;;WAIG;QACH,IAAI,SAAS,KAAK,GAAG,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;YAC3C,wCAAwC;YACxC,IAAI,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBACxC,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,UAAU,CAAC,EAAE,CAAC;YACrD,CAAC;YAED,sFAAsF;YACtF,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC;gBACrD,GAAG,UAAU,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC;YAElC,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,aAAa,CAAC,EAAE,CAAC;QAClE,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IACjC,CAAC;IAED,kBAAkB,CAChB,gBAAwB,EACxB,KAAc;QAEd,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACvC,OAAO;QACT,CAAC;QAED,MAAM,EACJ,YAAY,EACZ,eAAe,EACf,aAAa,GAAG,EAAE,EACnB,GAAG,IAAI,CAAC,KAAK,CAAC;QAEf,IAAI,2BAA+C,CAAC;QACpD,4DAA4D;QAC5D,IAAI,IAAI,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,IAAI,gBAAgB,IAAI,aAAa,EAAE,CAAC;YACnF,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC,uBAAuB,CAAC,gBAAgB,EAAE,aAAa,CAAC,CAAC;YAC3F,IAAI,CAAC,2BAA2B,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC;YACtD,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/B,IAAI,CAAC,8BAA8B,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACrD,2BAA2B,GAAG,WAAW,CAAC;YAC5C,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,sBAAsB,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;QAEzE,IAAI,oBAAwC,CAAC;QAE7C,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;YACrB,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;YACzB,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC;eAC5B,CAAC,KAAK,EACT,CAAC;YACD,oBAAoB,GAAG,IAAI,CAAC;YAC5B,IAAI,CAAC,uBAAuB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACzC,CAAC;QAED,IACE,oBAAoB;YACpB,IAAI,CAAC,oBAAoB,CAAC,oBAAoB,EAAE,2BAA2B,CAAC,EAC5E,CAAC;YACD,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACtD,CAAC;QAED,IAAI,gBAAgB,GAAG,KAAK,CAAC;QAE7B,IAAI,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACzC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAC7C,gBAAgB,GAAG,IAAI,CAAC;QAC1B,CAAC;QAED,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC9B,OAAO;QACT,CAAC;QAED,IAAI,CAAC,CAAC,gBAAgB,IAAI,gBAAgB,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;eAC5D,CAAC,oBAAoB,IAAI,uBAAuB,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC;YAClF,IAAI,CAAC,oBAAoB,GAAG,IAAI,CAAC;QACnC,CAAC;IACH,CAAC;IAED,sBAAsB,CACpB,gBAAwB,EACxB,YAAsB;QAEtB,KAAK,MAAM,UAAU,IAAI,YAAY,EAAE,CAAC;YACtC,IAAI,UAAU,KAAK,gBAAgB,EAAE,CAAC;gBACpC,OAAO,gBAAgB,CAAC;YAC1B,CAAC;YAED,IAAI,gBAAgB,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC5C,OAAO,UAAU,CAAC;YACpB,CAAC;QACH,CAAC;QAED,OAAO,YAAY,CAAC,gBAAgB,CAAC,EAAE,IAAI,IAAI,gBAAgB,CAAC;IAClE,CAAC;IAED,oBAAoB,CAClB,oBAA4B,EAC5B,2BAA+C;QAE/C,MAAM,EAAE,YAAY,EAAE,aAAa,GAAG,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QAExD,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,oBAAoB,CAAC;YACjD,CAAC,CAAC,oBAAoB,IAAI,aAAa,CAAC;YACxC,oBAAoB,KAAK,2BAA2B,CAAC;IACzD,CAAC;IAED,WAAW,CAAI,IAAS,EAAE,IAAS;QACjC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,CACL,QAAgB;QAEhB,OAAO,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC;eAC1B,eAAe,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;IACzE,CAAC;IAED,aAAa,CACX,UAAkB;QAElB,MAAM,eAAe,GAAG,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;QAE1F,oGAAoG;QACpG,OAAO,aAAa,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC7E,CAAC;IAED,kBAAkB,CAChB,UAAkB;QAElB,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC;IACtC,CAAC;IAED,uBAAuB,CACrB,KAAa,EACb,WAAgD;QAEhD,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;QAEvC,OAAO,OAAO,WAAW,KAAK,QAAQ,CAAC,CAAC;YACtC,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC;YACtB,CAAC,KAAK,EAAE,MAAM,IAAI,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IAC5E,CAAC;IAED,MAAM;QACJ,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAED,MAAM;QACJ,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,EAAE;SACZ,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -1,8 +1,10 @@
|
|
|
1
1
|
export interface Resolver {
|
|
2
2
|
isPrivateHost(hostname: string): Promise<boolean>;
|
|
3
3
|
}
|
|
4
|
+
export type Lookup = (hostname: string) => Promise<string[]>;
|
|
4
5
|
export declare class DnsResolver implements Resolver {
|
|
5
6
|
#private;
|
|
7
|
+
constructor(lookup?: Lookup);
|
|
6
8
|
isPrivateHost(hostname: string): Promise<boolean>;
|
|
7
9
|
}
|
|
8
10
|
//# sourceMappingURL=DnsResolver.class.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"DnsResolver.class.d.ts","sourceRoot":"","sources":["../../src/class/DnsResolver.class.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"DnsResolver.class.d.ts","sourceRoot":"","sources":["../../src/class/DnsResolver.class.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,QAAQ;IACvB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;CACnD;AAED,MAAM,MAAM,MAAM,GAAG,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAmB7D,qBAAa,WAAY,YAAW,QAAQ;;gBAG9B,MAAM,CAAC,EAAE,MAAM;IAGrB,aAAa,CAAC,QAAQ,EAAE,MAAM;CA0BrC"}
|
|
@@ -1,13 +1,34 @@
|
|
|
1
1
|
// Import Node.js Dependencies
|
|
2
|
-
import {
|
|
3
|
-
import {} from "node:dns";
|
|
2
|
+
import { resolve4, resolve6 } from "node:dns/promises";
|
|
4
3
|
// Import Third-party Dependencies
|
|
5
4
|
import ipaddress from "ipaddr.js";
|
|
5
|
+
async function lookupAll(hostname) {
|
|
6
|
+
const ips = await Promise.allSettled([
|
|
7
|
+
resolve4(hostname),
|
|
8
|
+
resolve6(hostname)
|
|
9
|
+
]);
|
|
10
|
+
const ipv4 = ips[0].status === "fulfilled"
|
|
11
|
+
? ips[0].value
|
|
12
|
+
: [];
|
|
13
|
+
const ipv6 = ips[1].status === "fulfilled"
|
|
14
|
+
? ips[1].value
|
|
15
|
+
: [];
|
|
16
|
+
return [...ipv4, ...ipv6];
|
|
17
|
+
}
|
|
6
18
|
export class DnsResolver {
|
|
19
|
+
#memo = new Map();
|
|
20
|
+
#lookup;
|
|
21
|
+
constructor(lookup) {
|
|
22
|
+
this.#lookup = lookup ?? lookupAll;
|
|
23
|
+
}
|
|
7
24
|
async isPrivateHost(hostname) {
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
25
|
+
if (this.#memo.has(hostname)) {
|
|
26
|
+
return this.#memo.get(hostname);
|
|
27
|
+
}
|
|
28
|
+
const ipAddressList = await this.#lookup(hostname);
|
|
29
|
+
const isPrivate = ipAddressList.some(this.#isPrivateIPAddress);
|
|
30
|
+
this.#memo.set(hostname, isPrivate);
|
|
31
|
+
return isPrivate;
|
|
11
32
|
}
|
|
12
33
|
#isPrivateIPAddress(ipAddress) {
|
|
13
34
|
let ip = ipaddress.parse(ipAddress);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"DnsResolver.class.js","sourceRoot":"","sources":["../../src/class/DnsResolver.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"DnsResolver.class.js","sourceRoot":"","sources":["../../src/class/DnsResolver.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAEvD,kCAAkC;AAClC,OAAO,SAAS,MAAM,WAAW,CAAC;AAQlC,KAAK,UAAU,SAAS,CAAC,QAAgB;IACvC,MAAM,GAAG,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC;QACnC,QAAQ,CAAC,QAAQ,CAAC;QAClB,QAAQ,CAAC,QAAQ,CAAC;KACnB,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,WAAW;QACxC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;QACd,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,IAAI,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,WAAW;QACxC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK;QACd,CAAC,CAAC,EAAE,CAAC;IAEP,OAAO,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,OAAO,WAAW;IACtB,KAAK,GAAyB,IAAI,GAAG,EAAE,CAAC;IACxC,OAAO,CAAS;IAChB,YAAY,MAAe;QACzB,IAAI,CAAC,OAAO,GAAG,MAAM,IAAI,SAAS,CAAC;IACrC,CAAC;IACD,KAAK,CAAC,aAAa,CAAC,QAAgB;QAClC,IAAI,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAC;QACnC,CAAC;QACD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAEnD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAC/D,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;QAEpC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,mBAAmB,CAAC,SAAiB;QACnC,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAEpC,IAAI,EAAE,YAAY,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC7D,EAAE,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAC1B,CAAC;QAED,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import { EventEmitter } from "node:events";
|
|
2
|
+
import type { AstAnalyserOptions, Type } from "@nodesecure/js-x-ray";
|
|
3
|
+
import { type WorkerHandle, type PooledWorkerEvents } from "./PooledWorker.class.ts";
|
|
4
|
+
import type { ScanResultPayload } from "../types.ts";
|
|
5
|
+
export type WorkerFactory = (events: PooledWorkerEvents) => WorkerHandle;
|
|
6
|
+
export interface NpmTarballWorkerPoolOptions {
|
|
7
|
+
/**
|
|
8
|
+
* Number of workers in the pool
|
|
9
|
+
* @default 4
|
|
10
|
+
*/
|
|
11
|
+
workerCount?: number;
|
|
12
|
+
/**
|
|
13
|
+
* Factory used to create each worker in the pool.
|
|
14
|
+
* Defaults to creating a real PooledWorker backed by a worker thread.
|
|
15
|
+
* Override in tests to inject a mock without patching modules.
|
|
16
|
+
*/
|
|
17
|
+
workerFactory?: WorkerFactory;
|
|
18
|
+
}
|
|
19
|
+
export interface WorkerTask {
|
|
20
|
+
/**
|
|
21
|
+
* Location of the package to scan (e.g. tarball path or directory path).
|
|
22
|
+
*/
|
|
23
|
+
location: string;
|
|
24
|
+
/**
|
|
25
|
+
* Options for the AST analyser.
|
|
26
|
+
* `collectables` is not supported and should not be provided,
|
|
27
|
+
* as collectable sets are managed separately via the `collectableTypes` option.
|
|
28
|
+
*/
|
|
29
|
+
astAnalyserOptions?: Omit<AstAnalyserOptions, "collectables">;
|
|
30
|
+
/**
|
|
31
|
+
* Collectable types to gather during scanning (e.g. "url", "hostname").
|
|
32
|
+
* Results are serialized and returned in ScanResultPayload.collectables.
|
|
33
|
+
*/
|
|
34
|
+
collectableTypes?: Type[];
|
|
35
|
+
}
|
|
36
|
+
export interface WorkerTaskWithId extends WorkerTask {
|
|
37
|
+
id: string;
|
|
38
|
+
}
|
|
39
|
+
type WorkerTaskResultOk = {
|
|
40
|
+
id: string;
|
|
41
|
+
result: ScanResultPayload;
|
|
42
|
+
};
|
|
43
|
+
type WorkerTaskResultErr = {
|
|
44
|
+
id: string;
|
|
45
|
+
error: string;
|
|
46
|
+
};
|
|
47
|
+
export type WorkerTaskResult = WorkerTaskResultOk | WorkerTaskResultErr;
|
|
48
|
+
export declare class NpmTarballWorkerPool extends EventEmitter {
|
|
49
|
+
#private;
|
|
50
|
+
constructor(options?: NpmTarballWorkerPoolOptions);
|
|
51
|
+
scan(task: WorkerTask): Promise<ScanResultPayload>;
|
|
52
|
+
terminate(): Promise<void>;
|
|
53
|
+
[Symbol.asyncDispose](): Promise<void>;
|
|
54
|
+
}
|
|
55
|
+
export {};
|
|
56
|
+
//# sourceMappingURL=NpmTarballWorkerPool.class.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NpmTarballWorkerPool.class.d.ts","sourceRoot":"","sources":["../../src/class/NpmTarballWorkerPool.class.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAK3C,OAAO,KAAK,EACV,kBAAkB,EAClB,IAAI,EACL,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAEL,KAAK,YAAY,EACjB,KAAK,kBAAkB,EACxB,MAAM,yBAAyB,CAAC;AACjC,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAErD,MAAM,MAAM,aAAa,GAAG,CAAC,MAAM,EAAE,kBAAkB,KAAK,YAAY,CAAC;AAEzE,MAAM,WAAW,2BAA2B;IAC1C;;;OAGG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB;;;;OAIG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC;CAC/B;AAED,MAAM,WAAW,UAAU;IACzB;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,IAAI,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC;IAC9D;;;OAGG;IACH,gBAAgB,CAAC,EAAE,IAAI,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,gBAAiB,SAAQ,UAAU;IAClD,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,KAAK,kBAAkB,GAAG;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,iBAAiB,CAAC;CAC3B,CAAC;AAEF,KAAK,mBAAmB,GAAG;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,gBAAgB,GACxB,kBAAkB,GAClB,mBAAmB,CAAC;AAwCxB,qBAAa,oBAAqB,SAAQ,YAAY;;gBASlD,OAAO,GAAE,2BAAgC;IA8E3C,IAAI,CACF,IAAI,EAAE,UAAU,GACf,OAAO,CAAC,iBAAiB,CAAC;IAiCvB,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;IAiBhC,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC;CAGvC"}
|
|
@@ -0,0 +1,127 @@
|
|
|
1
|
+
// Import Node.js Dependencies
|
|
2
|
+
import { EventEmitter } from "node:events";
|
|
3
|
+
import path from "node:path";
|
|
4
|
+
// Import Third-party Dependencies
|
|
5
|
+
import hyperid from "hyperid";
|
|
6
|
+
// Import Internal Dependencies
|
|
7
|
+
import { PooledWorker } from "./PooledWorker.class.js";
|
|
8
|
+
/**
|
|
9
|
+
* O(1) amortized FIFO queue using a head-pointer to avoid
|
|
10
|
+
* the O(n) cost of Array.shift().
|
|
11
|
+
*/
|
|
12
|
+
class TaskQueue {
|
|
13
|
+
#items = [];
|
|
14
|
+
#head = 0;
|
|
15
|
+
enqueue(task) {
|
|
16
|
+
this.#items.push(task);
|
|
17
|
+
}
|
|
18
|
+
dequeue() {
|
|
19
|
+
if (this.#head >= this.#items.length) {
|
|
20
|
+
return undefined;
|
|
21
|
+
}
|
|
22
|
+
const item = this.#items[this.#head++];
|
|
23
|
+
if (this.#head > 0 && this.#head >= this.#items.length / 2) {
|
|
24
|
+
this.#items = this.#items.slice(this.#head);
|
|
25
|
+
this.#head = 0;
|
|
26
|
+
}
|
|
27
|
+
return item;
|
|
28
|
+
}
|
|
29
|
+
clear() {
|
|
30
|
+
this.#items = [];
|
|
31
|
+
this.#head = 0;
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
export class NpmTarballWorkerPool extends EventEmitter {
|
|
35
|
+
#generateTaskId = hyperid();
|
|
36
|
+
#workers = [];
|
|
37
|
+
#availableWorkers = [];
|
|
38
|
+
#processingTasks = new Map();
|
|
39
|
+
#waitingTasks = new TaskQueue();
|
|
40
|
+
#isTerminated = false;
|
|
41
|
+
constructor(options = {}) {
|
|
42
|
+
super();
|
|
43
|
+
const { workerCount = 4, workerFactory } = options;
|
|
44
|
+
const workerPath = path.join(import.meta.dirname, "NpmTarballWorkerScript.js");
|
|
45
|
+
const factory = workerFactory ??
|
|
46
|
+
((events) => new PooledWorker(workerPath, events));
|
|
47
|
+
for (let i = 0; i < workerCount; i++) {
|
|
48
|
+
const worker = factory({
|
|
49
|
+
onComplete: (worker, message) => this.#onWorkerComplete(worker, message),
|
|
50
|
+
onError: (worker, error, taskId) => this.#onWorkerError(worker, error, taskId)
|
|
51
|
+
});
|
|
52
|
+
this.#workers.push(worker);
|
|
53
|
+
this.#availableWorkers.push(worker);
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
#onWorkerComplete(worker, message) {
|
|
57
|
+
const handler = this.#processingTasks.get(message.id);
|
|
58
|
+
if (handler) {
|
|
59
|
+
this.#processingTasks.delete(message.id);
|
|
60
|
+
if ("error" in message) {
|
|
61
|
+
handler.reject(new Error(message.error));
|
|
62
|
+
}
|
|
63
|
+
else {
|
|
64
|
+
handler.resolve(message.result);
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
const nextTask = this.#waitingTasks.dequeue();
|
|
68
|
+
if (nextTask) {
|
|
69
|
+
worker.execute(nextTask);
|
|
70
|
+
}
|
|
71
|
+
else {
|
|
72
|
+
this.#availableWorkers.push(worker);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
#onWorkerError(worker, error, taskId) {
|
|
76
|
+
if (taskId) {
|
|
77
|
+
const handler = this.#processingTasks.get(taskId);
|
|
78
|
+
if (handler) {
|
|
79
|
+
this.#processingTasks.delete(taskId);
|
|
80
|
+
handler.reject(error);
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
this.emit("error", error);
|
|
84
|
+
const nextTask = this.#waitingTasks.dequeue();
|
|
85
|
+
if (nextTask) {
|
|
86
|
+
worker.execute(nextTask);
|
|
87
|
+
}
|
|
88
|
+
else {
|
|
89
|
+
this.#availableWorkers.push(worker);
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
scan(task) {
|
|
93
|
+
if (this.#isTerminated) {
|
|
94
|
+
return Promise.reject(new Error("NpmTarballWorkerPool has been terminated"));
|
|
95
|
+
}
|
|
96
|
+
const fullTask = {
|
|
97
|
+
id: this.#generateTaskId(),
|
|
98
|
+
...task
|
|
99
|
+
};
|
|
100
|
+
const { promise, resolve, reject } = Promise.withResolvers();
|
|
101
|
+
this.#processingTasks.set(fullTask.id, { resolve, reject });
|
|
102
|
+
const availableWorker = this.#availableWorkers.pop() ?? null;
|
|
103
|
+
if (availableWorker) {
|
|
104
|
+
availableWorker.execute(fullTask);
|
|
105
|
+
}
|
|
106
|
+
else {
|
|
107
|
+
this.#waitingTasks.enqueue(fullTask);
|
|
108
|
+
}
|
|
109
|
+
return promise;
|
|
110
|
+
}
|
|
111
|
+
async terminate() {
|
|
112
|
+
this.#isTerminated = true;
|
|
113
|
+
const terminationError = new Error("NpmTarballWorkerPool terminated");
|
|
114
|
+
for (const handler of this.#processingTasks.values()) {
|
|
115
|
+
handler.reject(terminationError);
|
|
116
|
+
}
|
|
117
|
+
this.#processingTasks.clear();
|
|
118
|
+
this.#waitingTasks.clear();
|
|
119
|
+
this.#availableWorkers = [];
|
|
120
|
+
await Promise.all(this.#workers.map((worker) => worker.terminate()));
|
|
121
|
+
this.#workers = [];
|
|
122
|
+
}
|
|
123
|
+
[Symbol.asyncDispose]() {
|
|
124
|
+
return this.terminate();
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
//# sourceMappingURL=NpmTarballWorkerPool.class.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NpmTarballWorkerPool.class.js","sourceRoot":"","sources":["../../src/class/NpmTarballWorkerPool.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,kCAAkC;AAClC,OAAO,OAAO,MAAM,SAAS,CAAC;AAM9B,+BAA+B;AAC/B,OAAO,EACL,YAAY,EAGb,MAAM,yBAAyB,CAAC;AA6DjC;;;GAGG;AACH,MAAM,SAAS;IACb,MAAM,GAAuB,EAAE,CAAC;IAChC,KAAK,GAAG,CAAC,CAAC;IAEV,OAAO,CACL,IAAsB;QAEtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC;IAED,OAAO;QACL,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACrC,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;QACvC,IAAI,IAAI,CAAC,KAAK,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3D,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC5C,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC;QACjB,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK;QACH,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACjB,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC;IACjB,CAAC;CACF;AAED,MAAM,OAAO,oBAAqB,SAAQ,YAAY;IACpD,eAAe,GAAG,OAAO,EAAE,CAAC;IAC5B,QAAQ,GAAmB,EAAE,CAAC;IAC9B,iBAAiB,GAAmB,EAAE,CAAC;IACvC,gBAAgB,GAAoC,IAAI,GAAG,EAAE,CAAC;IAC9D,aAAa,GAAG,IAAI,SAAS,EAAE,CAAC;IAChC,aAAa,GAAG,KAAK,CAAC;IAEtB,YACE,UAAuC,EAAE;QAEzC,KAAK,EAAE,CAAC;QAER,MAAM,EAAE,WAAW,GAAG,CAAC,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;QACnD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAC1B,MAAM,CAAC,IAAI,CAAC,OAAO,EACnB,2BAA2B,CAC5B,CAAC;QACF,MAAM,OAAO,GAAkB,aAAa;YAC1C,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;QAErD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,OAAO,CAAC;gBACrB,UAAU,EAAE,CACV,MAAM,EACN,OAAO,EACP,EAAE,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,OAAO,CAAC;gBAC5C,OAAO,EAAE,CACP,MAAM,EACN,KAAK,EACL,MAAM,EACN,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC;aAChD,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC3B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,iBAAiB,CACf,MAAoB,EACpB,OAAyB;QAEzB,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACtD,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YAEzC,IAAI,OAAO,IAAI,OAAO,EAAE,CAAC;gBACvB,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;YAC3C,CAAC;iBACI,CAAC;gBACJ,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YAClC,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;QAC9C,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC3B,CAAC;aACI,CAAC;YACJ,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,cAAc,CACZ,MAAoB,EACpB,KAAY,EACZ,MAAqB;QAErB,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAClD,IAAI,OAAO,EAAE,CAAC;gBACZ,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;gBACrC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC1B,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;QAC9C,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC3B,CAAC;aACI,CAAC;YACJ,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,IAAI,CACF,IAAgB;QAEhB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,OAAO,OAAO,CAAC,MAAM,CACnB,IAAI,KAAK,CAAC,0CAA0C,CAAC,CACtD,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAqB;YACjC,EAAE,EAAE,IAAI,CAAC,eAAe,EAAE;YAC1B,GAAG,IAAI;SACR,CAAC;QAEF,MAAM,EACJ,OAAO,EACP,OAAO,EACP,MAAM,EACP,GAAG,OAAO,CAAC,aAAa,EAAqB,CAAC;QAC/C,IAAI,CAAC,gBAAgB,CAAC,GAAG,CACvB,QAAQ,CAAC,EAAE,EACX,EAAE,OAAO,EAAE,MAAM,EAAE,CACpB,CAAC;QAEF,MAAM,eAAe,GAAG,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC;QAC7D,IAAI,eAAe,EAAE,CAAC;YACpB,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACpC,CAAC;aACI,CAAC;YACJ,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,SAAS;QACb,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;QAE1B,MAAM,gBAAgB,GAAG,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;QACtE,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,EAAE,CAAC;YACrD,OAAO,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,gBAAgB,CAAC,KAAK,EAAE,CAAC;QAC9B,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;QAC3B,IAAI,CAAC,iBAAiB,GAAG,EAAE,CAAC;QAE5B,MAAM,OAAO,CAAC,GAAG,CACf,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAClD,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;IACrB,CAAC;IAED,CAAC,MAAM,CAAC,YAAY,CAAC;QACnB,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;IAC1B,CAAC;CACF"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NpmTarballWorkerScript.d.ts","sourceRoot":"","sources":["../../src/class/NpmTarballWorkerScript.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
// Import Node.js Dependencies
|
|
2
|
+
import { parentPort } from "node:worker_threads";
|
|
3
|
+
// Import Third-party Dependencies
|
|
4
|
+
import { DefaultCollectableSet } from "@nodesecure/js-x-ray";
|
|
5
|
+
// Import Internal Dependencies
|
|
6
|
+
import { scanPackageCore } from "../tarball.js";
|
|
7
|
+
if (!parentPort) {
|
|
8
|
+
throw new Error("This script must be run as a worker thread.");
|
|
9
|
+
}
|
|
10
|
+
parentPort.on("message", onWorkerMessage);
|
|
11
|
+
async function onWorkerMessage(task) {
|
|
12
|
+
let message;
|
|
13
|
+
try {
|
|
14
|
+
const collectables = (task.collectableTypes ?? []).map((type) => new DefaultCollectableSet(type));
|
|
15
|
+
const result = await scanPackageCore(task.location, {
|
|
16
|
+
...task.astAnalyserOptions,
|
|
17
|
+
collectables
|
|
18
|
+
});
|
|
19
|
+
message = {
|
|
20
|
+
id: task.id,
|
|
21
|
+
result: {
|
|
22
|
+
...result,
|
|
23
|
+
collectables: collectables.map((set) => set.toJSON())
|
|
24
|
+
}
|
|
25
|
+
};
|
|
26
|
+
}
|
|
27
|
+
catch (error) {
|
|
28
|
+
const messageError = error instanceof Error ?
|
|
29
|
+
error.message :
|
|
30
|
+
String(error);
|
|
31
|
+
message = {
|
|
32
|
+
id: task.id,
|
|
33
|
+
error: messageError
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
parentPort?.postMessage(message);
|
|
37
|
+
}
|
|
38
|
+
//# sourceMappingURL=NpmTarballWorkerScript.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NpmTarballWorkerScript.js","sourceRoot":"","sources":["../../src/class/NpmTarballWorkerScript.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEjD,kCAAkC;AAClC,OAAO,EACL,qBAAqB,EACtB,MAAM,sBAAsB,CAAC;AAE9B,+BAA+B;AAC/B,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAOhD,IAAI,CAAC,UAAU,EAAE,CAAC;IAChB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;AACjE,CAAC;AAED,UAAU,CAAC,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;AAE1C,KAAK,UAAU,eAAe,CAC5B,IAAsB;IAEtB,IAAI,OAAyB,CAAC;IAE9B,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,GAAG,CACpD,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,qBAAqB,CAAC,IAAI,CAAC,CAC1C,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,eAAe,CAClC,IAAI,CAAC,QAAQ,EACb;YACE,GAAG,IAAI,CAAC,kBAAkB;YAC1B,YAAY;SACb,CACF,CAAC;QAEF,OAAO,GAAG;YACR,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,MAAM,EAAE;gBACN,GAAG,MAAM;gBACT,YAAY,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;aACtD;SACF,CAAC;IACJ,CAAC;IACD,OAAO,KAAK,EAAE,CAAC;QACb,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC;YAC3C,KAAK,CAAC,OAAO,CAAC,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,CAAC;QAEhB,OAAO,GAAG;YACR,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,KAAK,EAAE,YAAY;SACpB,CAAC;IACJ,CAAC;IAED,UAAU,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;AACnC,CAAC"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import type { WorkerTaskWithId, WorkerTaskResult } from "./NpmTarballWorkerPool.class.ts";
|
|
2
|
+
export interface WorkerHandle {
|
|
3
|
+
isAvailable: boolean;
|
|
4
|
+
execute(task: WorkerTaskWithId): void;
|
|
5
|
+
terminate(): Promise<number>;
|
|
6
|
+
}
|
|
7
|
+
export interface PooledWorkerEvents {
|
|
8
|
+
onComplete: (worker: WorkerHandle, result: WorkerTaskResult) => void;
|
|
9
|
+
onError: (worker: WorkerHandle, error: Error, taskId: string | null) => void;
|
|
10
|
+
}
|
|
11
|
+
export declare class PooledWorker implements WorkerHandle {
|
|
12
|
+
#private;
|
|
13
|
+
constructor(workerPath: string, events: PooledWorkerEvents);
|
|
14
|
+
get isAvailable(): boolean;
|
|
15
|
+
execute(task: WorkerTaskWithId): void;
|
|
16
|
+
terminate(): Promise<number>;
|
|
17
|
+
}
|
|
18
|
+
//# sourceMappingURL=PooledWorker.class.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"PooledWorker.class.d.ts","sourceRoot":"","sources":["../../src/class/PooledWorker.class.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EACV,gBAAgB,EAChB,gBAAgB,EACjB,MAAM,iCAAiC,CAAC;AAEzC,MAAM,WAAW,YAAY;IAC3B,WAAW,EAAE,OAAO,CAAC;IACrB,OAAO,CACL,IAAI,EAAE,gBAAgB,GACrB,IAAI,CAAC;IACR,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE,CACV,MAAM,EAAE,YAAY,EACpB,MAAM,EAAE,gBAAgB,KACrB,IAAI,CAAC;IACV,OAAO,EAAE,CACP,MAAM,EAAE,YAAY,EACpB,KAAK,EAAE,KAAK,EACZ,MAAM,EAAE,MAAM,GAAG,IAAI,KAClB,IAAI,CAAC;CACX;AAED,qBAAa,YAAa,YAAW,YAAY;;gBAM7C,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,kBAAkB;IAiB5B,IAAI,WAAW,IAAI,OAAO,CAEzB;IAED,OAAO,CACL,IAAI,EAAE,gBAAgB,GACrB,IAAI;IASP,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC;CAG7B"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
// Import Node.js Dependencies
|
|
2
|
+
import { Worker } from "node:worker_threads";
|
|
3
|
+
export class PooledWorker {
|
|
4
|
+
#worker;
|
|
5
|
+
#currentTaskId = null;
|
|
6
|
+
#events;
|
|
7
|
+
constructor(workerPath, events) {
|
|
8
|
+
this.#events = events;
|
|
9
|
+
this.#worker = new Worker(workerPath);
|
|
10
|
+
this.#worker.on("message", (message) => {
|
|
11
|
+
this.#currentTaskId = null;
|
|
12
|
+
this.#events.onComplete(this, message);
|
|
13
|
+
});
|
|
14
|
+
this.#worker.on("error", (error) => {
|
|
15
|
+
const taskId = this.#currentTaskId;
|
|
16
|
+
this.#currentTaskId = null;
|
|
17
|
+
this.#events.onError(this, error, taskId);
|
|
18
|
+
});
|
|
19
|
+
}
|
|
20
|
+
get isAvailable() {
|
|
21
|
+
return this.#currentTaskId === null;
|
|
22
|
+
}
|
|
23
|
+
execute(task) {
|
|
24
|
+
if (!this.isAvailable) {
|
|
25
|
+
throw new Error(`Worker is busy with task ${this.#currentTaskId}`);
|
|
26
|
+
}
|
|
27
|
+
this.#currentTaskId = task.id;
|
|
28
|
+
this.#worker.postMessage(task);
|
|
29
|
+
}
|
|
30
|
+
terminate() {
|
|
31
|
+
return this.#worker.terminate();
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
//# sourceMappingURL=PooledWorker.class.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"PooledWorker.class.js","sourceRoot":"","sources":["../../src/class/PooledWorker.class.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AA4B7C,MAAM,OAAO,YAAY;IACvB,OAAO,CAAS;IAChB,cAAc,GAAkB,IAAI,CAAC;IACrC,OAAO,CAAqB;IAE5B,YACE,UAAkB,EAClB,MAA0B;QAE1B,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,OAAO,GAAG,IAAI,MAAM,CAAC,UAAU,CAAC,CAAC;QAEtC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,CAAC,OAAyB,EAAE,EAAE;YACvD,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;YAC3B,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAY,EAAE,EAAE;YACxC,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC;YACnC,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;YAC3B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAC5C,CAAC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,cAAc,KAAK,IAAI,CAAC;IACtC,CAAC;IAED,OAAO,CACL,IAAsB;QAEtB,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,4BAA4B,IAAI,CAAC,cAAc,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC,EAAE,CAAC;QAC9B,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;IAED,SAAS;QACP,OAAO,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;IAClC,CAAC;CACF"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,sBAAsB,aAAwD,CAAC;AAE5F,eAAO,MAAM,SAAS;;;;CAElB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;AAE5F,MAAM,CAAC,MAAM,SAAS,GAAG,OAAO,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,QAAQ,CAAC,CAAC;IAC1E,EAAE,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC1C,EAAE,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
export * from "./tarball.ts";
|
|
2
2
|
export * from "./class/NpmTarball.class.ts";
|
|
3
3
|
export * from "./class/DependencyCollectableSet.class.ts";
|
|
4
|
+
export { NpmTarballWorkerPool, type WorkerTask, type NpmTarballWorkerPoolOptions } from "./class/NpmTarballWorkerPool.class.ts";
|
|
5
|
+
export * from "./types.ts";
|
|
4
6
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,6BAA6B,CAAC;AAC5C,cAAc,2CAA2C,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,6BAA6B,CAAC;AAC5C,cAAc,2CAA2C,CAAC;AAC1D,OAAO,EACL,oBAAoB,EACpB,KAAK,UAAU,EACf,KAAK,2BAA2B,EACjC,MAAM,uCAAuC,CAAC;AAC/C,cAAc,YAAY,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
export * from "./tarball.js";
|
|
2
2
|
export * from "./class/NpmTarball.class.js";
|
|
3
3
|
export * from "./class/DependencyCollectableSet.class.js";
|
|
4
|
+
export { NpmTarballWorkerPool } from "./class/NpmTarballWorkerPool.class.js";
|
|
5
|
+
export * from "./types.js";
|
|
4
6
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,6BAA6B,CAAC;AAC5C,cAAc,2CAA2C,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,6BAA6B,CAAC;AAC5C,cAAc,2CAA2C,CAAC;AAC1D,OAAO,EACL,oBAAoB,EAGrB,MAAM,uCAAuC,CAAC;AAC/C,cAAc,YAAY,CAAC"}
|
package/dist/tarball.d.ts
CHANGED
|
@@ -1,40 +1,12 @@
|
|
|
1
1
|
import { type Warning, type Dependency, type AstAnalyserOptions } from "@nodesecure/js-x-ray";
|
|
2
2
|
import * as conformance from "@nodesecure/conformance";
|
|
3
|
-
import { ManifestManager
|
|
3
|
+
import { ManifestManager } from "@nodesecure/mama";
|
|
4
4
|
import pacote from "pacote";
|
|
5
|
-
|
|
6
|
-
id: number;
|
|
7
|
-
type: PackageModuleType;
|
|
8
|
-
usedBy: Record<string, string>;
|
|
9
|
-
isDevDependency: boolean;
|
|
10
|
-
existOnRemoteRegistry: boolean;
|
|
11
|
-
flags: string[];
|
|
12
|
-
description: string;
|
|
13
|
-
size: number;
|
|
14
|
-
author: Record<string, any>;
|
|
15
|
-
engines: Record<string, any>;
|
|
16
|
-
repository: any;
|
|
17
|
-
scripts: Record<string, string>;
|
|
18
|
-
warnings: any;
|
|
19
|
-
licenses: conformance.SpdxFileLicenseConformance[];
|
|
20
|
-
uniqueLicenseIds: string[];
|
|
21
|
-
gitUrl: string | null;
|
|
22
|
-
alias: Record<string, string>;
|
|
23
|
-
composition: {
|
|
24
|
-
extensions: string[];
|
|
25
|
-
files: string[];
|
|
26
|
-
minified: string[];
|
|
27
|
-
unused: string[];
|
|
28
|
-
missing: string[];
|
|
29
|
-
required_files: string[];
|
|
30
|
-
required_nodejs: string[];
|
|
31
|
-
required_thirdparty: string[];
|
|
32
|
-
required_subpath: Record<string, string>;
|
|
33
|
-
};
|
|
34
|
-
}
|
|
5
|
+
import type { ScanResultPayload, DependencyRef } from "./types.ts";
|
|
35
6
|
export interface ScanOptions {
|
|
36
7
|
astAnalyserOptions?: AstAnalyserOptions;
|
|
37
8
|
}
|
|
9
|
+
export declare function scanPackageCore(locationOrManifest: string | ManifestManager, astAnalyserOptions?: AstAnalyserOptions): Promise<ScanResultPayload>;
|
|
38
10
|
export declare function scanDirOrArchive(locationOrManifest: string | ManifestManager, ref: DependencyRef, options?: ScanOptions): Promise<void>;
|
|
39
11
|
export interface ScannedPackageResult {
|
|
40
12
|
files: {
|
package/dist/tarball.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tarball.d.ts","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAKA,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,UAAU,EACf,KAAK,kBAAkB,EACxB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,
|
|
1
|
+
{"version":3,"file":"tarball.d.ts","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAKA,OAAO,EACL,KAAK,OAAO,EACZ,KAAK,UAAU,EACf,KAAK,kBAAkB,EACxB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,eAAe,EAA0B,MAAM,kBAAkB,CAAC;AAC3E,OAAO,MAAM,MAAM,QAAQ,CAAC;AAiB5B,OAAO,KAAK,EACV,iBAAiB,EACjB,aAAa,EACd,MAAM,YAAY,CAAC;AAEpB,MAAM,WAAW,WAAW;IAC1B,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;CACzC;AAED,wBAAsB,eAAe,CACnC,kBAAkB,EAAE,MAAM,GAAG,eAAe,EAC5C,kBAAkB,CAAC,EAAE,kBAAkB,GACtC,OAAO,CAAC,iBAAiB,CAAC,CAiE5B;AAED,wBAAsB,gBAAgB,CACpC,kBAAkB,EAAE,MAAM,GAAG,eAAe,EAC5C,GAAG,EAAE,aAAa,EAClB,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,IAAI,CAAC,CAuBf;AAED,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE;QACL,mDAAmD;QACnD,IAAI,EAAE,MAAM,EAAE,CAAC;QACf,kDAAkD;QAClD,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,wCAAwC;QACxC,QAAQ,EAAE,MAAM,EAAE,CAAC;KACpB,CAAC;IACF,qCAAqC;IACrC,aAAa,EAAE,MAAM,CAAC;IACtB,4DAA4D;IAC5D,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,mCAAmC;IACnC,QAAQ,EAAE,WAAW,CAAC,0BAA0B,EAAE,CAAC;IACnD,GAAG,EAAE;QACH,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;QACzD,QAAQ,EAAE,OAAO,EAAE,CAAC;KACrB,CAAC;CACH;AAED,wBAAsB,WAAW,CAC/B,kBAAkB,EAAE,MAAM,GAAG,eAAe,EAC5C,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,oBAAoB,CAAC,CAsC/B;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,CACL,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,CAAC,OAAO,GACtB,OAAO,CAAC,IAAI,CAAC,CAAC;CAClB;AAED,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC;AAED,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,eAAe,CAAC,CAe1B"}
|
package/dist/tarball.js
CHANGED
|
@@ -11,73 +11,98 @@ import { isSensitiveFile, booleanToFlags } from "./utils/index.js";
|
|
|
11
11
|
import { NpmTarball } from "./class/NpmTarball.class.js";
|
|
12
12
|
import { DependencyCollectableSet } from "./class/DependencyCollectableSet.class.js";
|
|
13
13
|
import { getEmptyPackageWarning, getSemVerWarning } from "./warnings.js";
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
const kNpmToken = typeof process.env.NODE_SECURE_TOKEN === "string" ?
|
|
17
|
-
{ token: process.env.NODE_SECURE_TOKEN } :
|
|
18
|
-
{};
|
|
19
|
-
export async function scanDirOrArchive(locationOrManifest, ref, options = {}) {
|
|
20
|
-
const { astAnalyserOptions } = options;
|
|
14
|
+
import { NATIVE_CODE_EXTENSIONS, NPM_TOKEN } from "./constants.js";
|
|
15
|
+
export async function scanPackageCore(locationOrManifest, astAnalyserOptions) {
|
|
21
16
|
const mama = await ManifestManager.fromPackageJSON(locationOrManifest);
|
|
22
|
-
const tarex = new NpmTarball(mama);
|
|
23
17
|
const dependencySet = new DependencyCollectableSet(mama);
|
|
24
|
-
const
|
|
18
|
+
const tarex = new NpmTarball(mama);
|
|
19
|
+
const { composition, conformance: conformanceResult, code } = await tarex.scanFiles({
|
|
25
20
|
...astAnalyserOptions,
|
|
26
|
-
collectables: [
|
|
21
|
+
collectables: [
|
|
22
|
+
...astAnalyserOptions?.collectables ?? [],
|
|
23
|
+
dependencySet
|
|
24
|
+
]
|
|
27
25
|
});
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
description, engines, repository, scripts,
|
|
32
|
-
author: mama.author,
|
|
33
|
-
integrity: mama.isWorkspace ? null : mama.integrity
|
|
34
|
-
});
|
|
35
|
-
}
|
|
36
|
-
if (composition.files.length === 1 &&
|
|
37
|
-
composition.files.includes("package.json")) {
|
|
38
|
-
ref.warnings.push(getEmptyPackageWarning());
|
|
26
|
+
const warnings = [];
|
|
27
|
+
if (composition.files.length === 1 && composition.files.includes("package.json")) {
|
|
28
|
+
warnings.push(getEmptyPackageWarning());
|
|
39
29
|
}
|
|
40
30
|
if (mama.hasZeroSemver) {
|
|
41
|
-
|
|
31
|
+
warnings.push(getSemVerWarning(mama.document.version));
|
|
42
32
|
}
|
|
43
|
-
|
|
33
|
+
warnings.push(...code.warnings);
|
|
44
34
|
const { files, dependencies, flags } = dependencySet.extract();
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
35
|
+
const { description, engines, repository, scripts } = mama.document;
|
|
36
|
+
return {
|
|
37
|
+
description,
|
|
38
|
+
engines,
|
|
39
|
+
repository,
|
|
40
|
+
scripts,
|
|
41
|
+
author: mama.author,
|
|
42
|
+
integrity: mama.isWorkspace ? null : mama.integrity,
|
|
43
|
+
type: mama.moduleType,
|
|
44
|
+
size: composition.size,
|
|
45
|
+
licenses: conformanceResult.licenses,
|
|
46
|
+
uniqueLicenseIds: conformanceResult.uniqueLicenseIds,
|
|
47
|
+
warnings,
|
|
48
|
+
flags: Array.from(booleanToFlags({
|
|
49
|
+
...flags,
|
|
50
|
+
hasExternalCapacity: code.flags.hasExternalCapacity || flags.hasExternalCapacity,
|
|
51
|
+
hasNoLicense: conformanceResult.uniqueLicenseIds.length === 0,
|
|
52
|
+
hasMultipleLicenses: conformanceResult.uniqueLicenseIds.length > 1,
|
|
53
|
+
hasMinifiedCode: code.minified.length > 0,
|
|
54
|
+
hasWarnings: warnings.length > 0,
|
|
55
|
+
hasBannedFile: composition.files.some((filePath) => isSensitiveFile(filePath)),
|
|
56
|
+
hasNativeCode: mama.flags.isNative ||
|
|
57
|
+
composition.files.some((file) => NATIVE_CODE_EXTENSIONS.has(path.extname(file))),
|
|
58
|
+
hasScript: mama.flags.hasUnsafeScripts
|
|
59
|
+
})),
|
|
60
|
+
composition: {
|
|
61
|
+
extensions: [...composition.ext],
|
|
62
|
+
files: composition.files,
|
|
63
|
+
minified: code.minified,
|
|
64
|
+
unused: dependencies.unused,
|
|
65
|
+
missing: dependencies.missing,
|
|
66
|
+
required_files: [...files],
|
|
67
|
+
required_nodejs: dependencies.nodeJs,
|
|
68
|
+
required_thirdparty: dependencies.thirdparty,
|
|
69
|
+
required_subpath: dependencies.subpathImports
|
|
70
|
+
}
|
|
71
|
+
};
|
|
72
|
+
}
|
|
73
|
+
export async function scanDirOrArchive(locationOrManifest, ref, options = {}) {
|
|
74
|
+
const result = await scanPackageCore(locationOrManifest, options.astAnalyserOptions);
|
|
75
|
+
const { description, engines, repository, scripts, author, integrity } = result;
|
|
76
|
+
Object.assign(ref, { description, engines, repository, scripts, author, integrity });
|
|
77
|
+
ref.warnings.push(...result.warnings);
|
|
78
|
+
ref.licenses = result.licenses;
|
|
79
|
+
ref.uniqueLicenseIds = result.uniqueLicenseIds;
|
|
80
|
+
ref.type = result.type;
|
|
81
|
+
ref.size = result.size;
|
|
82
|
+
ref.composition.extensions.push(...result.composition.extensions);
|
|
83
|
+
ref.composition.files.push(...result.composition.files);
|
|
84
|
+
ref.composition.minified = result.composition.minified;
|
|
85
|
+
ref.composition.unused.push(...result.composition.unused);
|
|
86
|
+
ref.composition.missing.push(...result.composition.missing);
|
|
87
|
+
ref.composition.required_files = result.composition.required_files;
|
|
88
|
+
ref.composition.required_nodejs = result.composition.required_nodejs;
|
|
89
|
+
ref.composition.required_thirdparty = result.composition.required_thirdparty;
|
|
90
|
+
ref.composition.required_subpath = result.composition.required_subpath;
|
|
91
|
+
const flags = result.flags.filter((flag) => flag !== "hasWarnings" || !ref.flags.includes("hasWarnings"));
|
|
92
|
+
ref.flags.push(...flags);
|
|
70
93
|
}
|
|
71
94
|
export async function scanPackage(manifestOrLocation, options = {}) {
|
|
72
95
|
const { astAnalyserOptions } = options;
|
|
73
96
|
const mama = await ManifestManager.fromPackageJSON(manifestOrLocation);
|
|
74
97
|
const extractor = new NpmTarball(mama);
|
|
75
98
|
const dependencySet = new DependencyCollectableSet(mama);
|
|
76
|
-
const { composition, conformance, code } = await extractor.scanFiles({
|
|
99
|
+
const { composition, conformance: conformanceResult, code } = await extractor.scanFiles({
|
|
77
100
|
...astAnalyserOptions,
|
|
78
|
-
collectables: [
|
|
101
|
+
collectables: [
|
|
102
|
+
...(astAnalyserOptions?.collectables ?? []),
|
|
103
|
+
dependencySet
|
|
104
|
+
]
|
|
79
105
|
});
|
|
80
|
-
// Check for empty package
|
|
81
106
|
const warnings = [...code.warnings];
|
|
82
107
|
if (composition.files.length === 1 && composition.files.includes("package.json")) {
|
|
83
108
|
warnings.push(getEmptyPackageWarning());
|
|
@@ -89,8 +114,8 @@ export async function scanPackage(manifestOrLocation, options = {}) {
|
|
|
89
114
|
minified: code.minified
|
|
90
115
|
},
|
|
91
116
|
directorySize: composition.size,
|
|
92
|
-
uniqueLicenseIds:
|
|
93
|
-
licenses:
|
|
117
|
+
uniqueLicenseIds: conformanceResult.uniqueLicenseIds,
|
|
118
|
+
licenses: conformanceResult.licenses,
|
|
94
119
|
ast: {
|
|
95
120
|
dependencies: dependencySet.dependencies,
|
|
96
121
|
warnings
|
|
@@ -101,7 +126,7 @@ export async function extractAndResolve(location, options) {
|
|
|
101
126
|
const { spec, registry, pacoteProvider = pacote } = options;
|
|
102
127
|
const tarballLocation = path.join(location, spec.replaceAll("/", "_"));
|
|
103
128
|
await pacoteProvider.extract(spec, tarballLocation, {
|
|
104
|
-
...
|
|
129
|
+
...NPM_TOKEN,
|
|
105
130
|
registry,
|
|
106
131
|
cache: `${os.homedir()}/.npm`
|
|
107
132
|
});
|
package/dist/tarball.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tarball.js","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,EAIN,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,
|
|
1
|
+
{"version":3,"file":"tarball.js","sourceRoot":"","sources":["../src/tarball.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,kCAAkC;AAClC,OAAO,EAIN,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,WAAW,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,eAAe,EAA0B,MAAM,kBAAkB,CAAC;AAC3E,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,+BAA+B;AAC/B,OAAO,EACL,eAAe,EACf,cAAc,EACf,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AACzD,OAAO,EAAE,wBAAwB,EAAE,MAAM,2CAA2C,CAAC;AACrF,OAAO,EACL,sBAAsB,EACtB,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,EACtB,SAAS,EACV,MAAM,gBAAgB,CAAC;AAUxB,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,kBAA4C,EAC5C,kBAAuC;IAEvC,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,eAAe,CAAC,kBAAkB,CAAC,CAAC;IACvE,MAAM,aAAa,GAAG,IAAI,wBAAwB,CAAC,IAAI,CAAC,CAAC;IACzD,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IAEnC,MAAM,EACJ,WAAW,EACX,WAAW,EAAE,iBAAiB,EAC9B,IAAI,EACL,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC;QACxB,GAAG,kBAAkB;QACrB,YAAY,EAAE;YACZ,GAAG,kBAAkB,EAAE,YAAY,IAAI,EAAE;YACzC,aAAa;SACd;KACF,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,WAAW,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACjF,QAAQ,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAC;IAC1C,CAAC;IACD,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAQ,CAAC,CAAC,CAAC;IAC1D,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;IAEhC,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,aAAa,CAAC,OAAO,EAAE,CAAC;IAC/D,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;IAEpE,OAAO;QACL,WAAW;QACX,OAAO;QACP,UAAU;QACV,OAAO;QACP,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS;QACnD,IAAI,EAAE,IAAI,CAAC,UAAU;QACrB,IAAI,EAAE,WAAW,CAAC,IAAI;QACtB,QAAQ,EAAE,iBAAiB,CAAC,QAAQ;QACpC,gBAAgB,EAAE,iBAAiB,CAAC,gBAAgB;QACpD,QAAQ;QACR,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;YAC/B,GAAG,KAAK;YACR,mBAAmB,EAAE,IAAI,CAAC,KAAK,CAAC,mBAAmB,IAAI,KAAK,CAAC,mBAAmB;YAChF,YAAY,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,MAAM,KAAK,CAAC;YAC7D,mBAAmB,EAAE,iBAAiB,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC;YAClE,eAAe,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;YACzC,WAAW,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC;YAChC,aAAa,EAAE,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YAC9E,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ;gBAChC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;YAClF,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB;SACvC,CAAC,CAAC;QACH,WAAW,EAAE;YACX,UAAU,EAAE,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC;YAChC,KAAK,EAAE,WAAW,CAAC,KAAK;YACxB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,OAAO,EAAE,YAAY,CAAC,OAAO;YAC7B,cAAc,EAAE,CAAC,GAAG,KAAK,CAAC;YAC1B,eAAe,EAAE,YAAY,CAAC,MAAM;YACpC,mBAAmB,EAAE,YAAY,CAAC,UAAU;YAC5C,gBAAgB,EAAE,YAAY,CAAC,cAAc;SAC9C;KACF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,kBAA4C,EAC5C,GAAkB,EAClB,UAAuB,EAAE;IAEzB,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAErF,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;IAChF,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;IAErF,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;IACtC,GAAG,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IAC/B,GAAG,CAAC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC;IAC/C,GAAG,CAAC,IAAI,GAAG,MAAM,CAAC,IAAyB,CAAC;IAC5C,GAAG,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;IACvB,GAAG,CAAC,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;IAClE,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IACxD,GAAG,CAAC,WAAW,CAAC,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC;IACvD,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAC1D,GAAG,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;IAC5D,GAAG,CAAC,WAAW,CAAC,cAAc,GAAG,MAAM,CAAC,WAAW,CAAC,cAAc,CAAC;IACnE,GAAG,CAAC,WAAW,CAAC,eAAe,GAAG,MAAM,CAAC,WAAW,CAAC,eAAe,CAAC;IACrE,GAAG,CAAC,WAAW,CAAC,mBAAmB,GAAG,MAAM,CAAC,WAAW,CAAC,mBAAmB,CAAC;IAC7E,GAAG,CAAC,WAAW,CAAC,gBAAgB,GAAG,MAAM,CAAC,WAAW,CAAC,gBAAgB,CAAC;IAEvE,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,aAAa,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC;IAC1G,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;AAC3B,CAAC;AAuBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,kBAA4C,EAC5C,UAAuB,EAAE;IAEzB,MAAM,EAAE,kBAAkB,EAAE,GAAG,OAAO,CAAC;IAEvC,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,eAAe,CAAC,kBAAkB,CAAC,CAAC;IACvE,MAAM,SAAS,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,aAAa,GAAG,IAAI,wBAAwB,CAAC,IAAI,CAAC,CAAC;IAEzD,MAAM,EACJ,WAAW,EACX,WAAW,EAAE,iBAAiB,EAC9B,IAAI,EACL,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC;QAC5B,GAAG,kBAAkB;QACrB,YAAY,EAAE;YACZ,GAAG,CAAC,kBAAkB,EAAE,YAAY,IAAI,EAAE,CAAC;YAC3C,aAAa;SACd;KACF,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;IACpC,IAAI,WAAW,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QACjF,QAAQ,CAAC,IAAI,CAAC,sBAAsB,EAAE,CAAC,CAAC;IAC1C,CAAC;IAED,OAAO;QACL,KAAK,EAAE;YACL,IAAI,EAAE,WAAW,CAAC,KAAK;YACvB,UAAU,EAAE,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC;YAChC,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB;QACD,aAAa,EAAE,WAAW,CAAC,IAAI;QAC/B,gBAAgB,EAAE,iBAAiB,CAAC,gBAAgB;QACpD,QAAQ,EAAE,iBAAiB,CAAC,QAAQ;QACpC,GAAG,EAAE;YACH,YAAY,EAAE,aAAa,CAAC,YAAY;YACxC,QAAQ;SACT;KACF,CAAC;AACJ,CAAC;AAgBD,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,OAAiC;IAEjC,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,cAAc,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC;IAE5D,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IACvE,MAAM,cAAc,CAAC,OAAO,CAC1B,IAAI,EACJ,eAAe,EACf;QACE,GAAG,SAAS;QACZ,QAAQ;QACR,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,EAAE,OAAO;KAC9B,CACF,CAAC;IAEF,OAAO,eAAe,CAAC,eAAe,CAAC,eAAe,CAAC,CAAC;AAC1D,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
import type * as conformance from "@nodesecure/conformance";
|
|
2
|
+
import type { CollectableSetData } from "@nodesecure/js-x-ray";
|
|
3
|
+
import type { PackageModuleType } from "@nodesecure/mama";
|
|
4
|
+
export interface Composition {
|
|
5
|
+
extensions: string[];
|
|
6
|
+
files: string[];
|
|
7
|
+
minified: string[];
|
|
8
|
+
unused: string[];
|
|
9
|
+
missing: string[];
|
|
10
|
+
required_files: string[];
|
|
11
|
+
required_nodejs: string[];
|
|
12
|
+
required_thirdparty: string[];
|
|
13
|
+
required_subpath: Record<string, string>;
|
|
14
|
+
}
|
|
15
|
+
export interface ScanResultPayload {
|
|
16
|
+
description?: string;
|
|
17
|
+
engines?: Record<string, any>;
|
|
18
|
+
repository?: any;
|
|
19
|
+
scripts?: Record<string, string>;
|
|
20
|
+
author?: any;
|
|
21
|
+
integrity?: string | null;
|
|
22
|
+
type: string;
|
|
23
|
+
size: number;
|
|
24
|
+
licenses: conformance.SpdxFileLicenseConformance[];
|
|
25
|
+
uniqueLicenseIds: string[];
|
|
26
|
+
warnings: any[];
|
|
27
|
+
flags: string[];
|
|
28
|
+
composition: Composition;
|
|
29
|
+
/**
|
|
30
|
+
* Serialized collectable entries populated by the worker thread.
|
|
31
|
+
* Only present when `collectableTypes` was specified in the WorkerTask.
|
|
32
|
+
*/
|
|
33
|
+
collectables?: CollectableSetData[];
|
|
34
|
+
}
|
|
35
|
+
export interface DependencyRef {
|
|
36
|
+
id: number;
|
|
37
|
+
type: PackageModuleType;
|
|
38
|
+
usedBy: Record<string, string>;
|
|
39
|
+
isDevDependency: boolean;
|
|
40
|
+
existOnRemoteRegistry: boolean;
|
|
41
|
+
flags: string[];
|
|
42
|
+
description: string;
|
|
43
|
+
size: number;
|
|
44
|
+
author: Record<string, any>;
|
|
45
|
+
engines: Record<string, any>;
|
|
46
|
+
repository: any;
|
|
47
|
+
scripts: Record<string, string>;
|
|
48
|
+
warnings: any;
|
|
49
|
+
licenses: conformance.SpdxFileLicenseConformance[];
|
|
50
|
+
uniqueLicenseIds: string[];
|
|
51
|
+
gitUrl: string | null;
|
|
52
|
+
alias: Record<string, string>;
|
|
53
|
+
composition: Composition;
|
|
54
|
+
}
|
|
55
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,KAAK,WAAW,MAAM,yBAAyB,CAAC;AAC5D,OAAO,KAAK,EACV,kBAAkB,EACnB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,KAAK,EACV,iBAAiB,EAClB,MAAM,kBAAkB,CAAC;AAE1B,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,mBAAmB,EAAE,MAAM,EAAE,CAAC;IAC9B,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC1C;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC9B,UAAU,CAAC,EAAE,GAAG,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,MAAM,CAAC,EAAE,GAAG,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,WAAW,CAAC,0BAA0B,EAAE,CAAC;IACnD,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,QAAQ,EAAE,GAAG,EAAE,CAAC;IAChB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,WAAW,EAAE,WAAW,CAAC;IACzB;;;OAGG;IACH,YAAY,CAAC,EAAE,kBAAkB,EAAE,CAAC;CACrC;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,iBAAiB,CAAC;IACxB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,eAAe,EAAE,OAAO,CAAC;IACzB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC7B,UAAU,EAAE,GAAG,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,QAAQ,EAAE,GAAG,CAAC;IACd,QAAQ,EAAE,WAAW,CAAC,0BAA0B,EAAE,CAAC;IACnD,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9B,WAAW,EAAE,WAAW,CAAC;CAC1B"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":""}
|
package/dist/warnings.d.ts
CHANGED
|
@@ -111,6 +111,11 @@ export declare const warnings: Readonly<{
|
|
|
111
111
|
severity: "Warning";
|
|
112
112
|
experimental: false;
|
|
113
113
|
};
|
|
114
|
+
"weak-scrypt": {
|
|
115
|
+
i18n: string;
|
|
116
|
+
severity: "Warning";
|
|
117
|
+
experimental: true;
|
|
118
|
+
};
|
|
114
119
|
}>;
|
|
115
120
|
export declare function getSemVerWarning(value: string): Warning;
|
|
116
121
|
export declare function getEmptyPackageWarning(): Warning;
|
package/dist/warnings.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"warnings.d.ts","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AACA,OAAO,EAEL,KAAK,OAAO,EACZ,KAAK,WAAW,EACjB,MAAM,+BAA+B,CAAC;AAEvC,MAAM,MAAM,kBAAkB,GAC1B,WAAW,GACX,aAAa,GACb,eAAe,CAAC;AAEpB,eAAO,MAAM,QAAQ
|
|
1
|
+
{"version":3,"file":"warnings.d.ts","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AACA,OAAO,EAEL,KAAK,OAAO,EACZ,KAAK,WAAW,EACjB,MAAM,+BAA+B,CAAC;AAEvC,MAAM,MAAM,kBAAkB,GAC1B,WAAW,GACX,aAAa,GACb,eAAe,CAAC;AAEpB,eAAO,MAAM,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAYuE,CAAC;AAE7F,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,MAAM,GACZ,OAAO,CAWT;AAED,wBAAgB,sBAAsB,IAAI,OAAO,CAWhD"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nodesecure/tarball",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "4.0.0",
|
|
4
4
|
"description": "NodeSecure tarball scanner",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": {
|
|
@@ -17,7 +17,7 @@
|
|
|
17
17
|
"scripts": {
|
|
18
18
|
"build": "tsc -b",
|
|
19
19
|
"prepublishOnly": "npm run build",
|
|
20
|
-
"test-only": "node --test ./test/**/*.spec.ts",
|
|
20
|
+
"test-only": "node --test \"./test/**/*.spec.ts\"",
|
|
21
21
|
"test-types": "attw --pack . --profile esm-only",
|
|
22
22
|
"test": "c8 -r html npm run test-only && npm run test-types"
|
|
23
23
|
},
|
|
@@ -47,10 +47,12 @@
|
|
|
47
47
|
"dependencies": {
|
|
48
48
|
"@nodesecure/conformance": "^1.2.1",
|
|
49
49
|
"@nodesecure/fs-walk": "^2.0.0",
|
|
50
|
-
"@nodesecure/js-x-ray": "
|
|
51
|
-
"@nodesecure/mama": "^2.
|
|
50
|
+
"@nodesecure/js-x-ray": "15.0.0",
|
|
51
|
+
"@nodesecure/mama": "^2.2.0",
|
|
52
52
|
"@nodesecure/npm-types": "^1.2.0",
|
|
53
53
|
"@nodesecure/utils": "^2.3.0",
|
|
54
|
+
"@openally/result": "2.0.0",
|
|
55
|
+
"hyperid": "3.3.0",
|
|
54
56
|
"ipaddr.js": "2.3.0",
|
|
55
57
|
"pacote": "^21.0.0"
|
|
56
58
|
},
|