@vltpkg/query 0.0.0-7 → 0.0.0-9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -0
- package/dist/esm/attribute.js +3 -1
- package/dist/esm/attribute.js.map +1 -1
- package/dist/esm/combinator.d.ts.map +1 -1
- package/dist/esm/combinator.js +4 -1
- package/dist/esm/combinator.js.map +1 -1
- package/dist/esm/id.d.ts.map +1 -1
- package/dist/esm/id.js +20 -6
- package/dist/esm/id.js.map +1 -1
- package/dist/esm/index.d.ts +7 -2
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js +172 -12
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/parser.d.ts +15 -0
- package/dist/esm/parser.d.ts.map +1 -0
- package/dist/esm/parser.js +92 -0
- package/dist/esm/parser.js.map +1 -0
- package/dist/esm/pseudo/abandoned.d.ts +3 -1
- package/dist/esm/pseudo/abandoned.d.ts.map +1 -1
- package/dist/esm/pseudo/attr.d.ts.map +1 -1
- package/dist/esm/pseudo/attr.js +10 -2
- package/dist/esm/pseudo/attr.js.map +1 -1
- package/dist/esm/pseudo/confused.d.ts +3 -1
- package/dist/esm/pseudo/confused.d.ts.map +1 -1
- package/dist/esm/pseudo/cve.d.ts +3 -1
- package/dist/esm/pseudo/cve.d.ts.map +1 -1
- package/dist/esm/pseudo/cve.js +3 -6
- package/dist/esm/pseudo/cve.js.map +1 -1
- package/dist/esm/pseudo/cwe.d.ts +3 -1
- package/dist/esm/pseudo/cwe.d.ts.map +1 -1
- package/dist/esm/pseudo/cwe.js +3 -6
- package/dist/esm/pseudo/cwe.js.map +1 -1
- package/dist/esm/pseudo/debug.d.ts +3 -1
- package/dist/esm/pseudo/debug.d.ts.map +1 -1
- package/dist/esm/pseudo/deprecated.d.ts +3 -1
- package/dist/esm/pseudo/deprecated.d.ts.map +1 -1
- package/dist/esm/pseudo/dev.d.ts +6 -0
- package/dist/esm/pseudo/dev.d.ts.map +1 -0
- package/dist/esm/pseudo/dev.js +15 -0
- package/dist/esm/pseudo/dev.js.map +1 -0
- package/dist/esm/pseudo/dynamic.d.ts +3 -1
- package/dist/esm/pseudo/dynamic.d.ts.map +1 -1
- package/dist/esm/pseudo/empty.d.ts +7 -0
- package/dist/esm/pseudo/empty.d.ts.map +1 -0
- package/dist/esm/pseudo/empty.js +14 -0
- package/dist/esm/pseudo/empty.js.map +1 -0
- package/dist/esm/pseudo/entropic.d.ts +3 -1
- package/dist/esm/pseudo/entropic.d.ts.map +1 -1
- package/dist/esm/pseudo/env.d.ts +3 -1
- package/dist/esm/pseudo/env.d.ts.map +1 -1
- package/dist/esm/pseudo/eval.d.ts +3 -1
- package/dist/esm/pseudo/eval.d.ts.map +1 -1
- package/dist/esm/pseudo/fs.d.ts +3 -1
- package/dist/esm/pseudo/fs.d.ts.map +1 -1
- package/dist/esm/pseudo/helpers.d.ts +18 -2
- package/dist/esm/pseudo/helpers.d.ts.map +1 -1
- package/dist/esm/pseudo/helpers.js +29 -3
- package/dist/esm/pseudo/helpers.js.map +1 -1
- package/dist/esm/pseudo/license.d.ts +3 -1
- package/dist/esm/pseudo/license.d.ts.map +1 -1
- package/dist/esm/pseudo/license.js +2 -5
- package/dist/esm/pseudo/license.js.map +1 -1
- package/dist/esm/pseudo/link.d.ts +9 -0
- package/dist/esm/pseudo/link.d.ts.map +1 -0
- package/dist/esm/pseudo/link.js +25 -0
- package/dist/esm/pseudo/link.js.map +1 -0
- package/dist/esm/pseudo/malware.d.ts +5 -1
- package/dist/esm/pseudo/malware.d.ts.map +1 -1
- package/dist/esm/pseudo/malware.js +117 -12
- package/dist/esm/pseudo/malware.js.map +1 -1
- package/dist/esm/pseudo/minified.d.ts +3 -1
- package/dist/esm/pseudo/minified.d.ts.map +1 -1
- package/dist/esm/pseudo/missing.d.ts +8 -0
- package/dist/esm/pseudo/missing.d.ts.map +1 -0
- package/dist/esm/pseudo/missing.js +15 -0
- package/dist/esm/pseudo/missing.js.map +1 -0
- package/dist/esm/pseudo/native.d.ts +3 -1
- package/dist/esm/pseudo/native.d.ts.map +1 -1
- package/dist/esm/pseudo/network.d.ts +3 -1
- package/dist/esm/pseudo/network.d.ts.map +1 -1
- package/dist/esm/pseudo/obfuscated.d.ts +3 -1
- package/dist/esm/pseudo/obfuscated.d.ts.map +1 -1
- package/dist/esm/pseudo/optional.d.ts +6 -0
- package/dist/esm/pseudo/optional.d.ts.map +1 -0
- package/dist/esm/pseudo/optional.js +15 -0
- package/dist/esm/pseudo/optional.js.map +1 -0
- package/dist/esm/pseudo/outdated.d.ts +1 -1
- package/dist/esm/pseudo/outdated.d.ts.map +1 -1
- package/dist/esm/pseudo/outdated.js +33 -27
- package/dist/esm/pseudo/outdated.js.map +1 -1
- package/dist/esm/pseudo/peer.d.ts +6 -0
- package/dist/esm/pseudo/peer.d.ts.map +1 -0
- package/dist/esm/pseudo/peer.js +15 -0
- package/dist/esm/pseudo/peer.js.map +1 -0
- package/dist/esm/pseudo/private.d.ts +7 -0
- package/dist/esm/pseudo/private.d.ts.map +1 -0
- package/dist/esm/pseudo/private.js +16 -0
- package/dist/esm/pseudo/private.js.map +1 -0
- package/dist/esm/pseudo/prod.d.ts +6 -0
- package/dist/esm/pseudo/prod.d.ts.map +1 -0
- package/dist/esm/pseudo/prod.js +15 -0
- package/dist/esm/pseudo/prod.js.map +1 -0
- package/dist/esm/pseudo/published.d.ts +40 -0
- package/dist/esm/pseudo/published.d.ts.map +1 -0
- package/dist/esm/pseudo/published.js +159 -0
- package/dist/esm/pseudo/published.js.map +1 -0
- package/dist/esm/pseudo/scanned.d.ts +9 -0
- package/dist/esm/pseudo/scanned.d.ts.map +1 -0
- package/dist/esm/pseudo/scanned.js +17 -0
- package/dist/esm/pseudo/scanned.js.map +1 -0
- package/dist/esm/pseudo/score.d.ts +15 -0
- package/dist/esm/pseudo/score.d.ts.map +1 -0
- package/dist/esm/pseudo/score.js +119 -0
- package/dist/esm/pseudo/score.js.map +1 -0
- package/dist/esm/pseudo/scripts.d.ts +3 -1
- package/dist/esm/pseudo/scripts.d.ts.map +1 -1
- package/dist/esm/pseudo/semver.d.ts.map +1 -1
- package/dist/esm/pseudo/semver.js +11 -25
- package/dist/esm/pseudo/semver.js.map +1 -1
- package/dist/esm/pseudo/severity.d.ts +5 -1
- package/dist/esm/pseudo/severity.d.ts.map +1 -1
- package/dist/esm/pseudo/severity.js +112 -12
- package/dist/esm/pseudo/severity.js.map +1 -1
- package/dist/esm/pseudo/shell.d.ts +3 -1
- package/dist/esm/pseudo/shell.d.ts.map +1 -1
- package/dist/esm/pseudo/shrinkwrap.d.ts +3 -1
- package/dist/esm/pseudo/shrinkwrap.d.ts.map +1 -1
- package/dist/esm/pseudo/squat.d.ts +5 -1
- package/dist/esm/pseudo/squat.d.ts.map +1 -1
- package/dist/esm/pseudo/squat.js +116 -12
- package/dist/esm/pseudo/squat.js.map +1 -1
- package/dist/esm/pseudo/suspicious.d.ts +3 -1
- package/dist/esm/pseudo/suspicious.d.ts.map +1 -1
- package/dist/esm/pseudo/tracker.d.ts +3 -1
- package/dist/esm/pseudo/tracker.d.ts.map +1 -1
- package/dist/esm/pseudo/trivial.d.ts +3 -1
- package/dist/esm/pseudo/trivial.d.ts.map +1 -1
- package/dist/esm/pseudo/undesirable.d.ts +3 -1
- package/dist/esm/pseudo/undesirable.d.ts.map +1 -1
- package/dist/esm/pseudo/unknown.d.ts +3 -1
- package/dist/esm/pseudo/unknown.d.ts.map +1 -1
- package/dist/esm/pseudo/unmaintained.d.ts +3 -1
- package/dist/esm/pseudo/unmaintained.d.ts.map +1 -1
- package/dist/esm/pseudo/unpopular.d.ts +3 -1
- package/dist/esm/pseudo/unpopular.d.ts.map +1 -1
- package/dist/esm/pseudo/unstable.d.ts +3 -1
- package/dist/esm/pseudo/unstable.d.ts.map +1 -1
- package/dist/esm/pseudo/workspace.d.ts +6 -0
- package/dist/esm/pseudo/workspace.d.ts.map +1 -0
- package/dist/esm/pseudo/workspace.js +15 -0
- package/dist/esm/pseudo/workspace.js.map +1 -0
- package/dist/esm/pseudo.d.ts.map +1 -1
- package/dist/esm/pseudo.js +29 -41
- package/dist/esm/pseudo.js.map +1 -1
- package/dist/esm/types.d.ts +74 -5
- package/dist/esm/types.d.ts.map +1 -1
- package/dist/esm/types.js +12 -13
- package/dist/esm/types.js.map +1 -1
- package/package.json +9 -8
- package/dist/esm/class.d.ts +0 -6
- package/dist/esm/class.d.ts.map +0 -1
- package/dist/esm/class.js +0 -128
- package/dist/esm/class.js.map +0 -1
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import type { Root } from 'postcss-selector-parser';
|
|
2
|
+
/**
|
|
3
|
+
* Escapes forward slashes in specific patterns matching @scoped/name paths
|
|
4
|
+
* This will allow usage of unescaped forward slashes necessary for scoped
|
|
5
|
+
* package names in the id selector.
|
|
6
|
+
*/
|
|
7
|
+
export declare const escapeScopedNamesSlashes: (query: string) => string;
|
|
8
|
+
export declare const escapeDots: (query: string) => string;
|
|
9
|
+
export declare const unescapeDots: (query: string) => string;
|
|
10
|
+
/**
|
|
11
|
+
* Parses a CSS selector string into an AST
|
|
12
|
+
* Handles escaping of forward slashes in specific patterns
|
|
13
|
+
*/
|
|
14
|
+
export declare const parse: (query: string) => Root;
|
|
15
|
+
//# sourceMappingURL=parser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.d.ts","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAU,IAAI,EAAE,MAAM,yBAAyB,CAAA;AAS3D;;;;GAIG;AACH,eAAO,MAAM,wBAAwB,UAAW,MAAM,KAAG,MAItD,CAAA;AAEH,eAAO,MAAM,UAAU,UAAW,MAAM,KAAG,MACb,CAAA;AAE9B,eAAO,MAAM,YAAY,UAAW,MAAM,KAAG,MACf,CAAA;AAgB9B;;;GAGG;AACH,eAAO,MAAM,KAAK,UAAW,MAAM,KAAG,IA0ErC,CAAA"}
|
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
import postcssSelectorParser from 'postcss-selector-parser';
|
|
2
|
+
import { asSelectorNode, isCombinatorNode, isPseudoNode, isTagNode, } from "./types.js";
|
|
3
|
+
/**
|
|
4
|
+
* Escapes forward slashes in specific patterns matching @scoped/name paths
|
|
5
|
+
* This will allow usage of unescaped forward slashes necessary for scoped
|
|
6
|
+
* package names in the id selector.
|
|
7
|
+
*/
|
|
8
|
+
export const escapeScopedNamesSlashes = (query) => query.replace(/(#@(\w|-|\.)+)\//gm, (_, scope) => `${scope}\\/`);
|
|
9
|
+
export const escapeDots = (query) => query.replaceAll('.', '\\.');
|
|
10
|
+
export const unescapeDots = (query) => query.replaceAll('\\.', '.');
|
|
11
|
+
const pseudoCleanUpNeeded = new Set([
|
|
12
|
+
':published',
|
|
13
|
+
':score',
|
|
14
|
+
':malware',
|
|
15
|
+
':severity',
|
|
16
|
+
':sev',
|
|
17
|
+
':squat',
|
|
18
|
+
':semver',
|
|
19
|
+
':v',
|
|
20
|
+
]);
|
|
21
|
+
const hasParamsToEscape = (node) => pseudoCleanUpNeeded.has(node.value);
|
|
22
|
+
/**
|
|
23
|
+
* Parses a CSS selector string into an AST
|
|
24
|
+
* Handles escaping of forward slashes in specific patterns
|
|
25
|
+
*/
|
|
26
|
+
export const parse = (query) => {
|
|
27
|
+
const escapedQuery = escapeDots(escapeScopedNamesSlashes(query));
|
|
28
|
+
const transformAst = (root) => {
|
|
29
|
+
root.walk((node) => {
|
|
30
|
+
// clean up the escaped dots
|
|
31
|
+
if (node.value && typeof node.value === 'string') {
|
|
32
|
+
node.value = unescapeDots(node.value);
|
|
33
|
+
}
|
|
34
|
+
if (isPseudoNode(node) && hasParamsToEscape(node)) {
|
|
35
|
+
// these are pseudo nodes that should only take strings as
|
|
36
|
+
// parameters, so in this preparse step we clean up anything
|
|
37
|
+
// that was recognized as a postcss node and transform that
|
|
38
|
+
// into something that can be most likely parsed as a string
|
|
39
|
+
for (const n of node.nodes) {
|
|
40
|
+
// the parameters have a selector node that wraps them up
|
|
41
|
+
const selector = asSelectorNode(n);
|
|
42
|
+
selector.nodes.forEach((currentNode, index, arr) => {
|
|
43
|
+
// get the next node, we'll update it later
|
|
44
|
+
const nextNode = arr[index + 1];
|
|
45
|
+
// if the current node is a combinator node, we'll need to
|
|
46
|
+
// escape it, we do so by removing the node entirely and
|
|
47
|
+
// updating the contents of the next node with its value
|
|
48
|
+
if (isCombinatorNode(currentNode) &&
|
|
49
|
+
isTagNode(nextNode)) {
|
|
50
|
+
nextNode.value = `${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}${nextNode.value}`;
|
|
51
|
+
// make sure to also update the source position
|
|
52
|
+
// references, those are used by the syntax highlighter
|
|
53
|
+
if (nextNode.source?.start?.line &&
|
|
54
|
+
currentNode.source?.start?.line) {
|
|
55
|
+
nextNode.source.start.line =
|
|
56
|
+
currentNode.source.start.line;
|
|
57
|
+
}
|
|
58
|
+
if (nextNode.source?.start?.column &&
|
|
59
|
+
currentNode.source?.start?.column) {
|
|
60
|
+
nextNode.source.start.column =
|
|
61
|
+
currentNode.source.start.column;
|
|
62
|
+
}
|
|
63
|
+
// removes the current node from the selector node
|
|
64
|
+
arr.splice(index, 1);
|
|
65
|
+
}
|
|
66
|
+
});
|
|
67
|
+
// after removing combinator nodes, if we end up with multiple
|
|
68
|
+
// tags in the selector node, we need to smush them together
|
|
69
|
+
selector.nodes.reduce((acc, currentNode) => {
|
|
70
|
+
if (currentNode === acc)
|
|
71
|
+
return acc;
|
|
72
|
+
acc.value = `${acc.value}${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}`;
|
|
73
|
+
// make sure to also update the source position refs
|
|
74
|
+
if (currentNode.source?.end?.line &&
|
|
75
|
+
acc.source?.end?.line) {
|
|
76
|
+
acc.source.end.line = currentNode.source.end.line;
|
|
77
|
+
}
|
|
78
|
+
if (currentNode.source?.end?.column &&
|
|
79
|
+
acc.source?.end?.column) {
|
|
80
|
+
acc.source.end.column = currentNode.source.end.column;
|
|
81
|
+
}
|
|
82
|
+
return acc;
|
|
83
|
+
}, selector.first);
|
|
84
|
+
// the selector wrapper node should have a single node
|
|
85
|
+
selector.nodes.length = 1;
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
});
|
|
89
|
+
};
|
|
90
|
+
return postcssSelectorParser(transformAst).astSync(escapedQuery);
|
|
91
|
+
};
|
|
92
|
+
//# sourceMappingURL=parser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,MAAM,yBAAyB,CAAA;AAE3D,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,SAAS,GACV,MAAM,YAAY,CAAA;AAGnB;;;;GAIG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,KAAa,EAAU,EAAE,CAChE,KAAK,CAAC,OAAO,CACX,oBAAoB,EACpB,CAAC,CAAC,EAAE,KAAa,EAAE,EAAE,CAAC,GAAG,KAAK,KAAK,CACpC,CAAA;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,KAAa,EAAU,EAAE,CAClD,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;AAE9B,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,KAAa,EAAU,EAAE,CACpD,KAAK,CAAC,UAAU,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;AAE9B,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,YAAY;IACZ,QAAQ;IACR,UAAU;IACV,WAAW;IACX,MAAM;IACN,QAAQ;IACR,SAAS;IACT,IAAI;CACL,CAAC,CAAA;AAEF,MAAM,iBAAiB,GAAG,CAAC,IAAY,EAAE,EAAE,CACzC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;AAErC;;;GAGG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,KAAa,EAAQ,EAAE;IAC3C,MAAM,YAAY,GAAG,UAAU,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAA;IAChE,MAAM,YAAY,GAAG,CAAC,IAAU,EAAE,EAAE;QAClC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAiB,EAAE,EAAE;YAC9B,4BAA4B;YAC5B,IAAI,IAAI,CAAC,KAAK,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACjD,IAAI,CAAC,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YACvC,CAAC;YACD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClD,0DAA0D;gBAC1D,4DAA4D;gBAC5D,2DAA2D;gBAC3D,4DAA4D;gBAC5D,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBAC3B,yDAAyD;oBACzD,MAAM,QAAQ,GAAG,cAAc,CAAC,CAAC,CAAC,CAAA;oBAClC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;wBACjD,2CAA2C;wBAC3C,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAA;wBAC/B,0DAA0D;wBAC1D,wDAAwD;wBACxD,wDAAwD;wBACxD,IACE,gBAAgB,CAAC,WAAW,CAAC;4BAC7B,SAAS,CAAC,QAAQ,CAAC,EACnB,CAAC;4BACD,QAAQ,CAAC,KAAK,GAAG,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;4BAC/G,+CAA+C;4BAC/C,uDAAuD;4BACvD,IACE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI;gCAC5B,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAC/B,CAAC;gCACD,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI;oCACxB,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAA;4BACjC,CAAC;4BACD,IACE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM;gCAC9B,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,EACjC,CAAC;gCACD,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM;oCAC1B,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAA;4BACnC,CAAC;4BACD,kDAAkD;4BAClD,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;wBACtB,CAAC;oBACH,CAAC,CAAC,CAAA;oBACF,8DAA8D;oBAC9D,4DAA4D;oBAC5D,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,WAAW,EAAE,EAAE;wBACzC,IAAI,WAAW,KAAK,GAAG;4BAAE,OAAO,GAAG,CAAA;wBACnC,GAAG,CAAC,KAAK,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,CAAA;wBACrG,oDAAoD;wBACpD,IACE,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI;4BAC7B,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EACrB,CAAC;4BACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAA;wBACnD,CAAC;wBACD,IACE,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM;4BAC/B,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM,EACvB,CAAC;4BACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAA;wBACvD,CAAC;wBACD,OAAO,GAAG,CAAA;oBACZ,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;oBAClB,sDAAsD;oBACtD,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAA;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;IACD,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAA;AAClE,CAAC,CAAA","sourcesContent":["import postcssSelectorParser from 'postcss-selector-parser'\nimport type { Pseudo, Root } from 'postcss-selector-parser'\nimport {\n asSelectorNode,\n isCombinatorNode,\n isPseudoNode,\n isTagNode,\n} from './types.ts'\nimport type { PostcssNode } from './types.ts'\n\n/**\n * Escapes forward slashes in specific patterns matching @scoped/name paths\n * This will allow usage of unescaped forward slashes necessary for scoped\n * package names in the id selector.\n */\nexport const escapeScopedNamesSlashes = (query: string): string =>\n query.replace(\n /(#@(\\w|-|\\.)+)\\//gm,\n (_, scope: string) => `${scope}\\\\/`,\n )\n\nexport const escapeDots = (query: string): string =>\n query.replaceAll('.', '\\\\.')\n\nexport const unescapeDots = (query: string): string =>\n query.replaceAll('\\\\.', '.')\n\nconst pseudoCleanUpNeeded = new Set([\n ':published',\n ':score',\n ':malware',\n ':severity',\n ':sev',\n ':squat',\n ':semver',\n ':v',\n])\n\nconst hasParamsToEscape = (node: Pseudo) =>\n pseudoCleanUpNeeded.has(node.value)\n\n/**\n * Parses a CSS selector string into an AST\n * Handles escaping of forward slashes in specific patterns\n */\nexport const parse = (query: string): Root => {\n const escapedQuery = escapeDots(escapeScopedNamesSlashes(query))\n const transformAst = (root: Root) => {\n root.walk((node: PostcssNode) => {\n // clean up the escaped dots\n if (node.value && typeof node.value === 'string') {\n node.value = unescapeDots(node.value)\n }\n if (isPseudoNode(node) && hasParamsToEscape(node)) {\n // these are pseudo nodes that should only take strings as\n // parameters, so in this preparse step we clean up anything\n // that was recognized as a postcss node and transform that\n // into something that can be most likely parsed as a string\n for (const n of node.nodes) {\n // the parameters have a selector node that wraps them up\n const selector = asSelectorNode(n)\n selector.nodes.forEach((currentNode, index, arr) => {\n // get the next node, we'll update it later\n const nextNode = arr[index + 1]\n // if the current node is a combinator node, we'll need to\n // escape it, we do so by removing the node entirely and\n // updating the contents of the next node with its value\n if (\n isCombinatorNode(currentNode) &&\n isTagNode(nextNode)\n ) {\n nextNode.value = `${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}${nextNode.value}`\n // make sure to also update the source position\n // references, those are used by the syntax highlighter\n if (\n nextNode.source?.start?.line &&\n currentNode.source?.start?.line\n ) {\n nextNode.source.start.line =\n currentNode.source.start.line\n }\n if (\n nextNode.source?.start?.column &&\n currentNode.source?.start?.column\n ) {\n nextNode.source.start.column =\n currentNode.source.start.column\n }\n // removes the current node from the selector node\n arr.splice(index, 1)\n }\n })\n // after removing combinator nodes, if we end up with multiple\n // tags in the selector node, we need to smush them together\n selector.nodes.reduce((acc, currentNode) => {\n if (currentNode === acc) return acc\n acc.value = `${acc.value}${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}`\n // make sure to also update the source position refs\n if (\n currentNode.source?.end?.line &&\n acc.source?.end?.line\n ) {\n acc.source.end.line = currentNode.source.end.line\n }\n if (\n currentNode.source?.end?.column &&\n acc.source?.end?.column\n ) {\n acc.source.end.column = currentNode.source.end.column\n }\n return acc\n }, selector.first)\n // the selector wrapper node should have a single node\n selector.nodes.length = 1\n }\n }\n })\n }\n return postcssSelectorParser(transformAst).astSync(escapedQuery)\n}\n"]}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **missingAuthor** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const abandoned: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const abandoned: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=abandoned.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"abandoned.d.ts","sourceRoot":"","sources":["../../../src/pseudo/abandoned.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,SAAS,
|
|
1
|
+
{"version":3,"file":"abandoned.d.ts","sourceRoot":"","sources":["../../../src/pseudo/abandoned.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,SAAS;;EAGrB,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attr.d.ts","sourceRoot":"","sources":["../../../src/pseudo/attr.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"attr.d.ts","sourceRoot":"","sources":["../../../src/pseudo/attr.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAO3D,MAAM,MAAM,aAAa,GAAG;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,EAAE,OAAO,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,MAAM,EAAE,CAAA;CACrB,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB,aA0BF,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,IAAI,UAAiB,WAAW,yBA8B5C,CAAA"}
|
package/dist/esm/pseudo/attr.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { error } from '@vltpkg/error-cause';
|
|
2
|
-
import { asAttributeNode, asPostcssNodeWithChildren, asTagNode, } from "../types.js";
|
|
2
|
+
import { asAttributeNode, asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, } from "../types.js";
|
|
3
3
|
import { attributeSelectorsMap, filterAttributes, } from "../attribute.js";
|
|
4
|
+
import { removeQuotes } from "./helpers.js";
|
|
4
5
|
/**
|
|
5
6
|
* Parses the internal / nested selectors of a `:attr` selector.
|
|
6
7
|
*/
|
|
@@ -10,7 +11,14 @@ export const parseInternals = (nodes) => {
|
|
|
10
11
|
// all preppending selectors are naming nested properties
|
|
11
12
|
const properties = [];
|
|
12
13
|
for (const selector of nodes) {
|
|
13
|
-
|
|
14
|
+
const selectorNode = asPostcssNodeWithChildren(selector).nodes[0];
|
|
15
|
+
// Handle both quoted string and tag nodes
|
|
16
|
+
if (isStringNode(selectorNode)) {
|
|
17
|
+
properties.push(removeQuotes(asStringNode(selectorNode).value));
|
|
18
|
+
}
|
|
19
|
+
else {
|
|
20
|
+
properties.push(asTagNode(selectorNode).value);
|
|
21
|
+
}
|
|
14
22
|
}
|
|
15
23
|
// include the attribute selector as the last part of the property lookup
|
|
16
24
|
properties.push(attributeSelector.attribute);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"attr.js","sourceRoot":"","sources":["../../../src/pseudo/attr.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,eAAe,EACf,yBAAyB,EACzB,SAAS,
|
|
1
|
+
{"version":3,"file":"attr.js","sourceRoot":"","sources":["../../../src/pseudo/attr.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,eAAe,EACf,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,GACb,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAA;AAU3C;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACL,EAAE;IACjB,0CAA0C;IAC1C,MAAM,iBAAiB,GAAG,eAAe,CACvC,yBAAyB,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAChD,CAAA;IACD,yDAAyD;IACzD,MAAM,UAAU,GAAa,EAAE,CAAA;IAC/B,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;QAC7B,MAAM,YAAY,GAAG,yBAAyB,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACjE,0CAA0C;QAC1C,IAAI,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;YAC/B,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC,CAAA;QACjE,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAA;QAChD,CAAC;IACH,CAAC;IACD,yEAAyE;IACzE,UAAU,CAAC,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAA;IAE5C,OAAO;QACL,SAAS,EAAE,iBAAiB,CAAC,SAAS;QACtC,WAAW,EAAE,iBAAiB,CAAC,WAAW,IAAI,KAAK;QACnD,QAAQ,EAAE,iBAAiB,CAAC,QAAQ;QACpC,KAAK,EAAE,iBAAiB,CAAC,KAAK;QAC9B,UAAU;KACX,CAAA;AACH,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC/C,2DAA2D;IAC3D,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,gCAAgC,EAAE;YAC5C,KAAK,EAAE,GAAG;SACX,CAAC,CAAA;IACJ,CAAC;IAED,0DAA0D;IAC1D,MAAM,UAAU,GACd,SAAS,CAAC,QAAQ,CAAC,CAAC;QAClB,qBAAqB,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC;QAC/C,CAAC,CAAC,SAAS,CAAA;IACb,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,IAAI,EAAE,CAAA;IACnC,MAAM,YAAY,GAAG,SAAS,CAAC,SAAS,CAAA;IACxC,MAAM,WAAW,GAAG,SAAS,CAAC,WAAW,CAAA;IACzC,MAAM,gBAAgB,GAAG,SAAS,CAAC,UAAU,CAAA;IAC7C,OAAO,gBAAgB,CACrB,KAAK,EACL,UAAU,EACV,KAAK,EACL,YAAY,EACZ,WAAW,EACX,gBAAgB,CACjB,CAAA;AACH,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n asAttributeNode,\n asPostcssNodeWithChildren,\n asStringNode,\n asTagNode,\n isStringNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n attributeSelectorsMap,\n filterAttributes,\n} from '../attribute.ts'\nimport { removeQuotes } from './helpers.ts'\n\nexport type AttrInternals = {\n attribute: string\n insensitive: boolean\n operator?: string\n value?: string\n properties: string[]\n}\n\n/**\n * Parses the internal / nested selectors of a `:attr` selector.\n */\nexport const parseInternals = (\n nodes: PostcssNode[],\n): AttrInternals => {\n // the last part is the attribute selector\n const attributeSelector = asAttributeNode(\n asPostcssNodeWithChildren(nodes.pop()).nodes[0],\n )\n // all preppending selectors are naming nested properties\n const properties: string[] = []\n for (const selector of nodes) {\n const selectorNode = asPostcssNodeWithChildren(selector).nodes[0]\n // Handle both quoted string and tag nodes\n if (isStringNode(selectorNode)) {\n properties.push(removeQuotes(asStringNode(selectorNode).value))\n } else {\n properties.push(asTagNode(selectorNode).value)\n }\n }\n // include the attribute selector as the last part of the property lookup\n properties.push(attributeSelector.attribute)\n\n return {\n attribute: attributeSelector.attribute,\n insensitive: attributeSelector.insensitive || false,\n operator: attributeSelector.operator,\n value: attributeSelector.value,\n properties,\n }\n}\n\n/**\n * :attr Pseudo-Selector, allows for retrieving nodes based on nested\n * properties of the `package.json` metadata.\n */\nexport const attr = async (state: ParserState) => {\n // Parses and retrieves the values for the nested selectors\n let internals\n try {\n internals = parseInternals(\n asPostcssNodeWithChildren(state.current).nodes,\n )\n } catch (err) {\n throw error('Failed to parse :attr selector', {\n cause: err,\n })\n }\n\n // reuses the attribute selector logic to filter the nodes\n const comparator =\n internals.operator ?\n attributeSelectorsMap.get(internals.operator)\n : undefined\n const value = internals.value || ''\n const propertyName = internals.attribute\n const insensitive = internals.insensitive\n const prefixProperties = internals.properties\n return filterAttributes(\n state,\n comparator,\n value,\n propertyName,\n insensitive,\n prefixProperties,\n )\n}\n"]}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **manifestConfusion** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const confused: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const confused: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=confused.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"confused.d.ts","sourceRoot":"","sources":["../../../src/pseudo/confused.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ,
|
|
1
|
+
{"version":3,"file":"confused.d.ts","sourceRoot":"","sources":["../../../src/pseudo/confused.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ;;EAGpB,CAAA"}
|
package/dist/esm/pseudo/cve.d.ts
CHANGED
|
@@ -6,5 +6,7 @@ export declare const parseInternals: (nodes: PostcssNode[]) => CveInternals;
|
|
|
6
6
|
/**
|
|
7
7
|
* Filters out any node that does not have a CVE alert with the specified CVE ID.
|
|
8
8
|
*/
|
|
9
|
-
export declare const cve: (state: ParserState) => Promise<ParserState
|
|
9
|
+
export declare const cve: (state: ParserState) => Promise<ParserState & {
|
|
10
|
+
securityArchive: NonNullable<ParserState["securityArchive"]>;
|
|
11
|
+
}>;
|
|
10
12
|
//# sourceMappingURL=cve.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cve.d.ts","sourceRoot":"","sources":["../../../src/pseudo/cve.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"cve.d.ts","sourceRoot":"","sources":["../../../src/pseudo/cve.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAQ3D,MAAM,MAAM,YAAY,GAAG;IACzB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB,YAuBF,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,GAAG,UAAiB,WAAW;;EA4B3C,CAAA"}
|
package/dist/esm/pseudo/cve.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { error } from '@vltpkg/error-cause';
|
|
2
2
|
import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
|
|
3
|
-
import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
|
|
3
|
+
import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
|
|
4
4
|
export const parseInternals = (nodes) => {
|
|
5
5
|
let cveId = '';
|
|
6
6
|
if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
|
|
@@ -21,10 +21,7 @@ export const parseInternals = (nodes) => {
|
|
|
21
21
|
* Filters out any node that does not have a CVE alert with the specified CVE ID.
|
|
22
22
|
*/
|
|
23
23
|
export const cve = async (state) => {
|
|
24
|
-
|
|
25
|
-
throw new Error('Missing security archive while trying to parse ' +
|
|
26
|
-
'the :cve security selector');
|
|
27
|
-
}
|
|
24
|
+
assertSecurityArchive(state, 'cve');
|
|
28
25
|
let internals;
|
|
29
26
|
try {
|
|
30
27
|
internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
|
|
@@ -35,7 +32,7 @@ export const cve = async (state) => {
|
|
|
35
32
|
const { cveId } = internals;
|
|
36
33
|
for (const node of state.partial.nodes) {
|
|
37
34
|
const report = state.securityArchive.get(node.id);
|
|
38
|
-
const exclude = !report?.alerts.some(alert => alert.props
|
|
35
|
+
const exclude = !report?.alerts.some(alert => alert.props?.cveId?.trim().toLowerCase() ===
|
|
39
36
|
cveId.trim().toLowerCase());
|
|
40
37
|
if (exclude) {
|
|
41
38
|
removeNode(state, node);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cve.js","sourceRoot":"","sources":["../../../src/pseudo/cve.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAMrB,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACN,EAAE;IAChB,IAAI,KAAK,GAAG,EAAE,CAAA;IAEd,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,GAAG,YAAY,CAClB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,KAAK,GAAG,SAAS,CACf,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC/B,KAAK,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,CAAA;AAClB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC9C,
|
|
1
|
+
{"version":3,"file":"cve.js","sourceRoot":"","sources":["../../../src/pseudo/cve.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAMrB,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACN,EAAE;IAChB,IAAI,KAAK,GAAG,EAAE,CAAA;IAEd,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,GAAG,YAAY,CAClB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,KAAK,GAAG,SAAS,CACf,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC/B,KAAK,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,CAAA;AAClB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC9C,qBAAqB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAEnC,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,+BAA+B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAC9D,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,GAAG,SAAS,CAAA;IAC3B,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CACN,KAAK,CAAC,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE;YACxC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAC7B,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n asPostcssNodeWithChildren,\n asStringNode,\n asTagNode,\n isStringNode,\n isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n assertSecurityArchive,\n removeDanglingEdges,\n removeNode,\n removeQuotes,\n} from './helpers.ts'\n\nexport type CveInternals = {\n cveId: string\n}\n\nexport const parseInternals = (\n nodes: PostcssNode[],\n): CveInternals => {\n let cveId = ''\n\n if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n cveId = removeQuotes(\n asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n .value,\n )\n } else if (\n isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n ) {\n cveId = asTagNode(\n asPostcssNodeWithChildren(nodes[0]).nodes[0],\n ).value\n }\n\n if (!cveId) {\n throw error('Expected a CVE ID', {\n found: asPostcssNodeWithChildren(nodes[0]).nodes[0],\n })\n }\n\n return { cveId }\n}\n\n/**\n * Filters out any node that does not have a CVE alert with the specified CVE ID.\n */\nexport const cve = async (state: ParserState) => {\n assertSecurityArchive(state, 'cve')\n\n let internals\n try {\n internals = parseInternals(\n asPostcssNodeWithChildren(state.current).nodes,\n )\n } catch (err) {\n throw error('Failed to parse :cve selector', { cause: err })\n }\n\n const { cveId } = internals\n for (const node of state.partial.nodes) {\n const report = state.securityArchive.get(node.id)\n const exclude = !report?.alerts.some(\n alert =>\n alert.props?.cveId?.trim().toLowerCase() ===\n cveId.trim().toLowerCase(),\n )\n if (exclude) {\n removeNode(state, node)\n }\n }\n\n removeDanglingEdges(state)\n\n return state\n}\n"]}
|
package/dist/esm/pseudo/cwe.d.ts
CHANGED
|
@@ -6,5 +6,7 @@ export declare const parseInternals: (nodes: PostcssNode[]) => CweInternals;
|
|
|
6
6
|
/**
|
|
7
7
|
* Filters out any node that does not have a CWE alert with the specified CWE ID.
|
|
8
8
|
*/
|
|
9
|
-
export declare const cwe: (state: ParserState) => Promise<ParserState
|
|
9
|
+
export declare const cwe: (state: ParserState) => Promise<ParserState & {
|
|
10
|
+
securityArchive: NonNullable<ParserState["securityArchive"]>;
|
|
11
|
+
}>;
|
|
10
12
|
//# sourceMappingURL=cwe.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cwe.d.ts","sourceRoot":"","sources":["../../../src/pseudo/cwe.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"cwe.d.ts","sourceRoot":"","sources":["../../../src/pseudo/cwe.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAQ3D,MAAM,MAAM,YAAY,GAAG;IACzB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB,YAuBF,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,GAAG,UAAiB,WAAW;;EA6B3C,CAAA"}
|
package/dist/esm/pseudo/cwe.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { error } from '@vltpkg/error-cause';
|
|
2
2
|
import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
|
|
3
|
-
import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
|
|
3
|
+
import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
|
|
4
4
|
export const parseInternals = (nodes) => {
|
|
5
5
|
let cweId = '';
|
|
6
6
|
if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
|
|
@@ -21,10 +21,7 @@ export const parseInternals = (nodes) => {
|
|
|
21
21
|
* Filters out any node that does not have a CWE alert with the specified CWE ID.
|
|
22
22
|
*/
|
|
23
23
|
export const cwe = async (state) => {
|
|
24
|
-
|
|
25
|
-
throw new Error('Missing security archive while trying to parse ' +
|
|
26
|
-
'the :cwe security selector');
|
|
27
|
-
}
|
|
24
|
+
assertSecurityArchive(state, 'cwe');
|
|
28
25
|
let internals;
|
|
29
26
|
try {
|
|
30
27
|
internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
|
|
@@ -35,7 +32,7 @@ export const cwe = async (state) => {
|
|
|
35
32
|
const { cweId } = internals;
|
|
36
33
|
for (const node of state.partial.nodes) {
|
|
37
34
|
const report = state.securityArchive.get(node.id);
|
|
38
|
-
const exclude = !report?.alerts.some(alert => alert.props
|
|
35
|
+
const exclude = !report?.alerts.some(alert => alert.props?.cwes?.some(cwe => cwe.id.trim().toLowerCase() === cweId.trim().toLowerCase()));
|
|
39
36
|
if (exclude) {
|
|
40
37
|
removeNode(state, node);
|
|
41
38
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cwe.js","sourceRoot":"","sources":["../../../src/pseudo/cwe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAMrB,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACN,EAAE;IAChB,IAAI,KAAK,GAAG,EAAE,CAAA;IAEd,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,GAAG,YAAY,CAClB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,KAAK,GAAG,SAAS,CACf,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC/B,KAAK,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,CAAA;AAClB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC9C,
|
|
1
|
+
{"version":3,"file":"cwe.js","sourceRoot":"","sources":["../../../src/pseudo/cwe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAMrB,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACN,EAAE;IAChB,IAAI,KAAK,GAAG,EAAE,CAAA;IAEd,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,GAAG,YAAY,CAClB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,KAAK,GAAG,SAAS,CACf,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC/B,KAAK,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,CAAA;AAClB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC9C,qBAAqB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAEnC,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,+BAA+B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAC9D,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,GAAG,SAAS,CAAA;IAC3B,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAC3C,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,IAAI,CACrB,GAAG,CAAC,EAAE,CACJ,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAC7D,CACF,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n asPostcssNodeWithChildren,\n asStringNode,\n asTagNode,\n isStringNode,\n isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n assertSecurityArchive,\n removeDanglingEdges,\n removeNode,\n removeQuotes,\n} from './helpers.ts'\n\nexport type CweInternals = {\n cweId: string\n}\n\nexport const parseInternals = (\n nodes: PostcssNode[],\n): CweInternals => {\n let cweId = ''\n\n if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n cweId = removeQuotes(\n asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n .value,\n )\n } else if (\n isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n ) {\n cweId = asTagNode(\n asPostcssNodeWithChildren(nodes[0]).nodes[0],\n ).value\n }\n\n if (!cweId) {\n throw error('Expected a CWE ID', {\n found: asPostcssNodeWithChildren(nodes[0]).nodes[0],\n })\n }\n\n return { cweId }\n}\n\n/**\n * Filters out any node that does not have a CWE alert with the specified CWE ID.\n */\nexport const cwe = async (state: ParserState) => {\n assertSecurityArchive(state, 'cwe')\n\n let internals\n try {\n internals = parseInternals(\n asPostcssNodeWithChildren(state.current).nodes,\n )\n } catch (err) {\n throw error('Failed to parse :cwe selector', { cause: err })\n }\n\n const { cweId } = internals\n for (const node of state.partial.nodes) {\n const report = state.securityArchive.get(node.id)\n const exclude = !report?.alerts.some(alert =>\n alert.props?.cwes?.some(\n cwe =>\n cwe.id.trim().toLowerCase() === cweId.trim().toLowerCase(),\n ),\n )\n if (exclude) {\n removeNode(state, node)\n }\n }\n\n removeDanglingEdges(state)\n\n return state\n}\n"]}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **debugAccess** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const debug: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const debug: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=debug.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"debug.d.ts","sourceRoot":"","sources":["../../../src/pseudo/debug.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,KAAK,
|
|
1
|
+
{"version":3,"file":"debug.d.ts","sourceRoot":"","sources":["../../../src/pseudo/debug.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,KAAK;;EAGjB,CAAA"}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **deprecated** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const deprecated: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const deprecated: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=deprecated.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deprecated.d.ts","sourceRoot":"","sources":["../../../src/pseudo/deprecated.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU,
|
|
1
|
+
{"version":3,"file":"deprecated.d.ts","sourceRoot":"","sources":["../../../src/pseudo/deprecated.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;EAGtB,CAAA"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"dev.d.ts","sourceRoot":"","sources":["../../../src/pseudo/dev.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAG9C;;GAEG;AACH,eAAO,MAAM,GAAG,UAAiB,WAAW,yBAW3C,CAAA"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
import { removeEdge, removeUnlinkedNodes } from "./helpers.js";
|
|
2
|
+
/**
|
|
3
|
+
* :dev Pseudo-Selector will only match devDependencies.
|
|
4
|
+
*/
|
|
5
|
+
export const dev = async (state) => {
|
|
6
|
+
// filter edges that don't have type 'dev'
|
|
7
|
+
for (const edge of state.partial.edges) {
|
|
8
|
+
if (edge.type !== 'dev') {
|
|
9
|
+
removeEdge(state, edge);
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
removeUnlinkedNodes(state);
|
|
13
|
+
return state;
|
|
14
|
+
};
|
|
15
|
+
//# sourceMappingURL=dev.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"dev.js","sourceRoot":"","sources":["../../../src/pseudo/dev.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAA;AAE9D;;GAEG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC9C,0CAA0C;IAC1C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YACxB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import type { ParserState } from '../types.ts'\nimport { removeEdge, removeUnlinkedNodes } from './helpers.ts'\n\n/**\n * :dev Pseudo-Selector will only match devDependencies.\n */\nexport const dev = async (state: ParserState) => {\n // filter edges that don't have type 'dev'\n for (const edge of state.partial.edges) {\n if (edge.type !== 'dev') {\n removeEdge(state, edge)\n }\n }\n\n removeUnlinkedNodes(state)\n\n return state\n}\n"]}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **dynamicRequire** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const dynamic: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const dynamic: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=dynamic.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dynamic.d.ts","sourceRoot":"","sources":["../../../src/pseudo/dynamic.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO,
|
|
1
|
+
{"version":3,"file":"dynamic.d.ts","sourceRoot":"","sources":["../../../src/pseudo/dynamic.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO;;EAGnB,CAAA"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import type { ParserState } from '../types.ts';
|
|
2
|
+
/**
|
|
3
|
+
* :empty Pseudo-Selector, matches only nodes that have no children.
|
|
4
|
+
* It filters out any node that has edges out, i.e., has dependencies.
|
|
5
|
+
*/
|
|
6
|
+
export declare const empty: (state: ParserState) => Promise<ParserState>;
|
|
7
|
+
//# sourceMappingURL=empty.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"empty.d.ts","sourceRoot":"","sources":["../../../src/pseudo/empty.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAG9C;;;GAGG;AACH,eAAO,MAAM,KAAK,UAAiB,WAAW,yBAO7C,CAAA"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { removeNode } from "./helpers.js";
|
|
2
|
+
/**
|
|
3
|
+
* :empty Pseudo-Selector, matches only nodes that have no children.
|
|
4
|
+
* It filters out any node that has edges out, i.e., has dependencies.
|
|
5
|
+
*/
|
|
6
|
+
export const empty = async (state) => {
|
|
7
|
+
for (const node of state.partial.nodes) {
|
|
8
|
+
if (node.edgesOut.size > 0) {
|
|
9
|
+
removeNode(state, node);
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
return state;
|
|
13
|
+
};
|
|
14
|
+
//# sourceMappingURL=empty.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"empty.js","sourceRoot":"","sources":["../../../src/pseudo/empty.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAA;AAEzC;;;GAGG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAChD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC3B,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import type { ParserState } from '../types.ts'\nimport { removeNode } from './helpers.ts'\n\n/**\n * :empty Pseudo-Selector, matches only nodes that have no children.\n * It filters out any node that has edges out, i.e., has dependencies.\n */\nexport const empty = async (state: ParserState) => {\n for (const node of state.partial.nodes) {\n if (node.edgesOut.size > 0) {\n removeNode(state, node)\n }\n }\n return state\n}\n"]}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **highEntropyStrings** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const entropic: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const entropic: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=entropic.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"entropic.d.ts","sourceRoot":"","sources":["../../../src/pseudo/entropic.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ,
|
|
1
|
+
{"version":3,"file":"entropic.d.ts","sourceRoot":"","sources":["../../../src/pseudo/entropic.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ;;EAGpB,CAAA"}
|
package/dist/esm/pseudo/env.d.ts
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **envVars** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const env: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const env: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=env.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../../src/pseudo/env.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,GAAG,
|
|
1
|
+
{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../../src/pseudo/env.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,GAAG;;EAAiD,CAAA"}
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **usesEval** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const evalParser: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const evalParser: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=eval.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"eval.d.ts","sourceRoot":"","sources":["../../../src/pseudo/eval.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU,
|
|
1
|
+
{"version":3,"file":"eval.d.ts","sourceRoot":"","sources":["../../../src/pseudo/eval.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;EAGtB,CAAA"}
|
package/dist/esm/pseudo/fs.d.ts
CHANGED
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Filters out any node that does not have a **filesystemAccess** report alert.
|
|
3
3
|
*/
|
|
4
|
-
export declare const fs: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState
|
|
4
|
+
export declare const fs: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
|
|
5
|
+
securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
|
|
6
|
+
}>;
|
|
5
7
|
//# sourceMappingURL=fs.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"fs.d.ts","sourceRoot":"","sources":["../../../src/pseudo/fs.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"fs.d.ts","sourceRoot":"","sources":["../../../src/pseudo/fs.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,EAAE;;EAGd,CAAA"}
|
|
@@ -1,19 +1,35 @@
|
|
|
1
|
-
import type { NodeLike } from '@vltpkg/graph';
|
|
1
|
+
import type { EdgeLike, NodeLike } from '@vltpkg/graph';
|
|
2
2
|
import type { ParserState } from '../types.js';
|
|
3
3
|
/**
|
|
4
4
|
* Removes a node and its incoming edges from the results.
|
|
5
5
|
*/
|
|
6
6
|
export declare const removeNode: (state: ParserState, node: NodeLike) => void;
|
|
7
|
+
/**
|
|
8
|
+
* Removes an edge and its outgoing node from the results.
|
|
9
|
+
*/
|
|
10
|
+
export declare const removeEdge: (state: ParserState, edge: EdgeLike) => void;
|
|
7
11
|
/**
|
|
8
12
|
* Removes any edges that have no destination node from the results.
|
|
9
13
|
*/
|
|
10
14
|
export declare const removeDanglingEdges: (state: ParserState) => void;
|
|
15
|
+
/**
|
|
16
|
+
* Removes any nodes that have no incoming edges from the results.
|
|
17
|
+
*/
|
|
18
|
+
export declare const removeUnlinkedNodes: (state: ParserState) => void;
|
|
11
19
|
/**
|
|
12
20
|
* Removes quotes from a string value.
|
|
13
21
|
*/
|
|
14
22
|
export declare const removeQuotes: (value: string) => string;
|
|
23
|
+
/**
|
|
24
|
+
* Asserts that the security archive is present.
|
|
25
|
+
*/
|
|
26
|
+
export declare const assertSecurityArchive: (state: ParserState, name: string) => asserts state is ParserState & {
|
|
27
|
+
securityArchive: NonNullable<ParserState['securityArchive']>;
|
|
28
|
+
};
|
|
15
29
|
/**
|
|
16
30
|
* Reusable security selector alert filter.
|
|
17
31
|
*/
|
|
18
|
-
export declare const createSecuritySelectorFilter: (name: string, type: string) => (state: ParserState) => Promise<ParserState
|
|
32
|
+
export declare const createSecuritySelectorFilter: (name: string, type: string) => (state: ParserState) => Promise<ParserState & {
|
|
33
|
+
securityArchive: NonNullable<ParserState["securityArchive"]>;
|
|
34
|
+
}>;
|
|
19
35
|
//# sourceMappingURL=helpers.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/pseudo/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;
|
|
1
|
+
{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/pseudo/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AACvD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAG9C;;GAEG;AACH,eAAO,MAAM,UAAU,UAAW,WAAW,QAAQ,QAAQ,SAK5D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,UAAU,UAAW,WAAW,QAAQ,QAAQ,SAK5D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,mBAAmB,UAAW,WAAW,SAMrD,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,mBAAmB,UAAW,WAAW,SAMrD,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,YAAY,UAAW,MAAM,WACR,CAAA;AAElC;;GAEG;AACH,eAAO,MAAM,qBAAqB,EAAE,CAClC,KAAK,EAAE,WAAW,EAClB,IAAI,EAAE,MAAM,KACT,OAAO,CAAC,KAAK,IAAI,WAAW,GAAG;IAClC,eAAe,EAAE,WAAW,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAA;CAQ7D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,4BAA4B,SACjC,MAAM,QACN,MAAM,aAES,WAAW;qBAjBf,WAAW,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC;EAkC7D,CAAA"}
|