audit-trace 0.1.7 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -0
- package/dist/cli.js +2 -0
- package/dist/cli.js.map +1 -1
- package/dist/core/audit-parser/normalize.d.ts.map +1 -1
- package/dist/core/audit-parser/normalize.js +12 -2
- package/dist/core/audit-parser/normalize.js.map +1 -1
- package/dist/core/graph-engine/npm-lock.js +1 -1
- package/dist/core/graph-engine/npm-lock.js.map +1 -1
- package/dist/core/graph-engine/traverse.d.ts +1 -1
- package/dist/core/graph-engine/traverse.d.ts.map +1 -1
- package/dist/core/graph-engine/traverse.js +3 -2
- package/dist/core/graph-engine/traverse.js.map +1 -1
- package/dist/core/models.d.ts +5 -1
- package/dist/core/models.d.ts.map +1 -1
- package/dist/core/models.js.map +1 -1
- package/dist/core/ownership/tracer.d.ts +1 -1
- package/dist/core/ownership/tracer.d.ts.map +1 -1
- package/dist/core/ownership/tracer.js +2 -2
- package/dist/core/ownership/tracer.js.map +1 -1
- package/dist/core/remediation-engine/engine.d.ts +1 -0
- package/dist/core/remediation-engine/engine.d.ts.map +1 -1
- package/dist/core/remediation-engine/engine.js +32 -7
- package/dist/core/remediation-engine/engine.js.map +1 -1
- package/dist/core/workspace-engine/detect.d.ts +8 -1
- package/dist/core/workspace-engine/detect.d.ts.map +1 -1
- package/dist/core/workspace-engine/detect.js +63 -7
- package/dist/core/workspace-engine/detect.js.map +1 -1
- package/dist/lib/analyze.d.ts.map +1 -1
- package/dist/lib/analyze.js +50 -6
- package/dist/lib/analyze.js.map +1 -1
- package/dist/output/brief-reporter.d.ts +1 -0
- package/dist/output/brief-reporter.d.ts.map +1 -1
- package/dist/output/brief-reporter.js +38 -17
- package/dist/output/brief-reporter.js.map +1 -1
- package/dist/output/finding-meta.d.ts +5 -1
- package/dist/output/finding-meta.d.ts.map +1 -1
- package/dist/output/finding-meta.js +9 -1
- package/dist/output/finding-meta.js.map +1 -1
- package/dist/output/html-reporter.d.ts.map +1 -1
- package/dist/output/html-reporter.js +5 -1
- package/dist/output/html-reporter.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -64,6 +64,18 @@ Produces a **prioritized fix plan** with ownership context and a **paste-ready p
|
|
|
64
64
|
- `--no-prompt` — omit the AI prompt block
|
|
65
65
|
- `--prod-only`, `--audit-file`, `--pm` — same as `report`
|
|
66
66
|
|
|
67
|
+
### Monorepos and Workspaces
|
|
68
|
+
|
|
69
|
+
If you are working in a monorepo workspace (e.g., npm or pnpm workspaces), you can run `audit-trace` inside the root workspace folder to analyze the whole monorepo, or run it directly inside any subpackage directory under `packages/` to audit and trace dependencies specifically for that subpackage:
|
|
70
|
+
|
|
71
|
+
```bash
|
|
72
|
+
# Audit a specific subpackage from its directory
|
|
73
|
+
cd packages/my-sub-package
|
|
74
|
+
audit-trace report
|
|
75
|
+
```
|
|
76
|
+
|
|
77
|
+
This works by automatically traversing up to find the workspace root containing the lockfile, running the audit at the workspace level, and then filtering the dependency graph and findings to only show vulnerabilities that are transitive dependencies of the subpackage.
|
|
78
|
+
|
|
67
79
|
### Interactive UI (Ink)
|
|
68
80
|
|
|
69
81
|
```bash
|
package/dist/cli.js
CHANGED
|
@@ -117,6 +117,7 @@ program
|
|
|
117
117
|
top: Number(opts.top) || 5,
|
|
118
118
|
includePrompt: opts.prompt !== false,
|
|
119
119
|
focusPackage: opts.pkg,
|
|
120
|
+
prodOnly: Boolean(opts.prodOnly),
|
|
120
121
|
});
|
|
121
122
|
spin.succeed(brief.status === "clean" ? "Clean — no vulnerabilities found" : "Done");
|
|
122
123
|
if (opts.json) {
|
|
@@ -127,6 +128,7 @@ program
|
|
|
127
128
|
top: Number(opts.top) || 5,
|
|
128
129
|
includePrompt: opts.prompt !== false,
|
|
129
130
|
focusPackage: opts.pkg,
|
|
131
|
+
prodOnly: Boolean(opts.prodOnly),
|
|
130
132
|
}));
|
|
131
133
|
process.stdout.write("\n");
|
|
132
134
|
}
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC7E,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC5F,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAC;AACzE,OAAO,EACL,YAAY,EACZ,oBAAoB,EACpB,SAAS,EACT,qBAAqB,GACtB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AACxE,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,aAAa,CAAC;KACnB,WAAW,CAAC,0DAA0D,CAAC;KACvE,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;KACtC,WAAW,CAAC,4CAA4C,CAAC;KACzD,MAAM,CAAC,iBAAiB,EAAE,cAAc,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;KACxD,MAAM,CAAC,QAAQ,EAAE,uBAAuB,CAAC;KACzC,MAAM,CAAC,YAAY,EAAE,iBAAiB,CAAC;KACvC,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC;KAC/B,MAAM,CAAC,MAAM,EAAE,oCAAoC,CAAC;KACpD,MAAM,CAAC,cAAc,EAAE,gCAAgC,CAAC;KACxD,MAAM,CAAC,mBAAmB,EAAE,sCAAsC,EAAE,MAAM,CAAC;KAC3E,MAAM,CAAC,aAAa,EAAE,0CAA0C,CAAC;KACjE,MAAM,CAAC,qBAAqB,EAAE,6CAA6C,CAAC;KAC5E,MAAM,CAAC,aAAa,EAAE,eAAe,CAAC;KACtC,MAAM,CAAC,gBAAgB,EAAE,8CAA8C,CAAC;KACxE,MAAM,CAAC,oBAAoB,EAAE,mDAAmD,CAAC;KACjF,MAAM,CAAC,mBAAmB,EAAE,+BAA+B,CAAC;KAC5D,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,CAAC;IACvC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,CAAC;QAC/D,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,YAAY,EAAE,IAAI,CAAC,SAAS;QAC5B,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,YAAY,EAAE,IAAI,CAAC,KAAK;QACxB,eAAe,EAAE,IAAI,CAAC,eAAe;KACtC,CAAC,CAAC;IACH,IAAI,CAAC,OAAO,CACV,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC,CAAC,MAAM,CAC3E,CAAC;IACF,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjF,CAAC;IACD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,YAAY,CAAC,EAAE,GAAG,MAAM,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC,CACrE,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;SAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;IAC5D,CAAC;SAAM,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACrB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;IACxD,CAAC;SAAM,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QAC5B,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,KAAK,EAAE;YACrD,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,OAAO,EAAE,IAAI,CAAC,SAAS;SACxB,CAAC,CACH,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,cAAc,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,IAAI,CACnE,CAAC;QACJ,CAAC;IACH,CAAC;IACD,IAAI,IAAI,CAAC,EAAE;QAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACtC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,mDAAmD,CAAC;KAChE,MAAM,CAAC,iBAAiB,EAAE,cAAc,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;KACxD,MAAM,CAAC,WAAW,EAAE,8BAA8B,EAAE,GAAG,CAAC;KACxD,MAAM,CAAC,aAAa,EAAE,0CAA0C,CAAC;KACjE,MAAM,CAAC,cAAc,EAAE,iCAAiC,CAAC;KACzD,MAAM,CAAC,qBAAqB,EAAE,6CAA6C,CAAC;KAC5E,MAAM,CAAC,aAAa,EAAE,eAAe,CAAC;KACtC,MAAM,CAAC,QAAQ,EAAE,uBAAuB,CAAC;KACzC,MAAM,CAAC,aAAa,EAAE,0BAA0B,CAAC;KACjD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,CAAC;IACvC,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9B,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,CAAC;QACrD,GAAG;QACH,YAAY,EAAE,IAAI,CAAC,SAAS;QAC5B,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACxB,CAAC,CAAC;IAEH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAC9C,MAAM,EAAE,GACN,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACrF,MAAM,YAAY,GAChB,IAAI,CAAC,IAAI,KAAK,MAAM;QAClB,CAAC,CAAC,MAAM;QACR,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM;YACpB,CAAC,CAAC,gBAAgB;YAClB,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM;gBACpB,CAAC,CAAC,WAAW;gBACb,CAAC,CAAC,mBAAmB,CAAC;IAE9B,MAAM,KAAK,GAAG,gBAAgB,CAC5B,MAAM,CAAC,QAAQ,EACf,SAAS,EACT,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,KAAK,EACZ;QACE,WAAW,EAAE,QAAQ,CAAC,GAAG,CAAC;QAC1B,EAAE;QACF,YAAY;QACZ,UAAU,EAAE,SAAS,CAAC,UAAU;KACjC,EACD;QACE,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;QAC1B,aAAa,EAAE,IAAI,CAAC,MAAM,KAAK,KAAK;QACpC,YAAY,EAAE,IAAI,CAAC,GAAG;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,MAAM,+BAA+B,CAAC;AAC7E,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,gBAAgB,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC5F,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAC;AACzE,OAAO,EACL,YAAY,EACZ,oBAAoB,EACpB,SAAS,EACT,qBAAqB,GACtB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,yCAAyC,CAAC;AACxE,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,EAAE,MAAM,KAAK,CAAC;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,aAAa,CAAC;KACnB,WAAW,CAAC,0DAA0D,CAAC;KACvE,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;KACtC,WAAW,CAAC,4CAA4C,CAAC;KACzD,MAAM,CAAC,iBAAiB,EAAE,cAAc,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;KACxD,MAAM,CAAC,QAAQ,EAAE,uBAAuB,CAAC;KACzC,MAAM,CAAC,YAAY,EAAE,iBAAiB,CAAC;KACvC,MAAM,CAAC,QAAQ,EAAE,aAAa,CAAC;KAC/B,MAAM,CAAC,MAAM,EAAE,oCAAoC,CAAC;KACpD,MAAM,CAAC,cAAc,EAAE,gCAAgC,CAAC;KACxD,MAAM,CAAC,mBAAmB,EAAE,sCAAsC,EAAE,MAAM,CAAC;KAC3E,MAAM,CAAC,aAAa,EAAE,0CAA0C,CAAC;KACjE,MAAM,CAAC,qBAAqB,EAAE,6CAA6C,CAAC;KAC5E,MAAM,CAAC,aAAa,EAAE,eAAe,CAAC;KACtC,MAAM,CAAC,gBAAgB,EAAE,8CAA8C,CAAC;KACxE,MAAM,CAAC,oBAAoB,EAAE,mDAAmD,CAAC;KACjF,MAAM,CAAC,mBAAmB,EAAE,+BAA+B,CAAC;KAC5D,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,CAAC;IACvC,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,CAAC;QAC/D,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,YAAY,EAAE,IAAI,CAAC,SAAS;QAC5B,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,YAAY,EAAE,IAAI,CAAC,KAAK;QACxB,eAAe,EAAE,IAAI,CAAC,eAAe;KACtC,CAAC,CAAC;IACH,IAAI,CAAC,OAAO,CACV,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC,CAAC,MAAM,CAC3E,CAAC;IACF,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjF,CAAC;IACD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,YAAY,CAAC,EAAE,GAAG,MAAM,EAAE,OAAO,EAAE,EAAE,SAAS,EAAE,SAAS,CAAC,KAAK,EAAE,EAAE,CAAC,CACrE,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;SAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;IAC5D,CAAC;SAAM,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACrB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC;IACxD,CAAC;SAAM,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QAC5B,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,YAAY,CAAC,MAAM,CAAC,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,KAAK,EAAE;YACrD,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,OAAO,EAAE,IAAI,CAAC,SAAS;SACxB,CAAC,CACH,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,cAAc,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,IAAI,CACnE,CAAC;QACJ,CAAC;IACH,CAAC;IACD,IAAI,IAAI,CAAC,EAAE;QAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACtC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,mDAAmD,CAAC;KAChE,MAAM,CAAC,iBAAiB,EAAE,cAAc,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;KACxD,MAAM,CAAC,WAAW,EAAE,8BAA8B,EAAE,GAAG,CAAC;KACxD,MAAM,CAAC,aAAa,EAAE,0CAA0C,CAAC;KACjE,MAAM,CAAC,cAAc,EAAE,iCAAiC,CAAC;KACzD,MAAM,CAAC,qBAAqB,EAAE,6CAA6C,CAAC;KAC5E,MAAM,CAAC,aAAa,EAAE,eAAe,CAAC;KACtC,MAAM,CAAC,QAAQ,EAAE,uBAAuB,CAAC;KACzC,MAAM,CAAC,aAAa,EAAE,0BAA0B,CAAC;KACjD,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IACrB,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,CAAC,KAAK,EAAE,CAAC;IACvC,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9B,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,GAAG,MAAM,OAAO,CAAC;QACrD,GAAG;QACH,YAAY,EAAE,IAAI,CAAC,SAAS;QAC5B,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACxB,CAAC,CAAC;IAEH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAC9C,MAAM,EAAE,GACN,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IACrF,MAAM,YAAY,GAChB,IAAI,CAAC,IAAI,KAAK,MAAM;QAClB,CAAC,CAAC,MAAM;QACR,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM;YACpB,CAAC,CAAC,gBAAgB;YAClB,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM;gBACpB,CAAC,CAAC,WAAW;gBACb,CAAC,CAAC,mBAAmB,CAAC;IAE9B,MAAM,KAAK,GAAG,gBAAgB,CAC5B,MAAM,CAAC,QAAQ,EACf,SAAS,EACT,MAAM,CAAC,WAAW,EAClB,MAAM,CAAC,KAAK,EACZ;QACE,WAAW,EAAE,QAAQ,CAAC,GAAG,CAAC;QAC1B,EAAE;QACF,YAAY;QACZ,UAAU,EAAE,SAAS,CAAC,UAAU;KACjC,EACD;QACE,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;QAC1B,aAAa,EAAE,IAAI,CAAC,MAAM,KAAK,KAAK;QACpC,YAAY,EAAE,IAAI,CAAC,GAAG;QACtB,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;KACjC,CACF,CAAC;IAEF,IAAI,CAAC,OAAO,CACV,KAAK,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC,CAAC,MAAM,CACvE,CAAC;IAEF,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;IAClD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,eAAe,CAAC,KAAK,EAAE;YACrB,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;YAC1B,aAAa,EAAE,IAAI,CAAC,MAAM,KAAK,KAAK;YACpC,YAAY,EAAE,IAAI,CAAC,GAAG;YACtB,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;SACjC,CAAC,CACH,CAAC;QACF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,KAAK,CAAC;KACd,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;KACjC,MAAM,CAAC,iBAAiB,EAAE,cAAc,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;KACxD,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC1B,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7D,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QACtB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,GAAG,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;IAC/C,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IAChC,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;QACrB,MAAM,IAAI,GAAG,qBAAqB,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CACpF,CAAC;IACJ,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;KACjC,MAAM,CAAC,iBAAiB,EAAE,cAAc,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;KACxD,MAAM,CAAC,aAAa,EAAE,WAAW,EAAE,GAAG,CAAC;KACvC,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC1B,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;IAC/C,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACpC,KAAK,MAAM,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;QACjC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YAC7C,MAAM,KAAK,GAAG,oBAAoB,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;YAC3D,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;gBACtB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;YAC/F,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;KACjC,MAAM,CAAC,iBAAiB,EAAE,cAAc,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;KACxD,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;IAC1B,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;IAC/C,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IAChC,KAAK,MAAM,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;QACjC,MAAM,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAC7B,KAAK,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YAClB,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAChC,IAAI,IAAI;gBAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,QAAQ,CAAC,UAAU,EAAE,2BAA2B,CAAC;KACjD,QAAQ,CAAC,SAAS,EAAE,sBAAsB,CAAC;KAC3C,MAAM,CAAC,mBAAmB,EAAE,iBAAiB,EAAE,KAAK,CAAC;KACrD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;IACpC,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC,CAAC;IAClD,MAAM,CAAC,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC,CAAC;IACjD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;IACnD,MAAM,CAAC,GAAG,aAAa,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;IACpC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC1D,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAC3C,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACjB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"normalize.d.ts","sourceRoot":"","sources":["../../../src/core/audit-parser/normalize.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAY,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAWnE,gCAAgC;AAChC,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,oBAAoB,EAAE,
|
|
1
|
+
{"version":3,"file":"normalize.d.ts","sourceRoot":"","sources":["../../../src/core/audit-parser/normalize.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAY,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAWnE,gCAAgC;AAChC,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,oBAAoB,EAAE,CA6FtF;AAED,iFAAiF;AACjF,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,oBAAoB,EAAE,CAEvF;AAED,kDAAkD;AAClD,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,oBAAoB,EAAE,CAwC5E"}
|
|
@@ -16,6 +16,7 @@ export function parseNpmAuditJson(raw) {
|
|
|
16
16
|
const vulns = raw.vulnerabilities;
|
|
17
17
|
if (vulns) {
|
|
18
18
|
for (const [name, v] of Object.entries(vulns)) {
|
|
19
|
+
const pkgName = v.name ?? name;
|
|
19
20
|
const via = v.via;
|
|
20
21
|
const titles = [];
|
|
21
22
|
const urls = [];
|
|
@@ -33,14 +34,23 @@ export function parseNpmAuditJson(raw) {
|
|
|
33
34
|
const fixRaw = v
|
|
34
35
|
.fixAvailable;
|
|
35
36
|
let patchedRange;
|
|
37
|
+
let fixViaPackage;
|
|
38
|
+
let fixViaVersion;
|
|
39
|
+
let fixIsSemVerMajor;
|
|
36
40
|
if (fixRaw && typeof fixRaw === "object" && fixRaw.version) {
|
|
37
|
-
|
|
41
|
+
const fixTarget = fixRaw.name ?? pkgName;
|
|
42
|
+
fixViaPackage = fixTarget;
|
|
43
|
+
fixViaVersion = fixRaw.version;
|
|
44
|
+
fixIsSemVerMajor = fixRaw.isSemVerMajor;
|
|
38
45
|
}
|
|
39
46
|
out.push({
|
|
40
47
|
id,
|
|
41
|
-
packageName:
|
|
48
|
+
packageName: pkgName,
|
|
42
49
|
vulnerableRange: v.range,
|
|
43
50
|
patchedRange,
|
|
51
|
+
fixViaPackage,
|
|
52
|
+
fixViaVersion,
|
|
53
|
+
fixIsSemVerMajor,
|
|
44
54
|
severity: sev(v.severity),
|
|
45
55
|
title: titles[0],
|
|
46
56
|
url: urls[0],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"normalize.js","sourceRoot":"","sources":["../../../src/core/audit-parser/normalize.ts"],"names":[],"mappings":"AAEA,SAAS,GAAG,CAAC,CAAqB;IAChC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IACrC,IAAI,CAAC,KAAK,UAAU;QAAE,OAAO,UAAU,CAAC;IACxC,IAAI,CAAC,KAAK,MAAM;QAAE,OAAO,MAAM,CAAC;IAChC,IAAI,CAAC,KAAK,UAAU,IAAI,CAAC,KAAK,QAAQ;QAAE,OAAO,UAAU,CAAC;IAC1D,IAAI,CAAC,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAC9B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,gCAAgC;AAChC,MAAM,UAAU,iBAAiB,CAAC,GAA4B;IAC5D,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,eAYL,CAAC;IAEd,IAAI,KAAK,EAAE,CAAC;QACV,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9C,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC;YAClB,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAa,EAAE,CAAC;YAC1B,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;oBACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,EAAE,CAAC;wBACrC,IAAI,IAAI,CAAC,KAAK;4BAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;wBAChD,IAAI,IAAI,CAAC,GAAG;4BAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;oBAC5C,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,EAAE,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,KAAK,IAAI,GAAG,EAAE,CAAC;YACvC,MAAM,MAAM,GAAI,
|
|
1
|
+
{"version":3,"file":"normalize.js","sourceRoot":"","sources":["../../../src/core/audit-parser/normalize.ts"],"names":[],"mappings":"AAEA,SAAS,GAAG,CAAC,CAAqB;IAChC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IACrC,IAAI,CAAC,KAAK,UAAU;QAAE,OAAO,UAAU,CAAC;IACxC,IAAI,CAAC,KAAK,MAAM;QAAE,OAAO,MAAM,CAAC;IAChC,IAAI,CAAC,KAAK,UAAU,IAAI,CAAC,KAAK,QAAQ;QAAE,OAAO,UAAU,CAAC;IAC1D,IAAI,CAAC,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAC9B,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,gCAAgC;AAChC,MAAM,UAAU,iBAAiB,CAAC,GAA4B;IAC5D,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,eAYL,CAAC;IAEd,IAAI,KAAK,EAAE,CAAC;QACV,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9C,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC;YAC/B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC;YAClB,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAa,EAAE,CAAC;YAC1B,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;oBACvB,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,EAAE,CAAC;wBACrC,IAAI,IAAI,CAAC,KAAK;4BAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;wBAChD,IAAI,IAAI,CAAC,GAAG;4BAAE,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;oBAC5C,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,EAAE,GAAG,GAAG,IAAI,IAAI,CAAC,CAAC,KAAK,IAAI,GAAG,EAAE,CAAC;YACvC,MAAM,MAAM,GAAI,CAA+F;iBAC5G,YAAY,CAAC;YAEhB,IAAI,YAAgC,CAAC;YACrC,IAAI,aAAiC,CAAC;YACtC,IAAI,aAAiC,CAAC;YACtC,IAAI,gBAAqC,CAAC;YAE1C,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBAC3D,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,IAAI,OAAO,CAAC;gBACzC,aAAa,GAAG,SAAS,CAAC;gBAC1B,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC;gBAC/B,gBAAgB,GAAG,MAAM,CAAC,aAAa,CAAC;YAC1C,CAAC;YAED,GAAG,CAAC,IAAI,CAAC;gBACP,EAAE;gBACF,WAAW,EAAE,OAAO;gBACpB,eAAe,EAAE,CAAC,CAAC,KAAK;gBACxB,YAAY;gBACZ,aAAa;gBACb,aAAa;gBACb,gBAAgB;gBAChB,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC;gBACzB,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;gBAChB,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;gBACZ,SAAS,EAAE,CAAC,CAAC,KAAK;aACnB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,GAAG,CAAC,UAaV,CAAC;IAEd,IAAI,UAAU,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;YAClD,GAAG,CAAC,IAAI,CAAC;gBACP,EAAE,EAAE,OAAO,GAAG,EAAE;gBAChB,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,SAAS;gBACvC,eAAe,EAAE,CAAC,CAAC,mBAAmB;gBACtC,YAAY,EAAE,CAAC,CAAC,gBAAgB;gBAChC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC;gBACzB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,MAAM,EAAE,CAAC,CAAC,IAAI;aACf,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED,iFAAiF;AACjF,MAAM,UAAU,kBAAkB,CAAC,GAA4B;IAC7D,OAAO,iBAAiB,CAAC,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,kDAAkD;AAClD,MAAM,UAAU,uBAAuB,CAAC,IAAY;IAClD,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACpC,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QACtB,IAAI,CAAC,CAAC;YAAE,SAAS;QACjB,IAAI,GAA4B,CAAC;QACjC,IAAI,CAAC;YACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAA4B,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC;QACrB,IAAI,GAAG,KAAK,eAAe;YAAE,SAAS;QACtC,MAAM,IAAI,GAAG,GAAG,CAAC,IAYJ,CAAC;QACd,MAAM,CAAC,GAAG,IAAI,EAAE,QAAQ,CAAC;QACzB,IAAI,CAAC,CAAC,EAAE,WAAW;YAAE,SAAS;QAC9B,GAAG,CAAC,IAAI,CAAC;YACP,EAAE,EAAE,QAAQ,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,mBAAmB,IAAI,EAAE,EAAE;YAC1D,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,eAAe,EAAE,CAAC,CAAC,mBAAmB;YACtC,YAAY,EAAE,CAAC,CAAC,gBAAgB;YAChC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC;YACzB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,MAAM,EAAE,CAAC,CAAC,IAAI;SACf,CAAC,CAAC;IACL,CAAC;IACD,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;AACrB,CAAC;AAED,SAAS,MAAM,CAAC,CAAyB;IACvC,MAAM,CAAC,GAAG,IAAI,GAAG,EAAgC,CAAC;IAClD,KAAK,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QAClB,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;IACnC,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AACzB,CAAC"}
|
|
@@ -83,7 +83,7 @@ export function buildGraphFromPackageLock(raw, _rootDir) {
|
|
|
83
83
|
const childName = childEnt.name ?? pathToPackageName(childPath);
|
|
84
84
|
const fromId = parentPath === ""
|
|
85
85
|
? ensureRoot()
|
|
86
|
-
: findNodeId(nodes, parentPath, pathToPackageName(parentPath), getEntry(parentPath).version ?? "");
|
|
86
|
+
: findNodeId(nodes, parentPath, getEntry(parentPath).name ?? pathToPackageName(parentPath), getEntry(parentPath).version ?? "");
|
|
87
87
|
const toId = findNodeId(nodes, childPath, childName, childVer);
|
|
88
88
|
if (fromId && toId)
|
|
89
89
|
edges.push({ from: fromId, to: toId, depType: type });
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"npm-lock.js","sourceRoot":"","sources":["../../../src/core/graph-engine/npm-lock.ts"],"names":[],"mappings":"AAEA,SAAS,SAAS,CAAC,IAAY;IAC7B,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC7E,CAAC;AAED,gGAAgG;AAChG,MAAM,UAAU,qBAAqB,CACnC,QAAiC,EACjC,UAAkB,EAClB,OAAe;IAEf,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAC/B,IAAI,OAAO,GAAG,UAAU,CAAC;IAEzB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC;QACnC,MAAM,SAAS,GACb,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,iBAAiB,GAAG,EAAE,CAAC;QAC5E,IAAI,SAAS,IAAI,QAAQ;YAAE,OAAO,SAAS,CAAC;QAE5C,IAAI,OAAO,KAAK,EAAE;YAAE,MAAM;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;QAClD,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;YACf,MAAM,QAAQ,GAAG,gBAAgB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;YAC1C,MAAM;QACR,CAAC;QACD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChC,IAAI,OAAO,KAAK,EAAE,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,gBAAgB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;QAC5C,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAcD,MAAM,UAAU,yBAAyB,CACvC,GAA4B,EAC5B,QAAgB;IAEhB,MAAM,QAAQ,GAAG,GAAG,CAAC,QAA+C,CAAC;IACrE,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAChD,MAAM,KAAK,GAAqB,EAAE,CAAC;IACnC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAC;IAClD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,MAAM,YAAY,GAAG,CACnB,OAAe,EACf,IAAY,EACZ,GAAW,EACX,GAAY,EACZ,GAAY,EACZ,IAAa,EACb,EAAE;QACF,MAAM,EAAE,GAAG,GAAG,OAAO,KAAK,IAAI,IAAI,GAAG,EAAE,CAAC;QACxC,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAmB;YAC3B,EAAE;YACF,OAAO;YACP,IAAI;YACJ,OAAO,EAAE,GAAG;YACZ,GAAG;YACH,QAAQ,EAAE,GAAG;YACb,IAAI;SACL,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACd,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC;IAEF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAY,EAAE,CAAE,QAAQ,CAAC,CAAC,CAAc,IAAI,EAAE,CAAC;IAE1E,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,IAAI,OAAO,KAAK,EAAE;YAAE,SAAS;QAC7B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAC9B,IAAI,CAAC,GAAG;YAAE,SAAS;QACnB,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,YAAY,CAAC;QACtC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,SAAS,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,UAAU,GAAG,GAAG,EAAE,CACtB,iBAAiB,CAAC,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,CAAC,CAAC;IAE9D,MAAM,QAAQ,GAAG,CACf,UAAkB,EAClB,IAAwC,EACxC,IAA+B,EAC/B,EAAE;QACF,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxC,MAAM,SAAS,GAAG,qBAAqB,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YACvE,IAAI,CAAC,SAAS;gBAAE,SAAS;YACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;YACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC;YACxC,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAChE,MAAM,MAAM,GACV,UAAU,KAAK,EAAE;gBACf,CAAC,CAAC,UAAU,EAAE;gBACd,CAAC,CAAC,UAAU,CACR,KAAK,EACL,UAAU,EACV,iBAAiB,CAAC,UAAU,CAAC,
|
|
1
|
+
{"version":3,"file":"npm-lock.js","sourceRoot":"","sources":["../../../src/core/graph-engine/npm-lock.ts"],"names":[],"mappings":"AAEA,SAAS,SAAS,CAAC,IAAY;IAC7B,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC7E,CAAC;AAED,gGAAgG;AAChG,MAAM,UAAU,qBAAqB,CACnC,QAAiC,EACjC,UAAkB,EAClB,OAAe;IAEf,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAC/B,IAAI,OAAO,GAAG,UAAU,CAAC;IAEzB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC;QACnC,MAAM,SAAS,GACb,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,iBAAiB,GAAG,EAAE,CAAC;QAC5E,IAAI,SAAS,IAAI,QAAQ;YAAE,OAAO,SAAS,CAAC;QAE5C,IAAI,OAAO,KAAK,EAAE;YAAE,MAAM;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;QAClD,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;YACf,MAAM,QAAQ,GAAG,gBAAgB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;YAC1C,MAAM;QACR,CAAC;QACD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChC,IAAI,OAAO,KAAK,EAAE,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,gBAAgB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;QAC5C,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAcD,MAAM,UAAU,yBAAyB,CACvC,GAA4B,EAC5B,QAAgB;IAEhB,MAAM,QAAQ,GAAG,GAAG,CAAC,QAA+C,CAAC;IACrE,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAChD,MAAM,KAAK,GAAqB,EAAE,CAAC;IACnC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAC;IAClD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,MAAM,YAAY,GAAG,CACnB,OAAe,EACf,IAAY,EACZ,GAAW,EACX,GAAY,EACZ,GAAY,EACZ,IAAa,EACb,EAAE;QACF,MAAM,EAAE,GAAG,GAAG,OAAO,KAAK,IAAI,IAAI,GAAG,EAAE,CAAC;QACxC,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAmB;YAC3B,EAAE;YACF,OAAO;YACP,IAAI;YACJ,OAAO,EAAE,GAAG;YACZ,GAAG;YACH,QAAQ,EAAE,GAAG;YACb,IAAI;SACL,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACd,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC;IAEF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAY,EAAE,CAAE,QAAQ,CAAC,CAAC,CAAc,IAAI,EAAE,CAAC;IAE1E,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,IAAI,OAAO,KAAK,EAAE;YAAE,SAAS;QAC7B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAC9B,IAAI,CAAC,GAAG;YAAE,SAAS;QACnB,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,YAAY,CAAC;QACtC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,SAAS,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,UAAU,GAAG,GAAG,EAAE,CACtB,iBAAiB,CAAC,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,CAAC,CAAC;IAE9D,MAAM,QAAQ,GAAG,CACf,UAAkB,EAClB,IAAwC,EACxC,IAA+B,EAC/B,EAAE;QACF,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxC,MAAM,SAAS,GAAG,qBAAqB,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YACvE,IAAI,CAAC,SAAS;gBAAE,SAAS;YACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;YACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC;YACxC,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAChE,MAAM,MAAM,GACV,UAAU,KAAK,EAAE;gBACf,CAAC,CAAC,UAAU,EAAE;gBACd,CAAC,CAAC,UAAU,CACR,KAAK,EACL,UAAU,EACV,QAAQ,CAAC,UAAU,CAAC,CAAC,IAAI,IAAI,iBAAiB,CAAC,UAAU,CAAC,EAC1D,QAAQ,CAAC,UAAU,CAAC,CAAC,OAAO,IAAI,EAAE,CACnC,CAAC;YACR,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;YAC/D,IAAI,MAAM,IAAI,IAAI;gBAAE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC,CAAC;IAEF,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IACrD,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;IAC3D,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,oBAAoB,EAAE,sBAAsB,CAAC,CAAC;IACrE,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC;IAE7D,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,IAAI,OAAO,KAAK,EAAE;YAAE,SAAS;QAC7B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9B,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QACpD,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;QAC1D,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,oBAAoB,EAAE,sBAAsB,CAAC,CAAC;QACpE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO;QACL,KAAK;QACL,KAAK;QACL,OAAO;QACP,YAAY,EAAE,KAAK;QACnB,aAAa;KACd,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe;IACxC,MAAM,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;IACjD,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,OAAO,OAAO,CAAC;IAC/B,OAAO,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,UAAU,CACjB,KAAkC,EAClC,OAAe,EACf,IAAY,EACZ,OAAe;IAEf,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;QAC/B,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO,IAAI,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO;YAAE,OAAO,CAAC,CAAC,EAAE,CAAC;IACrF,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,iBAAiB,CACxB,OAAiB,EACjB,KAAkC,EAClC,aAAoC,EACpC,SAAmB;IAEnB,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,IAAI,UAAU,CAAC;IAC1C,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,IAAI,OAAO,CAAC;IACzC,MAAM,OAAO,GAAG,EAAE,CAAC;IACnB,MAAM,EAAE,GAAG,GAAG,OAAO,KAAK,IAAI,IAAI,GAAG,EAAE,CAAC;IACxC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,GAAmB;YAC3B,EAAE;YACF,OAAO;YACP,IAAI;YACJ,OAAO,EAAE,GAAG;YACZ,GAAG,EAAE,KAAK;YACV,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,KAAK;SACZ,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACd,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC5C,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,UAAU;IACjB,OAAO;QACL,KAAK,EAAE,IAAI,GAAG,EAAE;QAChB,KAAK,EAAE,EAAE;QACT,OAAO,EAAE,EAAE;QACX,YAAY,EAAE,SAAS;QACvB,aAAa,EAAE,IAAI,GAAG,EAAE;KACzB,CAAC;AACJ,CAAC"}
|
|
@@ -7,7 +7,7 @@ export interface GraphIndexes {
|
|
|
7
7
|
}
|
|
8
8
|
export declare function buildIndexes(snapshot: DependencyGraphSnapshot): GraphIndexes;
|
|
9
9
|
/** Shortest path (fewest edges) from any root to target using BFS on reverse graph from target... actually we need path from root to vulnerable: BFS forward from roots */
|
|
10
|
-
export declare function shortestPathFromRoots(snapshot: DependencyGraphSnapshot, indexes: GraphIndexes, targetId: string): string[] | null;
|
|
10
|
+
export declare function shortestPathFromRoots(snapshot: DependencyGraphSnapshot, indexes: GraphIndexes, targetId: string, customRootIds?: string[]): string[] | null;
|
|
11
11
|
export declare function dfsAllPathsWithLimit(indexes: GraphIndexes, fromId: string, toId: string, maxPaths: number, maxDepth: number): string[][];
|
|
12
12
|
export declare function reverseLookupConsumers(indexes: GraphIndexes, packageNodeId: string): string[];
|
|
13
13
|
/** All transitive predecessors (who depends on this) */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"traverse.d.ts","sourceRoot":"","sources":["../../../src/core/graph-engine/traverse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,KAAK,EAAE,uBAAuB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAE5E,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,KAAK,CAAC;IACf,OAAO,EAAE,KAAK,CAAC;IACf,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,cAAc,EAAE,cAAc,CAAC,CAAC;CAC9D;AAED,wBAAgB,YAAY,CAAC,QAAQ,EAAE,uBAAuB,GAAG,YAAY,CAkB5E;AAED,2KAA2K;AAC3K,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,uBAAuB,EACjC,OAAO,EAAE,YAAY,EACrB,QAAQ,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"traverse.d.ts","sourceRoot":"","sources":["../../../src/core/graph-engine/traverse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,KAAK,EAAE,uBAAuB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAE5E,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,KAAK,CAAC;IACf,OAAO,EAAE,KAAK,CAAC;IACf,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,cAAc,EAAE,cAAc,CAAC,CAAC;CAC9D;AAED,wBAAgB,YAAY,CAAC,QAAQ,EAAE,uBAAuB,GAAG,YAAY,CAkB5E;AAED,2KAA2K;AAC3K,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,uBAAuB,EACjC,OAAO,EAAE,YAAY,EACrB,QAAQ,EAAE,MAAM,EAChB,aAAa,CAAC,EAAE,MAAM,EAAE,GACvB,MAAM,EAAE,GAAG,IAAI,CAuCjB;AAED,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,YAAY,EACrB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACf,MAAM,EAAE,EAAE,CAoBZ;AAED,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,YAAY,EACrB,aAAa,EAAE,MAAM,GACpB,MAAM,EAAE,CAGV;AAED,wDAAwD;AACxD,wBAAgB,SAAS,CAAC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CAUnF;AAED,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,uBAAuB,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAY7F;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,MAAM,CAO7F"}
|
|
@@ -19,11 +19,12 @@ export function buildIndexes(snapshot) {
|
|
|
19
19
|
return { forward, reverse, nodeById };
|
|
20
20
|
}
|
|
21
21
|
/** Shortest path (fewest edges) from any root to target using BFS on reverse graph from target... actually we need path from root to vulnerable: BFS forward from roots */
|
|
22
|
-
export function shortestPathFromRoots(snapshot, indexes, targetId) {
|
|
22
|
+
export function shortestPathFromRoots(snapshot, indexes, targetId, customRootIds) {
|
|
23
23
|
const { forward } = indexes;
|
|
24
24
|
if (!forward.hasNode(targetId))
|
|
25
25
|
return null;
|
|
26
|
-
const
|
|
26
|
+
const rootList = customRootIds && customRootIds.length > 0 ? customRootIds : snapshot.rootIds;
|
|
27
|
+
const roots = new Set(rootList.filter((r) => forward.hasNode(r)));
|
|
27
28
|
if (roots.size === 0) {
|
|
28
29
|
for (const n of forward.nodes()) {
|
|
29
30
|
const preds = forward.predecessors(n) ?? [];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"traverse.js","sourceRoot":"","sources":["../../../src/core/graph-engine/traverse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AASjC,MAAM,UAAU,YAAY,CAAC,QAAiC;IAC5D,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEzC,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QACtC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACnB,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;YAAE,SAAS;QACjE,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;YAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACzE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC;YAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC3E,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;AACxC,CAAC;AAED,2KAA2K;AAC3K,MAAM,UAAU,qBAAqB,CACnC,QAAiC,EACjC,OAAqB,EACrB,QAAgB;
|
|
1
|
+
{"version":3,"file":"traverse.js","sourceRoot":"","sources":["../../../src/core/graph-engine/traverse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AASjC,MAAM,UAAU,YAAY,CAAC,QAAiC;IAC5D,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEzC,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QACtC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACnB,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;YAAE,SAAS;QACjE,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;YAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACzE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC;YAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC3E,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;AACxC,CAAC;AAED,2KAA2K;AAC3K,MAAM,UAAU,qBAAqB,CACnC,QAAiC,EACjC,OAAqB,EACrB,QAAgB,EAChB,aAAwB;IAExB,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAC5B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,MAAM,QAAQ,GAAG,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;IAC9F,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,IAAI,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAa,CAAC,GAAG,KAAK,CAAC,CAAC;IACnC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAyB,CAAC;IAC9C,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IACzC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAE5B,OAAO,KAAK,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,EAAG,CAAC;QACzB,IAAI,CAAC,KAAK,QAAQ;YAAE,MAAM;QAC1B,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACrB,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;gBAAE,SAAS;YAC1B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACZ,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,CAAC;IACH,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,IAAI,GAAG,GAAkB,QAAQ,CAAC;IAClC,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC;QACnB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACf,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IAC9B,CAAC;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;IACf,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,OAAqB,EACrB,MAAc,EACd,IAAY,EACZ,QAAgB,EAChB,QAAgB;IAEhB,MAAM,KAAK,GAAe,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAa,CAAC,MAAM,CAAC,CAAC;IAEhC,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,KAAa,EAAE,EAAE;QACzC,IAAI,KAAK,CAAC,MAAM,IAAI,QAAQ;YAAE,OAAO;QACrC,IAAI,KAAK,GAAG,QAAQ;YAAE,OAAO;QAC7B,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;YACtB,OAAO;QACT,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACb,KAAK,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,EAAE,CAAC;QACb,CAAC;IACH,CAAC,CAAC;IAEF,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACjB,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,OAAqB,EACrB,aAAqB;IAErB,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,OAAO,EAAE,CAAC;IACvD,OAAO,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;AACzD,CAAC;AAED,wDAAwD;AACxD,MAAM,UAAU,SAAS,CAAC,OAAqB,EAAE,aAAqB;IACpE,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;IAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,sBAAsB,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;IAC9D,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAC;QACnB,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,SAAS;QACzB,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACX,KAAK,MAAM,CAAC,IAAI,sBAAsB,CAAC,OAAO,EAAE,CAAC,CAAC;YAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,QAAiC;IACjE,MAAM,CAAC,GAAG,IAAI,GAAG,EAAuB,CAAC;IACzC,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,EAAU,CAAC;QAC7C,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QACjB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC3C,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,IAAI,GAAG,CAAC;YAAE,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAAiB,EAAE,KAAkC;IACnF,OAAO,OAAO;SACX,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QACV,MAAM,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACxB,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3C,CAAC,CAAC;SACD,IAAI,CAAC,KAAK,CAAC,CAAC;AACjB,CAAC"}
|
package/dist/core/models.d.ts
CHANGED
|
@@ -7,8 +7,12 @@ export interface VulnerabilityFinding {
|
|
|
7
7
|
versions?: string[];
|
|
8
8
|
/** Semver range affected per advisory */
|
|
9
9
|
vulnerableRange?: string;
|
|
10
|
-
/** Suggested patched range
|
|
10
|
+
/** Suggested patched range for this package (advisory patched_versions) */
|
|
11
11
|
patchedRange?: string;
|
|
12
|
+
/** npm audit fixAvailable: upgrade this package to fix the finding */
|
|
13
|
+
fixViaPackage?: string;
|
|
14
|
+
fixViaVersion?: string;
|
|
15
|
+
fixIsSemVerMajor?: boolean;
|
|
12
16
|
severity: Severity;
|
|
13
17
|
title?: string;
|
|
14
18
|
url?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"models.d.ts","sourceRoot":"","sources":["../../src/core/models.ts"],"names":[],"mappings":"AAAA,yEAAyE;AACzE,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;AAEzE,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,sDAAsD;IACtD,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,yCAAyC;IACzC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,
|
|
1
|
+
{"version":3,"file":"models.d.ts","sourceRoot":"","sources":["../../src/core/models.ts"],"names":[],"mappings":"AAAA,yEAAyE;AACzE,MAAM,MAAM,QAAQ,GAAG,MAAM,GAAG,KAAK,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;AAEzE,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,sDAAsD;IACtD,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,yCAAyC;IACzC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,2EAA2E;IAC3E,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,sEAAsE;IACtE,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,QAAQ,EAAE,QAAQ,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,0CAA0C;IAC1C,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;CACtB;AAED,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,0CAA0C;IAC1C,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,OAAO,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;IAClB,IAAI,EAAE,OAAO,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,cAAc,GAAG,iBAAiB,GAAG,sBAAsB,GAAG,kBAAkB,CAAC;CAC3F;AAED,MAAM,WAAW,uBAAuB;IACtC,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IACnC,KAAK,EAAE,cAAc,EAAE,CAAC;IACxB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,YAAY,EAAE,KAAK,GAAG,MAAM,GAAG,cAAc,GAAG,SAAS,CAAC;IAC1D,qEAAqE;IACrE,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;CACtC;AAED,MAAM,MAAM,oBAAoB,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAE7D,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,oBAAoB,CAAC;IAC/B,mCAAmC;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IACjC,KAAK,EAAE,uBAAuB,GAAG,IAAI,CAAC;IACtC,WAAW,EAAE,YAAY,EAAE,CAAC;IAC5B,WAAW,EAAE,qBAAqB,EAAE,CAAC;CACtC;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,WAAW,GAAG,aAAa,GAAG,SAAS,CAAC;IAC9C,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,CAAC;IACtB,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iCAAiC;IACjC,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACzC;AAED,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,OAAO,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,KAAK,EAAE;QAAE,EAAE,CAAC,EAAE,OAAO,CAAC;QAAC,KAAK,CAAC,EAAE,OAAO,CAAC;QAAC,aAAa,CAAC,EAAE,OAAO,CAAC;QAAC,aAAa,CAAC,EAAE,OAAO,CAAC;QAAC,cAAc,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;CACtH;AAED,eAAO,MAAM,QAAQ;;;;;;;CAOX,CAAC"}
|
package/dist/core/models.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"models.js","sourceRoot":"","sources":["../../src/core/models.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"models.js","sourceRoot":"","sources":["../../src/core/models.ts"],"names":[],"mappings":"AAuFA,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,WAAW,EAAE,aAAa;IAC1B,cAAc,EAAE,gBAAgB;IAChC,UAAU,EAAE,YAAY;IACxB,qBAAqB,EAAE,uBAAuB;IAC9C,WAAW,EAAE,aAAa;IAC1B,gBAAgB,EAAE,kBAAkB;CAC5B,CAAC"}
|
|
@@ -11,6 +11,6 @@ export interface OwnershipPath {
|
|
|
11
11
|
isPeer: boolean;
|
|
12
12
|
}
|
|
13
13
|
export declare function matchNodesForFinding(graph: DependencyGraphSnapshot, finding: VulnerabilityFinding): DependencyNode[];
|
|
14
|
-
export declare function traceOwnership(graph: DependencyGraphSnapshot, findings: VulnerabilityFinding[]): OwnershipPath[];
|
|
14
|
+
export declare function traceOwnership(graph: DependencyGraphSnapshot, findings: VulnerabilityFinding[], customRootIds?: string[]): OwnershipPath[];
|
|
15
15
|
export declare function duplicatePackageReport(graph: DependencyGraphSnapshot): Map<string, Set<string>>;
|
|
16
16
|
//# sourceMappingURL=tracer.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tracer.d.ts","sourceRoot":"","sources":["../../../src/core/ownership/tracer.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,uBAAuB,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAGlG,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,uBAAuB,EAC9B,OAAO,EAAE,oBAAoB,GAC5B,cAAc,EAAE,CAsBlB;AAED,wBAAgB,cAAc,CAC5B,KAAK,EAAE,uBAAuB,EAC9B,QAAQ,EAAE,oBAAoB,EAAE,
|
|
1
|
+
{"version":3,"file":"tracer.d.ts","sourceRoot":"","sources":["../../../src/core/ownership/tracer.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,uBAAuB,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAGlG,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,uBAAuB,EAC9B,OAAO,EAAE,oBAAoB,GAC5B,cAAc,EAAE,CAsBlB;AAED,wBAAgB,cAAc,CAC5B,KAAK,EAAE,uBAAuB,EAC9B,QAAQ,EAAE,oBAAoB,EAAE,EAChC,aAAa,CAAC,EAAE,MAAM,EAAE,GACvB,aAAa,EAAE,CA0BjB;AAcD,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,uBAAuB,4BAEpE"}
|
|
@@ -21,13 +21,13 @@ export function matchNodesForFinding(graph, finding) {
|
|
|
21
21
|
}
|
|
22
22
|
return filtered;
|
|
23
23
|
}
|
|
24
|
-
export function traceOwnership(graph, findings) {
|
|
24
|
+
export function traceOwnership(graph, findings, customRootIds) {
|
|
25
25
|
const indexes = buildIndexes(graph);
|
|
26
26
|
const out = [];
|
|
27
27
|
for (const f of findings) {
|
|
28
28
|
const matched = matchNodesForFinding(graph, f);
|
|
29
29
|
for (const node of matched) {
|
|
30
|
-
const sp = shortestPathFromRoots(graph, indexes, node.id);
|
|
30
|
+
const sp = shortestPathFromRoots(graph, indexes, node.id, customRootIds);
|
|
31
31
|
if (!sp || sp.length < 2)
|
|
32
32
|
continue;
|
|
33
33
|
const topNode = sp.length >= 2 ? graph.nodes.get(sp[1]) : undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tracer.js","sourceRoot":"","sources":["../../../src/core/ownership/tracer.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAcrG,MAAM,UAAU,oBAAoB,CAClC,KAA8B,EAC9B,OAA6B;IAE7B,MAAM,KAAK,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;IACjE,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACtE,MAAM,KAAK,GAAG,OAAO,CAAC,eAAe,CAAC;IACtC,MAAM,QAAQ,GAAG,KAAK;QACpB,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACjB,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC;YACzE,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC,CAAC;QACJ,CAAC,CAAC,KAAK,CAAC;IAEV,IAAI,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC;QAC9B,MAAM,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACrC,OAAO,CAAC,SAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAClG,CAAC;QACF,IAAI,WAAW,CAAC,MAAM;YAAE,OAAO,WAAW,CAAC;IAC7C,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,KAA8B,EAC9B,QAAgC;
|
|
1
|
+
{"version":3,"file":"tracer.js","sourceRoot":"","sources":["../../../src/core/ownership/tracer.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AAcrG,MAAM,UAAU,oBAAoB,CAClC,KAA8B,EAC9B,OAA6B;IAE7B,MAAM,KAAK,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;IACjE,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACtE,MAAM,KAAK,GAAG,OAAO,CAAC,eAAe,CAAC;IACtC,MAAM,QAAQ,GAAG,KAAK;QACpB,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YACjB,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC,CAAC;YACzE,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC,CAAC;QACJ,CAAC,CAAC,KAAK,CAAC;IAEV,IAAI,OAAO,CAAC,SAAS,EAAE,MAAM,EAAE,CAAC;QAC9B,MAAM,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACrC,OAAO,CAAC,SAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAClG,CAAC;QACF,IAAI,WAAW,CAAC,MAAM;YAAE,OAAO,WAAW,CAAC;IAC7C,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,KAA8B,EAC9B,QAAgC,EAChC,aAAwB;IAExB,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IACpC,MAAM,GAAG,GAAoB,EAAE,CAAC;IAEhC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,oBAAoB,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC/C,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;YAC3B,MAAM,EAAE,GAAG,qBAAqB,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,EAAE,aAAa,CAAC,CAAC;YACzE,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC;gBAAE,SAAS;YACnC,MAAM,OAAO,GAAG,EAAE,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;YACrE,MAAM,QAAQ,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/C,GAAG,CAAC,IAAI,CAAC;gBACP,SAAS,EAAE,CAAC,CAAC,EAAE;gBACf,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,WAAW,EAAE,EAAE;gBACf,aAAa,EAAE,QAAQ;gBACvB,eAAe,EAAE,IAAI,CAAC,GAAG;gBACzB,UAAU,EAAE,IAAI,CAAC,QAAQ;gBACzB,MAAM,EAAE,IAAI,CAAC,IAAI;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,eAAe,CAAC,IAAqB;IAC5C,MAAM,CAAC,GAAG,IAAI,GAAG,EAAU,CAAC;IAC5B,MAAM,GAAG,GAAoB,EAAE,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,SAAS,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC;QAC1C,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QACzB,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACX,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,KAA8B;IACnE,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC;AAClC,CAAC"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
1
|
import type { RemediationSuggestion, VulnerabilityFinding } from "../models.js";
|
|
2
2
|
export declare function suggestRemediation(findings: VulnerabilityFinding[]): RemediationSuggestion[];
|
|
3
|
+
export declare function coerceConstraint(patched: string): string;
|
|
3
4
|
//# sourceMappingURL=engine.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../../src/core/remediation-engine/engine.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAGhF,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,oBAAoB,EAAE,GAAG,qBAAqB,EAAE,
|
|
1
|
+
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../../src/core/remediation-engine/engine.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAGhF,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,oBAAoB,EAAE,GAAG,qBAAqB,EAAE,CAgC5F;AAED,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAOxD"}
|
|
@@ -2,11 +2,22 @@ import semver from "semver";
|
|
|
2
2
|
export function suggestRemediation(findings) {
|
|
3
3
|
const out = [];
|
|
4
4
|
for (const f of findings) {
|
|
5
|
+
if (f.fixViaPackage && f.fixViaVersion) {
|
|
6
|
+
const constraint = coerceConstraint(`>=${f.fixViaVersion}`);
|
|
7
|
+
const majorNote = f.fixIsSemVerMajor ? " (semver-major)" : "";
|
|
8
|
+
out.push({
|
|
9
|
+
kind: "upgrade",
|
|
10
|
+
reason: `Upgrade \`${f.fixViaPackage}\` to ${constraint}${majorNote} to fix \`${f.packageName}\``,
|
|
11
|
+
targetPackage: f.fixViaPackage,
|
|
12
|
+
constraint,
|
|
13
|
+
});
|
|
14
|
+
continue;
|
|
15
|
+
}
|
|
5
16
|
if (f.patchedRange) {
|
|
6
17
|
const constraint = coerceConstraint(f.patchedRange);
|
|
7
18
|
out.push({
|
|
8
19
|
kind: "overrides",
|
|
9
|
-
reason: `
|
|
20
|
+
reason: `Pin \`${f.packageName}\` to patched range: ${f.patchedRange}`,
|
|
10
21
|
targetPackage: f.packageName,
|
|
11
22
|
constraint,
|
|
12
23
|
manifestPatch: { overrides: { [f.packageName]: constraint } },
|
|
@@ -21,22 +32,36 @@ export function suggestRemediation(findings) {
|
|
|
21
32
|
}
|
|
22
33
|
return dedupeRem(out);
|
|
23
34
|
}
|
|
24
|
-
function coerceConstraint(patched) {
|
|
25
|
-
const
|
|
35
|
+
export function coerceConstraint(patched) {
|
|
36
|
+
const cleaned = patched.replace(/\s*\(semver-major\)\s*/gi, "").trim();
|
|
37
|
+
const first = cleaned.split(",").map((s) => s.trim()).filter(Boolean)[0];
|
|
26
38
|
if (!first)
|
|
27
|
-
return
|
|
39
|
+
return cleaned;
|
|
28
40
|
if (semver.validRange(first))
|
|
29
41
|
return first;
|
|
30
|
-
const v = semver.coerce(first);
|
|
31
|
-
return v ? `>=${v.version}` :
|
|
42
|
+
const v = semver.coerce(first.replace(/^>=/, ""));
|
|
43
|
+
return v ? `>=${v.version}` : cleaned;
|
|
32
44
|
}
|
|
33
45
|
function dedupeRem(s) {
|
|
34
46
|
const m = new Map();
|
|
35
47
|
for (const x of s) {
|
|
36
48
|
const k = `${x.kind}:${x.targetPackage}`;
|
|
37
|
-
|
|
49
|
+
const prev = m.get(k);
|
|
50
|
+
if (!prev) {
|
|
38
51
|
m.set(k, x);
|
|
52
|
+
continue;
|
|
53
|
+
}
|
|
54
|
+
if (x.kind === "upgrade" && prev.kind === "upgrade" && x.constraint && prev.constraint) {
|
|
55
|
+
m.set(k, pickHigherConstraint(prev, x));
|
|
56
|
+
}
|
|
39
57
|
}
|
|
40
58
|
return [...m.values()];
|
|
41
59
|
}
|
|
60
|
+
function pickHigherConstraint(a, b) {
|
|
61
|
+
const va = semver.coerce(a.constraint.replace(/^>=/, ""));
|
|
62
|
+
const vb = semver.coerce(b.constraint.replace(/^>=/, ""));
|
|
63
|
+
if (va && vb)
|
|
64
|
+
return semver.gt(va, vb) ? b : a;
|
|
65
|
+
return a;
|
|
66
|
+
}
|
|
42
67
|
//# sourceMappingURL=engine.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../../src/core/remediation-engine/engine.ts"],"names":[],"mappings":"AACA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,MAAM,UAAU,kBAAkB,CAAC,QAAgC;IACjE,MAAM,GAAG,GAA4B,EAAE,CAAC;IACxC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,YAAY,EAAE,CAAC;YACnB,MAAM,UAAU,GAAG,gBAAgB,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;YACpD,GAAG,CAAC,IAAI,CAAC;gBACP,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../../src/core/remediation-engine/engine.ts"],"names":[],"mappings":"AACA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,MAAM,UAAU,kBAAkB,CAAC,QAAgC;IACjE,MAAM,GAAG,GAA4B,EAAE,CAAC;IACxC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;YACvC,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC,aAAa,EAAE,CAAC,CAAC;YAC5D,MAAM,SAAS,GAAG,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9D,GAAG,CAAC,IAAI,CAAC;gBACP,IAAI,EAAE,SAAS;gBACf,MAAM,EAAE,aAAa,CAAC,CAAC,aAAa,SAAS,UAAU,GAAG,SAAS,aAAa,CAAC,CAAC,WAAW,IAAI;gBACjG,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,UAAU;aACX,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,IAAI,CAAC,CAAC,YAAY,EAAE,CAAC;YACnB,MAAM,UAAU,GAAG,gBAAgB,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;YACpD,GAAG,CAAC,IAAI,CAAC;gBACP,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,SAAS,CAAC,CAAC,WAAW,wBAAwB,CAAC,CAAC,YAAY,EAAE;gBACtE,aAAa,EAAE,CAAC,CAAC,WAAW;gBAC5B,UAAU;gBACV,aAAa,EAAE,EAAE,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,UAAU,EAAE,EAAE;aAC9D,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,GAAG,CAAC,IAAI,CAAC;YACP,IAAI,EAAE,SAAS;YACf,MAAM,EAAE,4GAA4G;YACpH,aAAa,EAAE,CAAC,CAAC,WAAW;SAC7B,CAAC,CAAC;IACL,CAAC;IACD,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC;AACxB,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACvE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IACzE,IAAI,CAAC,KAAK;QAAE,OAAO,OAAO,CAAC;IAC3B,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC;IAClD,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;AACxC,CAAC;AAED,SAAS,SAAS,CAAC,CAA0B;IAC3C,MAAM,CAAC,GAAG,IAAI,GAAG,EAAiC,CAAC;IACnD,KAAK,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;QAClB,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;QACzC,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACZ,SAAS;QACX,CAAC;QACD,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACvF,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,oBAAoB,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;AACzB,CAAC;AAED,SAAS,oBAAoB,CAAC,CAAwB,EAAE,CAAwB;IAC9E,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,UAAW,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3D,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,UAAW,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3D,IAAI,EAAE,IAAI,EAAE;QAAE,OAAO,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,CAAC;AACX,CAAC"}
|
|
@@ -1,3 +1,10 @@
|
|
|
1
1
|
import type { WorkspaceInfo } from "../models.js";
|
|
2
|
-
export declare function
|
|
2
|
+
export declare function findWorkspaceRoot(cwd: string): Promise<{
|
|
3
|
+
rootDir: string;
|
|
4
|
+
isSubpackage: boolean;
|
|
5
|
+
subpackagePath?: string;
|
|
6
|
+
}>;
|
|
7
|
+
export declare function detectWorkspaces(cwd: string): Promise<WorkspaceInfo & {
|
|
8
|
+
subpackagePath?: string;
|
|
9
|
+
}>;
|
|
3
10
|
//# sourceMappingURL=detect.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"detect.d.ts","sourceRoot":"","sources":["../../../src/core/workspace-engine/detect.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"detect.d.ts","sourceRoot":"","sources":["../../../src/core/workspace-engine/detect.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAelD,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,OAAO,CAAC;IAAC,cAAc,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CAkBjI;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG;IAAE,cAAc,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,CA0ExG"}
|
|
@@ -1,6 +1,40 @@
|
|
|
1
|
-
import { readFile, access } from "node:fs/promises";
|
|
2
|
-
import { join } from "node:path";
|
|
3
|
-
|
|
1
|
+
import { readFile, access, readdir } from "node:fs/promises";
|
|
2
|
+
import { join, dirname, resolve, relative } from "node:path";
|
|
3
|
+
async function hasLockfile(dir) {
|
|
4
|
+
const lockfiles = ["package-lock.json", "pnpm-lock.yaml", "yarn.lock"];
|
|
5
|
+
for (const f of lockfiles) {
|
|
6
|
+
try {
|
|
7
|
+
await access(join(dir, f));
|
|
8
|
+
return true;
|
|
9
|
+
}
|
|
10
|
+
catch {
|
|
11
|
+
// ignore
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
return false;
|
|
15
|
+
}
|
|
16
|
+
export async function findWorkspaceRoot(cwd) {
|
|
17
|
+
let current = resolve(cwd);
|
|
18
|
+
while (true) {
|
|
19
|
+
if (await hasLockfile(current)) {
|
|
20
|
+
if (current === resolve(cwd)) {
|
|
21
|
+
return { rootDir: current, isSubpackage: false };
|
|
22
|
+
}
|
|
23
|
+
return {
|
|
24
|
+
rootDir: current,
|
|
25
|
+
isSubpackage: true,
|
|
26
|
+
subpackagePath: relative(current, cwd),
|
|
27
|
+
};
|
|
28
|
+
}
|
|
29
|
+
const parent = dirname(current);
|
|
30
|
+
if (parent === current)
|
|
31
|
+
break;
|
|
32
|
+
current = parent;
|
|
33
|
+
}
|
|
34
|
+
return { rootDir: resolve(cwd), isSubpackage: false };
|
|
35
|
+
}
|
|
36
|
+
export async function detectWorkspaces(cwd) {
|
|
37
|
+
const { rootDir, isSubpackage, subpackagePath } = await findWorkspaceRoot(cwd);
|
|
4
38
|
const pkgPath = join(rootDir, "package.json");
|
|
5
39
|
const tools = {};
|
|
6
40
|
let pkg = {};
|
|
@@ -13,16 +47,15 @@ export async function detectWorkspaces(rootDir) {
|
|
|
13
47
|
rootDir,
|
|
14
48
|
packagePaths: [pkgPath],
|
|
15
49
|
tools,
|
|
50
|
+
subpackagePath,
|
|
16
51
|
};
|
|
17
52
|
}
|
|
18
53
|
const workspaces = pkg.workspaces;
|
|
19
54
|
const hasNpmWs = Array.isArray(workspaces) || (typeof workspaces === "object" && workspaces !== null);
|
|
20
55
|
if (hasNpmWs)
|
|
21
56
|
tools.npmWorkspaces = true;
|
|
22
|
-
let pnpmWs = false;
|
|
23
57
|
try {
|
|
24
58
|
await access(join(rootDir, "pnpm-workspace.yaml"));
|
|
25
|
-
pnpmWs = true;
|
|
26
59
|
tools.pnpmWorkspace = true;
|
|
27
60
|
}
|
|
28
61
|
catch {
|
|
@@ -42,12 +75,35 @@ export async function detectWorkspaces(rootDir) {
|
|
|
42
75
|
catch {
|
|
43
76
|
/* no */
|
|
44
77
|
}
|
|
45
|
-
const isMonorepo = Boolean(tools.npmWorkspaces || tools.pnpmWorkspace || tools.nx || tools.turbo);
|
|
78
|
+
const isMonorepo = Boolean(tools.npmWorkspaces || tools.pnpmWorkspace || tools.nx || tools.turbo || isSubpackage);
|
|
79
|
+
const packagePaths = [pkgPath];
|
|
80
|
+
if (isMonorepo) {
|
|
81
|
+
try {
|
|
82
|
+
const pkgsDir = join(rootDir, "packages");
|
|
83
|
+
const entries = await readdir(pkgsDir, { withFileTypes: true }).catch(() => []);
|
|
84
|
+
for (const entry of entries) {
|
|
85
|
+
if (entry.isDirectory()) {
|
|
86
|
+
const subPkgPath = join(pkgsDir, entry.name, "package.json");
|
|
87
|
+
try {
|
|
88
|
+
await access(subPkgPath);
|
|
89
|
+
packagePaths.push(subPkgPath);
|
|
90
|
+
}
|
|
91
|
+
catch {
|
|
92
|
+
// no package.json in this directory
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
catch {
|
|
98
|
+
// packages dir doesn't exist
|
|
99
|
+
}
|
|
100
|
+
}
|
|
46
101
|
return {
|
|
47
102
|
isMonorepo,
|
|
48
103
|
rootDir,
|
|
49
|
-
packagePaths
|
|
104
|
+
packagePaths,
|
|
50
105
|
tools,
|
|
106
|
+
subpackagePath,
|
|
51
107
|
};
|
|
52
108
|
}
|
|
53
109
|
//# sourceMappingURL=detect.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"detect.js","sourceRoot":"","sources":["../../../src/core/workspace-engine/detect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"detect.js","sourceRoot":"","sources":["../../../src/core/workspace-engine/detect.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAC7D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAG7D,KAAK,UAAU,WAAW,CAAC,GAAW;IACpC,MAAM,SAAS,GAAG,CAAC,mBAAmB,EAAE,gBAAgB,EAAE,WAAW,CAAC,CAAC;IACvE,KAAK,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3B,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,GAAW;IACjD,IAAI,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAC3B,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,MAAM,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,IAAI,OAAO,KAAK,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;YACnD,CAAC;YACD,OAAO;gBACL,OAAO,EAAE,OAAO;gBAChB,YAAY,EAAE,IAAI;gBAClB,cAAc,EAAE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC;aACvC,CAAC;QACJ,CAAC;QACD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,MAAM,KAAK,OAAO;YAAE,MAAM;QAC9B,OAAO,GAAG,MAAM,CAAC;IACnB,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;AACxD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAW;IAChD,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAC/E,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IAC9C,MAAM,KAAK,GAA2B,EAAE,CAAC;IACzC,IAAI,GAAG,GAA4B,EAAE,CAAC;IACtC,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAA4B,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO;YACP,YAAY,EAAE,CAAC,OAAO,CAAC;YACvB,KAAK;YACL,cAAc;SACf,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,CAAC;IAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,KAAK,IAAI,CAAC,CAAC;IACtG,IAAI,QAAQ;QAAE,KAAK,CAAC,aAAa,GAAG,IAAI,CAAC;IAEzC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC,CAAC;QACnD,KAAK,CAAC,aAAa,GAAG,IAAI,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,QAAQ;IACV,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;QACvC,KAAK,CAAC,EAAE,GAAG,IAAI,CAAC;IAClB,CAAC;IAAC,MAAM,CAAC;QACP,QAAQ;IACV,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAC;QAC1C,KAAK,CAAC,KAAK,GAAG,IAAI,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,QAAQ;IACV,CAAC;IAED,MAAM,UAAU,GAAG,OAAO,CACxB,KAAK,CAAC,aAAa,IAAI,KAAK,CAAC,aAAa,IAAI,KAAK,CAAC,EAAE,IAAI,KAAK,CAAC,KAAK,IAAI,YAAY,CACtF,CAAC;IAEF,MAAM,YAAY,GAAG,CAAC,OAAO,CAAC,CAAC;IAC/B,IAAI,UAAU,EAAE,CAAC;QACf,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YAC1C,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YAChF,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;oBACxB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;oBAC7D,IAAI,CAAC;wBACH,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;wBACzB,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;oBAChC,CAAC;oBAAC,MAAM,CAAC;wBACP,oCAAoC;oBACtC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,6BAA6B;QAC/B,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU;QACV,OAAO;QACP,YAAY;QACZ,KAAK;QACL,cAAc;KACf,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../src/lib/analyze.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAwB,MAAM,mBAAmB,CAAC;AAQ3E,OAAO,EAAkB,KAAK,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjF,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAgB,KAAK,QAAQ,EAAE,MAAM,mCAAmC,CAAC;AAIhF,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,EAAE,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC;IAC7B,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC5B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAgBD,wBAAsB,OAAO,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC;IAC3D,MAAM,EAAE,WAAW,CAAC;IACpB,SAAS,EAAE,aAAa,EAAE,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC,CAAC;CACzD,CAAC,
|
|
1
|
+
{"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../src/lib/analyze.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAwB,MAAM,mBAAmB,CAAC;AAQ3E,OAAO,EAAkB,KAAK,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjF,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAgB,KAAK,QAAQ,EAAE,MAAM,mCAAmC,CAAC;AAIhF,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,EAAE,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,MAAM,CAAC;IAC7B,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC5B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAgBD,wBAAsB,OAAO,CAAC,IAAI,EAAE,cAAc,GAAG,OAAO,CAAC;IAC3D,MAAM,EAAE,WAAW,CAAC;IACpB,SAAS,EAAE,aAAa,EAAE,CAAC;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC,CAAC;CACzD,CAAC,CAwID"}
|
package/dist/lib/analyze.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { readFile } from "node:fs/promises";
|
|
2
|
-
import { resolve } from "node:path";
|
|
2
|
+
import { resolve, join } from "node:path";
|
|
3
3
|
import { loadLockfileGraph } from "../core/graph-engine/load-lockfile.js";
|
|
4
4
|
import { parseNpmAuditJson, parsePnpmAuditJson, parseYarnAuditJsonLines, } from "../core/audit-parser/normalize.js";
|
|
5
5
|
import { runNpmAudit, runPnpmAudit, runYarnAudit } from "../core/audit-parser/run-audit.js";
|
|
@@ -27,7 +27,7 @@ function parseAuditText(text, defaultPm) {
|
|
|
27
27
|
export async function analyze(opts) {
|
|
28
28
|
const cwd = resolve(opts.cwd);
|
|
29
29
|
const workspace = await detectWorkspaces(cwd);
|
|
30
|
-
const { graph, lock } = await loadLockfileGraph(
|
|
30
|
+
const { graph, lock } = await loadLockfileGraph(workspace.rootDir);
|
|
31
31
|
for (const p of getPlugins())
|
|
32
32
|
p.afterGraphBuilt?.(graph);
|
|
33
33
|
let auditText = "";
|
|
@@ -39,11 +39,11 @@ export async function analyze(opts) {
|
|
|
39
39
|
else {
|
|
40
40
|
try {
|
|
41
41
|
if (defaultPm === "pnpm")
|
|
42
|
-
auditText = await runPnpmAudit(
|
|
42
|
+
auditText = await runPnpmAudit(workspace.rootDir);
|
|
43
43
|
else if (defaultPm === "yarn")
|
|
44
|
-
auditText = await runYarnAudit(
|
|
44
|
+
auditText = await runYarnAudit(workspace.rootDir);
|
|
45
45
|
else
|
|
46
|
-
auditText = await runNpmAudit(
|
|
46
|
+
auditText = await runNpmAudit(workspace.rootDir);
|
|
47
47
|
}
|
|
48
48
|
catch {
|
|
49
49
|
auditText = "{}";
|
|
@@ -53,7 +53,51 @@ export async function analyze(opts) {
|
|
|
53
53
|
let findings = parseAuditText(auditText, defaultPm);
|
|
54
54
|
for (const p of getPlugins())
|
|
55
55
|
p.afterAuditNormalized?.(findings);
|
|
56
|
-
let
|
|
56
|
+
let subpackageName;
|
|
57
|
+
if (workspace.subpackagePath) {
|
|
58
|
+
try {
|
|
59
|
+
const subPkgContent = await readFile(join(workspace.rootDir, workspace.subpackagePath, "package.json"), "utf8");
|
|
60
|
+
const subPkgJson = JSON.parse(subPkgContent);
|
|
61
|
+
if (typeof subPkgJson.name === "string") {
|
|
62
|
+
subpackageName = subPkgJson.name;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
catch {
|
|
66
|
+
// ignore
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
let targetRootIds;
|
|
70
|
+
if (workspace.subpackagePath) {
|
|
71
|
+
targetRootIds = [];
|
|
72
|
+
if (graph.lockfileKind === "pnpm") {
|
|
73
|
+
const pnpmRootId = `importer:${workspace.subpackagePath}`;
|
|
74
|
+
if (graph.nodes.has(pnpmRootId)) {
|
|
75
|
+
targetRootIds.push(pnpmRootId);
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
if (subpackageName) {
|
|
79
|
+
const nameIds = graph.byPackageName.get(subpackageName) ?? [];
|
|
80
|
+
for (const id of nameIds) {
|
|
81
|
+
if (!targetRootIds.includes(id))
|
|
82
|
+
targetRootIds.push(id);
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
const normalizedSubPath = workspace.subpackagePath.replace(/\\/g, "/");
|
|
86
|
+
for (const [id, node] of graph.nodes.entries()) {
|
|
87
|
+
const normalizedPathKey = node.pathKey.replace(/\\/g, "/");
|
|
88
|
+
if (normalizedPathKey === normalizedSubPath ||
|
|
89
|
+
normalizedPathKey.startsWith(normalizedSubPath + "/") ||
|
|
90
|
+
normalizedSubPath.startsWith(normalizedPathKey + "/")) {
|
|
91
|
+
if (!targetRootIds.includes(id))
|
|
92
|
+
targetRootIds.push(id);
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
let ownership = graph.nodes.size ? traceOwnership(graph, findings, targetRootIds) : [];
|
|
97
|
+
if (workspace.subpackagePath) {
|
|
98
|
+
const findingIdsWithPaths = new Set(ownership.map((o) => o.findingId));
|
|
99
|
+
findings = findings.filter((f) => findingIdsWithPaths.has(f.id));
|
|
100
|
+
}
|
|
57
101
|
let filteredCount = 0;
|
|
58
102
|
if (opts.prodOnly) {
|
|
59
103
|
const before = findings.length;
|
package/dist/lib/analyze.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyze.js","sourceRoot":"","sources":["../../src/lib/analyze.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"analyze.js","sourceRoot":"","sources":["../../src/lib/analyze.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,uCAAuC,CAAC;AAC1E,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,uBAAuB,GACxB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,mCAAmC,CAAC;AAC5F,OAAO,EAAE,cAAc,EAAsB,MAAM,6BAA6B,CAAC;AACjF,OAAO,EAAE,kBAAkB,EAAE,MAAM,sCAAsC,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAE,YAAY,EAAiB,MAAM,mCAAmC,CAAC;AAChF,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,6CAA6C,CAAC;AAcpF,SAAS,cAAc,CAAC,IAAY,EAAE,SAAkC;IACtE,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IACtB,IAAI,CAAC,CAAC,QAAQ,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,yBAAyB,CAAC,EAAE,CAAC;QAClF,OAAO,uBAAuB,CAAC,IAAI,CAAC,CAAC;IACvC,CAAC;IACD,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;QACtD,IAAI,SAAS,KAAK,MAAM;YAAE,OAAO,kBAAkB,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO,iBAAiB,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,uBAAuB,CAAC,IAAI,CAAC,CAAC;IACvC,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAoB;IAMhD,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC9B,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAC9C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,MAAM,iBAAiB,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IAEnE,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE;QAAE,CAAC,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,CAAC;IAEzD,IAAI,SAAS,GAAG,EAAE,CAAC;IACnB,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,MAAM,SAAS,GACb,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAErF,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,SAAS,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC,CAAC;IACtE,CAAC;SAAM,CAAC;QACN,IAAI,CAAC;YACH,IAAI,SAAS,KAAK,MAAM;gBAAE,SAAS,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;iBACvE,IAAI,SAAS,KAAK,MAAM;gBAAE,SAAS,GAAG,MAAM,YAAY,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;;gBAC5E,SAAS,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACxD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS,GAAG,IAAI,CAAC;YACjB,aAAa,GAAG,IAAI,CAAC;QACvB,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,GAAG,cAAc,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IACpD,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE;QAAE,CAAC,CAAC,oBAAoB,EAAE,CAAC,QAAQ,CAAC,CAAC;IAEjE,IAAI,cAAkC,CAAC;IACvC,IAAI,SAAS,CAAC,cAAc,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,MAAM,QAAQ,CAClC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,cAAc,EAAE,cAAc,CAAC,EACjE,MAAM,CACP,CAAC;YACF,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAA4B,CAAC;YACxE,IAAI,OAAO,UAAU,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACxC,cAAc,GAAG,UAAU,CAAC,IAAI,CAAC;YACnC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;IACH,CAAC;IAED,IAAI,aAAmC,CAAC;IACxC,IAAI,SAAS,CAAC,cAAc,EAAE,CAAC;QAC7B,aAAa,GAAG,EAAE,CAAC;QACnB,IAAI,KAAK,CAAC,YAAY,KAAK,MAAM,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,YAAY,SAAS,CAAC,cAAc,EAAE,CAAC;YAC1D,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBAChC,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QACD,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,OAAO,GAAG,KAAK,CAAC,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;YAC9D,KAAK,MAAM,EAAE,IAAI,OAAO,EAAE,CAAC;gBACzB,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAAE,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC1D,CAAC;QACH,CAAC;QACD,MAAM,iBAAiB,GAAG,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvE,KAAK,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YAC/C,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YAC3D,IACE,iBAAiB,KAAK,iBAAiB;gBACvC,iBAAiB,CAAC,UAAU,CAAC,iBAAiB,GAAG,GAAG,CAAC;gBACrD,iBAAiB,CAAC,UAAU,CAAC,iBAAiB,GAAG,GAAG,CAAC,EACrD,CAAC;gBACD,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAAE,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC1D,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,KAAK,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEvF,IAAI,SAAS,CAAC,cAAc,EAAE,CAAC;QAC7B,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;QACvE,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACnE,CAAC;IAED,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC/B,MAAM,OAAO,GAAG,IAAI,GAAG,CACrB,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CACrE,CAAC;QACF,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;QAC/D,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QACxD,aAAa,GAAG,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;IAC3C,CAAC;IAED,IAAI,IAAI,CAAC,YAAY,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QAC1C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,EAAE,GAAG,MAAM,qBAAqB,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAC9E,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,KAAK,IAAI,EAAE,kBAAkB,EAAE,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAClE,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAEjD,MAAM,MAAM,GAAa;QACvB,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,MAAM;QAC7B,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;QAChC,oBAAoB,EAAE,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC;KAC1E,CAAC;IAEF,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE;QAC9C,UAAU,EAAE,IAAI,CAAC,IAAI,KAAK,MAAM;QAChC,aAAa;QACb,aAAa;KACd,CAAC,CAAC;IACH,IAAI,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC;IACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAEjD,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,EAAE,CAAC;QAC7B,MAAM,CAAC,GAAG,CAAC,CAAC,eAAe,EAAE,CAAC,WAAW,CAAC,CAAC;QAC3C,IAAI,CAAC;YAAE,WAAW,GAAG,CAAC,CAAC;IACzB,CAAC;IAED,MAAM,MAAM,GAAgB;QAC1B,QAAQ;QACR,KAAK;QACL,WAAW;QACX,WAAW;KACZ,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,EAAE,CAAC;QAC7B,MAAM,CAAC,GAAG,CAAC,CAAC,YAAY,EAAE,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QAC9C,IAAI,CAAC;YAAE,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAClC,CAAC;IAED,OAAO;QACL,MAAM;QACN,SAAS;QACT,QAAQ;QACR,SAAS;KACV,CAAC;AACJ,CAAC"}
|
|
@@ -33,6 +33,7 @@ export interface BriefOptions {
|
|
|
33
33
|
top?: number;
|
|
34
34
|
includePrompt?: boolean;
|
|
35
35
|
focusPackage?: string;
|
|
36
|
+
prodOnly?: boolean;
|
|
36
37
|
}
|
|
37
38
|
export declare function buildActionGroups(findings: VulnerabilityFinding[], ownership: OwnershipPath[], remediation: RemediationSuggestion[], graph: DependencyGraphSnapshot | null): ActionGroup[];
|
|
38
39
|
export declare function rankActionGroups(groups: ActionGroup[]): ActionGroup[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"brief-reporter.d.ts","sourceRoot":"","sources":["../../src/output/brief-reporter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,uBAAuB,EACvB,qBAAqB,EACrB,QAAQ,EACR,oBAAoB,EACrB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAGjE,MAAM,MAAM,eAAe,GAAG,gBAAgB,GAAG,oBAAoB,GAAG,UAAU,GAAG,QAAQ,CAAC;AAE9F,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,eAAe,CAAC;IACtB,yEAAyE;IACzE,aAAa,EAAE,MAAM,CAAC;IACtB,+DAA+D;IAC/D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IACjC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,WAAW,EAAE,QAAQ,CAAC;IACtB,WAAW,CAAC,EAAE,qBAAqB,CAAC;IACpC,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,SAAS;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,OAAO,GAAG,YAAY,CAAC;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;IACzB,IAAI,EAAE,SAAS,CAAC;IAChB,YAAY,EAAE,WAAW,EAAE,CAAC;IAC5B,aAAa,EAAE,WAAW,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"brief-reporter.d.ts","sourceRoot":"","sources":["../../src/output/brief-reporter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,uBAAuB,EACvB,qBAAqB,EACrB,QAAQ,EACR,oBAAoB,EACrB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAGjE,MAAM,MAAM,eAAe,GAAG,gBAAgB,GAAG,oBAAoB,GAAG,UAAU,GAAG,QAAQ,CAAC;AAE9F,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,eAAe,CAAC;IACtB,yEAAyE;IACzE,aAAa,EAAE,MAAM,CAAC;IACtB,+DAA+D;IAC/D,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IACjC,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,WAAW,EAAE,QAAQ,CAAC;IACtB,WAAW,CAAC,EAAE,qBAAqB,CAAC;IACpC,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,SAAS;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,OAAO,GAAG,YAAY,CAAC;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;IACzB,IAAI,EAAE,SAAS,CAAC;IAChB,YAAY,EAAE,WAAW,EAAE,CAAC;IAC5B,aAAa,EAAE,WAAW,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAwGD,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,oBAAoB,EAAE,EAChC,SAAS,EAAE,aAAa,EAAE,EAC1B,WAAW,EAAE,qBAAqB,EAAE,EACpC,KAAK,EAAE,uBAAuB,GAAG,IAAI,GACpC,WAAW,EAAE,CAwDf;AAED,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,WAAW,EAAE,GAAG,WAAW,EAAE,CAQrE;AAED,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,oBAAoB,EAAE,EAChC,SAAS,EAAE,aAAa,EAAE,EAC1B,WAAW,EAAE,qBAAqB,EAAE,EACpC,KAAK,EAAE,uBAAuB,GAAG,IAAI,EACrC,IAAI,EAAE,SAAS,EACf,IAAI,GAAE,YAAiB,GACtB,WAAW,CAgCb;AAuGD,wBAAgB,eAAe,CAAC,KAAK,EAAE,WAAW,EAAE,IAAI,GAAE,YAAiB,GAAG,MAAM,CAkEnF;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,WAAW,GAAG,MAAM,CAEtD"}
|
|
@@ -46,10 +46,23 @@ function sampleChain(finding, ownership, graph) {
|
|
|
46
46
|
const names = row.pathNodeIds.map((id) => graph.nodes.get(id)?.name ?? id);
|
|
47
47
|
return formatChain(names);
|
|
48
48
|
}
|
|
49
|
-
function
|
|
50
|
-
|
|
49
|
+
function remediationForFinding(finding, remediation) {
|
|
50
|
+
if (finding.fixViaPackage) {
|
|
51
|
+
return remediation.find((r) => r.targetPackage === finding.fixViaPackage && r.kind === "upgrade");
|
|
52
|
+
}
|
|
53
|
+
return remediation.find((r) => r.targetPackage === finding.packageName);
|
|
51
54
|
}
|
|
52
55
|
function groupKey(finding, owner, rem) {
|
|
56
|
+
if (finding.fixViaPackage) {
|
|
57
|
+
const target = finding.fixViaPackage;
|
|
58
|
+
const isDirect = target === finding.packageName || target === owner;
|
|
59
|
+
return {
|
|
60
|
+
key: `fix-via:${target}`,
|
|
61
|
+
kind: isDirect ? "upgrade-direct" : "upgrade-transitive",
|
|
62
|
+
target,
|
|
63
|
+
owner: owner ?? target,
|
|
64
|
+
};
|
|
65
|
+
}
|
|
53
66
|
if (rem?.kind === "overrides" || rem?.kind === "resolutions") {
|
|
54
67
|
return { key: `${rem.kind}:${rem.targetPackage}`, kind: "override", target: rem.targetPackage };
|
|
55
68
|
}
|
|
@@ -77,7 +90,7 @@ export function buildActionGroups(findings, ownership, remediation, graph) {
|
|
|
77
90
|
for (const f of findings) {
|
|
78
91
|
const paths = byFinding.get(f.id) ?? [];
|
|
79
92
|
const owner = primaryOwner(paths);
|
|
80
|
-
const rem =
|
|
93
|
+
const rem = remediationForFinding(f, remediation);
|
|
81
94
|
const { key, kind, target, owner: topOwner } = groupKey(f, owner, rem);
|
|
82
95
|
const devOnly = paths.length > 0 && paths.every((p) => p.isDevDependency);
|
|
83
96
|
let group = buckets.get(key);
|
|
@@ -108,7 +121,9 @@ export function buildActionGroups(findings, ownership, remediation, graph) {
|
|
|
108
121
|
group.ownershipSample.push(chain);
|
|
109
122
|
}
|
|
110
123
|
}
|
|
111
|
-
if (!group.remediation &&
|
|
124
|
+
if (!group.remediation &&
|
|
125
|
+
rem &&
|
|
126
|
+
(kind === "upgrade-direct" || kind === "upgrade-transitive" || kind === "override")) {
|
|
112
127
|
group.remediation = rem;
|
|
113
128
|
}
|
|
114
129
|
}
|
|
@@ -141,8 +156,8 @@ export function buildBriefReport(findings, ownership, remediation, graph, meta,
|
|
|
141
156
|
}
|
|
142
157
|
const allGroups = rankActionGroups(buildActionGroups(filtered, ownership, remediation, graph));
|
|
143
158
|
const top = opts.top ?? 5;
|
|
144
|
-
const actionGroups = allGroups.filter((g) => !g.isDevOnly).slice(0, top);
|
|
145
|
-
const skippedGroups = allGroups.filter((g) => g.isDevOnly);
|
|
159
|
+
const actionGroups = (opts.prodOnly ? allGroups.filter((g) => !g.isDevOnly) : allGroups).slice(0, top);
|
|
160
|
+
const skippedGroups = opts.prodOnly ? allGroups.filter((g) => g.isDevOnly) : [];
|
|
146
161
|
return {
|
|
147
162
|
status: "actionable",
|
|
148
163
|
findingsCount: filtered.length,
|
|
@@ -187,29 +202,35 @@ function actionTitle(group, index) {
|
|
|
187
202
|
function whyLine(group) {
|
|
188
203
|
switch (group.kind) {
|
|
189
204
|
case "upgrade-direct":
|
|
190
|
-
return `
|
|
205
|
+
return `Upgrade direct dependency \`${group.targetPackage}\` to a patched release.`;
|
|
191
206
|
case "upgrade-transitive":
|
|
192
|
-
return `Transitive
|
|
207
|
+
return `Transitive issue; npm audit suggests upgrading \`${group.targetPackage}\` to pull in patched versions.`;
|
|
193
208
|
case "override":
|
|
194
|
-
return `
|
|
209
|
+
return `Pin \`${group.targetPackage}\` to a patched range via overrides/resolutions.`;
|
|
195
210
|
case "manual":
|
|
196
211
|
return `Ownership unclear or no patched range in audit data; inspect with \`audit-trace why ${group.targetPackage}\`.`;
|
|
197
212
|
}
|
|
198
213
|
}
|
|
199
214
|
function suggestedChange(group, pm) {
|
|
200
|
-
if (group.remediation?.manifestPatch) {
|
|
201
|
-
|
|
215
|
+
if (group.kind === "override" && group.remediation?.manifestPatch) {
|
|
216
|
+
const patch = pm === "yarn"
|
|
217
|
+
? { resolutions: { [group.targetPackage]: group.remediation.constraint ?? group.targetPackage } }
|
|
218
|
+
: pm === "pnpm"
|
|
219
|
+
? { pnpm: { overrides: { [group.targetPackage]: group.remediation.constraint ?? group.targetPackage } } }
|
|
220
|
+
: group.remediation.manifestPatch;
|
|
221
|
+
return "```json\n" + JSON.stringify(patch, null, 2) + "\n```";
|
|
202
222
|
}
|
|
203
223
|
if (group.kind === "upgrade-direct" || group.kind === "upgrade-transitive") {
|
|
204
|
-
const constraint = group.remediation?.constraint
|
|
224
|
+
const constraint = group.remediation?.constraint;
|
|
225
|
+
if (!constraint) {
|
|
226
|
+
return `_Check npm registry for latest safe version of \`${group.targetPackage}\`._`;
|
|
227
|
+
}
|
|
205
228
|
const field = group.isDevOnly ? "devDependencies" : "dependencies";
|
|
206
229
|
const patch = pm === "yarn"
|
|
207
|
-
? {
|
|
230
|
+
? { [field]: { [group.targetPackage]: constraint } }
|
|
208
231
|
: pm === "pnpm"
|
|
209
|
-
? {
|
|
210
|
-
: {
|
|
211
|
-
[field]: { [group.targetPackage]: constraint },
|
|
212
|
-
};
|
|
232
|
+
? { [field]: { [group.targetPackage]: constraint } }
|
|
233
|
+
: { [field]: { [group.targetPackage]: constraint } };
|
|
213
234
|
return "```json\n" + JSON.stringify(patch, null, 2) + "\n```";
|
|
214
235
|
}
|
|
215
236
|
return "_No automatic patch; verify advisory and upgrade manually._";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"brief-reporter.js","sourceRoot":"","sources":["../../src/output/brief-reporter.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAyC/C,MAAM,aAAa,GAA6B;IAC9C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;IACX,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,SAAS,WAAW,CAAC,QAAgC;IACnD,OAAO,QAAQ,CAAC,MAAM,CACpB,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAClF,MAAM,CACP,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,QAAgC;IACvD,MAAM,MAAM,GAAG,IAAI,GAAG,EAAoB,CAAC;IAC3C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5D,CAAC;IACD,MAAM,KAAK,GAAe,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAC1E,MAAM,KAAK,GAAG,KAAK;SAChB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SAC5B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,YAAY,CAAC,KAAsB;IAC1C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,GAAG,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QAChC,IAAI,CAAC,IAAI;YAAE,SAAS;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,CAAC;IACD,IAAI,IAAwB,CAAC;IAC7B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;QAC7B,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC;YACd,IAAI,GAAG,IAAI,CAAC;YACZ,KAAK,GAAG,CAAC,CAAC;QACZ,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,WAAW,CAClB,OAA6B,EAC7B,SAA0B,EAC1B,KAAqC;IAErC,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9D,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;QACnB,OAAO,OAAO,CAAC,WAAW,CAAC;IAC7B,CAAC;IACD,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAC3E,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;AAC5B,CAAC;AAED,SAAS,cAAc,CACrB,GAAW,EACX,WAAoC;IAEpC,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,SAAS,QAAQ,CACf,OAA6B,EAC7B,KAAyB,EACzB,GAA2B;IAE3B,IAAI,GAAG,EAAE,IAAI,KAAK,WAAW,IAAI,GAAG,EAAE,IAAI,KAAK,aAAa,EAAE,CAAC;QAC7D,OAAO,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,CAAC,aAAa,EAAE,CAAC;IAClG,CAAC;IACD,IAAI,KAAK,IAAI,KAAK,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3C,OAAO;YACL,GAAG,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE;YACpC,IAAI,EAAE,gBAAgB;YACtB,MAAM,EAAE,OAAO,CAAC,WAAW;YAC3B,KAAK;SACN,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,EAAE,GAAG,EAAE,SAAS,KAAK,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACrF,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;AAC/F,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAgC,EAChC,SAA0B,EAC1B,WAAoC,EACpC,KAAqC;IAErC,MAAM,SAAS,GAAG,IAAI,GAAG,EAA2B,CAAC;IACrD,KAAK,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;QAC1B,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;QAC9C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACb,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,GAAG,EAAuB,CAAC;IAE/C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,cAAc,CAAC,CAAC,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;QACvD,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QACvE,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QAE1E,IAAI,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG;gBACN,EAAE,EAAE,GAAG;gBACP,IAAI;gBACJ,aAAa,EAAE,MAAM;gBACrB,aAAa,EAAE,QAAQ;gBACvB,QAAQ,EAAE,EAAE;gBACZ,gBAAgB,EAAE,EAAE;gBACpB,WAAW,EAAE,MAAM;gBACnB,WAAW,EAAE,GAAG,EAAE,IAAI,KAAK,WAAW,IAAI,GAAG,EAAE,IAAI,KAAK,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;gBACvF,eAAe,EAAE,EAAE;gBACnB,SAAS,EAAE,OAAO;aACnB,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1B,CAAC;QAED,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChD,KAAK,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,OAAO,CAAC;QAC7C,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC;YACpD,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;YAC/C,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3C,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QACD,IAAI,CAAC,KAAK,CAAC,WAAW,IAAI,GAAG,IAAI,CAAC,IAAI,KAAK,gBAAgB,IAAI,IAAI,KAAK,oBAAoB,CAAC,EAAE,CAAC;YAC9F,KAAK,CAAC,WAAW,GAAG,GAAG,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,MAAqB;IACpD,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;QACxE,IAAI,GAAG,KAAK,CAAC;YAAE,OAAO,GAAG,CAAC;QAC1B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACvD,IAAI,IAAI,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAC5B,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;IAC/C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,QAAgC,EAChC,SAA0B,EAC1B,WAAoC,EACpC,KAAqC,EACrC,IAAe,EACf,OAAqB,EAAE;IAEvB,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY;QAChC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,IAAI,CAAC,YAAY,CAAC;QAC7D,CAAC,CAAC,QAAQ,CAAC;IAEb,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;YACL,MAAM,EAAE,OAAO;YACf,aAAa,EAAE,CAAC;YAChB,gBAAgB,EAAE,CAAC;YACnB,IAAI;YACJ,YAAY,EAAE,EAAE;YAChB,aAAa,EAAE,EAAE;SAClB,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;IAC/F,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;IAC1B,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACzE,MAAM,aAAa,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IAE3D,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,gBAAgB,EAAE,YAAY,CAAC,MAAM;QACrC,IAAI;QACJ,YAAY;QACZ,aAAa;KACd,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CAAC,IAAe;IAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3D,OAAO,gBAAgB,IAAI,CAAC,WAAW,cAAc,IAAI,CAAC,EAAE,oBAAoB,IAAI,CAAC,YAAY,GAAG,IAAI,EAAE,CAAC;AAC7G,CAAC;AAED,SAAS,SAAS,CAAC,IAAqB;IACtC,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,gBAAgB;YACnB,OAAO,2BAA2B,CAAC;QACrC,KAAK,oBAAoB;YACvB,OAAO,yBAAyB,CAAC;QACnC,KAAK,UAAU;YACb,OAAO,yBAAyB,CAAC;QACnC,KAAK,QAAQ;YACX,OAAO,sBAAsB,CAAC;IAClC,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,KAAkB,EAAE,KAAa;IACpD,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;IAChC,MAAM,GAAG,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAC5C,MAAM,KAAK,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC;IACtD,MAAM,MAAM,GAAG,KAAK,CAAC,aAAa,CAAC;IACnC,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,gBAAgB;YACnB,OAAO,GAAG,KAAK,eAAe,MAAM,cAAc,KAAK,KAAK,GAAG,GAAG,CAAC;QACrE,KAAK,oBAAoB;YACvB,OAAO,GAAG,KAAK,eAAe,MAAM,cAAc,KAAK,KAAK,GAAG,GAAG,CAAC;QACrE,KAAK,UAAU;YACb,OAAO,GAAG,KAAK,gBAAgB,MAAM,cAAc,KAAK,KAAK,GAAG,GAAG,CAAC;QACtE,KAAK,QAAQ;YACX,OAAO,GAAG,KAAK,mBAAmB,MAAM,QAAQ,KAAK,KAAK,GAAG,GAAG,CAAC;IACrE,CAAC;AACH,CAAC;AAED,SAAS,OAAO,CAAC,KAAkB;IACjC,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,gBAAgB;YACnB,OAAO,kCAAkC,KAAK,CAAC,aAAa,4BAA4B,CAAC;QAC3F,KAAK,oBAAoB;YACvB,OAAO,oBAAoB,KAAK,CAAC,aAAa,IAAI,KAAK,CAAC,aAAa,4DAA4D,CAAC;QACpI,KAAK,UAAU;YACb,OAAO,0EAA0E,CAAC;QACpF,KAAK,QAAQ;YACX,OAAO,uFAAuF,KAAK,CAAC,aAAa,KAAK,CAAC;IAC3H,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,KAAkB,EAAE,EAAU;IACrD,IAAI,KAAK,CAAC,WAAW,EAAE,aAAa,EAAE,CAAC;QACrC,OAAO,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,WAAW,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC;IAC1F,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,gBAAgB,IAAI,KAAK,CAAC,IAAI,KAAK,oBAAoB,EAAE,CAAC;QAC3E,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,EAAE,UAAU,IAAI,mBAAmB,CAAC;QACxE,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC;QACnE,MAAM,KAAK,GACT,EAAE,KAAK,MAAM;YACX,CAAC,CAAC,EAAE,WAAW,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,EAAE;YACxD,CAAC,CAAC,EAAE,KAAK,MAAM;gBACb,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,EAAE,EAAE;gBAChE,CAAC,CAAC;oBACE,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE;iBAC/C,CAAC;QACV,OAAO,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC;IAChE,CAAC;IACD,OAAO,6DAA6D,CAAC;AACvE,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAqB;IAC7C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO;YACL,4BAA4B;YAC5B,EAAE;YACF,0EAA0E;SAC3E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,4BAA4B;QAC5B,EAAE;QACF,mDAAmD;QACnD,8CAA8C;QAC9C,2BAA2B;QAC3B,oDAAoD;QACpD,8BAA8B;QAC9B,EAAE;QACF,sBAAsB;KACvB,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,aAAa,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,oBAAoB,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IAC7F,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,KAAkB,EAAE,OAAqB,EAAE;IACzE,MAAM,KAAK,GAAa,CAAC,6BAA6B,EAAE,EAAE,CAAC,CAAC;IAE5D,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,8CAA8C,EAAE,EAAE,CAAC,CAAC;QAC/D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACtB,KAAK,CAAC,IAAI,CACR,uFAAuF,EACvF,EAAE,CACH,CAAC;QACF,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CACR,iBAAiB,KAAK,CAAC,aAAa,+BAA+B,KAAK,CAAC,gBAAgB,EAAE,EAC3F,EAAE,EACF,KAAK,EACL,EAAE,CACH,CAAC;IAEF,IAAI,KAAK,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpC,KAAK,CAAC,IAAI,CACR,iFAAiF,EACjF,EAAE,EACF,wFAAwF,EACxF,EAAE,CACH,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,gCAAgC,EAAE,EAAE,CAAC,CAAC;IACnD,CAAC;IACD,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QACtC,KAAK,CAAC,IAAI,CAAC,OAAO,WAAW,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,eAAe,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CAAC,YAAY,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAChC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAE,CAAC,CAAC;YACtC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC5F,KAAK,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACrD,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,IAAI,KAAK,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,uCAAuC,EAAE,EAAE,CAAC,CAAC;QACxD,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;YACpC,KAAK,CAAC,IAAI,CACR,OAAO,CAAC,CAAC,aAAa,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,oBAAoB,CAAC,CAAC,WAAW,EAAE,CACnF,CAAC;QACJ,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAkB;IAC5C,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACxC,CAAC"}
|
|
1
|
+
{"version":3,"file":"brief-reporter.js","sourceRoot":"","sources":["../../src/output/brief-reporter.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AA0C/C,MAAM,aAAa,GAA6B;IAC9C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;IACX,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,SAAS,WAAW,CAAC,QAAgC;IACnD,OAAO,QAAQ,CAAC,MAAM,CACpB,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,EAClF,MAAM,CACP,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,QAAgC;IACvD,MAAM,MAAM,GAAG,IAAI,GAAG,EAAoB,CAAC;IAC3C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5D,CAAC;IACD,MAAM,KAAK,GAAe,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAC1E,MAAM,KAAK,GAAG,KAAK;SAChB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SAC5B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,YAAY,CAAC,KAAsB;IAC1C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,IAAI,GAAG,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QAChC,IAAI,CAAC,IAAI;YAAE,SAAS;QACpB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,CAAC;IACD,IAAI,IAAwB,CAAC;IAC7B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;QAC7B,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC;YACd,IAAI,GAAG,IAAI,CAAC;YACZ,KAAK,GAAG,CAAC,CAAC;QACZ,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,WAAW,CAClB,OAA6B,EAC7B,SAA0B,EAC1B,KAAqC;IAErC,MAAM,GAAG,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9D,IAAI,CAAC,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;QACnB,OAAO,OAAO,CAAC,WAAW,CAAC;IAC7B,CAAC;IACD,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,IAAI,IAAI,EAAE,CAAC,CAAC;IAC3E,OAAO,WAAW,CAAC,KAAK,CAAC,CAAC;AAC5B,CAAC;AAED,SAAS,qBAAqB,CAC5B,OAA6B,EAC7B,WAAoC;IAEpC,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QAC1B,OAAO,WAAW,CAAC,IAAI,CACrB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,OAAO,CAAC,aAAa,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,CACzE,CAAC;IACJ,CAAC;IACD,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,OAAO,CAAC,WAAW,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,QAAQ,CACf,OAA6B,EAC7B,KAAyB,EACzB,GAA2B;IAE3B,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,KAAK,OAAO,CAAC,WAAW,IAAI,MAAM,KAAK,KAAK,CAAC;QACpE,OAAO;YACL,GAAG,EAAE,WAAW,MAAM,EAAE;YACxB,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,oBAAoB;YACxD,MAAM;YACN,KAAK,EAAE,KAAK,IAAI,MAAM;SACvB,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,EAAE,IAAI,KAAK,WAAW,IAAI,GAAG,EAAE,IAAI,KAAK,aAAa,EAAE,CAAC;QAC7D,OAAO,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,aAAa,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,CAAC,aAAa,EAAE,CAAC;IAClG,CAAC;IACD,IAAI,KAAK,IAAI,KAAK,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC;QAC3C,OAAO;YACL,GAAG,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE;YACpC,IAAI,EAAE,gBAAgB;YACtB,MAAM,EAAE,OAAO,CAAC,WAAW;YAC3B,KAAK;SACN,CAAC;IACJ,CAAC;IACD,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,EAAE,GAAG,EAAE,SAAS,KAAK,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACrF,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,UAAU,OAAO,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;AAC/F,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,QAAgC,EAChC,SAA0B,EAC1B,WAAoC,EACpC,KAAqC;IAErC,MAAM,SAAS,GAAG,IAAI,GAAG,EAA2B,CAAC;IACrD,KAAK,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;QAC1B,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;QAC9C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACb,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,GAAG,EAAuB,CAAC;IAE/C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,qBAAqB,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;QAClD,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,QAAQ,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QACvE,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QAE1E,IAAI,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC7B,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG;gBACN,EAAE,EAAE,GAAG;gBACP,IAAI;gBACJ,aAAa,EAAE,MAAM;gBACrB,aAAa,EAAE,QAAQ;gBACvB,QAAQ,EAAE,EAAE;gBACZ,gBAAgB,EAAE,EAAE;gBACpB,WAAW,EAAE,MAAM;gBACnB,WAAW,EAAE,GAAG,EAAE,IAAI,KAAK,WAAW,IAAI,GAAG,EAAE,IAAI,KAAK,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;gBACvF,eAAe,EAAE,EAAE;gBACnB,SAAS,EAAE,OAAO;aACnB,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1B,CAAC;QAED,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAChD,KAAK,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,OAAO,CAAC;QAC7C,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC;YACpD,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;YAC/C,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3C,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QACD,IACE,CAAC,KAAK,CAAC,WAAW;YAClB,GAAG;YACH,CAAC,IAAI,KAAK,gBAAgB,IAAI,IAAI,KAAK,oBAAoB,IAAI,IAAI,KAAK,UAAU,CAAC,EACnF,CAAC;YACD,KAAK,CAAC,WAAW,GAAG,GAAG,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;AAC/B,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,MAAqB;IACpD,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;QACxE,IAAI,GAAG,KAAK,CAAC;YAAE,OAAO,GAAG,CAAC;QAC1B,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QACvD,IAAI,IAAI,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAC5B,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;IAC/C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,QAAgC,EAChC,SAA0B,EAC1B,WAAoC,EACpC,KAAqC,EACrC,IAAe,EACf,OAAqB,EAAE;IAEvB,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY;QAChC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,IAAI,CAAC,YAAY,CAAC;QAC7D,CAAC,CAAC,QAAQ,CAAC;IAEb,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;YACL,MAAM,EAAE,OAAO;YACf,aAAa,EAAE,CAAC;YAChB,gBAAgB,EAAE,CAAC;YACnB,IAAI;YACJ,YAAY,EAAE,EAAE;YAChB,aAAa,EAAE,EAAE;SAClB,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,QAAQ,EAAE,SAAS,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;IAC/F,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;IAC1B,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,CAC5F,CAAC,EACD,GAAG,CACJ,CAAC;IACF,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEhF,OAAO;QACL,MAAM,EAAE,YAAY;QACpB,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,gBAAgB,EAAE,YAAY,CAAC,MAAM;QACrC,IAAI;QACJ,YAAY;QACZ,aAAa;KACd,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CAAC,IAAe;IAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3D,OAAO,gBAAgB,IAAI,CAAC,WAAW,cAAc,IAAI,CAAC,EAAE,oBAAoB,IAAI,CAAC,YAAY,GAAG,IAAI,EAAE,CAAC;AAC7G,CAAC;AAED,SAAS,SAAS,CAAC,IAAqB;IACtC,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,gBAAgB;YACnB,OAAO,2BAA2B,CAAC;QACrC,KAAK,oBAAoB;YACvB,OAAO,yBAAyB,CAAC;QACnC,KAAK,UAAU;YACb,OAAO,yBAAyB,CAAC;QACnC,KAAK,QAAQ;YACX,OAAO,sBAAsB,CAAC;IAClC,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,KAAkB,EAAE,KAAa;IACpD,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;IAChC,MAAM,GAAG,GAAG,eAAe,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAC5C,MAAM,KAAK,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,CAAC;IACtD,MAAM,MAAM,GAAG,KAAK,CAAC,aAAa,CAAC;IACnC,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,gBAAgB;YACnB,OAAO,GAAG,KAAK,eAAe,MAAM,cAAc,KAAK,KAAK,GAAG,GAAG,CAAC;QACrE,KAAK,oBAAoB;YACvB,OAAO,GAAG,KAAK,eAAe,MAAM,cAAc,KAAK,KAAK,GAAG,GAAG,CAAC;QACrE,KAAK,UAAU;YACb,OAAO,GAAG,KAAK,gBAAgB,MAAM,cAAc,KAAK,KAAK,GAAG,GAAG,CAAC;QACtE,KAAK,QAAQ;YACX,OAAO,GAAG,KAAK,mBAAmB,MAAM,QAAQ,KAAK,KAAK,GAAG,GAAG,CAAC;IACrE,CAAC;AACH,CAAC;AAED,SAAS,OAAO,CAAC,KAAkB;IACjC,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,gBAAgB;YACnB,OAAO,+BAA+B,KAAK,CAAC,aAAa,0BAA0B,CAAC;QACtF,KAAK,oBAAoB;YACvB,OAAO,oDAAoD,KAAK,CAAC,aAAa,iCAAiC,CAAC;QAClH,KAAK,UAAU;YACb,OAAO,SAAS,KAAK,CAAC,aAAa,kDAAkD,CAAC;QACxF,KAAK,QAAQ;YACX,OAAO,uFAAuF,KAAK,CAAC,aAAa,KAAK,CAAC;IAC3H,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,KAAkB,EAAE,EAAU;IACrD,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,IAAI,KAAK,CAAC,WAAW,EAAE,aAAa,EAAE,CAAC;QAClE,MAAM,KAAK,GACT,EAAE,KAAK,MAAM;YACX,CAAC,CAAC,EAAE,WAAW,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,UAAU,IAAI,KAAK,CAAC,aAAa,EAAE,EAAE;YACjG,CAAC,CAAC,EAAE,KAAK,MAAM;gBACb,CAAC,CAAC,EAAE,IAAI,EAAE,EAAE,SAAS,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,UAAU,IAAI,KAAK,CAAC,aAAa,EAAE,EAAE,EAAE;gBACzG,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,aAAa,CAAC;QACxC,OAAO,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC;IAChE,CAAC;IACD,IAAI,KAAK,CAAC,IAAI,KAAK,gBAAgB,IAAI,KAAK,CAAC,IAAI,KAAK,oBAAoB,EAAE,CAAC;QAC3E,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW,EAAE,UAAU,CAAC;QACjD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,oDAAoD,KAAK,CAAC,aAAa,MAAM,CAAC;QACvF,CAAC;QACD,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC;QACnE,MAAM,KAAK,GACT,EAAE,KAAK,MAAM;YACX,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,EAAE;YACpD,CAAC,CAAC,EAAE,KAAK,MAAM;gBACb,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,EAAE;gBACpD,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,UAAU,EAAE,EAAE,CAAC;QAC3D,OAAO,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,OAAO,CAAC;IAChE,CAAC;IACD,OAAO,6DAA6D,CAAC;AACvE,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAqB;IAC7C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO;YACL,4BAA4B;YAC5B,EAAE;YACF,0EAA0E;SAC3E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,4BAA4B;QAC5B,EAAE;QACF,mDAAmD;QACnD,8CAA8C;QAC9C,2BAA2B;QAC3B,oDAAoD;QACpD,8BAA8B;QAC9B,EAAE;QACF,sBAAsB;KACvB,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,aAAa,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,oBAAoB,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC;IAC7F,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,KAAkB,EAAE,OAAqB,EAAE;IACzE,MAAM,KAAK,GAAa,CAAC,6BAA6B,EAAE,EAAE,CAAC,CAAC;IAE5D,IAAI,KAAK,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,8CAA8C,EAAE,EAAE,CAAC,CAAC;QAC/D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACtB,KAAK,CAAC,IAAI,CACR,uFAAuF,EACvF,EAAE,CACH,CAAC;QACF,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACvC,CAAC;QACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CACR,iBAAiB,KAAK,CAAC,aAAa,+BAA+B,KAAK,CAAC,gBAAgB,EAAE,EAC3F,EAAE,EACF,KAAK,EACL,EAAE,CACH,CAAC;IAEF,IAAI,KAAK,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpC,KAAK,CAAC,IAAI,CACR,iFAAiF,EACjF,EAAE,EACF,wFAAwF,EACxF,EAAE,CACH,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,gCAAgC,EAAE,EAAE,CAAC,CAAC;IACnD,CAAC;IACD,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QACtC,KAAK,CAAC,IAAI,CAAC,OAAO,WAAW,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,eAAe,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CAAC,YAAY,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAChC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,CAAE,CAAC,CAAC;YACtC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC5F,KAAK,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACrD,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,IAAI,KAAK,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,uCAAuC,EAAE,EAAE,CAAC,CAAC;QACxD,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;YACpC,KAAK,CAAC,IAAI,CACR,OAAO,CAAC,CAAC,aAAa,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,oBAAoB,CAAC,CAAC,WAAW,EAAE,CACnF,CAAC;QACJ,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAkB;IAC5C,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACxC,CAAC"}
|
|
@@ -4,8 +4,12 @@ export interface FindingVersionMeta {
|
|
|
4
4
|
installed?: string;
|
|
5
5
|
/** Range or versions considered vulnerable (from audit). */
|
|
6
6
|
vulnerableRange?: string;
|
|
7
|
-
/**
|
|
7
|
+
/** Patched range for this package (override target). */
|
|
8
8
|
patchedRange?: string;
|
|
9
|
+
/** Upgrade another package to fix this finding (npm fixAvailable.name). */
|
|
10
|
+
fixViaPackage?: string;
|
|
11
|
+
fixViaVersion?: string;
|
|
12
|
+
fixIsSemVerMajor?: boolean;
|
|
9
13
|
}
|
|
10
14
|
/** Resolved versions from lockfile graph for this advisory package. */
|
|
11
15
|
export declare function installedVersionsForFinding(f: VulnerabilityFinding, ownership: OwnershipPath[], graph: DependencyGraphSnapshot | null): string | undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"finding-meta.d.ts","sourceRoot":"","sources":["../../src/output/finding-meta.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AACvF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,MAAM,WAAW,kBAAkB;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,4DAA4D;IAC5D,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,
|
|
1
|
+
{"version":3,"file":"finding-meta.d.ts","sourceRoot":"","sources":["../../src/output/finding-meta.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AACvF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAEjE,MAAM,WAAW,kBAAkB;IACjC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,4DAA4D;IAC5D,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,wDAAwD;IACxD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,2EAA2E;IAC3E,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED,uEAAuE;AACvE,wBAAgB,2BAA2B,CACzC,CAAC,EAAE,oBAAoB,EACvB,SAAS,EAAE,aAAa,EAAE,EAC1B,KAAK,EAAE,uBAAuB,GAAG,IAAI,GACpC,MAAM,GAAG,SAAS,CAWpB;AAED,wBAAgB,qBAAqB,CACnC,CAAC,EAAE,oBAAoB,EACvB,SAAS,EAAE,aAAa,EAAE,EAC1B,KAAK,EAAE,uBAAuB,GAAG,IAAI,GACpC,kBAAkB,CASpB;AAED,gEAAgE;AAChE,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,kBAAkB,GAAG,MAAM,GAAG,SAAS,CAYrF"}
|
|
@@ -21,6 +21,9 @@ export function getFindingVersionMeta(f, ownership, graph) {
|
|
|
21
21
|
installed: installedVersionsForFinding(f, ownership, graph),
|
|
22
22
|
vulnerableRange: f.vulnerableRange,
|
|
23
23
|
patchedRange: f.patchedRange,
|
|
24
|
+
fixViaPackage: f.fixViaPackage,
|
|
25
|
+
fixViaVersion: f.fixViaVersion,
|
|
26
|
+
fixIsSemVerMajor: f.fixIsSemVerMajor,
|
|
24
27
|
};
|
|
25
28
|
}
|
|
26
29
|
/** Human-readable fragment for terminal (no leading spaces). */
|
|
@@ -30,8 +33,13 @@ export function formatVersionMetaDimLine(meta) {
|
|
|
30
33
|
parts.push(`installed: ${meta.installed}`);
|
|
31
34
|
if (meta.vulnerableRange)
|
|
32
35
|
parts.push(`affected: ${meta.vulnerableRange}`);
|
|
33
|
-
if (meta.
|
|
36
|
+
if (meta.fixViaPackage && meta.fixViaVersion) {
|
|
37
|
+
const major = meta.fixIsSemVerMajor ? " (semver-major)" : "";
|
|
38
|
+
parts.push(`fix via ${meta.fixViaPackage}: >=${meta.fixViaVersion}${major}`);
|
|
39
|
+
}
|
|
40
|
+
else if (meta.patchedRange) {
|
|
34
41
|
parts.push(`fix: ${meta.patchedRange}`);
|
|
42
|
+
}
|
|
35
43
|
if (parts.length === 0)
|
|
36
44
|
return undefined;
|
|
37
45
|
return parts.join(" · ");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"finding-meta.js","sourceRoot":"","sources":["../../src/output/finding-meta.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"finding-meta.js","sourceRoot":"","sources":["../../src/output/finding-meta.ts"],"names":[],"mappings":"AAeA,uEAAuE;AACvE,MAAM,UAAU,2BAA2B,CACzC,CAAuB,EACvB,SAA0B,EAC1B,KAAqC;IAErC,IAAI,CAAC,CAAC,QAAQ,EAAE,MAAM;QAAE,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1E,IAAI,CAAC,KAAK;QAAE,OAAO,SAAS,CAAC;IAC7B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;QAC1B,IAAI,CAAC,CAAC,WAAW,KAAK,CAAC,CAAC,WAAW;YAAE,SAAS;QAC9C,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QACpC,IAAI,CAAC,EAAE,OAAO;YAAE,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;IACD,IAAI,IAAI,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACtC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACrC,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,CAAuB,EACvB,SAA0B,EAC1B,KAAqC;IAErC,OAAO;QACL,SAAS,EAAE,2BAA2B,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,CAAC;QAC3D,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,YAAY,EAAE,CAAC,CAAC,YAAY;QAC5B,aAAa,EAAE,CAAC,CAAC,aAAa;QAC9B,aAAa,EAAE,CAAC,CAAC,aAAa;QAC9B,gBAAgB,EAAE,CAAC,CAAC,gBAAgB;KACrC,CAAC;AACJ,CAAC;AAED,gEAAgE;AAChE,MAAM,UAAU,wBAAwB,CAAC,IAAwB;IAC/D,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,IAAI,CAAC,SAAS;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IAC/D,IAAI,IAAI,CAAC,eAAe;QAAE,KAAK,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;IAC1E,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,aAAa,OAAO,IAAI,CAAC,aAAa,GAAG,KAAK,EAAE,CAAC,CAAC;IAC/E,CAAC;SAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;IAC1C,CAAC;IACD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC3B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"html-reporter.d.ts","sourceRoot":"","sources":["../../src/output/html-reporter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAGjE,wBAAgB,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"html-reporter.d.ts","sourceRoot":"","sources":["../../src/output/html-reporter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAGjE,wBAAgB,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,MAAM,CA+BpF"}
|
|
@@ -6,7 +6,11 @@ export function toHtmlReport(report, ownership) {
|
|
|
6
6
|
const m = getFindingVersionMeta(f, ownership, report.graph);
|
|
7
7
|
const inst = m.installed ? esc(m.installed) : "—";
|
|
8
8
|
const aff = m.vulnerableRange ? esc(m.vulnerableRange) : "—";
|
|
9
|
-
const fix = m.
|
|
9
|
+
const fix = m.fixViaPackage && m.fixViaVersion
|
|
10
|
+
? esc(`via ${m.fixViaPackage} >=${m.fixViaVersion}${m.fixIsSemVerMajor ? " (major)" : ""}`)
|
|
11
|
+
: m.patchedRange
|
|
12
|
+
? esc(m.patchedRange)
|
|
13
|
+
: "—";
|
|
10
14
|
return `<tr><td>${esc(f.severity)}</td><td>${esc(f.packageName)}</td><td>${inst}</td><td>${aff}</td><td>${fix}</td><td>${esc(f.title ?? f.id)}</td></tr>`;
|
|
11
15
|
})
|
|
12
16
|
.join("\n");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"html-reporter.js","sourceRoot":"","sources":["../../src/output/html-reporter.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAE1D,MAAM,UAAU,YAAY,CAAC,MAAmB,EAAE,SAA0B;IAC1E,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,EAAE,CACxB,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACvE,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ;SACzB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACT,MAAM,CAAC,GAAG,qBAAqB,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5D,MAAM,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAClD,MAAM,GAAG,GAAG,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAC7D,MAAM,GAAG,
|
|
1
|
+
{"version":3,"file":"html-reporter.js","sourceRoot":"","sources":["../../src/output/html-reporter.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAE1D,MAAM,UAAU,YAAY,CAAC,MAAmB,EAAE,SAA0B;IAC1E,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,EAAE,CACxB,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACvE,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ;SACzB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACT,MAAM,CAAC,GAAG,qBAAqB,CAAC,CAAC,EAAE,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QAC5D,MAAM,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAClD,MAAM,GAAG,GAAG,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAC7D,MAAM,GAAG,GACP,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,aAAa;YAChC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,aAAa,MAAM,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC3F,CAAC,CAAC,CAAC,CAAC,YAAY;gBACd,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC;gBACrB,CAAC,CAAC,GAAG,CAAC;QACZ,OAAO,WAAW,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,YAAY,IAAI,YAAY,GAAG,YAAY,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC;IAC5J,CAAC,CAAC;SACD,IAAI,CAAC,IAAI,CAAC,CAAC;IACd,MAAM,GAAG,GAAG,SAAS;SAClB,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;SACb,GAAG,CACF,CAAC,CAAC,EAAE,EAAE,CACJ,OAAO,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,WAAW,CAAC,CAAC,eAAe,OAAO,CAC7H;SACA,IAAI,CAAC,IAAI,CAAC,CAAC;IACd,OAAO;;;iKAGwJ,IAAI;wBAC7I,GAAG;2BACA,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;eAC5D,CAAC;AAChB,CAAC"}
|