snyk-nodejs-lockfile-parser 2.0.1 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,10 +1,14 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.getYarnLockV2ChildNode = exports.yarnLockFileKeyNormalizer = void 0;
|
|
4
|
+
const core_1 = require("@yarnpkg/core");
|
|
4
5
|
const _flatMap = require("lodash.flatmap");
|
|
5
6
|
const errors_1 = require("../../errors");
|
|
6
7
|
const parsers_1 = require("../../parsers");
|
|
7
8
|
const util_1 = require("../util");
|
|
9
|
+
const semver = require("semver");
|
|
10
|
+
const debugModule = require("debug");
|
|
11
|
+
const debug = debugModule('snyk-nodejs-plugin');
|
|
8
12
|
const BUILTIN_PLACEHOLDER = 'builtin';
|
|
9
13
|
const MULTIPLE_KEYS_REGEXP = / *, */g;
|
|
10
14
|
const keyNormalizer = (parseDescriptor, parseRange) => (rawDescriptor) => {
|
|
@@ -75,17 +79,40 @@ const yarnLockFileKeyNormalizer = (parseDescriptor, parseRange) => (fullDescript
|
|
|
75
79
|
};
|
|
76
80
|
exports.yarnLockFileKeyNormalizer = yarnLockFileKeyNormalizer;
|
|
77
81
|
const getYarnLockV2ChildNode = (name, depInfo, pkgs, strictOutOfSync, includeOptionalDeps, resolutions, parentNode) => {
|
|
78
|
-
// First check if a resolution would be used
|
|
82
|
+
// First, check if a resolution would be used
|
|
79
83
|
const resolvedVersionFromResolution = (() => {
|
|
80
|
-
//
|
|
84
|
+
// Check for scoped resolution (e.g., "parentPackageName/dependencyName")
|
|
81
85
|
const scopedKey = `${parentNode.name}/${name}`;
|
|
82
86
|
if (resolutions[scopedKey]) {
|
|
83
87
|
return resolutions[scopedKey];
|
|
84
88
|
}
|
|
85
|
-
|
|
89
|
+
// Check for resolutions matching "packageName@versionOrRangeToOverride"
|
|
90
|
+
for (const resKey in resolutions) {
|
|
91
|
+
if (Object.prototype.hasOwnProperty.call(resolutions, resKey)) {
|
|
92
|
+
try {
|
|
93
|
+
const descriptor = core_1.structUtils.parseDescriptor(resKey);
|
|
94
|
+
const resKeyPkgName = core_1.structUtils.stringifyIdent(descriptor);
|
|
95
|
+
// Check if the resolution key targets the current package name
|
|
96
|
+
if (resKeyPkgName === name) {
|
|
97
|
+
if (descriptor.range && descriptor.range !== 'unknown') {
|
|
98
|
+
// Check if the current dependency's version satisfies the
|
|
99
|
+
// version/range specified in the resolution key.
|
|
100
|
+
if (semver.satisfies(depInfo.version, descriptor.range)) {
|
|
101
|
+
return resolutions[resKey];
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
}
|
|
106
|
+
catch (e) {
|
|
107
|
+
debug(`Error parsing resolution key(${resKey}): ${e}$`);
|
|
108
|
+
}
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
// Check for global resolution by package name (e.g., "packageName": "version")
|
|
112
|
+
if (resolutions[name]) {
|
|
86
113
|
return resolutions[name];
|
|
87
114
|
}
|
|
88
|
-
return '';
|
|
115
|
+
return ''; // No resolution applies
|
|
89
116
|
})();
|
|
90
117
|
if (resolvedVersionFromResolution) {
|
|
91
118
|
const childNodeKeyFromResolution = `${name}@${resolvedVersionFromResolution}`;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../lib/dep-graph-builders/yarn-lock-v2/utils.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../lib/dep-graph-builders/yarn-lock-v2/utils.ts"],"names":[],"mappings":";;;AAAA,wCAA4C;AAC5C,2CAA2C;AAC3C,yCAA8C;AAC9C,2CAA6C;AAE7C,kCAAwD;AACxD,iCAAiC;AACjC,qCAAqC;AAErC,MAAM,KAAK,GAAG,WAAW,CAAC,oBAAoB,CAAC,CAAC;AAEhD,MAAM,mBAAmB,GAAG,SAAS,CAAC;AACtC,MAAM,oBAAoB,GAAG,QAAQ,CAAC;AAKtC,MAAM,aAAa,GACjB,CAAC,eAAgC,EAAE,UAAsB,EAAE,EAAE,CAC7D,CAAC,aAAqB,EAAY,EAAE;IAClC,6CAA6C;IAC7C,MAAM,WAAW,GAAa,CAAC,aAAa,CAAC,CAAC;IAC9C,MAAM,UAAU,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IAClD,MAAM,IAAI,GAAG,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,GAAG,UAAU,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,GAClE,UAAU,CAAC,IACb,EAAE,CAAC;IACH,MAAM,KAAK,GAAG,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;IAChC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,MAAM,CAAC;QACZ,KAAK,OAAO;YACV,sDAAsD;YACtD,yDAAyD;YACzD,uEAAuE;YACvE,oCAAoC;YACpC,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC9C,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YACzD,MAAM;QACR,KAAK,MAAM,CAAC;QACZ,KAAK,UAAU,CAAC;QAChB,KAAK,WAAW,CAAC;QACjB,KAAK,YAAY,CAAC;QAClB,KAAK,SAAS;YACZ,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjB,WAAW,CAAC,IAAI,CACd,GAAG,IAAI,IAAI,QAAQ,GAAG,KAAK,CAAC,MAAM,GAChC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAC1C,EAAE,CACH,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC3D,CAAC;YACD,MAAM;QACR,KAAK,QAAQ;YACX,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC;gBACtE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YACjC,CAAC;iBAAM,CAAC;gBACN,WAAW,CAAC,IAAI,CACd,GAAG,IAAI,IAAI,QAAQ,GAAG,KAAK,CAAC,MAAM,GAChC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAC1C,EAAE,CACH,CAAC;YACJ,CAAC;YACD,MAAM;QACR,KAAK,IAAI,CAAC;QACV,KAAK,SAAS;YACZ,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjB,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YAChE,CAAC;iBAAM,CAAC;gBACN,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YAChD,CAAC;YACD,MAAM;QACR,KAAK,OAAO,CAAC;QACb,KAAK,QAAQ,CAAC;QACd,KAAK,OAAO,CAAC;QACb,KAAK,SAAS,CAAC;QACf,KAAK,OAAO,CAAC;QACb,KAAK,YAAY,CAAC;QAClB,KAAK,UAAU,CAAC;QAChB;YACE,2BAA2B;YAC3B,WAAW,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,QAAQ,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;YACzD,MAAM;IACV,CAAC;IACD,OAAO,WAAW,CAAC;AACrB,CAAC,CAAC;AAIG,MAAM,yBAAyB,GACpC,CACE,eAAgC,EAChC,UAAsB,EACK,EAAE,CAC/B,CAAC,cAAsB,EAAE,EAAE;IACzB,MAAM,OAAO,GAAG,cAAc;SAC3B,KAAK,CAAC,oBAAoB,CAAC;SAC3B,GAAG,CAAC,aAAa,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC,CAAC;IACnD,OAAO,IAAI,GAAG,CAAS,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAC5C,CAAC,CAAC;AAVS,QAAA,yBAAyB,6BAUlC;AAEG,MAAM,sBAAsB,GAAG,CACpC,IAAY,EACZ,OAA4C,EAC5C,IAAoB,EACpB,eAAwB,EACxB,mBAA4B,EAC5B,WAAmC,EACnC,UAAmB,EACnB,EAAE;IACF,6CAA6C;IAC7C,MAAM,6BAA6B,GAAG,CAAC,GAAG,EAAE;QAC1C,yEAAyE;QACzE,MAAM,SAAS,GAAG,GAAG,UAAU,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC;QAC/C,IAAI,WAAW,CAAC,SAAS,CAAC,EAAE,CAAC;YAC3B,OAAO,WAAW,CAAC,SAAS,CAAC,CAAC;QAChC,CAAC;QAED,wEAAwE;QACxE,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;YACjC,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE,MAAM,CAAC,EAAE,CAAC;gBAC9D,IAAI,CAAC;oBACH,MAAM,UAAU,GAAG,kBAAW,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;oBACvD,MAAM,aAAa,GAAG,kBAAW,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;oBAE7D,+DAA+D;oBAC/D,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;wBAC3B,IAAI,UAAU,CAAC,KAAK,IAAI,UAAU,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;4BACvD,0DAA0D;4BAC1D,iDAAiD;4BACjD,IAAI,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gCACxD,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC;4BAC7B,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBAAC,OAAO,CAAC,EAAE,CAAC;oBACX,KAAK,CAAC,gCAAgC,MAAM,MAAM,CAAC,GAAG,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;QACH,CAAC;QACD,+EAA+E;QAC/E,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;YACtB,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,EAAE,CAAC,CAAC,wBAAwB;IACrC,CAAC,CAAC,EAAE,CAAC;IAEL,IAAI,6BAA6B,EAAE,CAAC;QAClC,MAAM,0BAA0B,GAAG,GAAG,IAAI,IAAI,6BAA6B,EAAE,CAAC;QAC9E,IAAI,CAAC,IAAI,CAAC,0BAA0B,CAAC,EAAE,CAAC;YACtC,IAAI,eAAe,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,6BAA6B,CAAC,EAAE,CAAC;gBACrE,MAAM,IAAI,uBAAc,CACtB,0BAA0B,EAC1B,sBAAY,CAAC,KAAK,CACnB,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO;oBACL,EAAE,EAAE,0BAA0B;oBAC9B,IAAI,EAAE,IAAI;oBACV,OAAO,EAAE,6BAA6B;oBACtC,YAAY,EAAE,EAAE;oBAChB,KAAK,EAAE,OAAO,CAAC,KAAK;oBACpB,oBAAoB,EAAE,IAAI;iBAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,EACJ,OAAO,EAAE,qBAAqB,EAC9B,YAAY,EACZ,oBAAoB,GACrB,GAAG,IAAI,CAAC,0BAA0B,CAAC,CAAC;QAErC,MAAM,qBAAqB,GAAG,IAAA,2BAAoB,EAChD,YAAY,IAAI,EAAE,EAClB,OAAO,CAAC,KAAK,CACd,CAAC;QACF,MAAM,6BAA6B,GAAG,mBAAmB;YACvD,CAAC,CAAC,IAAA,2BAAoB,EAAC,oBAAoB,IAAI,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC;YACjE,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;YACL,EAAE,EAAE,0BAA0B;YAC9B,IAAI,EAAE,IAAI;YACV,OAAO,EAAE,qBAAqB;YAC9B,YAAY,kCACP,6BAA6B,GAC7B,qBAAqB,CACzB;YACD,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;IACJ,CAAC;IAED,iBAAiB;IACjB,MAAM,YAAY,GAAG,GAAG,IAAI,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAClD,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;QACxB,IAAI,eAAe,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACvD,MAAM,IAAI,uBAAc,CAAC,YAAY,EAAE,sBAAY,CAAC,KAAK,CAAC,CAAC;QAC7D,CAAC;aAAM,CAAC;YACN,OAAO;gBACL,EAAE,EAAE,YAAY;gBAChB,IAAI,EAAE,IAAI;gBACV,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,YAAY,EAAE,EAAE;gBAChB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,oBAAoB,EAAE,IAAI;aAC3B,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC;QACnC,MAAM,YAAY,GAAG,IAAA,2BAAoB,EACvC,OAAO,CAAC,YAAY,IAAI,EAAE,EAC1B,OAAO,CAAC,KAAK,CACd,CAAC;QACF,MAAM,oBAAoB,GAAG,mBAAmB;YAC9C,CAAC,CAAC,IAAA,2BAAoB,EAAC,OAAO,CAAC,oBAAoB,IAAI,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC;YACzE,CAAC,CAAC,EAAE,CAAC;QACP,OAAO;YACL,EAAE,EAAE,GAAG,IAAI,IAAI,OAAO,CAAC,OAAO,EAAE;YAChC,IAAI,EAAE,IAAI;YACV,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,YAAY,kCAAO,YAAY,GAAK,oBAAoB,CAAE;YAC1D,KAAK,EAAE,OAAO,CAAC,KAAK;SACrB,CAAC;IACJ,CAAC;AACH,CAAC,CAAC;AA5HW,QAAA,sBAAsB,0BA4HjC"}
|
package/package.json
CHANGED