snyk-nodejs-lockfile-parser 2.2.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/aliasesPreprocessors/npm-lock-v2.js +5 -1
- package/dist/aliasesPreprocessors/npm-lock-v2.js.map +1 -1
- package/dist/aliasesPreprocessors/yarn-lock-v2.d.ts +1 -1
- package/dist/aliasesPreprocessors/yarn-lock-v2.js +11 -2
- package/dist/aliasesPreprocessors/yarn-lock-v2.js.map +1 -1
- package/dist/dep-graph-builders/yarn-lock-v2/simple.js +1 -1
- package/dist/dep-graph-builders/yarn-lock-v2/simple.js.map +1 -1
- package/package.json +1 -1
|
@@ -4,6 +4,7 @@ exports.rewriteAliasesInNpmLockV2 = void 0;
|
|
|
4
4
|
const rewriteAliasesInNpmLockV2 = (lockfilePackages) => {
|
|
5
5
|
// 1. Rewrite top level "" packages in "".dependencies
|
|
6
6
|
const rootPkg = lockfilePackages[''];
|
|
7
|
+
const mutatedRootPkg = [];
|
|
7
8
|
const lockFileToReturn = lockfilePackages;
|
|
8
9
|
if (rootPkg && rootPkg.dependencies) {
|
|
9
10
|
const dependencies = rootPkg.dependencies;
|
|
@@ -12,6 +13,7 @@ const rewriteAliasesInNpmLockV2 = (lockfilePackages) => {
|
|
|
12
13
|
const aliasName = rootPkg.dependencies[pkgName].substring(4, rootPkg.dependencies[pkgName].lastIndexOf('@'));
|
|
13
14
|
const aliasVersion = rootPkg.dependencies[pkgName].substring(rootPkg.dependencies[pkgName].lastIndexOf('@') + 1, rootPkg.dependencies[pkgName].length);
|
|
14
15
|
dependencies[aliasName] = aliasVersion;
|
|
16
|
+
mutatedRootPkg.push(pkgName);
|
|
15
17
|
}
|
|
16
18
|
else {
|
|
17
19
|
dependencies[pkgName] = rootPkg.dependencies[pkgName];
|
|
@@ -21,7 +23,9 @@ const rewriteAliasesInNpmLockV2 = (lockfilePackages) => {
|
|
|
21
23
|
}
|
|
22
24
|
// 2. Rewrite alias packages
|
|
23
25
|
for (const pkgName in lockfilePackages) {
|
|
24
|
-
if (pkgName != '' &&
|
|
26
|
+
if (pkgName != '' &&
|
|
27
|
+
lockfilePackages[pkgName].name &&
|
|
28
|
+
mutatedRootPkg.includes(pkgName.replace('node_modules/', ''))) {
|
|
25
29
|
lockFileToReturn[`node_modules/${lockfilePackages[pkgName].name}`] =
|
|
26
30
|
lockfilePackages[pkgName];
|
|
27
31
|
delete lockFileToReturn[pkgName];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"npm-lock-v2.js","sourceRoot":"","sources":["../../lib/aliasesPreprocessors/npm-lock-v2.ts"],"names":[],"mappings":";;;AAEO,MAAM,yBAAyB,GAAG,CACvC,gBAA4C,EAChB,EAAE;IAC9B,sDAAsD;IACtD,MAAM,OAAO,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACrC,MAAM,gBAAgB,GAA+B,gBAAgB,CAAC;IACtE,IAAI,OAAO,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACpC,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QAC1C,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;YAC3C,IAAI,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrD,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,SAAS,CACvD,CAAC,EACD,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAC/C,CAAC;gBACF,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,SAAS,CAC1D,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAClD,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,MAAM,CACrC,CAAC;gBACF,YAAY,CAAC,SAAS,CAAC,GAAG,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"npm-lock-v2.js","sourceRoot":"","sources":["../../lib/aliasesPreprocessors/npm-lock-v2.ts"],"names":[],"mappings":";;;AAEO,MAAM,yBAAyB,GAAG,CACvC,gBAA4C,EAChB,EAAE;IAC9B,sDAAsD;IACtD,MAAM,OAAO,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAC;IACrC,MAAM,cAAc,GAAkB,EAAE,CAAC;IACzC,MAAM,gBAAgB,GAA+B,gBAAgB,CAAC;IACtE,IAAI,OAAO,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACpC,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;QAC1C,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;YAC3C,IAAI,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrD,MAAM,SAAS,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,SAAS,CACvD,CAAC,EACD,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAC/C,CAAC;gBACF,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,SAAS,CAC1D,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAClD,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,MAAM,CACrC,CAAC;gBACF,YAAY,CAAC,SAAS,CAAC,GAAG,YAAY,CAAC;gBACvC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC/B,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;QACD,gBAAgB,CAAC,EAAE,CAAC,CAAC,YAAY,GAAG,YAAY,CAAC;IACnD,CAAC;IAED,4BAA4B;IAC5B,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;QACvC,IACE,OAAO,IAAI,EAAE;YACb,gBAAgB,CAAC,OAAO,CAAC,CAAC,IAAI;YAC9B,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,EAC7D,CAAC;YACD,gBAAgB,CAAC,gBAAgB,gBAAgB,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;gBAChE,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC5B,OAAO,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,OAAO,gBAAgB,CAAC;AAC1B,CAAC,CAAC;AA1CW,QAAA,yBAAyB,6BA0CpC"}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
import { NormalisedPkgs } from '../dep-graph-builders/types';
|
|
2
|
-
export declare const rewriteAliasesInYarnLockV2: (lockfileNormalisedPkgs: NormalisedPkgs) => NormalisedPkgs;
|
|
2
|
+
export declare const rewriteAliasesInYarnLockV2: (pkgJson: string, lockfileNormalisedPkgs: NormalisedPkgs) => NormalisedPkgs;
|
|
@@ -2,15 +2,24 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.rewriteAliasesInYarnLockV2 = void 0;
|
|
4
4
|
const cloneDeep = require("lodash.clonedeep");
|
|
5
|
-
const rewriteAliasesInYarnLockV2 = (lockfileNormalisedPkgs) => {
|
|
5
|
+
const rewriteAliasesInYarnLockV2 = (pkgJson, lockfileNormalisedPkgs) => {
|
|
6
6
|
var _a;
|
|
7
7
|
const lockfileNormalisedPkgsPreprocessed = cloneDeep(lockfileNormalisedPkgs);
|
|
8
|
+
const topLevelPkgs = JSON.parse(pkgJson).dependencies;
|
|
9
|
+
const topLevelAliasedPkgs = Object.entries(topLevelPkgs)
|
|
10
|
+
.filter((entry) => {
|
|
11
|
+
return entry[1].startsWith('npm:');
|
|
12
|
+
})
|
|
13
|
+
.map((entry) => {
|
|
14
|
+
return `${entry[0]}@${entry[1]}`;
|
|
15
|
+
});
|
|
8
16
|
for (const pkg in lockfileNormalisedPkgsPreprocessed) {
|
|
9
17
|
const pkgSplit = pkg.substring(0, pkg.lastIndexOf('@'));
|
|
10
18
|
const resolutionSplit = (_a = lockfileNormalisedPkgsPreprocessed[pkg].resolution) === null || _a === void 0 ? void 0 : _a.split(/@npm[:%3A]/)[0];
|
|
11
19
|
if (!pkg.startsWith('v2@workspace') &&
|
|
12
20
|
resolutionSplit &&
|
|
13
|
-
pkgSplit != resolutionSplit
|
|
21
|
+
pkgSplit != resolutionSplit &&
|
|
22
|
+
topLevelAliasedPkgs.includes(pkg)) {
|
|
14
23
|
const newPkg = lockfileNormalisedPkgsPreprocessed[pkg];
|
|
15
24
|
delete lockfileNormalisedPkgsPreprocessed[pkg];
|
|
16
25
|
const newKey = pkg.replace(pkgSplit, resolutionSplit);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"yarn-lock-v2.js","sourceRoot":"","sources":["../../lib/aliasesPreprocessors/yarn-lock-v2.ts"],"names":[],"mappings":";;;AACA,8CAA8C;AACvC,MAAM,0BAA0B,GAAG,CACxC,sBAAsC,EACtB,EAAE;;IAClB,MAAM,kCAAkC,GAAmB,SAAS,CAClE,sBAAsB,CACvB,CAAC;IACF,KAAK,MAAM,GAAG,IAAI,kCAAkC,EAAE,CAAC;QACrD,MAAM,QAAQ,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,MAAM,eAAe,GACnB,MAAA,kCAAkC,CAAC,GAAG,CAAC,CAAC,UAAU,0CAAE,KAAK,CACvD,YAAY,EACZ,CAAC,CAAC,CAAC;QAEP,IACE,CAAC,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC;YAC/B,eAAe;YACf,QAAQ,IAAI,eAAe,
|
|
1
|
+
{"version":3,"file":"yarn-lock-v2.js","sourceRoot":"","sources":["../../lib/aliasesPreprocessors/yarn-lock-v2.ts"],"names":[],"mappings":";;;AACA,8CAA8C;AACvC,MAAM,0BAA0B,GAAG,CACxC,OAAe,EACf,sBAAsC,EACtB,EAAE;;IAClB,MAAM,kCAAkC,GAAmB,SAAS,CAClE,sBAAsB,CACvB,CAAC;IAEF,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,YAGxC,CAAC;IACF,MAAM,mBAAmB,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;SACrD,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QAChB,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC,CAAC;SACD,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;QACb,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IACnC,CAAC,CAAC,CAAC;IAEL,KAAK,MAAM,GAAG,IAAI,kCAAkC,EAAE,CAAC;QACrD,MAAM,QAAQ,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,MAAM,eAAe,GACnB,MAAA,kCAAkC,CAAC,GAAG,CAAC,CAAC,UAAU,0CAAE,KAAK,CACvD,YAAY,EACZ,CAAC,CAAC,CAAC;QAEP,IACE,CAAC,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC;YAC/B,eAAe;YACf,QAAQ,IAAI,eAAe;YAC3B,mBAAmB,CAAC,QAAQ,CAAC,GAAG,CAAC,EACjC,CAAC;YACD,MAAM,MAAM,GAAG,kCAAkC,CAAC,GAAG,CAAC,CAAC;YACvD,OAAO,kCAAkC,CAAC,GAAG,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;YACtD,kCAAkC,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC;QACtD,CAAC;QACD,IAAI,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACnC,MAAM,eAAe,GAA2B,EAAE,CAAC;YACnD,KAAK,MAAM,GAAG,IAAI,kCAAkC,CAAC,GAAG,CAAC,CAAC,YAAY,EAAE,CAAC;gBACvE,MAAM,KAAK,GAAG,kCAAkC,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;gBACxE,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC7B,eAAe,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;wBACzD,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;gBAC9D,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;gBAC/B,CAAC;YACH,CAAC;YACD,kCAAkC,CAAC,GAAG,CAAC,CAAC,YAAY,GAAG,eAAe,CAAC;QACzE,CAAC;IACH,CAAC;IAED,OAAO,kCAAkC,CAAC;AAC5C,CAAC,CAAC;AAtDW,QAAA,0BAA0B,8BAsDrC"}
|
|
@@ -9,7 +9,7 @@ const yarn_lock_v2_1 = require("../../aliasesPreprocessors/yarn-lock-v2");
|
|
|
9
9
|
const parseYarnLockV2Project = async (pkgJsonContent, yarnLockContent, options, workspaceArgs) => {
|
|
10
10
|
const { includeDevDeps, includeOptionalDeps, strictOutOfSync, pruneWithinTopLevelDeps, honorAliases, } = options;
|
|
11
11
|
const pkgs = honorAliases
|
|
12
|
-
? (0, yarn_lock_v2_1.rewriteAliasesInYarnLockV2)((0, extract_yarnlock_v2_pkgs_1.extractPkgsFromYarnLockV2)(yarnLockContent))
|
|
12
|
+
? (0, yarn_lock_v2_1.rewriteAliasesInYarnLockV2)(pkgJsonContent, (0, extract_yarnlock_v2_pkgs_1.extractPkgsFromYarnLockV2)(yarnLockContent))
|
|
13
13
|
: (0, extract_yarnlock_v2_pkgs_1.extractPkgsFromYarnLockV2)(yarnLockContent);
|
|
14
14
|
const pkgJson = (0, util_1.parsePkgJson)(honorAliases ? (0, pkgJson_1.rewriteAliasesPkgJson)(pkgJsonContent) : pkgJsonContent);
|
|
15
15
|
const depgraph = await (0, build_depgraph_simple_1.buildDepGraphYarnLockV2Simple)(pkgs, pkgJson, {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"simple.js","sourceRoot":"","sources":["../../../lib/dep-graph-builders/yarn-lock-v2/simple.ts"],"names":[],"mappings":";;;AAAA,yEAAuE;AACvE,kCAAuC;AAMvC,mEAAwE;AAExE,gEAA2E;AAC3E,0EAAqF;AAE9E,MAAM,sBAAsB,GAAG,KAAK,EACzC,cAAsB,EACtB,eAAuB,EACvB,OAAsC,EACtC,aAAuC,EACpB,EAAE;IACrB,MAAM,EACJ,cAAc,EACd,mBAAmB,EACnB,eAAe,EACf,uBAAuB,EACvB,YAAY,GACb,GAAG,OAAO,CAAC;IAEZ,MAAM,IAAI,GAAG,YAAY;QACvB,CAAC,CAAC,IAAA,yCAA0B,
|
|
1
|
+
{"version":3,"file":"simple.js","sourceRoot":"","sources":["../../../lib/dep-graph-builders/yarn-lock-v2/simple.ts"],"names":[],"mappings":";;;AAAA,yEAAuE;AACvE,kCAAuC;AAMvC,mEAAwE;AAExE,gEAA2E;AAC3E,0EAAqF;AAE9E,MAAM,sBAAsB,GAAG,KAAK,EACzC,cAAsB,EACtB,eAAuB,EACvB,OAAsC,EACtC,aAAuC,EACpB,EAAE;IACrB,MAAM,EACJ,cAAc,EACd,mBAAmB,EACnB,eAAe,EACf,uBAAuB,EACvB,YAAY,GACb,GAAG,OAAO,CAAC;IAEZ,MAAM,IAAI,GAAG,YAAY;QACvB,CAAC,CAAC,IAAA,yCAA0B,EACxB,cAAc,EACd,IAAA,oDAAyB,EAAC,eAAe,CAAC,CAC3C;QACH,CAAC,CAAC,IAAA,oDAAyB,EAAC,eAAe,CAAC,CAAC;IAE/C,MAAM,OAAO,GAAoB,IAAA,mBAAY,EAC3C,YAAY,CAAC,CAAC,CAAC,IAAA,+BAAqB,EAAC,cAAc,CAAC,CAAC,CAAC,CAAC,cAAc,CACtE,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM,IAAA,qDAA6B,EAClD,IAAI,EACJ,OAAO,EACP;QACE,cAAc;QACd,eAAe;QACf,mBAAmB;QACnB,uBAAuB;KACxB,EACD,aAAa,CACd,CAAC;IAEF,OAAO,QAAQ,CAAC;AAClB,CAAC,CAAC;AAtCW,QAAA,sBAAsB,0BAsCjC"}
|
package/package.json
CHANGED