ts-node-client 3.2.5 → 3.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/.github/workflows/scan.yml +31 -0
  2. package/CHANGELOG.md +13 -0
  3. package/SECURITY.md +4 -13
  4. package/lib/convertor.js +3 -2
  5. package/package-lock.json +13 -2
  6. package/package.json +3 -2
  7. package/lib/pkg.js +0 -36
  8. /package/{package-lock_dev_test.json → test/package-lock_dev_test.json} +0 -0
  9. /package/{package-lock_v1.json → test/package-lock_v1.json} +0 -0
  10. /package/{package-lock_v2.json → test/package-lock_v2.json} +0 -0
  11. /package/{package-lock_v3.json → test/package-lock_v3.json} +0 -0
package/.github/workflows/scan.yml ADDED
@@ -0,0 +1,31 @@
1
+ name: Scan dependencies
2
+
3
+ on:
4
+ push:
5
+ tags:
6
+ - '*.*.*'
7
+
8
+ jobs:
9
+ scan:
10
+
11
+ runs-on: ubuntu-latest
12
+
13
+ strategy:
14
+ matrix:
15
+ include:
16
+ - node-version: 20.x
17
+
18
+ steps:
19
+ - uses: actions/checkout@v3
20
+ - name: Use Node.js ${{ matrix.node-version }}
21
+ uses: actions/setup-node@v3
22
+ with:
23
+ node-version: ${{ matrix.node-version }}
24
+ registry-url: 'https://registry.npmjs.org'
25
+ - name: Install yarn
26
+ run: npm install --global yarn
27
+ - name: Install dependencies
28
+ run: yarn
29
+ - name: Scan dependencies
30
+ run: yarn node ./bin/ts-node-client.js --branch main --tag $GITHUB_REF_NAME --project Scanner --url https://app.trustsource.io/ --apiKey ${{ secrets.TS_TOKEN }}
31
+
package/CHANGELOG.md CHANGED
@@ -8,6 +8,19 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
8
8
  and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
9
9
 
10
10
 
11
+ ## 3.3.1 - 2024-03-29
12
+
13
+ ### Changed
14
+ * automate dependency scans
15
+
16
+
17
+ ## 3.3.0 - 2024-03-27
18
+
19
+ ### Changed
20
+ * migrated to packageurl-js@1.2.1
21
+ * Bump dependencies
22
+
23
+
11
24
  ## 3.2.5 - 2024-03-21
12
25
 
13
26
  ### Changed
package/SECURITY.md CHANGED
@@ -2,20 +2,11 @@
2
2
 
3
3
  ## Supported Versions
4
4
 
5
- Use this section to tell people about which versions of your project are
6
- currently being supported with security updates.
7
-
8
5
  | Version | Supported |
9
- | ------- | ------------------ |
10
- | 5.1.x | :white_check_mark: |
11
- | 5.0.x | :x: |
12
- | 4.0.x | :white_check_mark: |
13
- | < 4.0 | :x: |
6
+ |---------| ------------------ |
7
+ | 3.3.x | :white_check_mark: |
8
+ | < 3.0 | :x: |
14
9
 
15
10
  ## Reporting a Vulnerability
16
11
 
17
- Use this section to tell people how to report a vulnerability.
18
-
19
- Tell them where to go, how often they can expect to get an update on a
20
- reported vulnerability, what to expect if the vulnerability is accepted or
21
- declined, etc.
12
+ No known vulnerabilities are available
package/lib/convertor.js CHANGED
@@ -5,7 +5,7 @@
5
5
  * SPDX-License-Identifier: Apache-2.0
6
6
  *********************************************************/
7
7
  /* eslint-enable */
8
- const PackageURL = require('./pkg');
8
+ const { PackageURL } = require('packageurl-js');
9
9
 
10
10
  const Convertor = {};
11
11
 
@@ -65,7 +65,8 @@ function getPackageUrl(componentKey, version) {
65
65
  const org = parts.length > 1 ? parts[0] : null;
66
66
  const key = parts.length > 1 ? parts[1] : parts[0];
67
67
  if (key) {
68
- return PackageURL.get(result.manager, org, key, version);
68
+ const purl = new PackageURL(result.manager, org, key, version);
69
+ return purl.toString();
69
70
  }
70
71
  return null;
71
72
  }
package/package-lock.json CHANGED
@@ -1,18 +1,19 @@
1
1
  {
2
2
  "name": "ts-node-client",
3
- "version": "3.2.5",
3
+ "version": "3.3.1",
4
4
  "lockfileVersion": 2,
5
5
  "requires": true,
6
6
  "packages": {
7
7
  "": {
8
8
  "name": "ts-node-client",
9
- "version": "3.2.5",
9
+ "version": "3.3.1",
10
10
  "license": "Apache-2.0",
11
11
  "dependencies": {
12
12
  "@yarnpkg/lockfile": "1.1.0",
13
13
  "axios": "1.6.8",
14
14
  "debuglog": "1.0.1",
15
15
  "js-yaml": "4.1.0",
16
+ "packageurl-js": "1.2.1",
16
17
  "semver": "7.6.0",
17
18
  "yargs": "17.7.2"
18
19
  },
@@ -2311,6 +2312,11 @@
2311
2312
  "url": "https://github.com/sponsors/sindresorhus"
2312
2313
  }
2313
2314
  },
2315
+ "node_modules/packageurl-js": {
2316
+ "version": "1.2.1",
2317
+ "resolved": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-1.2.1.tgz",
2318
+ "integrity": "sha512-cZ6/MzuXaoFd16/k0WnwtI298UCaDHe/XlSh85SeOKbGZ1hq0xvNbx3ILyCMyk7uFQxl6scF3Aucj6/EO9NwcA=="
2319
+ },
2314
2320
  "node_modules/parent-module": {
2315
2321
  "version": "1.0.1",
2316
2322
  "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
@@ -4720,6 +4726,11 @@
4720
4726
  "p-limit": "^3.0.2"
4721
4727
  }
4722
4728
  },
4729
+ "packageurl-js": {
4730
+ "version": "1.2.1",
4731
+ "resolved": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-1.2.1.tgz",
4732
+ "integrity": "sha512-cZ6/MzuXaoFd16/k0WnwtI298UCaDHe/XlSh85SeOKbGZ1hq0xvNbx3ILyCMyk7uFQxl6scF3Aucj6/EO9NwcA=="
4733
+ },
4723
4734
  "parent-module": {
4724
4735
  "version": "1.0.1",
4725
4736
  "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "ts-node-client",
3
3
  "description": "npm / node module to transfer dependency information to TrustSource server.",
4
- "version": "3.2.5",
4
+ "version": "3.3.1",
5
5
  "homepage": "https://app.trustsource.io/",
6
6
  "author": {
7
7
  "name": "Oleksandr Dmukhovskyi",
@@ -18,7 +18,7 @@
18
18
  "main": "./lib/cli.js",
19
19
  "bin": "./bin/ts-node-client.js",
20
20
  "scripts": {
21
- "scan": "yarn node ./bin/ts-node-client.js --debug true --saveAs test --saveAsFormat scan",
21
+ "scan": "yarn node ./bin/ts-node-client.js",
22
22
  "scan-with-brakes": "yarn node ./bin/ts-node-client.js --breakOnViolations true --breakOnWarnings false",
23
23
  "scan-to-file": "yarn node ./bin/ts-node-client.js --saveAs test --saveAsFormat scan --includeDevDependencies false",
24
24
  "lint": "eslint bin lib test",
@@ -31,6 +31,7 @@
31
31
  "axios": "1.6.8",
32
32
  "debuglog": "1.0.1",
33
33
  "js-yaml": "4.1.0",
34
+ "packageurl-js": "1.2.1",
34
35
  "semver": "7.6.0",
35
36
  "yargs": "17.7.2"
36
37
  },
package/lib/pkg.js DELETED
@@ -1,36 +0,0 @@
1
- /* eslint-disable */
2
- /**********************************************************
3
- * Copyright (c) 2022. Enterprise Architecture Group, EACG
4
- *
5
- * SPDX-License-Identifier: Apache-2.0
6
- *********************************************************/
7
- /* eslint-enable */
8
-
9
- const PackageURL = {};
10
-
11
- PackageURL.get = function get(manager, org, key, version) {
12
- // scheme:type/namespace/name@version?qualifiers#subpath
13
- const parts = [];
14
- let partVersion;
15
- if (manager) {
16
- parts.push(fixPart(manager));
17
- }
18
- if (org) {
19
- parts.push(fixPart(org));
20
- }
21
- if (key) {
22
- parts.push(fixPart(key));
23
- }
24
- if (version) {
25
- partVersion = `@${fixPart(version)}`;
26
- }
27
- return `pkg:${parts.join('/')}${partVersion}`;
28
- };
29
-
30
- function fixPart(str) {
31
- const newStr = encodeURI(str);
32
- return newStr.split('%3A').join(':');
33
- }
34
-
35
- module.exports = PackageURL;
36
-