UNPKG

@lavamoat/git-safe-dependencies

Version:

Opinionated dependency linter for your git/github dependencies

github.com/LavaMoat/LavaMoat/blob/main/packages/git-safe-dependencies/README.md

LavaMoat/LavaMoat

49 lines (42 loc) 1.31 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
const { ParseLockfile, ValidateScheme } = require('lockfile-lint-api') const { ValidateGitUrl } = require('./validate-git') const makeValidator = (packages) => async (Validator, options) => { const validator = new Validator({ packages }) const result = await validator.validate(options) const validatorName = Validator.prototype.constructor.name if (result.type !== 'success') { result.errors.forEach((e) => { e.validator = validatorName }) return result.errors } else { return [] } } const validatePackages = async (packages, knownDirectDependencies) => { const runValidator = makeValidator(packages) return Promise.all([ runValidator(ValidateScheme, [ 'npm:', 'https:', 'git+https:', 'git+ssh:', 'git:', 'patch:', 'workspace:', ]), runValidator(ValidateGitUrl, knownDirectDependencies), ]).then((results) => results.flat()) } exports.validatePackages = validatePackages exports.validateLockfile = async ({ lockfilePath, type, knownDirectDependencies, }) => { const parser = new ParseLockfile({ lockfilePath, lockfileType: type }) const lockfile = parser.parseSync() const packages = lockfile.object const results = await validatePackages(packages, knownDirectDependencies) return results }