snyk-docker-plugin/dist/analyzer/applications/python/poetry.js

Snyk CLI docker plugin

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.poetryFilesToScannedProjects = void 0;
const path = require("path");
const lockFileParser = require("snyk-poetry-lockfile-parser");
async function poetryFilesToScannedProjects(filePathToContent) {
    const scanResults = [];
    const filePairs = findManifestLockPairsInSameDirectory(filePathToContent);
    const shouldIncludeDevDependencies = false;
    for (const pathPair of filePairs) {
        const depGraph = await lockFileParser.buildDepGraph(filePathToContent[pathPair.manifest], filePathToContent[pathPair.lock], shouldIncludeDevDependencies);
        if (!depGraph) {
            continue;
        }
        const depGraphFact = {
            type: "depGraph",
            data: depGraph,
        };
        const testedFilesFact = {
            type: "testedFiles",
            data: [path.basename(pathPair.manifest), path.basename(pathPair.lock)],
        };
        scanResults.push({
            facts: [depGraphFact, testedFilesFact],
            identity: {
                type: depGraph.pkgManager.name,
                targetFile: pathPair.manifest,
            },
        });
    }
    return scanResults;
}
exports.poetryFilesToScannedProjects = poetryFilesToScannedProjects;
function findManifestLockPairsInSameDirectory(filePathToContent) {
    const fileNamesGroupedByDirectory = groupFilesByDirectory(filePathToContent);
    const manifestLockPathPairs = [];
    for (const directoryPath of Object.keys(fileNamesGroupedByDirectory)) {
        const filesInDirectory = fileNamesGroupedByDirectory[directoryPath];
        if (filesInDirectory.length !== 2) {
            // either a missing file or too many files, ignore
            continue;
        }
        const hasManifest = filesInDirectory.includes("pyproject.toml");
        const hasLockFile = filesInDirectory.includes("poetry.lock");
        if (hasManifest && hasLockFile) {
            manifestLockPathPairs.push({
                manifest: path.join(directoryPath, "pyproject.toml"),
                lock: path.join(directoryPath, "poetry.lock"),
            });
        }
    }
    return manifestLockPathPairs;
}
// assumption: we only care about manifest+lock files if they are in the same directory
function groupFilesByDirectory(filePathToContent) {
    const fileNamesGroupedByDirectory = {};
    for (const filePath of Object.keys(filePathToContent)) {
        const directory = path.dirname(filePath);
        const fileName = path.basename(filePath);
        if (!fileNamesGroupedByDirectory[directory]) {
            fileNamesGroupedByDirectory[directory] = [];
        }
        fileNamesGroupedByDirectory[directory].push(fileName);
    }
    return fileNamesGroupedByDirectory;
}
//# sourceMappingURL=poetry.js.map