snyk-nodejs-lockfile-parser
Version:
Generate a dep tree given a lockfile
83 lines • 4.64 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.buildDepGraphYarnLockV1Simple = void 0;
const dep_graph_1 = require("@snyk/dep-graph");
const util_1 = require("../util");
const event_loop_spinner_1 = require("event-loop-spinner");
const pkgJson_1 = require("../../aliasesPreprocessors/pkgJson");
const buildDepGraphYarnLockV1Simple = async (extractedYarnLockV1Pkgs, pkgJson, options) => {
const { includeDevDeps, includeOptionalDeps, includePeerDeps, strictOutOfSync, pruneWithinTopLevelDeps, showNpmScope, } = options;
const depGraphBuilder = new dep_graph_1.DepGraphBuilder({ name: 'yarn' }, { name: pkgJson.name, version: pkgJson.version }, (0, util_1.createNodeInfo)(options));
const topLevelDeps = (0, util_1.getTopLevelDeps)(pkgJson, {
includeDevDeps,
includePeerDeps,
includeOptionalDeps,
});
const rootNode = {
id: 'root-node',
name: pkgJson.name,
version: pkgJson.version,
dependencies: topLevelDeps,
isDev: false,
};
await dfsVisit(depGraphBuilder, rootNode, extractedYarnLockV1Pkgs, strictOutOfSync, includeOptionalDeps, pruneWithinTopLevelDeps, undefined, showNpmScope);
return depGraphBuilder.build();
};
exports.buildDepGraphYarnLockV1Simple = buildDepGraphYarnLockV1Simple;
/**
* Use DFS to add all nodes and edges to the depGraphBuilder and prune cyclic nodes.
* The visitedMap keep track of which nodes have already been discovered during traversal.
* - If a node doesn't exist in the map, it means it hasn't been visited.
* - If a node is already visited, simply connect the new node with this node.
*/
const dfsVisit = async (depGraphBuilder, node, extractedYarnLockV1Pkgs, strictOutOfSync, includeOptionalDeps, pruneWithinTopLevel, visited, showNpmScope) => {
for (const [name, depInfo] of Object.entries(node.dependencies || {})) {
let scopeDepInfo = Object.assign({}, depInfo);
if (event_loop_spinner_1.eventLoopSpinner.isStarving()) {
await event_loop_spinner_1.eventLoopSpinner.spin();
}
const localVisited = visited || new Set();
if (depInfo.version.startsWith('npm:')) {
const parsed = (0, pkgJson_1.parseNpmAlias)(depInfo.version);
if (parsed && parsed.packageName) {
scopeDepInfo = Object.assign(Object.assign({}, scopeDepInfo), {
alias: {
aliasName: name,
aliasTargetDepName: parsed.packageName,
semver: parsed.version,
version: null,
},
});
}
}
const childNode = (0, util_1.getChildNode)(name, scopeDepInfo, extractedYarnLockV1Pkgs, strictOutOfSync, includeOptionalDeps);
if (localVisited.has(childNode.id)) {
if (pruneWithinTopLevel) {
const prunedId = `${childNode.id}:pruned`;
depGraphBuilder.addPkgNode({ name: childNode.name, version: childNode.version }, prunedId, {
labels: Object.assign(Object.assign(Object.assign(Object.assign({ scope: node.isDev ? 'dev' : 'prod' }, (showNpmScope && { 'npm:scope': node.isDev ? 'dev' : 'prod' })), { pruned: 'true' }), (node.missingLockFileEntry && {
missingLockFileEntry: 'true',
})), (childNode.alias && {
alias: `${childNode.alias.aliasName}=>${childNode.alias.aliasTargetDepName}@${childNode.version}`,
})),
});
depGraphBuilder.connectDep(node.id, prunedId);
}
else {
depGraphBuilder.connectDep(node.id, childNode.id);
}
continue;
}
depGraphBuilder.addPkgNode({ name: childNode.name, version: childNode.version }, childNode.id, {
labels: Object.assign(Object.assign(Object.assign({ scope: node.isDev ? 'dev' : 'prod' }, (showNpmScope && { 'npm:scope': node.isDev ? 'dev' : 'prod' })), (node.missingLockFileEntry && {
missingLockFileEntry: 'true',
})), (childNode.alias && {
alias: `${childNode.alias.aliasName}=>${childNode.alias.aliasTargetDepName}@${childNode.version}`,
})),
});
depGraphBuilder.connectDep(node.id, childNode.id);
localVisited.add(childNode.id);
await dfsVisit(depGraphBuilder, childNode, extractedYarnLockV1Pkgs, strictOutOfSync, includeOptionalDeps, pruneWithinTopLevel, localVisited, showNpmScope);
}
};
//# sourceMappingURL=build-depgraph-simple.js.map