-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
17 changed files
with
412 additions
and
328 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
import * as dockerPlugin from 'snyk-docker-plugin'; | ||
import * as npmPlugin from './npm'; | ||
import * as rubygemsPlugin from './rubygems'; | ||
import * as mvnPlugin from 'snyk-mvn-plugin'; | ||
import * as gradlePlugin from 'snyk-gradle-plugin'; | ||
import * as sbtPlugin from 'snyk-sbt-plugin'; | ||
import * as yarnPlugin from './yarn'; | ||
import * as pythonPlugin from 'snyk-python-plugin'; | ||
import * as goPlugin from 'snyk-go-plugin'; | ||
import * as nugetPlugin from 'snyk-nuget-plugin'; | ||
import * as phpPlugin from 'snyk-php-plugin'; | ||
|
||
interface InspectResult { | ||
plugin: { | ||
name: string; | ||
runtime: string; | ||
}; | ||
package: any; | ||
} | ||
|
||
interface Options { | ||
docker?: boolean; | ||
traverseNodeModules?: boolean; | ||
dev?: boolean; | ||
strictOutOfSync?: boolean; | ||
} | ||
|
||
interface Plugin { | ||
inspect: (root: string, targetFile: string, options?: Options) => Promise<InspectResult>; | ||
} | ||
|
||
export function loadPlugin(packageManager: string, options: Options = {}): Plugin { | ||
if (options.docker) { | ||
return dockerPlugin; | ||
} | ||
|
||
switch (packageManager) { | ||
case 'npm': { | ||
return npmPlugin; | ||
} | ||
case 'rubygems': { | ||
return rubygemsPlugin; | ||
} | ||
case 'maven': { | ||
return mvnPlugin; | ||
} | ||
case 'gradle': { | ||
return gradlePlugin; | ||
} | ||
case 'sbt': { | ||
return sbtPlugin; | ||
} | ||
case 'yarn': { | ||
return yarnPlugin; | ||
} | ||
case 'pip': { | ||
return pythonPlugin; | ||
} | ||
case 'golangdep': | ||
case 'govendor': { | ||
return goPlugin; | ||
} | ||
case 'nuget': { | ||
return nugetPlugin; | ||
} | ||
case 'paket': { | ||
return nugetPlugin; | ||
} | ||
case 'composer': { | ||
return phpPlugin; | ||
} | ||
default: { | ||
throw new Error(`Unsupported package manager: ${packageManager}`); | ||
} | ||
} | ||
} |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
import * as path from 'path'; | ||
import * as fs from 'then-fs'; | ||
import * as _ from 'lodash'; | ||
import {buildDepTree, PkgTree, LockfileType} from 'snyk-nodejs-lockfile-parser'; | ||
import * as snyk from '../../'; | ||
|
||
interface Options { | ||
traverseNodeModules?: boolean; | ||
dev?: boolean; | ||
strictOutOfSync?: boolean; | ||
} | ||
|
||
interface InspectResult { | ||
plugin: { | ||
name: string; | ||
runtime: string; | ||
}; | ||
package: PkgTree; | ||
} | ||
|
||
export async function inspect(root: string, targetFile: string, options: Options = {}): Promise<InspectResult> { | ||
const isLockFileBased = targetFile.endsWith('package-lock.json'); | ||
const targetFileFullPath = path.resolve(root, targetFile); | ||
const isShrinkwrapPresent = await fs.exists(path.join(path.dirname(targetFileFullPath), 'npm-shrinkwrap.json')); | ||
|
||
if (isLockFileBased && !isShrinkwrapPresent && !options.traverseNodeModules) { | ||
return { | ||
plugin: { | ||
name: 'snyk-nodejs-lockfile-parser', | ||
runtime: process.version, | ||
}, | ||
package: await generateDependenciesFromLockfile(root, targetFile, options), | ||
}; | ||
} | ||
|
||
// Old style npm projects. | ||
return { | ||
plugin: { | ||
name: 'snyk-resolve-deps', | ||
runtime: process.version, | ||
}, | ||
package: await snyk.modules(root, Object.assign({}, options, {noFromArrays: true})), | ||
}; | ||
} | ||
|
||
async function generateDependenciesFromLockfile(root: string, targetFile: string, options: Options): Promise<PkgTree> { | ||
const lockFileFullPath = path.resolve(root, targetFile); | ||
|
||
if (!await fs.exists(lockFileFullPath)) { | ||
throw new Error(`Lockfile ${targetFile} not found at location: ${lockFileFullPath}`); | ||
} | ||
|
||
const fullPath = path.parse(lockFileFullPath); | ||
const manifestFileFullPath = path.resolve(fullPath.dir, 'package.json'); | ||
|
||
if (!await fs.exists(manifestFileFullPath)) { | ||
throw new Error(`Manifest file package.json not found at location: ${manifestFileFullPath}`); | ||
} | ||
|
||
if (!manifestFileFullPath && lockFileFullPath) { | ||
throw new Error(`Detected a lockfile at location: ${lockFileFullPath}\nHowever the package.json is missing!`); | ||
} | ||
|
||
const [manifestFile, lockFile] = await Promise.all([ | ||
await fs.readFile(manifestFileFullPath, 'utf-8'), | ||
await fs.readFile(lockFileFullPath, 'utf-8'), | ||
]); | ||
|
||
const defaultManifestFileName = path.relative(root, manifestFileFullPath); | ||
const strictOutOfSync = _.get(options, 'strictOutOfSync', true); | ||
|
||
return await buildDepTree( | ||
manifestFile, | ||
lockFile, | ||
options.dev, | ||
LockfileType.npm, | ||
strictOutOfSync, | ||
defaultManifestFileName, | ||
); | ||
} |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
import {inspectors, Spec} from './inspectors'; | ||
|
||
interface InspectResult { | ||
plugin: { | ||
name: string; | ||
runtime: string; | ||
}; | ||
package: { | ||
name: string; | ||
targetFile: string; | ||
files: any | ||
}; | ||
} | ||
|
||
export async function inspect(root: string, targetFile: string): Promise<InspectResult> { | ||
const specs = await gatherSpecs(root, targetFile); | ||
|
||
return { | ||
plugin: { | ||
name: 'bundled:rubygems', | ||
runtime: 'unknown', | ||
}, | ||
package: { | ||
name: specs.packageName, | ||
targetFile: specs.targetFile, | ||
files: specs.files, | ||
}, | ||
}; | ||
} | ||
|
||
async function gatherSpecs(root, targetFile): Promise<Spec> { | ||
for (const inspector of inspectors) { | ||
if (inspector.canHandle(targetFile)) { | ||
return await inspector.gatherSpecs(root, targetFile); | ||
} | ||
} | ||
|
||
throw new Error(`Could not handle file: ${targetFile}`); | ||
} |
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.