Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@agoric/bundle-source

Package Overview
Dependencies
Maintainers
5
Versions
224
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@agoric/bundle-source - npm Package Compare versions

Comparing version 1.1.6 to 1.1.7

14

CHANGELOG.md

@@ -6,2 +6,16 @@ # Change Log

## [1.1.7](https://github.com/Agoric/agoric-sdk/compare/@agoric/bundle-source@1.1.6...@agoric/bundle-source@1.1.7) (2020-08-31)
### Bug Fixes
* **bundle-source:** fix comment misparse, make require optional ([e8f4127](https://github.com/Agoric/agoric-sdk/commit/e8f412767c5ad8a0e75aa29357a052fd2164e811)), closes [#1281](https://github.com/Agoric/agoric-sdk/issues/1281) [#362](https://github.com/Agoric/agoric-sdk/issues/362)
* get line numbers to be proper again ([8c31701](https://github.com/Agoric/agoric-sdk/commit/8c31701a6b4353e549b7e8891114a41ee48457c8))
* use Babel to strip comments and unmap line numbers ([24edbbc](https://github.com/Agoric/agoric-sdk/commit/24edbbc985500233ea876817228bbccc71b2bac3))
* use only loc.start to ensure nodes begin on the correct line ([dc3bc65](https://github.com/Agoric/agoric-sdk/commit/dc3bc658cc2900a1f074c8d23fd3e5bae9773e18))
## [1.1.6](https://github.com/Agoric/agoric-sdk/compare/@agoric/bundle-source@1.1.5...@agoric/bundle-source@1.1.6) (2020-06-30)

@@ -8,0 +22,0 @@

26

package.json
{
"name": "@agoric/bundle-source",
"version": "1.1.6",
"version": "1.1.7",
"description": "Create source bundles from ES Modules",

@@ -8,3 +8,3 @@ "main": "src/index.js",

"build": "exit 0",
"test": "tap --no-coverage --jobs=1 'test/**/*.js'",
"test": "ava",
"lint-fix": "eslint --fix '**/*.js'",

@@ -16,13 +16,11 @@ "lint-check": "eslint '**/*.js'",

"devDependencies": {
"@agoric/install-ses": "^0.2.0",
"tap": "^14.10.5",
"tape": "^4.11.0",
"tape-promise": "^4.0.0"
"@agoric/install-ses": "^0.3.0",
"ava": "^3.11.1"
},
"dependencies": {
"@agoric/acorn-eventual-send": "^2.0.6",
"@agoric/acorn-eventual-send": "^2.0.7",
"@agoric/babel-parser": "^7.6.4",
"@agoric/harden": "^0.0.8",
"@agoric/transform-eventual-send": "^1.3.1",
"@agoric/transform-eventual-send": "^1.3.2",
"@babel/generator": "^7.6.4",
"@babel/traverse": "^7.8.3",
"@rollup/plugin-commonjs": "^11.0.2",

@@ -52,3 +50,11 @@ "@rollup/plugin-node-resolve": "^7.1.1",

},
"gitHead": "d74ea289800c2fc52c005674a55b2412385f57d9"
"ava": {
"files": [
"test/**/test-*.js"
],
"require": [
"esm"
]
},
"gitHead": "709048cc133b0b2b26a9774315c18c5e828ea6ab"
}

117

src/index.js

@@ -7,2 +7,3 @@ import { rollup as rollup0 } from 'rollup';

import babelGenerate from '@babel/generator';
import babelTraverse from '@babel/traverse';
import { makeTransform } from '@agoric/transform-eventual-send';

@@ -16,5 +17,5 @@

// eslint-disable-next-line no-useless-concat
const IMPORT_RE = new RegExp('\\b(import)' + '(\\s*(?:\\(|/[/*]))', 'g');
const HTML_COMMENT_RE = new RegExp(`(?:${'<'}!--|--${'>'})`, 'g');
const IMPORT_RE = new RegExp('\\b(import)(\\s*(?:\\(|/[/*]))', 'sg');
const HTML_COMMENT_START_RE = new RegExp(`${'<'}!--`, 'g');
const HTML_COMMENT_END_RE = new RegExp(`--${'>'}`, 'g');

@@ -53,3 +54,3 @@ export function tildotPlugin() {

preserveModules: moduleFormat === 'nestedEvaluate',
external: ['@agoric/harden', ...externals],
external: [...externals],
plugins: [

@@ -79,3 +80,8 @@ resolvePlugin({ preferBuiltins: true }),

}
let unmappedCode = code;
// Parse the rolled-up chunk with Babel.
// We are prepared for different module systems.
const ast = (babelParser.parse || babelParser)(code);
let unmapLoc;
if (

@@ -85,42 +91,72 @@ moduleFormat === 'nestedEvaluate' &&

) {
// TODO: Should parse the generated chunk with Babel.
// We rearrange the generated chunk according to its sourcemap to move
// its source lines back to the right place, like Babel generator's
// `retainLines: true`.
unmappedCode = '';
// We rearrange the rolled-up chunk according to its sourcemap to move
// its source lines back to the right place.
// eslint-disable-next-line no-await-in-loop
const consumer = await new SourceMapConsumer(chunk.map);
const genLines = code.split('\n');
let lastLine = 1;
for (let genLine = 0; genLine < genLines.length; genLine += 1) {
const pos = consumer.originalPositionFor({
line: genLine + 1,
column: 0,
});
const { line: origLine } = pos;
const srcLine = origLine === null ? lastLine : origLine;
const priorChar = unmappedCode[unmappedCode.length - 1];
if (
srcLine === lastLine &&
!['\n', ';', '{', undefined].includes(priorChar) &&
!['}'].includes(genLines[genLine][0])
) {
unmappedCode += `;`;
const unmapped = new WeakSet();
let lastPos = { ...ast.loc.start };
unmapLoc = loc => {
if (!loc || unmapped.has(loc)) {
return;
}
while (lastLine < srcLine) {
unmappedCode += `\n`;
lastLine += 1;
// Make sure things start at least at the right place.
loc.end = { ...loc.start };
for (const pos of ['start', 'end']) {
if (loc[pos]) {
const newPos = consumer.originalPositionFor(loc[pos]);
if (newPos.source !== null) {
lastPos = {
line: newPos.line,
column: newPos.column,
};
}
loc[pos] = lastPos;
}
}
unmappedCode += genLines[genLine];
}
unmapped.add(loc);
};
}
// Rewrite apparent import expressions so that they don't fail under SES.
// We also do apparent HTML comments.
const defangedCode = unmappedCode
.replace(IMPORT_RE, '$1notreally')
.replace(HTML_COMMENT_RE, '<->');
// console.log(`<<<<<< ${fileName}\n${defangedCode}\n>>>>>>>>`);
sourceBundle[fileName] = defangedCode;
const rewriteComment = node => {
node.type = 'CommentBlock';
// Within comments...
node.value = node.value
// ...strip extraneous comment whitespace
.replace(/^\s+/gm, ' ')
// ...replace HTML comments with a defanged version to pass SES restrictions.
.replace(HTML_COMMENT_START_RE, '<!X-')
.replace(HTML_COMMENT_END_RE, '-X>')
// ...replace import expressions with a defanged version to pass SES restrictions.
.replace(IMPORT_RE, 'X$1$2')
// ...replace end-of-comment markers
.replace(/\*\//g, '*X/');
if (unmapLoc) {
unmapLoc(node.loc);
}
// console.log(JSON.stringify(node, undefined, 2));
};
babelTraverse(ast, {
enter(p) {
const { loc, leadingComments, trailingComments } = p.node;
if (p.node.comments) {
p.node.comments = [];
}
// Rewrite all comments.
(leadingComments || []).forEach(rewriteComment);
if (p.node.type.startsWith('Comment')) {
rewriteComment(p.node);
}
// If not a comment, and we are unmapping the source maps,
// then do it for this location.
if (unmapLoc) {
unmapLoc(loc);
}
(trailingComments || []).forEach(rewriteComment);
},
});
// Now generate the sources with the new positions.
sourceBundle[fileName] = babelGenerate(ast, { retainLines: true }).code;
// console.log(`==== sourceBundle[${fileName}]\n${sourceBundle[fileName]}\n====`);
}

@@ -283,3 +319,4 @@

// Evaluate the entrypoint recursively, seeding the exports.
return computeExports(entrypoint, { require }, {});
const systemRequire = typeof require === 'undefined' ? undefined : require;
return computeExports(entrypoint, { require: systemRequire }, {});
}

@@ -286,0 +323,0 @@ ${sourceMap}`;

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc