Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@boll/rules-typescript

Package Overview
Dependencies
Maintainers
3
Versions
1227
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@boll/rules-typescript - npm Package Compare versions

Comparing version 0.1.1 to 0.2.0

15

CHANGELOG.json

@@ -5,2 +5,17 @@ {

{
"date": "Thu, 22 Oct 2020 18:26:06 GMT",
"tag": "@boll/rules-typescript_v0.2.0",
"version": "0.2.0",
"comments": {
"minor": [
{
"comment": "TransitiveDependencyDetector option to allow devDependencies",
"author": "jdh@microsoft.com",
"commit": "80d8e1afc955fded3442cd7cf3aa62a542e92232",
"package": "@boll/rules-typescript"
}
]
}
},
{
"date": "Mon, 12 Oct 2020 17:53:22 GMT",

@@ -7,0 +22,0 @@ "tag": "@boll/rules-typescript_v0.1.0",

10

CHANGELOG.md
# Change Log - @boll/rules-typescript
This log was last generated on Mon, 12 Oct 2020 17:53:22 GMT and should not be manually modified.
This log was last generated on Thu, 22 Oct 2020 18:26:06 GMT and should not be manually modified.
<!-- Start content -->
## 0.2.0
Thu, 22 Oct 2020 18:26:06 GMT
### Minor changes
- TransitiveDependencyDetector option to allow devDependencies (jdh@microsoft.com)
## 0.1.0

@@ -8,0 +16,0 @@

4

dist/tests/node-modules-reference-detector.test.js

@@ -77,3 +77,3 @@ "use strict";

_b = (_a = sut).check;
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "node-modules-reference-none.ts", new core_1.Package({}))];
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "node-modules-reference-none.ts", new core_1.Package({}, {}))];
case 1: return [4 /*yield*/, _b.apply(_a, [_c.sent()])];

@@ -100,3 +100,3 @@ case 2:

_b = (_a = sut).check;
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "node-modules-reference.ts", new core_1.Package({}))];
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "node-modules-reference.ts", new core_1.Package({}, {}))];
case 1: return [4 /*yield*/, _b.apply(_a, [_c.sent()])];

@@ -103,0 +103,0 @@ case 2:

127

dist/tests/transitive-dependency-detector.test.js

@@ -68,25 +68,29 @@ "use strict";

exports.test = baretest_1.default("Transitive dep detector");
exports.test("Should fail if any references to packages not referenced in package", function () { return __awaiter(void 0, void 0, void 0, function () {
exports.test("(dependencies only mode) Should fail if any references to packages not referenced in package", function () { return __awaiter(void 0, void 0, void 0, function () {
return __generator(this, function (_a) {
test_internal_1.inFixtureDir("transitive-reference", __dirname, function () { return __awaiter(void 0, void 0, void 0, function () {
var sut, result, _a, _b, expected, containsExpected;
return __generator(this, function (_c) {
switch (_c.label) {
case 0:
sut = new transitive_dependency_detector_1.TransitiveDependencyDetector();
_b = (_a = sut).check;
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "foo.ts", new core_1.Package({}))];
case 1: return [4 /*yield*/, _b.apply(_a, [_c.sent()])];
case 2:
result = _c.sent();
assert.strictEqual(1, result.length);
assert.strictEqual(core_1.ResultStatus.failure, result[0].status);
expected = "@some/other-package";
containsExpected = result[0].formattedMessage.includes(expected);
assert.ok(containsExpected, "Expected \"" + result[0].formattedMessage + "\" to contain \"" + expected + "\", but didn't.");
return [2 /*return*/];
}
});
}); });
return [2 /*return*/];
switch (_a.label) {
case 0: return [4 /*yield*/, test_internal_1.inFixtureDir("transitive-reference", __dirname, function () { return __awaiter(void 0, void 0, void 0, function () {
var sut, result, _a, _b, expected, containsExpected;
return __generator(this, function (_c) {
switch (_c.label) {
case 0:
sut = new transitive_dependency_detector_1.TransitiveDependencyDetector();
_b = (_a = sut).check;
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "foo.ts", new core_1.Package({}, {}))];
case 1: return [4 /*yield*/, _b.apply(_a, [_c.sent()])];
case 2:
result = _c.sent();
assert.strictEqual(1, result.length);
assert.strictEqual(core_1.ResultStatus.failure, result[0].status);
expected = "@some/other-package";
containsExpected = result[0].formattedMessage.includes(expected);
assert.ok(containsExpected, "Expected \"" + result[0].formattedMessage + "\" to contain \"" + expected + "\", but didn't.");
return [2 /*return*/];
}
});
}); })];
case 1:
_a.sent();
return [2 /*return*/];
}
});

@@ -98,6 +102,81 @@ }); });

sut = new transitive_dependency_detector_1.TransitiveDependencyDetector({ ignorePackages: ["util"] });
assert.ok(sut.isValidImport({}, "util"));
assert.ok(!sut.isValidImport({}, "fs"));
assert.ok(sut.isValidImport({}, {}, "util"));
assert.ok(!sut.isValidImport({}, {}, "fs"));
return [2 /*return*/];
});
}); });
exports.test("Should succeed if all imports are declared in dependencies", function () { return __awaiter(void 0, void 0, void 0, function () {
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4 /*yield*/, test_internal_1.inFixtureDir("transitive-reference", __dirname, function () { return __awaiter(void 0, void 0, void 0, function () {
var sut, result, _a, _b;
return __generator(this, function (_c) {
switch (_c.label) {
case 0:
sut = new transitive_dependency_detector_1.TransitiveDependencyDetector();
_b = (_a = sut).check;
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "foo.ts", new core_1.Package({ "@some/other-package": "0" }, {}))];
case 1: return [4 /*yield*/, _b.apply(_a, [_c.sent()])];
case 2:
result = _c.sent();
assert.strictEqual(0, result.length);
return [2 /*return*/];
}
});
}); })];
case 1:
_a.sent();
return [2 /*return*/];
}
});
}); });
exports.test("Should succeed if all imports are declared in devDependencies and devDeps mode is enabled", function () { return __awaiter(void 0, void 0, void 0, function () {
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4 /*yield*/, test_internal_1.inFixtureDir("transitive-reference", __dirname, function () { return __awaiter(void 0, void 0, void 0, function () {
var sut, result, _a, _b;
return __generator(this, function (_c) {
switch (_c.label) {
case 0:
sut = new transitive_dependency_detector_1.TransitiveDependencyDetector({ allowDevDependencies: true });
_b = (_a = sut).check;
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "foo.ts", new core_1.Package({}, { "@some/other-package": "0" }))];
case 1: return [4 /*yield*/, _b.apply(_a, [_c.sent()])];
case 2:
result = _c.sent();
assert.strictEqual(0, result.length);
return [2 /*return*/];
}
});
}); })];
case 1:
_a.sent();
return [2 /*return*/];
}
});
}); });
exports.test("Should fail if all imports are declared in devDependencies and devDeps mode is disabled", function () { return __awaiter(void 0, void 0, void 0, function () {
return __generator(this, function (_a) {
switch (_a.label) {
case 0: return [4 /*yield*/, test_internal_1.inFixtureDir("transitive-reference", __dirname, function () { return __awaiter(void 0, void 0, void 0, function () {
var sut, result, _a, _b;
return __generator(this, function (_c) {
switch (_c.label) {
case 0:
sut = new transitive_dependency_detector_1.TransitiveDependencyDetector({ allowDevDependencies: false });
_b = (_a = sut).check;
return [4 /*yield*/, core_1.getSourceFile(core_1.asBollDirectory("."), "foo.ts", new core_1.Package({}, { "@some/other-package": "0" }))];
case 1: return [4 /*yield*/, _b.apply(_a, [_c.sent()])];
case 2:
result = _c.sent();
assert.strictEqual(1, result.length);
return [2 /*return*/];
}
});
}); })];
case 1:
_a.sent();
return [2 /*return*/];
}
});
}); });

5

dist/transitive-dependency-detector.d.ts

@@ -5,2 +5,3 @@ import { DependencyMap, FileContext, ImportPathAndLineNumber, PackageRule, Result } from "@boll/core";

ignorePackages: string[];
allowDevDependencies: boolean;
}

@@ -21,8 +22,8 @@ /**

private options;
constructor(options?: Options);
constructor(...options: Partial<Options>[]);
get name(): string;
check(file: FileContext): Promise<Result[]>;
isValidImport(packageDependencies: DependencyMap, importPath: string): any;
isValidImport(packageDependencies: DependencyMap, packageDevDependencies: DependencyMap, importPath: string): any;
getModuleImports(sourceFile: SourceFile): ImportPathAndLineNumber[];
private getPathFromNode;
}

34

dist/transitive-dependency-detector.js
"use strict";
var __assign = (this && this.__assign) || function () {
__assign = Object.assign || function(t) {
for (var s, i = 1, n = arguments.length; i < n; i++) {
s = arguments[i];
for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p))
t[p] = s[p];
}
return t;
};
return __assign.apply(this, arguments);
};
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {

@@ -44,3 +55,4 @@ function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }

var defaultOptions = {
ignorePackages: []
ignorePackages: [],
allowDevDependencies: false
};

@@ -60,5 +72,12 @@ /**

var TransitiveDependencyDetector = /** @class */ (function () {
function TransitiveDependencyDetector(options) {
if (options === void 0) { options = defaultOptions; }
this.options = options;
function TransitiveDependencyDetector() {
var _this = this;
var options = [];
for (var _i = 0; _i < arguments.length; _i++) {
options[_i] = arguments[_i];
}
this.options = __assign({}, defaultOptions);
options.forEach(function (o) {
_this.options = __assign(__assign({}, _this.options), o);
});
}

@@ -79,3 +98,3 @@ Object.defineProperty(TransitiveDependencyDetector.prototype, "name", {

return [2 /*return*/, imports
.filter(function (i) { return !_this.isValidImport(file.packageDependencies, i.path); })
.filter(function (i) { return !_this.isValidImport(file.packageDependencies, file.packageDevDependencies, i.path); })
.map(function (i) {

@@ -87,4 +106,7 @@ return new core_1.Failure(ruleName, file.filename, core_1.asBollLineNumber(i.lineNumber), "\"" + i.path + "\" is used as a module import, but not listed as a dependency. (Either add as a direct dependency or remove usage.)");

};
TransitiveDependencyDetector.prototype.isValidImport = function (packageDependencies, importPath) {
TransitiveDependencyDetector.prototype.isValidImport = function (packageDependencies, packageDevDependencies, importPath) {
var validImports = Object.keys(packageDependencies).concat(this.options.ignorePackages);
if (this.options.allowDevDependencies) {
validImports = validImports.concat(Object.keys(packageDevDependencies));
}
return validImports.some(function (moduleName) { return importPath === moduleName || importPath.startsWith(moduleName + "/"); });

@@ -91,0 +113,0 @@ };

4

package.json

@@ -7,3 +7,3 @@ {

"dependencies": {
"@boll/core": "1.2.1209",
"@boll/core": "1.3.0",
"typescript": "^3.9.7"

@@ -43,3 +43,3 @@ },

},
"version": "0.1.1"
"version": "0.2.0"
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc