Socket
Socket
Sign inDemoInstall

@contrast/library-analysis

Package Overview
Dependencies
Maintainers
14
Versions
38
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@contrast/library-analysis - npm Package Compare versions

Comparing version 1.5.0 to 1.6.0

6

lib/index.js

@@ -18,3 +18,3 @@ /*

const { callChildComponentMethodsSync } = require('@contrast/common');
const { callChildComponentMethods } = require('@contrast/common');

@@ -28,6 +28,6 @@ module.exports = function (core) {

libraryAnalysis.install = function install() {
libraryAnalysis.install = async function install() {
if (!config.agent.node.library_usage.reporting.enable) return;
callChildComponentMethodsSync(libraryAnalysis, 'install');
callChildComponentMethods(libraryAnalysis, 'install');
};

@@ -34,0 +34,0 @@

12

lib/install/library-reporting/index.js

@@ -21,3 +21,3 @@ /*

const listInstalled = require('./list-installed');
const { createLibData, serializeLibrary } = require('../../util.js');
const { createLibData, serializeLibrary, getFileCount } = require('../../util.js');

@@ -101,3 +101,3 @@ /** @typedef {listInstalled.Result} Result */

function getNodeModulesPath() {
async function getNodeModulesPath() {
const projectPath = `${config.agent.node.app_root}/package.json`;

@@ -128,3 +128,9 @@ const boundRequire = Module.createRequire(projectPath);

for (const library of libPathHashMap.values()) {
messages.emit(Event.LIBRARY, serializeLibrary(library));
const serializedLib = serializeLibrary(library);
try {
serializedLib.classCount = await getFileCount(library.path);
} catch (err) {
logger.error('Unable to get file count for %s, %s', library.name, library.version);
}
messages.emit(Event.LIBRARY, serializedLib);
}

@@ -131,0 +137,0 @@

47

lib/util.js

@@ -18,2 +18,4 @@ /*

const fs = require('fs').promises;
const pathModule = require('path');
const os = require('os');

@@ -88,6 +90,51 @@

function applicableFile(file) {
return (
['.js', '.node', '.cjs', '.mjs'].filter((validExtension) =>
file.endsWith(validExtension)
).length > 0
);
}
async function getFileCount(path) {
const files = await readdir(path);
return files.filter((file) => applicableFile(file)
).length;
}
async function readdir(path) {
let list = [];
const files = await fs.readdir(path);
let pending = files.length;
if (!pending) {
return list;
}
for (const file of files) {
const filePath = pathModule.join(path, file);
const stats = await fs.stat(filePath);
if (stats.isDirectory() && !filePath.endsWith(`${pathModule.sep}node_modules`)) {
const subList = await readdir(filePath);
list = list.concat(subList);
pending -= 1;
} else {
list.push(filePath);
pending -= 1;
}
if (!pending) {
return list;
}
}
}
module.exports = {
buildLibraryHash,
serializeLibrary,
getFileCount,
createLibData
};

6

package.json
{
"name": "@contrast/library-analysis",
"version": "1.5.0",
"version": "1.6.0",
"description": "",

@@ -19,6 +19,6 @@ "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",

"dependencies": {
"@contrast/common": "1.9.0",
"@contrast/fn-inspect": "3.3.0",
"@contrast/common": "1.10.0",
"@contrast/fn-inspect": "^3.3.0",
"semver": "^7.3.8"
}
}
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc