@npmcli/metavuln-calculator - npm Package Compare versions

Comparing version 1.0.2 to 1.1.0

lib/advisory.js

		@@ -38,7 +38,11 @@ const hash = require('./hash.js')

		this.severity = source.severity
		this.severity = source.severity \|\| 'high'
		this.versions = []
		this.vulnerableVersions = []

		// advisories have the range, metavulns do not
		this.range = source.vulnerable_versions \|\| null
		// if an advisory doesn't specify range, assume all are vulnerable
		this.range = this.type === 'advisory' ? source.vulnerable_versions \|\| '*'
		: null

		this.id = hash(this)
		@@ -70,8 +74,8 @@
		// basic data integrity gutcheck
		if (!cached \|\| typeof cached !== 'object') {
		if (!cached \|\| typeof cached !== 'object')
		throw new TypeError('invalid cached data, expected object')
		}
		if (!packument \|\| typeof packument !== 'object') {

		if (!packument \|\| typeof packument !== 'object')
		throw new TypeError('invalid packument data, expected object')
		}

		if (cached.id && cached.id !== this.id) {
		@@ -108,5 +112,4 @@ throw Object.assign(new Error('loading from incorrect cache entry'), {
		this.versions.push(v)
		} else if (!pakuVersions.includes(v)) {
		} else if (!pakuVersions.includes(v))
		versionsRemoved.push(v)
		}
		}
		@@ -255,5 +258,4 @@

		if (bundled) {
		if (bundled)
		return semver.intersects(spec, avoid, semverOpt)
		}

		@@ -268,5 +270,4 @@ return this[_source].testSpec(spec)
		const memo = this[_specVulnMemo]
		if (memo.has(spec)) {
		if (memo.has(spec))
		return memo.get(spec)
		}

		@@ -387,3 +388,3 @@ const res = this[_testSpec](spec)
		const midVuln = this.testVersion(pre[pre.length - 1])
		while (/-/.test(String(pre[pre.length-1]))) {
		while (/-/.test(String(pre[pre.length - 1]))) {
		const v = pre.pop()
		@@ -395,3 +396,3 @@ if (midVuln)

		if (!/-/.test(String(post[post.length-1]))) {
		if (!/-/.test(String(post[post.length - 1]))) {
		const midVuln = this.testVersion(post[0])
		@@ -398,0 +399,0 @@ while (/-/.test(String(post[0]))) {

lib/get-dep-spec.js

		@@ -5,10 +5,12 @@ module.exports = (mani, name) => {
		// with multiple versions anyway.
		return mani.dependencies && typeof mani.dependencies[name] === 'string'
		? mani.dependencies[name]
		: mani.optionalDependencies && typeof mani.optionalDependencies[name] === 'string'
		? mani.optionalDependencies[name]
		: mani.peerDependencies && typeof mani.peerDependencies[name] === 'string'
		? mani.peerDependencies[name]
		const {
		dependencies: deps = {},
		optionalDependencies: optDeps = {},
		peerDependencies: peerDeps = {},
		} = mani

		return typeof deps[name] === 'string' ? deps[name]
		: typeof optDeps[name] === 'string' ? optDeps[name]
		: typeof peerDeps[name] === 'string' ? peerDeps[name]
		: null
		}

lib/index.js

		@@ -56,3 +56,3 @@ // this is the public class that is used by consumers.
		this[_cacheGet](advisory),
		this[_packument](name)
		this[_packument](name),
		])
		@@ -59,0 +59,0 @@ process.emit('time', `metavuln:load:${k}`)

package.json

		{
		"name": "@npmcli/metavuln-calculator",
		"version": "1.0.2",
		"version": "1.1.0",
		"main": "lib/index.js",
		@@ -14,6 +14,11 @@ "files": [
		"test": "tap",
		"posttest": "npm run lint",
		"snap": "tap",
		"postsnap": "npm run lint",
		"preversion": "npm test",
		"postversion": "npm publish",
		"prepublishOnly": "git push origin --follow-tags"
		"prepublishOnly": "git push origin --follow-tags",
		"eslint": "eslint",
		"lint": "npm run eslint -- \"lib/*/.js\" \"test/*/.js\"",
		"lintfix": "npm run lint -- --fix"
		},
		@@ -25,10 +30,15 @@ "tap": {
		"devDependencies": {
		"tap": "^14.10.8",
		"require-inject": "^1.4.4"
		"eslint": "^7.20.0",
		"eslint-plugin-import": "^2.22.1",
		"eslint-plugin-node": "^11.1.0",
		"eslint-plugin-promise": "^4.3.1",
		"eslint-plugin-standard": "^4.1.0",
		"require-inject": "^1.4.4",
		"tap": "^14.10.8"
		},
		"dependencies": {
		"cacache": "^15.0.5",
		"pacote": "^11.1.11",
		"cacache": "^15.0.5",
		"semver": "^7.3.2"
		}
		}

@npmcli/metavuln-calculator - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics