Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
lockfile-lint-api
Advanced tools
lockfile-lint-api - npm Package Compare versions
Comparing version 5.4.6 to 5.5.0
@@ -6,2 +6,13 @@ # Change Log | ||
| # 5.5.0 (2022-12-26) | ||
| ### Features | ||
| * add support for yarn berry lockfiles ([#147](https://github.com/lirantal/lockfile-lint/issues/147)) ([d4cf64d](https://github.com/lirantal/lockfile-lint/commit/d4cf64d)) | ||
| ## 5.4.6 (2022-10-08) | ||
@@ -8,0 +19,0 @@ |
| { | ||
| "name": "lockfile-lint-api", | ||
| "version": "5.4.6", | ||
| "version": "5.5.0", | ||
| "description": "Lint an npm or yarn lockfile to analyze and detect issues", | ||
@@ -52,3 +52,3 @@ "main": "index.js", | ||
| "dependencies": { | ||
| "@yarnpkg/parsers": "^3.0.0-rc.6", | ||
| "@yarnpkg/parsers": "^3.0.0-rc.32", | ||
| "object-hash": "^3.0.0" | ||
@@ -178,3 +178,3 @@ }, | ||
| }, | ||
| "gitHead": "144dc5501f9714c20da1479277cb5c22cb1013e6" | ||
| "gitHead": "3ae9b8c75111526634223bfe8210d0a70debd73e" | ||
| } |
@@ -23,4 +23,4 @@ // @ts-check | ||
| */ | ||
| function checkSampleContent (lockfile) { | ||
| const [sampleKey, sampleValue] = Object.entries(lockfile)[0] | ||
| function checkSampleContent (lockfile, isYarnBerry) { | ||
| const [sampleKey, sampleValue] = Object.entries(lockfile)[isYarnBerry ? 1 : 0] | ||
| return ( | ||
@@ -31,3 +31,3 @@ sampleKey.match(/.*@.*/) && | ||
| sampleValue.hasOwnProperty('version') && | ||
| sampleValue.hasOwnProperty('resolved')) | ||
| (sampleValue.hasOwnProperty('resolved') || sampleValue.hasOwnProperty('resolution'))) | ||
| ) | ||
@@ -41,7 +41,26 @@ } | ||
| const lockfile = yarnParseSyml(lockfileBuffer.toString()) | ||
| const isYarnBerry = typeof lockfile.__metadata === 'object' | ||
| const hasSensibleContent = | ||
| lockfile && typeof lockfile === 'object' && checkSampleContent(lockfile) | ||
| lockfile && typeof lockfile === 'object' && checkSampleContent(lockfile, isYarnBerry) | ||
| if (!hasSensibleContent) { | ||
| throw Error('Lockfile does not seem to contain a valid dependency list') | ||
| } | ||
| if (isYarnBerry) { | ||
| const normalizedLockFile = {} | ||
| Object.entries(lockfile).forEach(([packageName, packageDetails]) => { | ||
| const resolution = packageDetails.resolution | ||
| if (resolution) { | ||
| const splitByAt = resolution.split('@') | ||
| let host | ||
| if (splitByAt.length > 2 && resolution[0] === '@') { | ||
| host = splitByAt[2] | ||
| } else { | ||
| host = splitByAt[1] | ||
| } | ||
| normalizedLockFile[packageName] = Object.assign({}, packageDetails, {resolved: host}) | ||
| } | ||
| }) | ||
| return {type: 'success', object: normalizedLockFile} | ||
| } | ||
| return {type: 'success', object: lockfile} | ||
@@ -48,0 +67,0 @@ } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.78%
54588
- Lines of code
- increased by3.47%
537