Socket
Socket
Sign inDemoInstall

resolve

Package Overview
Dependencies
8
Maintainers
2
Versions
95
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 1.19.0 to 1.20.0

SECURITY.md

33

lib/async.js

@@ -45,2 +45,16 @@ var fs = require('fs');

var defaultReadPackage = function defaultReadPackage(readFile, pkgfile, cb) {
readFile(pkgfile, function (readFileErr, body) {
if (readFileErr) cb(readFileErr);
else {
try {
var pkg = JSON.parse(body);
cb(null, pkg);
} catch (jsonErr) {
cb(null);
}
}
});
};
var getPackageCandidates = function getPackageCandidates(x, start, opts) {

@@ -74,2 +88,9 @@ var dirs = nodeModulesPaths(start, opts, x);

var realpath = opts.realpath || defaultRealpath;
var readPackage = opts.readPackage || defaultReadPackage;
if (opts.readFile && opts.readPackage) {
var conflictErr = new TypeError('`readFile` and `readPackage` are mutually exclusive.');
return process.nextTick(function () {
cb(conflictErr);
});
}
var packageIterator = opts.packageIterator;

@@ -202,6 +223,7 @@

readFile(pkgfile, function (err, body) {
readPackage(readFile, pkgfile, function (err, pkgParam) {
if (err) cb(err);
try { var pkg = JSON.parse(body); } catch (jsonErr) {}
var pkg = pkgParam;
if (pkg && opts.packageFilter) {

@@ -231,8 +253,7 @@ pkg = opts.packageFilter(pkg, pkgfile);

readFile(pkgfile, function (err, body) {
readPackage(readFile, pkgfile, function (err, pkgParam) {
if (err) return cb(err);
try {
var pkg = JSON.parse(body);
} catch (jsonErr) {}
var pkg = pkgParam;
if (pkg && opts.packageFilter) {

@@ -239,0 +260,0 @@ pkg = opts.packageFilter(pkg, pkgfile);

159

lib/core.json
{
"assert": true,
"assert/strict": ">= 15",
"async_hooks": ">= 8",
"buffer_ieee754": "< 0.9.7",
"buffer": true,
"child_process": true,
"cluster": true,
"console": true,
"constants": true,
"crypto": true,
"_debug_agent": ">= 1 && < 8",
"_debugger": "< 8",
"dgram": true,
"diagnostics_channel": ">= 15.1",
"dns": true,
"dns/promises": ">= 15",
"domain": ">= 0.7.12",
"events": true,
"freelist": "< 6",
"fs": true,
"fs/promises": [">= 10 && < 10.1", ">= 14"],
"_http_agent": ">= 0.11.1",
"_http_client": ">= 0.11.1",
"_http_common": ">= 0.11.1",
"_http_incoming": ">= 0.11.1",
"_http_outgoing": ">= 0.11.1",
"_http_server": ">= 0.11.1",
"http": true,
"http2": ">= 8.8",
"https": true,
"inspector": ">= 8.0.0",
"_linklist": "< 8",
"module": true,
"net": true,
"node-inspect/lib/_inspect": ">= 7.6.0 && < 12",
"node-inspect/lib/internal/inspect_client": ">= 7.6.0 && < 12",
"node-inspect/lib/internal/inspect_repl": ">= 7.6.0 && < 12",
"os": true,
"path": true,
"perf_hooks": ">= 8.5",
"process": ">= 1",
"punycode": true,
"querystring": true,
"readline": true,
"repl": true,
"smalloc": ">= 0.11.5 && < 3",
"_stream_duplex": ">= 0.9.4",
"_stream_transform": ">= 0.9.4",
"_stream_wrap": ">= 1.4.1",
"_stream_passthrough": ">= 0.9.4",
"_stream_readable": ">= 0.9.4",
"_stream_writable": ">= 0.9.4",
"stream": true,
"stream/promises": ">= 15",
"string_decoder": true,
"sys": [">= 0.6 && < 0.7", ">= 0.8"],
"timers": true,
"timers/promises": ">= 15",
"_tls_common": ">= 0.11.13",
"_tls_legacy": ">= 0.11.3 && < 10",
"_tls_wrap": ">= 0.11.3",
"tls": true,
"trace_events": ">= 10",
"tty": true,
"url": true,
"util": true,
"v8/tools/arguments": ">= 10 && < 12",
"v8/tools/codemap": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/consarray": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/csvparser": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/logreader": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/profile_view": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/splaytree": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8": ">= 1",
"vm": true,
"wasi": ">= 13.4 && < 13.5",
"worker_threads": ">= 11.7",
"zlib": true
"assert": true,
"assert/strict": ">= 15",
"async_hooks": ">= 8",
"buffer_ieee754": "< 0.9.7",
"buffer": true,
"child_process": true,
"cluster": true,
"console": true,
"constants": true,
"crypto": true,
"_debug_agent": ">= 1 && < 8",
"_debugger": "< 8",
"dgram": true,
"diagnostics_channel": ">= 15.1",
"dns": true,
"dns/promises": ">= 15",
"domain": ">= 0.7.12",
"events": true,
"freelist": "< 6",
"fs": true,
"fs/promises": [">= 10 && < 10.1", ">= 14"],
"_http_agent": ">= 0.11.1",
"_http_client": ">= 0.11.1",
"_http_common": ">= 0.11.1",
"_http_incoming": ">= 0.11.1",
"_http_outgoing": ">= 0.11.1",
"_http_server": ">= 0.11.1",
"http": true,
"http2": ">= 8.8",
"https": true,
"inspector": ">= 8.0.0",
"_linklist": "< 8",
"module": true,
"net": true,
"node-inspect/lib/_inspect": ">= 7.6.0 && < 12",
"node-inspect/lib/internal/inspect_client": ">= 7.6.0 && < 12",
"node-inspect/lib/internal/inspect_repl": ">= 7.6.0 && < 12",
"os": true,
"path": true,
"path/posix": ">= 15.3",
"path/win32": ">= 15.3",
"perf_hooks": ">= 8.5",
"process": ">= 1",
"punycode": true,
"querystring": true,
"readline": true,
"repl": true,
"smalloc": ">= 0.11.5 && < 3",
"_stream_duplex": ">= 0.9.4",
"_stream_transform": ">= 0.9.4",
"_stream_wrap": ">= 1.4.1",
"_stream_passthrough": ">= 0.9.4",
"_stream_readable": ">= 0.9.4",
"_stream_writable": ">= 0.9.4",
"stream": true,
"stream/promises": ">= 15",
"string_decoder": true,
"sys": [">= 0.6 && < 0.7", ">= 0.8"],
"timers": true,
"timers/promises": ">= 15",
"_tls_common": ">= 0.11.13",
"_tls_legacy": ">= 0.11.3 && < 10",
"_tls_wrap": ">= 0.11.3",
"tls": true,
"trace_events": ">= 10",
"tty": true,
"url": true,
"util": true,
"util/types": ">= 15.3",
"v8/tools/arguments": ">= 10 && < 12",
"v8/tools/codemap": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/consarray": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/csvparser": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/logreader": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/profile_view": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8/tools/splaytree": [">= 4.4.0 && < 5", ">= 5.2.0 && < 12"],
"v8": ">= 1",
"vm": true,
"wasi": ">= 13.4 && < 13.5",
"worker_threads": ">= 11.7",
"zlib": true
}

21

lib/sync.js

@@ -48,2 +48,10 @@ var isCore = require('is-core-module');

var defaultReadPackageSync = function defaultReadPackageSync(readFileSync, pkgfile) {
var body = readFileSync(pkgfile);
try {
var pkg = JSON.parse(body);
return pkg;
} catch (jsonErr) {}
};
var getPackageCandidates = function getPackageCandidates(x, start, opts) {

@@ -67,2 +75,6 @@ var dirs = nodeModulesPaths(start, opts, x);

var realpathSync = opts.realpathSync || defaultRealpathSync;
var readPackageSync = opts.readPackageSync || defaultReadPackageSync;
if (opts.readFileSync && opts.readPackageSync) {
throw new TypeError('`readFileSync` and `readPackageSync` are mutually exclusive.');
}
var packageIterator = opts.packageIterator;

@@ -132,8 +144,4 @@

var body = readFileSync(pkgfile);
var pkg = readPackageSync(readFileSync, pkgfile);
try {
var pkg = JSON.parse(body);
} catch (jsonErr) {}
if (pkg && opts.packageFilter) {

@@ -151,4 +159,3 @@ // v2 will pass pkgfile

try {
var body = readFileSync(pkgfile, 'UTF8');
var pkg = JSON.parse(body);
var pkg = readPackageSync(readFileSync, pkgfile);
} catch (e) {}

@@ -155,0 +162,0 @@

16

package.json
{
"name": "resolve",
"description": "resolve like require.resolve() on behalf of files asynchronously and synchronously",
"version": "1.19.0",
"version": "1.20.0",
"repository": {

@@ -17,3 +17,3 @@ "type": "git",

"scripts": {
"prepublish": "safe-publish-latest && cp node_modules/is-core-module/core.json ./lib/",
"prepublish": "safe-publish-latest && cp node_modules/is-core-module/core.json ./lib/ ||:",
"prelint": "eclint check '**/*'",

@@ -29,11 +29,11 @@ "lint": "eslint --ext=js,mjs .",

"devDependencies": {
"@ljharb/eslint-config": "^17.2.0",
"array.prototype.map": "^1.0.2",
"aud": "^1.1.3",
"@ljharb/eslint-config": "^17.5.1",
"array.prototype.map": "^1.0.3",
"aud": "^1.1.4",
"eclint": "^2.8.1",
"eslint": "^7.13.0",
"eslint": "^7.19.0",
"object-keys": "^1.1.1",
"safe-publish-latest": "^1.1.4",
"tap": "0.4.13",
"tape": "^5.0.1"
"tape": "^5.1.1"
},

@@ -50,5 +50,5 @@ "license": "MIT",

"dependencies": {
"is-core-module": "^2.1.0",
"is-core-module": "^2.2.0",
"path-parse": "^1.0.6"
}
}

75

test/mock_sync.js

@@ -142,1 +142,76 @@ var path = require('path');

});
test('readPackageSync', function (t) {
t.plan(3);
var files = {};
files[path.resolve('/foo/node_modules/bar/something-else.js')] = 'beep';
files[path.resolve('/foo/node_modules/bar/package.json')] = JSON.stringify({
main: './baz.js'
});
files[path.resolve('/foo/node_modules/bar/baz.js')] = 'boop';
var dirs = {};
dirs[path.resolve('/foo')] = true;
dirs[path.resolve('/foo/node_modules')] = true;
function opts(basedir, useReadPackage) {
return {
basedir: path.resolve(basedir),
isFile: function (file) {
return Object.prototype.hasOwnProperty.call(files, path.resolve(file));
},
isDirectory: function (dir) {
return !!dirs[path.resolve(dir)];
},
readFileSync: useReadPackage ? null : function (file) {
return files[path.resolve(file)];
},
realpathSync: function (file) {
return file;
}
};
}
t.test('with readFile', function (st) {
st.plan(1);
st.equal(
resolve.sync('bar', opts('/foo')),
path.resolve('/foo/node_modules/bar/baz.js')
);
});
var readPackageSync = function (readFileSync, file) {
if (file.indexOf(path.join('bar', 'package.json')) >= 0) {
return { main: './something-else.js' };
} else {
return JSON.parse(files[path.resolve(file)]);
}
};
t.test('with readPackage', function (st) {
st.plan(1);
var options = opts('/foo');
delete options.readFileSync;
options.readPackageSync = readPackageSync;
st.equal(
resolve.sync('bar', options),
path.resolve('/foo/node_modules/bar/something-else.js')
);
});
t.test('with readFile and readPackage', function (st) {
st.plan(1);
var options = opts('/foo');
options.readPackageSync = readPackageSync;
st.throws(
function () { resolve.sync('bar', options); },
TypeError,
'errors when both readFile and readPackage are provided'
);
});
});

76

test/mock.js

@@ -240,1 +240,77 @@ var path = require('path');

});
test('readPackage', function (t) {
t.plan(3);
var files = {};
files[path.resolve('/foo/node_modules/bar/something-else.js')] = 'beep';
files[path.resolve('/foo/node_modules/bar/package.json')] = JSON.stringify({
main: './baz.js'
});
files[path.resolve('/foo/node_modules/bar/baz.js')] = 'boop';
var dirs = {};
dirs[path.resolve('/foo')] = true;
dirs[path.resolve('/foo/node_modules')] = true;
function opts(basedir) {
return {
basedir: path.resolve(basedir),
isFile: function (file, cb) {
cb(null, Object.prototype.hasOwnProperty.call(files, path.resolve(file)));
},
isDirectory: function (dir, cb) {
cb(null, !!dirs[path.resolve(dir)]);
},
'package': { main: 'bar' },
readFile: function (file, cb) {
cb(null, files[path.resolve(file)]);
},
realpath: function (file, cb) {
cb(null, file);
}
};
}
t.test('with readFile', function (st) {
st.plan(3);
resolve('bar', opts('/foo'), function (err, res, pkg) {
st.error(err);
st.equal(res, path.resolve('/foo/node_modules/bar/baz.js'));
st.equal(pkg && pkg.main, './baz.js');
});
});
var readPackage = function (readFile, file, cb) {
var barPackage = path.join('bar', 'package.json');
if (file.slice(-barPackage.length) === barPackage) {
cb(null, { main: './something-else.js' });
} else {
cb(null, JSON.parse(files[path.resolve(file)]));
}
};
t.test('with readPackage', function (st) {
st.plan(3);
var options = opts('/foo');
delete options.readFile;
options.readPackage = readPackage;
resolve('bar', options, function (err, res, pkg) {
st.error(err);
st.equal(res, path.resolve('/foo/node_modules/bar/something-else.js'));
st.equal(pkg && pkg.main, './something-else.js');
});
});
t.test('with readFile and readPackage', function (st) {
st.plan(1);
var options = opts('/foo');
options.readPackage = readPackage;
resolve('bar', options, function (err) {
st.throws(function () { throw err; }, TypeError, 'errors when both readFile and readPackage are provided');
});
});
});
.github/workflows/node-4+.yml
.github/workflows/node-iojs.yml
.github/workflows/node-pretest.yml
.github/workflows/node-zero.yml
.github/workflows/rebase.yml
.github/workflows/require-allow-edits.yml
.editorconfig

Sorry, the diff of this file is not supported yet

readme.markdown

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc