Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

snyk-go-parser

Package Overview
Dependencies
Maintainers
1
Versions
29
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

snyk-go-parser - npm Package Compare versions

Comparing version 1.0.2 to 1.1.0

dist/gomod-parser.d.ts
dist/gomod-parser.js
dist/gomod-parser.js.map

13

dist/index.d.ts
import { parseGoPkgConfig, parseGoVendorConfig } from './parser';
import { DepTree, GoPackageManagerType, GoProjectConfig } from './types';
interface DepDict {
[dep: string]: DepTree;
}
export interface DepTree {
name: string;
version: string;
dependencies?: DepDict;
}
export { GoPackageManagerType };
export { parseGoPkgConfig, parseGoVendorConfig, GoProjectConfig };
export declare function buildGoPkgDepTree(manifestFileContents: string, lockFileContents: string, options?: any): Promise<DepTree>;
export declare function buildGoVendorDepTree(manifestFileContents: string, options?: any): Promise<DepTree>;
export declare function buildGoPkgDepTree(manifestFileContents: string, lockFileContents: string, options?: unknown): Promise<DepTree>;
export declare function buildGoVendorDepTree(manifestFileContents: string, options?: unknown): Promise<DepTree>;
export declare function buildGoModDepTree(manifestFileContents: string, options?: unknown): DepTree;

44

dist/index.js

@@ -7,2 +7,5 @@ "use strict";

exports.parseGoVendorConfig = parser_1.parseGoVendorConfig;
var gomod_parser_1 = require("./gomod-parser");
// TODO(kyegupov): make all build* functions sync
// TODO(kyegupov): pin down the types for "options"
// Build dep tree from the manifest/lock files only.

@@ -30,5 +33,36 @@ // This does not scan the source code for imports, so it's not accurate;

exports.buildGoVendorDepTree = buildGoVendorDepTree;
function buildGoDepTree(goProjectConfig) {
// We are not using go.sum file here because it's not actually a lockfile and contains dependencies
// that are actually long gone.
function buildGoModDepTree(manifestFileContents, options) {
var e_1, _a;
// We actually use only some bits of the go.mod contents
var goMod = gomod_parser_1.parseGoMod(manifestFileContents);
var depTree = {
name: goMod.moduleName,
version: '0.0.0',
dependencies: {},
};
var dependencies = depTree.dependencies;
try {
for (var _b = tslib_1.__values(goMod.requires), _c = _b.next(); !_c.done; _c = _b.next()) {
var req = _c.value;
dependencies[req.moduleName] = {
name: req.moduleName,
version: gomod_parser_1.toSnykVersion(req.version),
};
}
}
catch (e_1_1) { e_1 = { error: e_1_1 }; }
finally {
try {
if (_c && !_c.done && (_a = _b.return)) _a.call(_b);
}
finally { if (e_1) throw e_1.error; }
}
return depTree;
}
exports.buildGoModDepTree = buildGoModDepTree;
function buildGoDepTree(goProjectConfig) {
var e_2, _a;
var depTree = {
name: goProjectConfig.packageName || 'root',

@@ -38,13 +72,13 @@ version: '0.0.0',

};
var dependencies = depTree.dependencies;
try {
for (var _b = tslib_1.__values(Object.keys(goProjectConfig.lockedVersions)), _c = _b.next(); !_c.done; _c = _b.next()) {
var dep = _c.value;
depTree.dependencies[dep] = {
dependencies[dep] = {
name: dep,
version: goProjectConfig.lockedVersions[dep].version,
dependencies: {},
};
}
}
catch (e_1_1) { e_1 = { error: e_1_1 }; }
catch (e_2_1) { e_2 = { error: e_2_1 }; }
finally {

@@ -54,3 +88,3 @@ try {

}
finally { if (e_1) throw e_1.error; }
finally { if (e_2) throw e_2.error; }
}

@@ -57,0 +91,0 @@ return depTree;

5

dist/parser.js

@@ -5,2 +5,3 @@ "use strict";

var errors_1 = require("./errors/");
// TODO(kyegupov): split into go-dep-parser and go-vendor-parser files
function parseGoPkgConfig(manifestFileContents, lockFileContents) {

@@ -67,8 +68,8 @@ if (!manifestFileContents && !lockFileContents) {

try {
var gvJson = JSON.parse(jsonStr);
var goProjectConfig_1 = {
ignoredPkgs: [],
lockedVersions: {},
packageName: gvJson.rootPath,
};
var gvJson = JSON.parse(jsonStr);
goProjectConfig_1.packageName = gvJson.rootPath;
var packages = (gvJson.package || gvJson.Package);

@@ -75,0 +76,0 @@ if (packages) {

37

dist/types.d.ts

@@ -1,2 +0,2 @@

export declare type GoPackageManagerType = 'golangdep' | 'govendor';
export declare type GoPackageManagerType = 'golangdep' | 'govendor' | 'gomod';
export interface LockedDep {

@@ -10,6 +10,39 @@ name: string;

export interface GoProjectConfig {
ignoredPkgs: string[];
ignoredPkgs?: string[];
lockedVersions: LockedDeps;
packageName?: string;
}
export interface GoMod {
moduleName: string;
golangVersion?: string;
requires: Require[];
replaces: Replace[];
excludes: ModuleAndVersion[];
}
export interface ModuleExactVersion {
exactVersion: string;
incompatible: boolean;
}
export interface ModulePseudoVersion {
baseVersion: string;
suffix: string;
hash: string;
timestamp: string;
}
export interface ModuleAndVersion {
moduleName: string;
version: ModuleVersion;
}
export declare type ModuleVersion = ModuleExactVersion | ModulePseudoVersion;
export interface Require extends ModuleAndVersion {
indirect: boolean;
}
export interface ModuleAndMaybeVersion {
moduleName: string;
version?: ModuleVersion;
}
export interface Replace {
oldMod: ModuleAndMaybeVersion;
newMod: ModuleAndMaybeVersion;
}
export interface DepTree {

@@ -16,0 +49,0 @@ name: string;

2

package.json

@@ -40,3 +40,3 @@ {

},
"version": "1.0.2"
"version": "1.1.0"
}
dist/index.js.map

Sorry, the diff of this file is not supported yet

dist/parser.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc