snyk-go-plugin - npm Package Compare versions

Comparing version 1.22.0 to 1.23.0

dist/index.js

@@ -109,3 +109,3 @@ "use strict";
         debug('parsing manifest/lockfile', { root, targetFile });
-        const config = parseConfig(root, targetFile);
+        const config = await parseConfig(root, targetFile);
         tempDirObj = tmp.dirSync({
@@ -279,3 +279,3 @@ unsafeCleanup: true,
 // }
-function parseConfig(root, targetFile) {
+async function parseConfig(root, targetFile) {
     const pkgManager = pkgManagerByTarget(targetFile);
@@ -286,3 +286,3 @@ debug('detected package-manager:', pkgManager);
             try {
-                return (0, snyk_go_parser_1.parseGoPkgConfig)(getDepManifest(root, targetFile), getDepLock(root, targetFile));
+                return await (0, snyk_go_parser_1.parseGoPkgConfig)(getDepManifest(root, targetFile), getDepLock(root, targetFile));
             }
@@ -295,3 +295,3 @@ catch (e) {
             try {
-                return (0, snyk_go_parser_1.parseGoVendorConfig)(getGovendorJson(root, targetFile));
+                return await (0, snyk_go_parser_1.parseGoVendorConfig)(getGovendorJson(root, targetFile));
             }
@@ -405,3 +405,3 @@ catch (e) {
             // get hash (prefixed with #) or version (with v prefix removed)
-            version = (0, snyk_go_parser_1.toSnykVersion)((0, snyk_go_parser_1.parseVersion)(((_a = pkg.Module.Replace) === null || _a === void 0 ? void 0 : _a.Version) || pkg.Module.Version));
+            version = toSnykVersion(parseVersion(((_a = pkg.Module.Replace) === null || _a === void 0 ? void 0 : _a.Version) || pkg.Module.Version));
         }
@@ -467,2 +467,29 @@ if (currentParent && packageImport) {
 }
+const rePseudoVersion = /(v\d+\.\d+\.\d+)-(.*?)(\d{14})-([0-9a-f]{12})/;
+const reExactVersion = /^(.*?)(\+incompatible)?$/;
+function parseVersion(versionString) {
+    const maybeRegexMatch = rePseudoVersion.exec(versionString);
+    if (maybeRegexMatch) {
+        const [baseVersion, suffix, timestamp, hash] = maybeRegexMatch.slice(1);
+        return { baseVersion, suffix, timestamp, hash };
+    }
+    else {
+        // No pseudo version recognized, assuming the provided version string is exact
+        const [exactVersion, incompatibleStr] = reExactVersion
+            .exec(versionString)
+            .slice(1);
+        return { exactVersion, incompatible: !!incompatibleStr };
+    }
+}
+function toSnykVersion(v) {
+    if ('hash' in v && v.hash) {
+        return '#' + v.hash;
+    }
+    else if ('exactVersion' in v && v.exactVersion) {
+        return v.exactVersion.replace(/^v/, '');
+    }
+    else {
+        throw new Error('Unexpected module version format');
+    }
+}
 //# sourceMappingURL=index.js.map

lib/index.ts

@@ -16,6 +16,5 @@ import * as fs from 'fs';
   GoPackageManagerType,
-  GoProjectConfig,
-  toSnykVersion,
-  parseVersion,
+  GoPackageConfig,
 } from 'snyk-go-parser';
+import type { ModuleVersion } from 'snyk-go-parser';
 
@@ -169,3 +168,3 @@ const debug = debugLib('snyk-go-plugin');
     debug('parsing manifest/lockfile', { root, targetFile });
-    const config = parseConfig(root, targetFile);
+    const config = await parseConfig(root, targetFile);
     tempDirObj = tmp.dirSync({
@@ -391,3 +390,3 @@ unsafeCleanup: true,
 
-function parseConfig(root, targetFile): GoProjectConfig {
+async function parseConfig(root, targetFile): Promise<GoPackageConfig> {
   const pkgManager = pkgManagerByTarget(targetFile);
@@ -398,3 +397,3 @@ debug('detected package-manager:', pkgManager);
       try {
-        return parseGoPkgConfig(
+        return await parseGoPkgConfig(
           getDepManifest(root, targetFile),
@@ -411,3 +410,3 @@ getDepLock(root, targetFile),
       try {
-        return parseGoVendorConfig(getGovendorJson(root, targetFile));
+        return await parseGoVendorConfig(getGovendorJson(root, targetFile));
       } catch (e: any) {
@@ -708,1 +707,28 @@ throw new Error(
 }
+
+const rePseudoVersion = /(v\d+\.\d+\.\d+)-(.*?)(\d{14})-([0-9a-f]{12})/;
+const reExactVersion = /^(.*?)(\+incompatible)?$/;
+
+function parseVersion(versionString: string): ModuleVersion {
+  const maybeRegexMatch = rePseudoVersion.exec(versionString);
+  if (maybeRegexMatch) {
+    const [baseVersion, suffix, timestamp, hash] = maybeRegexMatch.slice(1);
+    return { baseVersion, suffix, timestamp, hash };
+  } else {
+    // No pseudo version recognized, assuming the provided version string is exact
+    const [exactVersion, incompatibleStr] = reExactVersion
+      .exec(versionString)!
+      .slice(1);
+    return { exactVersion, incompatible: !!incompatibleStr };
+  }
+}
+
+function toSnykVersion(v: ModuleVersion): string {
+  if ('hash' in v && v.hash) {
+    return '#' + v.hash;
+  } else if ('exactVersion' in v && v.exactVersion) {
+    return v.exactVersion.replace(/^v/, '');
+  } else {
+    throw new Error('Unexpected module version format');
+  }
+}

package.json

@@ -35,3 +35,3 @@ {
     "lookpath": "^1.2.2",
-    "snyk-go-parser": "1.4.1",
+    "snyk-go-parser": "1.13.0",
     "tmp": "0.2.1",
@@ -55,3 +55,3 @@ "tslib": "^1.10.0"
   },
-  "version": "1.22.0"
+  "version": "1.23.0"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

95687

increased by3.02%

Lines of code

1373

increased by3.78%

Dependency changes

• + Added@iarna/toml@2.2.5(transitive)

• + Added@snyk/dep-graph@2.9.0(transitive)

• + Added@snyk/go-semver@1.2.1(transitive)

• + Addedobject-hash@3.0.0(transitive)

• + Addedpackageurl-js@1.2.0(transitive)

• + Addedsnyk-go-parser@1.13.0(transitive)

• - Removedsnyk-go-parser@1.4.1(transitive)

• - Removedtoml@3.0.0(transitive)

• Updatedsnyk-go-parser@1.13.0