snyk-mvn-plugin
Advanced tools
Comparing version 2.9.2 to 2.10.0
"use strict"; | ||
Object.defineProperty(exports, "__esModule", { value: true }); | ||
const tslib_1 = require("tslib"); | ||
const parse_mvn_1 = require("./parse-mvn"); | ||
const javaCallGraphBuilder = require("@snyk/java-call-graph-builder"); | ||
const os = require("os"); | ||
const fs = require("fs"); | ||
const path = require("path"); | ||
const debugLib = require("debug"); | ||
const parse_mvn_1 = require("./parse-mvn"); | ||
const subProcess = require("./sub-process"); | ||
const jar_1 = require("./jar"); | ||
const os = require("os"); | ||
const debug = debugLib('snyk-mvn-plugin'); | ||
function getCommand(root, targetFile) { | ||
@@ -69,2 +72,8 @@ if (!targetFile) { | ||
const { javaVersion, mavenVersion } = parse_mvn_1.parseVersions(versionResult); | ||
let callGraph; | ||
if (options.reachableVulns) { | ||
debug(`getting call graph from path ${targetPath}`); | ||
callGraph = yield javaCallGraphBuilder.getCallGraphMvn(path.dirname(targetPath)); | ||
debug('got call graph successfully'); | ||
} | ||
return { | ||
@@ -84,2 +93,3 @@ plugin: { | ||
package: parseResult.data, | ||
callGraph, | ||
}; | ||
@@ -86,0 +96,0 @@ } |
@@ -30,2 +30,3 @@ { | ||
"@types/node": "11.13.8", | ||
"@types/sinon": "^7.5.2", | ||
"@typescript-eslint/eslint-plugin": "^2.8.0", | ||
@@ -36,3 +37,2 @@ "@typescript-eslint/parser": "^2.8.0", | ||
"prettier": "^1.19.1", | ||
"@types/sinon": "^7.0.10", | ||
"semantic-release": "^15", | ||
@@ -44,3 +44,4 @@ "sinon": "^2.4.1", | ||
"dependencies": { | ||
"@snyk/cli-interface": "2.3.1", | ||
"@snyk/cli-interface": "2.4.0", | ||
"@snyk/java-call-graph-builder": "^1.3.4", | ||
"debug": "^4.1.1", | ||
@@ -52,3 +53,3 @@ "lodash": "^4.17.15", | ||
}, | ||
"version": "2.9.2" | ||
"version": "2.10.0" | ||
} |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
35351
471
7
+ Added@snyk/cli-interface@2.4.0(transitive)
+ Added@snyk/graphlib@2.1.9-patch.3(transitive)
+ Added@snyk/java-call-graph-builder@1.23.6(transitive)
+ Addedasync@3.2.6(transitive)
+ Addedbuffer-from@1.1.2(transitive)
+ Addedci-info@2.0.0(transitive)
+ Addedcore-util-is@1.0.3(transitive)
+ Addedimmediate@3.0.6(transitive)
+ Addedisarray@1.0.0(transitive)
+ Addedjszip@3.10.1(transitive)
+ Addedlie@3.3.0(transitive)
+ Addedlodash.clone@4.5.0(transitive)
+ Addedlodash.constant@3.0.0(transitive)
+ Addedlodash.filter@4.6.0(transitive)
+ Addedlodash.foreach@4.5.0(transitive)
+ Addedlodash.has@4.5.2(transitive)
+ Addedlodash.isempty@4.4.0(transitive)
+ Addedlodash.isfunction@3.0.9(transitive)
+ Addedlodash.isundefined@3.0.1(transitive)
+ Addedlodash.keys@4.2.0(transitive)
+ Addedlodash.map@4.6.0(transitive)
+ Addedlodash.merge@4.6.2(transitive)
+ Addedlodash.reduce@4.6.0(transitive)
+ Addedlodash.size@4.2.0(transitive)
+ Addedlodash.transform@4.6.0(transitive)
+ Addedlodash.union@4.6.0(transitive)
+ Addedlodash.values@4.3.0(transitive)
+ Addedminimist@1.2.8(transitive)
+ Addedpako@1.0.11(transitive)
+ Addedprocess-nextick-args@2.0.1(transitive)
+ Addedprogress@2.0.3(transitive)
+ Addedreadable-stream@2.3.8(transitive)
+ Addedsafe-buffer@5.1.2(transitive)
+ Addedsetimmediate@1.0.5(transitive)
+ Addedsnyk-config@4.0.0(transitive)
+ Addedsource-map@0.6.1(transitive)
+ Addedsource-map-support@0.5.21(transitive)
+ Addedstring_decoder@1.1.1(transitive)
+ Addedtemp-dir@2.0.0(transitive)
+ Addedtmp@0.2.3(transitive)
+ Addedutil-deprecate@1.0.2(transitive)
+ Addedxml-js@1.6.11(transitive)
- Removed@snyk/cli-interface@2.3.1(transitive)
Updated@snyk/cli-interface@2.4.0