snyk-mvn-plugin - npm Package Compare versions

Comparing version 3.0.1 to 3.1.0

dist/parse/dep-graph.js

@@ -10,3 +10,3 @@ "use strict";
     const builder = new dep_graph_1.DepGraphBuilder({ name: 'maven' }, root);
-    const visited = [];
+    const visited = {};
     const queue = [];
@@ -21,5 +21,6 @@ queue.push(...getItems(rootId, nodes[rootId]));
         const { pkgInfo, scope } = getPkgInfo(id);
-        if (!includeTestScope && scope === 'test')
+        const node = nodes[id];
+        if (!includeTestScope && scope === 'test' && !node.reachesProdDep)
             continue;
-        if (visited.includes(id)) {
+        if (visited[id]) {
             const prunedId = id + ':pruned';
@@ -33,4 +34,4 @@ builder.addPkgNode(pkgInfo, prunedId, { labels: { pruned: 'true' } });
         builder.connectDep(parentNodeId, id);
-        queue.push(...getItems(id, nodes[id]));
-        visited.push(id);
+        queue.push(...getItems(id, node));
+        visited[id] = true;
     }
@@ -37,0 +38,0 @@ return builder.build();

dist/parse/maven-graph-builder.d.ts

@@ -5,6 +5,8 @@ import type { MavenGraph } from './types';
     constructor(rootId: string);
-    private add;
-    private node;
+    private findOrCreateNode;
+    private findNode;
+    private createNode;
+    private markNodeProdReachable;
     connect(parentId: string, id: string): void;
     get graph(): MavenGraph;
 }

dist/parse/maven-graph-builder.js

@@ -12,23 +12,38 @@ "use strict";
             nodes: {
-                [rootId]: { dependsOn: [] },
+                [rootId]: { dependsOn: [], parents: [], reachesProdDep: false },
             },
         }, "f");
     }
-    add(id) {
-        if (!this.node(id)) {
-            tslib_1.__classPrivateFieldGet(this, _MavenGraphBuilder_graph, "f").nodes[id] = { dependsOn: [] };
-        }
+    findOrCreateNode(id) {
+        return this.findNode(id) || this.createNode(id);
     }
-    node(id) {
+    findNode(id) {
         return tslib_1.__classPrivateFieldGet(this, _MavenGraphBuilder_graph, "f").nodes[id];
     }
+    createNode(id) {
+        const node = { dependsOn: [], parents: [], reachesProdDep: false };
+        tslib_1.__classPrivateFieldGet(this, _MavenGraphBuilder_graph, "f").nodes[id] = node;
+        return node;
+    }
+    markNodeProdReachable(id) {
+        const node = this.findNode(id);
+        if (node && !node.reachesProdDep) {
+            node.reachesProdDep = true;
+            for (const parentId of node.parents) {
+                this.markNodeProdReachable(parentId);
+            }
+        }
+    }
     connect(parentId, id) {
-        this.add(parentId);
-        this.add(id);
-        const node = this.node(parentId);
-        if (!node)
-            return;
-        if (!node.dependsOn.includes(id)) {
-            node.dependsOn.push(id);
+        const parentNode = this.findOrCreateNode(parentId);
+        const childNode = this.findOrCreateNode(id);
+        if (!childNode.parents.includes(parentId)) {
+            childNode.parents.push(parentId);
         }
+        if (!parentNode.dependsOn.includes(id)) {
+            parentNode.dependsOn.push(id);
+        }
+        if (!id.endsWith(':test')) {
+            this.markNodeProdReachable(id);
+        }
     }
@@ -35,0 +50,0 @@ get graph() {

dist/parse/types.d.ts

@@ -44,2 +44,4 @@ /// <reference types="node" />
     dependsOn: string[];
+    parents: string[];
+    reachesProdDep: boolean;
 }

package.json

@@ -54,3 +54,3 @@ {
   },
-  "version": "3.0.1"
+  "version": "3.1.0"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

60534

increased by2.55%

Lines of code

839

increased by2.44%

No dependency changes