snyk-nuget-plugin - npm Package Compare versions

Comparing version 1.25.4 to 1.25.5

dist/index.js

@@ -36,3 +36,3 @@ "use strict";
     }
-    const createPackageTree = depTree => {
+    const createPackageTree = (depTree) => {
         // TODO implement for paket and more than one framework
@@ -39,0 +39,0 @@ const targetFramework = depTree.meta

dist/nuget-parser/dotnet-core-parser.js

@@ -22,3 +22,3 @@ "use strict";
     const pickedObj = {};
-    Object.keys(obj).forEach(k => {
+    Object.keys(obj).forEach((k) => {
         if (keys.includes(k)) {
@@ -37,3 +37,3 @@ pickedObj[k] = obj[k];
     const names = Object.keys(targetObj);
-    return names.map(name => {
+    return names.map((name) => {
         name = convertFromPathSyntax(name);
@@ -61,3 +61,3 @@ return name;
 function isScanned(nodes, pkg) {
-    const node = nodes.find(elem => elem.name === pkg.name && elem.version === pkg.version);
+    const node = nodes.find((elem) => elem.name === pkg.name && elem.version === pkg.version);
     return !!node;
@@ -64,0 +64,0 @@ }

dist/nuget-parser/dotnet-framework-parser.js

@@ -21,3 +21,3 @@ "use strict";
     debug('Located ' + installedPackages.length + ' packages in manifest');
-    installedPackages.forEach(entry => {
+    installedPackages.forEach((entry) => {
         injectPath(entry, packagesFolder);
@@ -32,3 +32,3 @@ flattenedPackageList[entry.name] =
         fs.readdirSync(packagesFolder)
-            .map(folderName => {
+            .map((folderName) => {
             try {
@@ -42,3 +42,3 @@ return (0, dependency_1.fromFolderName)(folderName);
         })
-            .forEach(dep => {
+            .forEach((dep) => {
             if (dep) {
@@ -92,3 +92,3 @@ injectPath(dep, packagesFolder);
     const nuspecResolutions = {};
-    nuspecResolutionChain.forEach(resolution => {
+    nuspecResolutionChain.forEach((resolution) => {
         if (!resolution) {
@@ -135,3 +135,3 @@ return;
     const nugetKeys = Object.keys(nuspecResolutions);
-    Object.keys(flattenedPackageList).forEach(packageName => {
+    Object.keys(flattenedPackageList).forEach((packageName) => {
         tree.dependencies[packageName] = (0, dependency_1.cloneShallow)(flattenedPackageList[packageName]);
@@ -138,0 +138,0 @@ });

dist/nuget-parser/nuspec-parser.js

@@ -44,3 +44,3 @@ "use strict";
     const nuspecZipData = await JSZip.loadAsync(nupkgData);
-    const nuspecFile = Object.keys(nuspecZipData.files).find(file => {
+    const nuspecFile = Object.keys(nuspecZipData.files).find((file) => {
         return path.extname(file) === '.nuspec';
@@ -56,7 +56,9 @@ });
     const encoding = detectNuspecContentEncoding(rawNuspecContent);
-    const encodedNuspecContent = Buffer.from(rawNuspecContent).toString(encoding);
-    const normalisedNuspecContent = removePotentialUtf16Characters(encodedNuspecContent);
-    return normalisedNuspecContent;
+    const encoder = new TextEncoder();
+    const encoded = encoder.encode(rawNuspecContent);
+    const decoder = new TextDecoder(encoding);
+    const encodedNuspecContent = decoder.decode(encoded);
+    return removePotentialUtf16Characters(encodedNuspecContent);
 }
-//this is exported for testing, but should not executed directly. Hence the '_' in the name.
+//this is exported for testing, but should not execute directly. Hence the '_' in the name.
 async function _parsedNuspec(nuspecContent, targetFramework, depName) {
@@ -69,3 +71,3 @@ var _a;
     for (const metadata of parsedNuspec.package.metadata) {
-        (_a = metadata.dependencies) === null || _a === void 0 ? void 0 : _a.forEach(rawDependency => {
+        (_a = metadata.dependencies) === null || _a === void 0 ? void 0 : _a.forEach((rawDependency) => {
             // Find and add target framework version specific dependencies
@@ -80,3 +82,3 @@ const depsForTargetFramework = extractDepsForTargetFramework(rawDependency, targetFramework);
             if (depsFromPlainGroups) {
-                depsFromPlainGroups.forEach(depGroup => {
+                depsFromPlainGroups.forEach((depGroup) => {
                     ownDeps = ownDeps.concat(extractDepsFromRaw(depGroup.dependency));
@@ -127,3 +129,3 @@ });
     }
-    return rawDependency.group.filter(group => {
+    return rawDependency.group.filter((group) => {
         // valid group with no attributes or no `targetFramework` attribute
@@ -138,3 +140,3 @@ return group && !(group.$ && group.$.targetFramework);
     return rawDependency.group
-        .filter(group => {
+        .filter((group) => {
         var _a;
@@ -144,3 +146,3 @@ return (((_a = group === null || group === void 0 ? void 0 : group.$) === null || _a === void 0 ? void 0 : _a.targetFramework) &&
     })
-        .map(group => {
+        .map((group) => {
         const parts = group.$.targetFramework.split(targetFrameworkRegex);
@@ -159,3 +161,3 @@ return {
     })
-        .find(group => {
+        .find((group) => {
         return (targetFramework.framework === group.framework &&
@@ -170,3 +172,3 @@ targetFramework.version >= group.version);
     const deps = [];
-    rawDependencies.forEach(dep => {
+    rawDependencies.forEach((dep) => {
         if (dep && dep.$) {
@@ -173,0 +175,0 @@ deps.push({

package.json

@@ -6,8 +6,8 @@ {
   "scripts": {
-    "test": "npm run lint && npm run unit-test",
-    "unit-test": "jest && tap --no-coverage test/*.test.ts --timeout=300",
+    "test": "npm run lint && npm run test:unit",
+    "test:unit": "jest --coverage --silent=false --detectOpenHandles",
     "lint": "prettier --check \"./lib/**/*.ts\" && eslint -c .eslintrc.js \"./lib/**/*\"",
     "lint:fix": "prettier --write \"./lib/**/*.ts\" && eslint -c .eslintrc.js --fix \"./lib/**/*\"",
     "build": "tsc",
-    "build-watch": "tsc -w",
+    "build:watch": "tsc -w",
     "prepare": "npm run build"
@@ -38,24 +38,22 @@ },
   "dependencies": {
-    "debug": "^4.1.1",
-    "dotnet-deps-parser": "5.2.2",
-    "jszip": "3.8.0",
+    "debug": "^4.3.4",
+    "dotnet-deps-parser": "5.3.0",
+    "jszip": "3.10.1",
+    "lodash": "^4.17.21",
     "snyk-paket-parser": "1.6.0",
-    "tslib": "^1.11.2",
-    "xml2js": "^0.5.0",
-    "lodash": "^4.17.5"
+    "tslib": "^2.6.0",
+    "xml2js": "^0.6.0"
   },
   "devDependencies": {
-    "@types/jest": "^27.0.2",
-    "@types/node": "^10",
-    "@typescript-eslint/eslint-plugin": "^2.31.0",
-    "@typescript-eslint/parser": "^2.31.0",
-    "eslint": "^6.8.0",
-    "eslint-config-prettier": "^6.15.0",
-    "jest": "^26.4.2",
-    "prettier": "^1.19.1",
-    "tap": "^14.10.7",
-    "ts-jest": "^26.4.0",
-    "typescript": "~4.7.3"
+    "@types/jest": "^28.1.8",
+    "@types/node": "^20",
+    "@typescript-eslint/eslint-plugin": "^5.62.0",
+    "@typescript-eslint/parser": "^5.62.0",
+    "eslint": "^8.45.0",
+    "jest": "^28.1.3",
+    "prettier": "^2.8.8",
+    "ts-jest": "^28.0.8",
+    "typescript": "^4.9.5"
   },
-  "version": "1.25.4"
+  "version": "1.25.5"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

76889

increased by0.25%

Dev dependency count

9

decreased by-18.18%

Lines of code

1028

increased by0.19%

Dependency changes

• + Addeddotnet-deps-parser@5.3.0(transitive)

• + Addedjszip@3.10.1(transitive)

• + Addedsetimmediate@1.0.5(transitive)

• + Addedxml2js@0.6.2(transitive)

• - Removeddotnet-deps-parser@5.2.2(transitive)

• - Removedjszip@3.8.0(transitive)

• - Removedset-immediate-shim@1.0.1(transitive)

• Updateddebug@^4.3.4

• Updateddotnet-deps-parser@5.3.0

• Updatedjszip@3.10.1

• Updatedlodash@^4.17.21

• Updatedtslib@^2.6.0

• Updatedxml2js@^0.6.0