snyk-resolve-deps
Advanced tools
Comparing version 1.1.3 to 1.1.4
@@ -27,6 +27,3 @@ module.exports = loadModules; | ||
if (e.code === 'NO_PACKAGE_FOUND') { | ||
return { | ||
name: name, | ||
version: tree.__dependencies[name], | ||
}; | ||
return false; | ||
} | ||
@@ -40,3 +37,3 @@ })); | ||
return Promise.all(missing).then(function (packages) { | ||
packages.forEach(function (pkg) { | ||
packages.filter(Boolean).forEach(function (pkg) { | ||
pkg.dep = tree.__dependencies[pkg.name]; | ||
@@ -204,3 +201,3 @@ tree.dependencies[pkg.name] = pkg; | ||
// there's no node_modules directory, that's fine, there's no deps | ||
modules.dependencies = false; | ||
modules.dependencies = {}; | ||
return modules; | ||
@@ -207,0 +204,0 @@ } |
@@ -39,20 +39,36 @@ module.exports = logicalTree; | ||
walk(fileTree.dependencies, function (dep) { | ||
var removedPaths = []; | ||
// do a shallow pass on the deps and strip out dev deps | ||
Object.keys(fileTree.dependencies).forEach(function (name) { | ||
var dep = fileTree.dependencies[name]; | ||
// if we're not interested in devDeps, then strip them out | ||
// debugger; | ||
if (!options.dev && dep.depType === depTypes.DEV) { | ||
// since dev deps are only ever on the root, we know we can remove it | ||
// directly from the logicalRoot.dependencies | ||
removedPaths.push(dep.__from); | ||
delete logicalRoot.dependencies[dep.name]; | ||
return; | ||
} | ||
}); | ||
walk(fileTree.dependencies, function (dep) { | ||
if (!dep.__used) { | ||
var deppath = dep.__from.slice(0, -1).toString(); | ||
var removed = removedPaths.filter(function (path) { | ||
return deppath.indexOf(path) === 0; | ||
}).length; | ||
if (removed) { | ||
return false; // this was from a dev dep, so let's lose it | ||
} | ||
dep.extraneous = true; | ||
dep.depType = depTypes.EXTRANEOUS; | ||
var issue = ext + ': ' + (dep.__from || []).join(' > ') + | ||
' > ' + dep.full; | ||
var issue = ext + ': ' + dep.name + '@' + dep.version + ' (from ' + | ||
dep.dep + ') > ' + dep.__filename; | ||
dep.problems = [issue]; | ||
problem(logicalRoot, issue); | ||
insertLeaf(logicalRoot, dep); | ||
insertLeaf(logicalRoot, dep, fileTree); | ||
} | ||
@@ -70,3 +86,5 @@ }); | ||
for (var i = 0; i < path.length; i++) { | ||
entry = entry[path[i]].dependencies; | ||
if (entry[path[i]]) { | ||
entry = entry[path[i]].dependencies; | ||
} | ||
} | ||
@@ -85,4 +103,7 @@ entry[leaf.name] = leaf; | ||
// only include the devDeps on the root level package | ||
var deps = _.extend({}, tree.__dependencies, tree.__from.length === 1 ? | ||
tree.__devDependencies : {}); | ||
if (!tree.__from) { | ||
debugger; | ||
} | ||
var deps = _.extend({}, tree.__dependencies, | ||
tree.__from && tree.__from.length === 1 ? tree.__devDependencies : {}); | ||
return Object.keys(deps).reduce(function walkDepsPicker(acc, curr) { | ||
@@ -89,0 +110,0 @@ var version = deps[curr]; |
@@ -10,7 +10,13 @@ module.exports = pluck; | ||
if (range === 'latest') { | ||
range = '*'; | ||
} | ||
// Cycle through the tree path via the root tree object **ala node require**. | ||
// note that we don't need the first item in the path (which is the root | ||
// package name). | ||
var rootPath = moduleToObject(path[0]).name; | ||
var from = path.slice(0); | ||
var rootPath = moduleToObject(from.shift()).name; | ||
// if the root of the virtual tree doesn't even match our path, bail out | ||
if (rootPath !== root.name) { | ||
@@ -20,44 +26,45 @@ return false; | ||
// make a copy (in case it's an important ref) | ||
var from = path.map(stripVersion).slice(1); | ||
var deps = false; | ||
var leaf = false; | ||
var match = false; | ||
// do a check to see if the last item in the path is actually the package | ||
// we're looking for, and if it is, drop it | ||
if (from.length) { | ||
var tip = moduleToObject(from.slice(-1).pop()); | ||
// note: this could miss the situation when dep@2 > dep@1 ...unsure | ||
if (tip.name === name) { | ||
from.pop(); | ||
} | ||
} | ||
leaf = root; | ||
var position = 0; | ||
var leafStack = [root]; | ||
// strip any extraneous data from the package names | ||
from = from.map(stripVersion); | ||
if (from.length === 0) { | ||
return getMatch(getDependency(root, name), range); | ||
} | ||
// walk the depth of `from` to find the `dependencies` property from `root` | ||
// if it can't be found, pop `from` and try again until `from` is empty | ||
do { | ||
deps = getDependency(leaf, from[position]); | ||
var pkg = findPackage(root, from, name, range); | ||
if (deps) { | ||
match = getMatch(getDependency(deps, name), range); | ||
if (match) { | ||
return match; // break | ||
} | ||
if (pkg) { | ||
return pkg; | ||
} | ||
} while (from.pop()); | ||
// store the old leaf | ||
leafStack.push(leaf); | ||
return false; | ||
} | ||
// and move forward | ||
leaf = deps; | ||
} else { | ||
// rewind back through the leaves | ||
position--; | ||
leaf = leafStack.pop(); | ||
} | ||
function findPackage(root, from, name, range) { | ||
var deps; | ||
do { | ||
deps = from.reduce(findDependencyLeaf, root); | ||
} while (!deps && from.shift()); | ||
position++; | ||
} while (position < from.length); | ||
var match = getMatch(deps, name, range); | ||
// handle the case where the found package is at the very root | ||
if (getDependency(root, name)) { | ||
return getMatch(root.dependencies[name], range); | ||
if (match) { | ||
return match; | ||
} | ||
} | ||
function findDependencyLeaf(acc, curr) { | ||
if (acc.dependencies && acc.dependencies[curr]) { | ||
return acc.dependencies[curr]; | ||
} | ||
return false; | ||
@@ -71,6 +78,8 @@ } | ||
function getMatch(dep, range) { | ||
function getMatch(root, name, range) { | ||
var dep = root.dependencies && root.dependencies[name]; | ||
if (!dep) { | ||
return false; | ||
} | ||
var version = dep.version; | ||
@@ -95,10 +104,2 @@ debug('pluck match on name...checking version: %s ~= %s', version, range); | ||
return false; | ||
} | ||
function getDependency(leaf, name) { | ||
if (!leaf || !leaf.dependencies) { | ||
return null; | ||
} | ||
return leaf.dependencies[name] || null; | ||
} |
@@ -45,3 +45,3 @@ { | ||
}, | ||
"version": "1.1.3" | ||
"version": "1.1.4" | ||
} |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
180053
507