javascript

package
v1.16.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 4, 2026 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var BunExtractor = BunLockExtractor{
	extractor.WithMatcher{Matchers: []extractor.Matcher{&PackageJSONMatcher{}}},
}
View Source 
var NodeModulesExtractorInstance = NodeModulesExtractor{}
View Source 
var NpmExtractor = NpmLockExtractor{
	extractor.WithMatcher{Matchers: []extractor.Matcher{&PackageJSONMatcher{}}},
}
View Source 
var PnpmExtractor = PnpmLockExtractor{
	extractor.WithMatcher{Matchers: []extractor.Matcher{&PackageJSONMatcher{}}},
}
View Source 
var YarnExtractor = YarnLockExtractor{
	extractor.WithMatcher{Matchers: []extractor.Matcher{&PackageJSONMatcher{}}},
}

Functions

func ParseBunLock 

func ParseBunLock(pathToLockfile string) ([]extractor.PackageDetails, error)

func ParseNpmLock 

func ParseNpmLock(pathToLockfile string) ([]extractor.PackageDetails, error)

func ParsePackageJSON 

func ParsePackageJSON(path string) ([]extractor.PackageDetails, error)

func ParsePnpmLock 

func ParsePnpmLock(pathToLockfile string) ([]extractor.PackageDetails, error)

func ParseYarnLock 

func ParseYarnLock(pathToLockfile string) ([]extractor.PackageDetails, error)

Types

type BunLockExtractor 

type BunLockExtractor struct {
	extractor.WithMatcher
}

func (BunLockExtractor) Extract 

func (e BunLockExtractor) Extract(f extractor.DepFile, context extractor.ScanContext) ([]extractor.PackageDetails, error)

func (BunLockExtractor) IsOfficiallySupported 

func (e BunLockExtractor) IsOfficiallySupported() bool

func (BunLockExtractor) PackageManager 

func (e BunLockExtractor) PackageManager() models.PackageManager

func (BunLockExtractor) ShouldExtract 

func (e BunLockExtractor) ShouldExtract(path string) bool

type BunLockWorkspace 

type BunLockWorkspace struct {
	Dependencies         map[string]string `json:"dependencies"`
	DevDependencies      map[string]string `json:"devDependencies"`
	OptionalDependencies map[string]string `json:"optionalDependencies"`
}

type BunLockfile 

type BunLockfile struct {
	Version    int                          `json:"lockfileVersion"`
	Workspaces map[string]BunLockWorkspace  `json:"workspaces"`
	Packages   map[string][]json.RawMessage `json:"packages"`
}

type NodeModulesExtractor 

type NodeModulesExtractor struct{}

func (NodeModulesExtractor) Extract 

func (e NodeModulesExtractor) Extract(f extractor.DepFile, context extractor.ScanContext) ([]extractor.PackageDetails, error)

func (NodeModulesExtractor) IsOfficiallySupported 

func (e NodeModulesExtractor) IsOfficiallySupported() bool

func (NodeModulesExtractor) PackageManager 

func (e NodeModulesExtractor) PackageManager() models.PackageManager

func (NodeModulesExtractor) ShouldExtract 

func (e NodeModulesExtractor) ShouldExtract(path string) bool

type NpmLockDependency 

type NpmLockDependency struct {
	// For an aliased package, Version is like "npm:[name]@[version]"
	Version      string                        `json:"version"`
	Dependencies map[string]*NpmLockDependency `json:"dependencies,omitempty"`

	Dev      bool `json:"dev,omitempty"`
	Optional bool `json:"optional,omitempty"`

	Requires map[string]string `json:"requires,omitempty"`

	models.FilePosition
}

func (*NpmLockDependency) GetNestedDependencies 

func (dep *NpmLockDependency) GetNestedDependencies() map[string]*models.FilePosition

type NpmLockExtractor 

type NpmLockExtractor struct {
	extractor.WithMatcher
}

func (NpmLockExtractor) Extract 

func (e NpmLockExtractor) Extract(f extractor.DepFile, context extractor.ScanContext) ([]extractor.PackageDetails, error)

func (NpmLockExtractor) IsOfficiallySupported 

func (e NpmLockExtractor) IsOfficiallySupported() bool

func (NpmLockExtractor) PackageManager 

func (e NpmLockExtractor) PackageManager() models.PackageManager

func (NpmLockExtractor) ShouldExtract 

func (e NpmLockExtractor) ShouldExtract(path string) bool

type NpmLockPackage 

type NpmLockPackage struct {
	// For an aliased package, Name is the real package name
	Name     string `json:"name"`
	Version  string `json:"version"`
	Resolved string `json:"resolved"`

	Dependencies         map[string]string `json:"dependencies,omitempty"`
	DevDependencies      map[string]string `json:"devDependencies,omitempty"`
	OptionalDependencies map[string]string `json:"optionalDependencies,omitempty"`
	PeerDependencies     map[string]string `json:"peerDependencies,omitempty"`

	Workspaces []string `json:"workspaces,omitempty"`

	Dev         bool `json:"dev,omitempty"`
	DevOptional bool `json:"devOptional,omitempty"`
	Optional    bool `json:"optional,omitempty"`

	Link bool `json:"link,omitempty"`

	models.FilePosition
}

type NpmLockfile 

type NpmLockfile struct {
	Version    int `json:"lockfileVersion"`
	SourceFile string
	// npm v1- lockfiles use "dependencies"
	Dependencies map[string]*NpmLockDependency `json:"dependencies"`
	// npm v2+ lockfiles use "packages"
	Packages map[string]*NpmLockPackage `json:"packages,omitempty"`
}

type PackageJSONExtractor 

type PackageJSONExtractor struct{}

func (PackageJSONExtractor) Extract 

func (e PackageJSONExtractor) Extract(f extractor.DepFile, context extractor.ScanContext) ([]extractor.PackageDetails, error)

func (PackageJSONExtractor) IsManifestParser 

func (e PackageJSONExtractor) IsManifestParser() bool

func (PackageJSONExtractor) IsOfficiallySupported 

func (e PackageJSONExtractor) IsOfficiallySupported() bool

func (PackageJSONExtractor) PackageManager 

func (e PackageJSONExtractor) PackageManager() models.PackageManager

func (PackageJSONExtractor) ShouldExtract 

func (e PackageJSONExtractor) ShouldExtract(path string) bool

type PackageJSONMatcher 

type PackageJSONMatcher struct {
	// Used to store the patterns for workspaces in a given root package.json
	WorkspacePatterns []string
}

func (PackageJSONMatcher) GetSourceFile 

func (m PackageJSONMatcher) GetSourceFile(depFile extractor.DepFile) (extractor.DepFile, error)

func (PackageJSONMatcher) Match 

func (m PackageJSONMatcher) Match(sourceFile extractor.DepFile, packages []extractor.PackageDetails, context extractor.ScanContext) error

Match works by leveraging the json decoder to only parse json sections of interest (e.g dependencies) Whenever the json decoder try to deserialize a file, it will look at json sections it needs to deserialize and then call the proper UnmarshallJSON method of the type. As the JSON decoder expect us to only deserialize it, not trying to find the exact location in the file of the content, it does not provide us buffer information (offset, file path, etc...)

To work around this limitation, we are pre-filling the structure with all the field we will need during the deserialization :

  • The root type to know which json section we are deserializing
  • The file path to be able to fill properly location fields of extractor.PackageDetails
  • The line offset to be able to compute the line of any found dependencies in the file
  • And a list of pointer to the original extractor.PackageDetails extracted by the parser to be able to modify them with the json section content

type PnpmDependencies 

type PnpmDependencies map[string]PnpmLockDependency

type PnpmDirectDependency 

type PnpmDirectDependency struct {
	Pkg           extractor.PackageDetails
	Dep           PnpmLockDependency
	WorkspacePath string
}

type PnpmImporters 

type PnpmImporters struct {
	Dependencies         PnpmDependencies `yaml:"dependencies,omitempty"`
	OptionalDependencies PnpmDependencies `yaml:"optionalDependencies,omitempty"`
	DevDependencies      PnpmDependencies `yaml:"devDependencies,omitempty"`
}

type PnpmLegacyDependencies 

type PnpmLegacyDependencies map[string]PnpmLegacyLockDependency

func (*PnpmLegacyDependencies) UnmarshalYAML 

func (pnpmDependencies *PnpmLegacyDependencies) UnmarshalYAML(value *yaml.Node) error

UnmarshalYAML is a custom unmarshaler for PnpmLegacyDependencies

type PnpmLegacyLockDependency 

type PnpmLegacyLockDependency struct {
	Specifier string `yaml:"specifier"`
	Version   string `yaml:"version"`
}

type PnpmLegacyLockPackage 

type PnpmLegacyLockPackage struct {
	Resolution PnpmLegacyLockPackageResolution `yaml:"resolution"`
	Name       string                          `yaml:"name"`
	Version    string                          `yaml:"version"`
	Dev        bool                            `yaml:"dev"`
}

type PnpmLegacyLockPackageResolution 

type PnpmLegacyLockPackageResolution struct {
	Tarball string `yaml:"tarball"`
	Commit  string `yaml:"commit"`
	Repo    string `yaml:"repo"`
	Type    string `yaml:"type"`
}

type PnpmLegacyLockPackages 

type PnpmLegacyLockPackages map[string]PnpmLegacyLockPackage

type PnpmLegacyLockfile 

type PnpmLegacyLockfile struct {
	Version              string                 `yaml:"lockfileVersion"`
	Packages             PnpmLegacyLockPackages `yaml:"packages,omitempty"`
	Specifiers           PnpmLegacySpecifiers   `yaml:"specifiers,omitempty"`
	Dependencies         PnpmLegacyDependencies `yaml:"dependencies,omitempty"`
	OptionalDependencies PnpmLegacyDependencies `yaml:"optionalDependencies,omitempty"`
	DevDependencies      PnpmLegacyDependencies `yaml:"devDependencies,omitempty"`
}

type PnpmLegacySpecifiers 

type PnpmLegacySpecifiers map[string]string

type PnpmLockDependency 

type PnpmLockDependency struct {
	Specifier string `yaml:"specifier"`
	Version   string `yaml:"version"`
}

type PnpmLockExtractor 

type PnpmLockExtractor struct {
	extractor.WithMatcher
}

func (PnpmLockExtractor) Extract 

func (e PnpmLockExtractor) Extract(f extractor.DepFile, context extractor.ScanContext) ([]extractor.PackageDetails, error)

func (PnpmLockExtractor) IsOfficiallySupported 

func (e PnpmLockExtractor) IsOfficiallySupported() bool

func (PnpmLockExtractor) PackageManager 

func (e PnpmLockExtractor) PackageManager() models.PackageManager

func (PnpmLockExtractor) ShouldExtract 

func (e PnpmLockExtractor) ShouldExtract(path string) bool

type PnpmLockPackageResolution 

type PnpmLockPackageResolution struct {
	Tarball string `yaml:"tarball"`
	Commit  string `yaml:"commit"`
	Repo    string `yaml:"repo"`
	Type    string `yaml:"type"`
}

type PnpmLockPackages 

type PnpmLockPackages map[string]PnpmPackage

type PnpmLockfile 

type PnpmLockfile struct {
	Version   string                   `yaml:"lockfileVersion"`
	Importers map[string]PnpmImporters `yaml:"importers,omitempty"`
	Packages  PnpmLockPackages         `yaml:"packages,omitempty"`
	Snapshots map[string]PnpmSnapshot  `yaml:"snapshots,omitempty"`
}

type PnpmPackage 

type PnpmPackage struct {
	Resolution map[string]string `yaml:"resolution"`
	Version    string            `yaml:"version"`
}

type PnpmSnapshot 

type PnpmSnapshot struct {
	Dependencies         map[string]string `yaml:"dependencies"`
	OptionalDependencies map[string]string `yaml:"optionalDependencies"`
}

type WorkspacePackageJSON 

type WorkspacePackageJSON struct {
	Workspaces []string `json:"workspaces"`
}

type YarnBerryEntry 

type YarnBerryEntry struct {
	Checksum   string              `json:"checksum"`
	Resolution YarnBerryResolution `json:"resolution"`
}

type YarnBerryJSON 

type YarnBerryJSON struct {
	Metadata struct {
		Version int `json:"version"`
	} `json:"__metadata"`
	Entries map[string]YarnBerryEntry `json:"entries"`
}

YarnBerryJSON represents the Yarn v4+ JSON lockfile format (version 9+)

type YarnBerryResolution 

type YarnBerryResolution struct {
	Resolution   string            `json:"resolution"`
	Version      string            `json:"version"`
	Dependencies map[string]string `json:"dependencies,omitempty"`
}

type YarnDependency 

type YarnDependency struct {
	Name     string
	Version  string
	Registry string
}

type YarnLockExtractor 

type YarnLockExtractor struct {
	extractor.WithMatcher
}

func (YarnLockExtractor) Extract 

func (e YarnLockExtractor) Extract(f extractor.DepFile, context extractor.ScanContext) ([]extractor.PackageDetails, error)

func (YarnLockExtractor) IsOfficiallySupported 

func (e YarnLockExtractor) IsOfficiallySupported() bool

func (YarnLockExtractor) PackageManager 

func (e YarnLockExtractor) PackageManager() models.PackageManager

func (YarnLockExtractor) ShouldExtract 

func (e YarnLockExtractor) ShouldExtract(path string) bool

type YarnPackage 

type YarnPackage struct {
	Name          string
	Version       string
	TargetVersion string
	Resolution    string
	Dependencies  []YarnDependency
	WorkspacePath string
	BlockLocation models.FilePosition
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.