Skip to content

Commit

Permalink
Merge pull request #74 from snyk/fix/loadash-dot
Browse files Browse the repository at this point in the history 
fix: switch to lodash 'dot' packages
  • Loading branch information
@FauxFaux
FauxFaux authored Jun 15, 2020
2 parents 009ecc8 + adc8cb1 commit b05dc23
Show file tree
Hide file tree
Showing 5 changed files with 23 additions and 16 deletions.
17 changes: 10 additions & 7 deletions lib/parsers/package-lock-parser.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
import * as _ from '@snyk/lodash';
import * as _cloneDeep from 'lodash.clonedeep';
import * as _isEmpty from 'lodash.isempty';
import * as _set from 'lodash.set';
import * as _toPairs from 'lodash.topairs';
import * as graphlib from '@snyk/graphlib';
import * as uuid from 'uuid/v4';
import { config } from '../config';
Expand Down Expand Up @@ -93,7 +96,7 @@ export class PackageLockParser implements LockfileParser {

const depTree: PkgTree = {
dependencies: {},
hasDevDependencies: !_.isEmpty(manifestFile.devDependencies),
hasDevDependencies: !_isEmpty(manifestFile.devDependencies),
name: manifestFile.name,
size: 1,
version: manifestFile.version || '',
Expand All @@ -102,11 +105,11 @@ export class PackageLockParser implements LockfileParser {
const nodeVersion = manifestFile?.engines?.node;

if (nodeVersion) {
_.set(depTree, 'meta.nodeVersion', nodeVersion);
_set(depTree, 'meta.nodeVersion', nodeVersion);
}

// asked to process empty deps
if (_.isEmpty(manifestFile.dependencies) && !includeDev) {
if (_isEmpty(manifestFile.dependencies) && !includeDev) {
return depTree;
}

Expand Down Expand Up @@ -155,7 +158,7 @@ export class PackageLockParser implements LockfileParser {
if (depTrees[depName]) {
// if the top level dependency is dev, all children are dev
depTree.dependencies[dep.name] = dep.dev
? this.setDevDepRec(_.cloneDeep(depTrees[depName]))
? this.setDevDepRec(_cloneDeep(depTrees[depName]))
: depTrees[depName];
treeSize += depTreesSizes[depName];
if (eventLoopSpinner.isStarving()) {
Expand Down Expand Up @@ -184,7 +187,7 @@ export class PackageLockParser implements LockfileParser {
}

private setDevDepRec(pkgTree: DepTreeDep) {
for (const [name, subTree] of _.entries(pkgTree.dependencies)) {
for (const [name, subTree] of _toPairs(pkgTree.dependencies)) {
pkgTree.dependencies![name] = this.setDevDepRec(subTree);
}
pkgTree.labels = {
Expand Down Expand Up @@ -320,7 +323,7 @@ export class PackageLockParser implements LockfileParser {
): string {
const newNode = node + uuid();
// update depMap with new node
depMap[newNode] = _.cloneDeep(depMap[node]);
depMap[newNode] = _cloneDeep(depMap[node]);
// add new node to the graph
depGraph.setNode(newNode);

Expand Down
9 changes: 5 additions & 4 deletions lib/parsers/yarn-lock-parse-base.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import * as _ from '@snyk/lodash';
import * as _isEmpty from 'lodash.isempty';
import * as _set from 'lodash.set';
import * as pMap from 'p-map';

import {
Expand Down Expand Up @@ -72,20 +73,20 @@ export abstract class YarnLockParseBase<T extends YarnLockFileTypes>

const depTree: PkgTree = {
dependencies: {},
hasDevDependencies: !_.isEmpty(manifestFile.devDependencies),
hasDevDependencies: !_isEmpty(manifestFile.devDependencies),
name: manifestFile.name,
size: 1,
version: manifestFile.version || '',
};

const nodeVersion = manifestFile?.engines?.node;
if (nodeVersion) {
_.set(depTree, 'meta.nodeVersion', nodeVersion);
_set(depTree, 'meta.nodeVersion', nodeVersion);
}

const topLevelDeps: Dep[] = getTopLevelDeps(manifestFile, includeDev);
// asked to process empty deps
if (_.isEmpty(manifestFile.dependencies) && !includeDev) {
if (_isEmpty(manifestFile.dependencies) && !includeDev) {
return depTree;
}

Expand Down
5 changes: 4 additions & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,10 +31,13 @@
"homepage": "https://github.com/snyk/nodejs-lockfile-parser#readme",
"dependencies": {
"@snyk/graphlib": "2.1.9-patch",
"@snyk/lodash": "^4.17.15-patch",
"@yarnpkg/core": "^2.0.0-rc.26",
"@yarnpkg/lockfile": "^1.1.0",
"event-loop-spinner": "^2.0.0",
"lodash.clonedeep": "^4.5.0",
"lodash.isempty": "^4.4.0",
"lodash.set": "^4.3.2",
"lodash.topairs": "^4.3.0",
"p-map": "2.1.0",
"snyk-config": "^3.0.0",
"source-map-support": "^0.5.7",
Expand Down
4 changes: 2 additions & 2 deletions test/lib/package-lock-depTree.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import { test } from 'tap';
import { config } from '../../lib/config';
import { buildDepTreeFromFiles } from '../../lib';
import * as fs from 'fs';
import * as _ from '@snyk/lodash';
import * as _isEmpty from 'lodash.isempty';
import {
InvalidUserInputError,
OutOfSyncError,
Expand Down Expand Up @@ -87,7 +87,7 @@ test('Parse npm package-lock.json with missing package name', async (t) => {
true,
);

t.false(_.isEmpty(depTree.dependencies));
t.false(_isEmpty(depTree.dependencies));
t.equals(depTree.name, 'package.json');
});

Expand Down
4 changes: 2 additions & 2 deletions test/lib/yarn.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import { buildDepTreeFromFiles } from '../../lib';
import { config } from '../../lib/config';
import getRuntimeVersion from '../../lib/get-node-runtime-version';
import * as fs from 'fs';
import * as _ from '@snyk/lodash';
import * as _isEmpty from 'lodash.isempty';
import {
UnsupportedRuntimeError,
InvalidUserInputError,
Expand Down Expand Up @@ -135,7 +135,7 @@ if (getRuntimeVersion() < 6) {
true,
);

t.false(_.isEmpty(depTree.dependencies));
t.false(_isEmpty(depTree.dependencies));
t.equals(depTree.name, 'package.json');
});

Expand Down

0 comments on commit b05dc23

Please sign in to comment.