Class: Dependabot::NpmAndYarn::FileParser::JsonLock

Inherits:
Object
  • Object
show all
Extended by:
T::Sig
Defined in:
lib/dependabot/npm_and_yarn/file_parser/json_lock.rb

Instance Method Summary collapse

Constructor Details

#initialize(dependency_file, dealias_packages: false) ⇒ JsonLock

Returns a new instance of JsonLock.



16
17
18
19
 
# File 'lib/dependabot/npm_and_yarn/file_parser/json_lock.rb', line 16

def initialize(dependency_file, dealias_packages: false)
  @dependency_file = dependency_file
  @dealias_packages = dealias_packages
end

Instance Method Details

#dependenciesObject 



30
31
32
 
# File 'lib/dependabot/npm_and_yarn/file_parser/json_lock.rb', line 30

def dependencies
  recursively_fetch_dependencies(parsed)
end

#details(dependency_name, _requirement, manifest_name) ⇒ Object 



38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/dependabot/npm_and_yarn/file_parser/json_lock.rb', line 38

def details(dependency_name, _requirement, manifest_name)
  if Helpers.parse_npm8?(@dependency_file)
    # NOTE: npm 8 sometimes doesn't install workspace dependencies in the
    # workspace folder so we need to fallback to checking top-level
    nested_details = parsed.dig("packages", node_modules_path(manifest_name, dependency_name))
    details = nested_details || parsed.dig("packages", "node_modules/#{dependency_name}")
    details&.slice("version", "resolved", "integrity", "dev")
  else
    parsed.dig("dependencies", dependency_name)
  end
end

#parsedObject 



22
23
24
25
26
27
 
# File 'lib/dependabot/npm_and_yarn/file_parser/json_lock.rb', line 22

def parsed
  json_obj = JSON.parse(T.must(@dependency_file.content))
  @parsed ||= T.let(json_obj, T.untyped)
rescue JSON::ParserError
  raise Dependabot::DependencyFileNotParseable, @dependency_file.path
end