MCPcopy Create free account
hub / github.com/XmirrorSecurity/OpenSCA-cli / ParsePackageJsonWithLock

Function ParsePackageJsonWithLock

opensca/sca/javascript/npm.go:189–262  ·  view source on GitHub ↗

ParsePackageJsonWithLock 借助package.lock解析package.json

(pkgjson *PackageJson, pkglock *PackageLock)

Source from the content-addressed store, hash-verified

187
188// ParsePackageJsonWithLock 借助package.lock解析package.json
189func ParsePackageJsonWithLock(pkgjson *PackageJson, pkglock *PackageLock) *model.DepGraph {
190
191 if pkglock.LockfileVersion == 3 {
192 return ParsePackageJsonWithLockV3(pkgjson, pkglock)
193 }
194
195 // map[key]
196 depNameMap := map[string]*model.DepGraph{}
197 devDepNameMap := map[string]*model.DepGraph{}
198 _dep := _depSet().LoadOrStore
199
200 // 记录依赖
201 for name, lockDep := range pkglock.Dependencies {
202 if lockDep.Develop {
203 devDepNameMap[name] = _dep(name, lockDep.Version, "dev")
204 } else {
205 depNameMap[name] = _dep(name, lockDep.Version)
206 }
207 }
208
209 // 构建依赖关系
210 for name, lockDep := range pkglock.Dependencies {
211 lockDep.name = name
212 q := []*PackageLockDep{lockDep}
213 for len(q) > 0 {
214 n := q[0]
215 q = q[1:]
216
217 var dep *model.DepGraph
218 if n.Develop {
219 dep = _dep(n.name, n.Version, "dev")
220 } else {
221 dep = _dep(n.name, n.Version)
222 }
223
224 dup := map[string]bool{}
225 for name, sub := range n.Dependencies {
226 dup[name] = true
227 sub.name = name
228 q = append(q, sub)
229 if sub.Develop || n.Develop {
230 dep.AppendChild(_dep(name, sub.Version, "dev"))
231 } else {
232 dep.AppendChild(_dep(name, sub.Version))
233 }
234 }
235
236 for name := range n.Requires {
237 if dup[name] {
238 continue
239 }
240 if n.Develop {
241 dep.AppendChild(devDepNameMap[name])
242 } else {
243 dep.AppendChild(depNameMap[name])
244 }
245 }
246

Callers 1

ScaMethod · 0.85

Calls 4

AppendChildMethod · 0.95
_depSetFunction · 0.85
RelpathMethod · 0.80

Tested by

no test coverage detected