From 381909f481a04b227013d002a237eb091e0671d4 Mon Sep 17 00:00:00 2001 From: Varsha U N Date: Sat, 16 Nov 2024 13:50:23 +0530 Subject: [PATCH] added support for package-lock.json Signed-off-by:VarshaUN --- src/packagedcode/npm.py | 13 ++++++++++++- tests/packagedcode/test_npm.py | 13 +++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/src/packagedcode/npm.py b/src/packagedcode/npm.py index f2a8aff6bc..64dade4be2 100644 --- a/src/packagedcode/npm.py +++ b/src/packagedcode/npm.py @@ -566,6 +566,17 @@ def _parse(cls, json_data, package_only=False): ('dist', dist_mapper), ] + hidden_lockfile = json_data.get('hiddenLockfile', False) + dependencies = json_data.get('dependencies', {}) + for dep_name, dep_data in dependencies.items(): + if 'version' not in dep_data: + if dep_data.get('bundled'): dep_data['type'] = 'bundled' + if 'registry' in dep_data: dep_data['type'] = 'registry' + if 'git' in dep_data: dep_data['type'] = 'git' + if 'http' in dep_data: dep_data['type'] = 'http' + if 'tarball' in dep_data: dep_data['type'] = 'tarball' + if 'link' in dep_data: dep_data['type'] = 'link' + extra_data = {} extra_data_fields = ['workspaces', 'engines', 'packageManager'] for extra_data_field in extra_data_fields: @@ -599,7 +610,7 @@ def _parse(cls, json_data, package_only=False): logger_debug(f'NpmPackageJsonHandler: parse: package: {package.to_dict()}') return package - + @classmethod def parse(cls, location, package_only=False): with io.open(location, encoding='utf-8') as loc: diff --git a/tests/packagedcode/test_npm.py b/tests/packagedcode/test_npm.py index 2e5d5e4f33..e2f5b759fb 100644 --- a/tests/packagedcode/test_npm.py +++ b/tests/packagedcode/test_npm.py @@ -374,6 +374,19 @@ def test_npm_yarn_lock_v1_parse_alias(self): packages = npm.YarnLockV1Handler.parse(test_file) self.check_packages_data(packages, expected_loc, regen=REGEN_TEST_FIXTURES) + def test_parse_hidden_lockfile(self): + test_file = self.get_test_loc('npm/package-lock-latest/package-lock.json') + expected_loc = self.get_test_loc('npm/package-lock-latest/package-lock.json-expected') + packages = npm.NpmPackageLockJsonHandler.parse(test_file) + self.check_packages_data(packages, expected_loc, regen=REGEN_TEST_FIXTURES) + + def test_parse_non_versions(self): + test_file = self.get_test_loc('npm/package-lock-latest/package-lock.json') + expected_loc = self.get_test_loc('npm/package-lock-latest/package-lock.json-expected') + packages = npm.NpmPackageLockJsonHandler.parse(test_file) + self.check_packages_data(packages, expected_loc, regen=REGEN_TEST_FIXTURES) + + def test_is_datafile_pnpm_shrinkwrap_yaml(self): test_file = self.get_test_loc('npm/pnpm/shrinkwrap/v3/vuepack/shrinkwrap.yaml') assert npm.PnpmShrinkwrapYamlHandler.is_datafile(test_file)