Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⭐️ npm.packages resource #3333

Merged
merged 6 commits into from
Feb 16, 2024
Merged

⭐️ npm.packages resource #3333

merged 6 commits into from
Feb 16, 2024

Conversation

chris-rock
Copy link
Member

@chris-rock chris-rock commented Feb 15, 2024
edited
Loading

This PR adds a new npm resource to gather npm pacakges.

It supports finding the globally installed packages via:

// returns all globally installed direct and transitive dependencies on your operating system
cnquery> npm.packages
npm.global.list: [
  0: npm.package name="npm" version="10.2.4"
  1: npm.package name="yarn" version="1.22.21"
]

// to query the direct dependencies, use use the directDependencies field
cnquery> npm.packages.directDependencies
npm.packages.directDependencies: [
  0: npm.package name="npm" version="10.2.4"
  1: npm.package name="yarn" version="1.22.21"
]

You can also parse individual projects:

// gather transitive dependencies
cnquery> npm.packages("/Users/chris/github/jquery/jquery")
npm.packages.list: [
  0: npm.package name="jquery" version="4.0.0-pre"
  2: npm.package name="node_modules/@aashutoshrathi/word-wrap" version="1.2.6"
  3: npm.package name="node_modules/@babel/cli" version="7.22.9"
  4: npm.package name="node_modules/@babel/cli/node_modules/glob" version="7.2.3"
  5: npm.package name="node_modules/@babel/cli/node_modules/minimatch" version="3.1.2"
  6: npm.package name="node_modules/@babel/code-frame" version="7.22.13"
...

// the root package is available via the root field
cnquery>  npm.packages("/Users/chris/trials/jquery/jquery").root
npm.packages.root: npm.package name="jquery" version="4.0.0-pre"

// in case the package has direct dependencies, you can query that via:
cnquery> npm.packages("/Users/chris/trials/jquery/jquery").directDependencies
npm.packages.directDependencies: []

@chris-rock chris-rock force-pushed the chris-rock/npm-resources-mql branch from 2afdf9a to 870117b Compare February 16, 2024 15:02
@chris-rock chris-rock marked this pull request as ready for review February 16, 2024 15:02
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 16, 2024
edited
Loading

Test Results

2 790 tests  +1   2 789 ✅ +1   47s ⏱️ -5s
  186 suites ±0       1 💤 ±0 
    5 files   ±0       0 ❌ ±0 

Results for commit b1387f8. ± Comparison against base commit b4b0122.

This pull request removes 4 and adds 5 tests. Note that renamed tests count towards both. 
go.mondoo.com/cnquery/v10/llx ‑ TestSuccess/2024-02-16_12:09:26.018262027_+0000_UTC_m=+0.011313872
go.mondoo.com/cnquery/v10/llx ‑ TestTruthy/2024-02-16_12:09:26.018262027_+0000_UTC_m=+0.011313872
go.mondoo.com/cnquery/v10/llx ‑ TestTruthy/2024-02-16_12:09:26.018262027_+0000_UTC_m=+0.011313872#01
go.mondoo.com/cnquery/v10/providers/os/resources/npm ‑ TestPackageJsonLockParser

go.mondoo.com/cnquery/v10/llx ‑ TestSuccess/2024-02-16_09:57:04.499621508_+0000_UTC_m=+0.011226490
go.mondoo.com/cnquery/v10/llx ‑ TestTruthy/2024-02-16_09:57:04.499621508_+0000_UTC_m=+0.011226490
go.mondoo.com/cnquery/v10/llx ‑ TestTruthy/2024-02-16_09:57:04.499621508_+0000_UTC_m=+0.011226490#01
go.mondoo.com/cnquery/v10/providers/os/resources/npm ‑ TestPackageJsonLockWithDependencies
go.mondoo.com/cnquery/v10/providers/os/resources/npm ‑ TestPackageJsonLockWithPackages

♻️ This comment has been updated with latest results.

@chris-rock chris-rock force-pushed the chris-rock/npm-resources-mql branch from 870117b to 6992bd4 Compare February 16, 2024 15:09
@chris-rock chris-rock marked this pull request as draft February 16, 2024 15:09
@chris-rock chris-rock force-pushed the chris-rock/npm-resources-mql branch from 6992bd4 to bb5e00f Compare February 16, 2024 17:24
@chris-rock chris-rock marked this pull request as ready for review February 16, 2024 17:25
@chris-rock chris-rock force-pushed the chris-rock/npm-resources-mql branch from bb5e00f to 2ae6bcd Compare February 16, 2024 17:29
jaym
jaym reviewed Feb 16, 2024
View reviewed changes
providers/os/resources/npm.go
afs := &afero.Afero{Fs: conn.FileSystem()}
isDir, err := afs.IsDir(path)
if err != nil {
return nil, nil, nil, nil, err
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nit] it might be a good time to introduce a struct to return. that's a lot of return values

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will do that in another round. great idea.

imilchev
imilchev reviewed Feb 16, 2024
View reviewed changes
providers/os/resources/npm.go Outdated Show resolved Hide resolved
providers/os/resources/npm.go
if err != nil {
continue
}
for i := range files {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

since we use 1.22 you can safely do for _, f := range files

Copy link
Member Author

@chris-rock chris-rock Feb 16, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I still do not trust go on this 🤣 That burned me too often.

providers/os/resources/npm.go Outdated Show resolved Hide resolved
@chris-rock chris-rock force-pushed the chris-rock/npm-resources-mql branch from a481073 to b1387f8 Compare February 16, 2024 18:10
@chris-rock chris-rock merged commit 0bb01bd into main Feb 16, 2024
14 checks passed
@chris-rock chris-rock deleted the chris-rock/npm-resources-mql branch February 16, 2024 18:23
@github-actions github-actions bot locked and limited conversation to collaborators Feb 16, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@imilchev imilchev imilchev left review comments

@jaym jaym jaym approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chris-rock @jaym @imilchev