use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.
the class NpmLockfileGraphTransformer method transformTreeToGraph.
private void transformTreeToGraph(NpmDependency npmDependency, NpmProject npmProject, MutableDependencyGraph dependencyGraph, List<NameVersion> externalDependencies) {
if (!shouldIncludeDependency(npmDependency)) {
return;
}
npmDependency.getRequires().forEach(required -> {
logger.trace(String.format("Required package: %s of version: %s", required.getName(), required.getFuzzyVersion()));
Dependency resolved = lookupDependency(required.getName(), npmDependency, npmProject, externalDependencies);
if (resolved != null) {
logger.trace(String.format("Found package: %s with version: %s", resolved.getName(), resolved.getVersion()));
dependencyGraph.addChildWithParent(resolved, npmDependency);
} else {
logger.warn("No dependency found for package: {}", required.getName());
}
});
npmDependency.getDependencies().forEach(child -> transformTreeToGraph(child, npmProject, dependencyGraph, externalDependencies));
}
use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.
the class NpmLockfileGraphTransformer method transform.
public DependencyGraph transform(PackageLock packageLock, NpmProject project, List<NameVersion> externalDependencies) {
DependencyGraph dependencyGraph = new BasicDependencyGraph();
logger.debug("Processing project.");
if (packageLock.dependencies != null) {
logger.debug(String.format("Found %d dependencies in the lockfile.", packageLock.dependencies.size()));
// First we will recreate the graph from the resolved npm dependencies
for (NpmDependency resolved : project.getResolvedDependencies()) {
transformTreeToGraph(resolved, project, dependencyGraph, externalDependencies);
}
// Then we will add relationships between the project (root) and the graph
boolean atLeastOneRequired = !project.getDeclaredDependencies().isEmpty() || !project.getDeclaredDevDependencies().isEmpty() || !project.getDeclaredPeerDependencies().isEmpty();
if (atLeastOneRequired) {
addRootDependencies(project.getResolvedDependencies(), project.getDeclaredDependencies(), dependencyGraph, externalDependencies);
if (npmDependencyTypeFilter.shouldInclude(NpmDependencyType.DEV)) {
addRootDependencies(project.getResolvedDependencies(), project.getDeclaredDevDependencies(), dependencyGraph, externalDependencies);
}
if (npmDependencyTypeFilter.shouldInclude(NpmDependencyType.PEER)) {
addRootDependencies(project.getResolvedDependencies(), project.getDeclaredPeerDependencies(), dependencyGraph, externalDependencies);
}
} else {
project.getResolvedDependencies().stream().filter(this::shouldIncludeDependency).forEach(dependencyGraph::addChildToRoot);
}
logger.debug(String.format("Found %d root dependencies.", dependencyGraph.getRootDependencies().size()));
} else {
logger.debug("Lock file did not have a 'dependencies' section.");
}
return dependencyGraph;
}
use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.
the class NpmDependencyConverter method convertPackageMapToDependencies.
public List<NpmDependency> convertPackageMapToDependencies(NpmDependency parent, Map<String, PackageLockDependency> packageLockDependencyMap) {
List<NpmDependency> children = new ArrayList<>();
if (packageLockDependencyMap == null || packageLockDependencyMap.size() == 0) {
return children;
}
for (Map.Entry<String, PackageLockDependency> packageEntry : packageLockDependencyMap.entrySet()) {
String packageName = packageEntry.getKey();
PackageLockDependency packageLockDependency = packageEntry.getValue();
NpmDependency dependency = createNpmDependency(packageName, packageLockDependency.version, packageLockDependency.dev, packageLockDependency.peer);
dependency.setParent(parent);
children.add(dependency);
List<NpmRequires> requires = convertNameVersionMapToRequires(packageLockDependency.requires);
dependency.addAllRequires(requires);
List<NpmDependency> grandChildren = convertPackageMapToDependencies(dependency, packageLockDependency.dependencies);
dependency.addAllDependencies(grandChildren);
}
return children;
}
use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.
the class NpmLockfileGraphTransformer method transformTreeToGraph.
private void transformTreeToGraph(NpmDependency npmDependency, NpmProject npmProject, DependencyGraph dependencyGraph, List<NameVersion> externalDependencies) {
if (!shouldIncludeDependency(npmDependency)) {
return;
}
npmDependency.getRequires().forEach(required -> {
logger.trace(String.format("Required package: %s of version: %s", required.getName(), required.getFuzzyVersion()));
Dependency resolved = lookupDependency(required.getName(), npmDependency, npmProject, externalDependencies);
if (resolved != null) {
logger.trace(String.format("Found package: %s with version: %s", resolved.getName(), resolved.getVersion()));
dependencyGraph.addChildWithParent(resolved, npmDependency);
} else {
logger.warn("No dependency found for package: {}", required.getName());
}
});
npmDependency.getDependencies().forEach(child -> transformTreeToGraph(child, npmProject, dependencyGraph, externalDependencies));
}
use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.
the class NpmDependencyConverter method createNpmDependency.
private NpmDependency createNpmDependency(String name, String version, Boolean isDev, Boolean isPeer) {
boolean dev = isDev != null && isDev;
boolean peer = isPeer != null && isPeer;
ExternalId externalId = externalIdFactory.createNameVersionExternalId(Forge.NPMJS, name, version);
return new NpmDependency(name, version, externalId, dev, peer);
}
Aggregations