Search in sources :

Example 1 with NpmDependency

use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.

the class NpmLockfileGraphTransformer method transformTreeToGraph.

private void transformTreeToGraph(NpmDependency npmDependency, NpmProject npmProject, MutableDependencyGraph dependencyGraph, List<NameVersion> externalDependencies) {
    if (!shouldIncludeDependency(npmDependency)) {
        return;
    }
    npmDependency.getRequires().forEach(required -> {
        logger.trace(String.format("Required package: %s of version: %s", required.getName(), required.getFuzzyVersion()));
        Dependency resolved = lookupDependency(required.getName(), npmDependency, npmProject, externalDependencies);
        if (resolved != null) {
            logger.trace(String.format("Found package: %s with version: %s", resolved.getName(), resolved.getVersion()));
            dependencyGraph.addChildWithParent(resolved, npmDependency);
        } else {
            logger.warn("No dependency found for package: {}", required.getName());
        }
    });
    npmDependency.getDependencies().forEach(child -> transformTreeToGraph(child, npmProject, dependencyGraph, externalDependencies));
}
Also used : Dependency(com.synopsys.integration.bdio.model.dependency.Dependency) NpmDependency(com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency)

Example 2 with NpmDependency

use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.

the class NpmLockfileGraphTransformer method transform.

public DependencyGraph transform(PackageLock packageLock, NpmProject project, List<NameVersion> externalDependencies) {
    DependencyGraph dependencyGraph = new BasicDependencyGraph();
    logger.debug("Processing project.");
    if (packageLock.dependencies != null) {
        logger.debug(String.format("Found %d dependencies in the lockfile.", packageLock.dependencies.size()));
        // First we will recreate the graph from the resolved npm dependencies
        for (NpmDependency resolved : project.getResolvedDependencies()) {
            transformTreeToGraph(resolved, project, dependencyGraph, externalDependencies);
        }
        // Then we will add relationships between the project (root) and the graph
        boolean atLeastOneRequired = !project.getDeclaredDependencies().isEmpty() || !project.getDeclaredDevDependencies().isEmpty() || !project.getDeclaredPeerDependencies().isEmpty();
        if (atLeastOneRequired) {
            addRootDependencies(project.getResolvedDependencies(), project.getDeclaredDependencies(), dependencyGraph, externalDependencies);
            if (npmDependencyTypeFilter.shouldInclude(NpmDependencyType.DEV)) {
                addRootDependencies(project.getResolvedDependencies(), project.getDeclaredDevDependencies(), dependencyGraph, externalDependencies);
            }
            if (npmDependencyTypeFilter.shouldInclude(NpmDependencyType.PEER)) {
                addRootDependencies(project.getResolvedDependencies(), project.getDeclaredPeerDependencies(), dependencyGraph, externalDependencies);
            }
        } else {
            project.getResolvedDependencies().stream().filter(this::shouldIncludeDependency).forEach(dependencyGraph::addChildToRoot);
        }
        logger.debug(String.format("Found %d root dependencies.", dependencyGraph.getRootDependencies().size()));
    } else {
        logger.debug("Lock file did not have a 'dependencies' section.");
    }
    return dependencyGraph;
}
Also used : NpmDependency(com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency) DependencyGraph(com.synopsys.integration.bdio.graph.DependencyGraph) BasicDependencyGraph(com.synopsys.integration.bdio.graph.BasicDependencyGraph) BasicDependencyGraph(com.synopsys.integration.bdio.graph.BasicDependencyGraph)

Example 3 with NpmDependency

use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.

the class NpmDependencyConverter method convertPackageMapToDependencies.

public List<NpmDependency> convertPackageMapToDependencies(NpmDependency parent, Map<String, PackageLockDependency> packageLockDependencyMap) {
    List<NpmDependency> children = new ArrayList<>();
    if (packageLockDependencyMap == null || packageLockDependencyMap.size() == 0) {
        return children;
    }
    for (Map.Entry<String, PackageLockDependency> packageEntry : packageLockDependencyMap.entrySet()) {
        String packageName = packageEntry.getKey();
        PackageLockDependency packageLockDependency = packageEntry.getValue();
        NpmDependency dependency = createNpmDependency(packageName, packageLockDependency.version, packageLockDependency.dev, packageLockDependency.peer);
        dependency.setParent(parent);
        children.add(dependency);
        List<NpmRequires> requires = convertNameVersionMapToRequires(packageLockDependency.requires);
        dependency.addAllRequires(requires);
        List<NpmDependency> grandChildren = convertPackageMapToDependencies(dependency, packageLockDependency.dependencies);
        dependency.addAllDependencies(grandChildren);
    }
    return children;
}
Also used : PackageLockDependency(com.synopsys.integration.detectable.detectables.npm.lockfile.model.PackageLockDependency) NpmDependency(com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency) NpmRequires(com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmRequires) ArrayList(java.util.ArrayList) Map(java.util.Map)

Example 4 with NpmDependency

use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.

the class NpmLockfileGraphTransformer method transformTreeToGraph.

private void transformTreeToGraph(NpmDependency npmDependency, NpmProject npmProject, DependencyGraph dependencyGraph, List<NameVersion> externalDependencies) {
    if (!shouldIncludeDependency(npmDependency)) {
        return;
    }
    npmDependency.getRequires().forEach(required -> {
        logger.trace(String.format("Required package: %s of version: %s", required.getName(), required.getFuzzyVersion()));
        Dependency resolved = lookupDependency(required.getName(), npmDependency, npmProject, externalDependencies);
        if (resolved != null) {
            logger.trace(String.format("Found package: %s with version: %s", resolved.getName(), resolved.getVersion()));
            dependencyGraph.addChildWithParent(resolved, npmDependency);
        } else {
            logger.warn("No dependency found for package: {}", required.getName());
        }
    });
    npmDependency.getDependencies().forEach(child -> transformTreeToGraph(child, npmProject, dependencyGraph, externalDependencies));
}
Also used : Dependency(com.synopsys.integration.bdio.model.dependency.Dependency) NpmDependency(com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency)

Example 5 with NpmDependency

use of com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency in project synopsys-detect by blackducksoftware.

the class NpmDependencyConverter method createNpmDependency.

private NpmDependency createNpmDependency(String name, String version, Boolean isDev, Boolean isPeer) {
    boolean dev = isDev != null && isDev;
    boolean peer = isPeer != null && isPeer;
    ExternalId externalId = externalIdFactory.createNameVersionExternalId(Forge.NPMJS, name, version);
    return new NpmDependency(name, version, externalId, dev, peer);
}
Also used : NpmDependency(com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency) ExternalId(com.synopsys.integration.bdio.model.externalid.ExternalId)

Aggregations

NpmDependency (com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmDependency)6 DependencyGraph (com.synopsys.integration.bdio.graph.DependencyGraph)2 Dependency (com.synopsys.integration.bdio.model.dependency.Dependency)2 ArrayList (java.util.ArrayList)2 BasicDependencyGraph (com.synopsys.integration.bdio.graph.BasicDependencyGraph)1 ExternalId (com.synopsys.integration.bdio.model.externalid.ExternalId)1 NpmProject (com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmProject)1 NpmRequires (com.synopsys.integration.detectable.detectables.npm.lockfile.model.NpmRequires)1 PackageLock (com.synopsys.integration.detectable.detectables.npm.lockfile.model.PackageLock)1 PackageLockDependency (com.synopsys.integration.detectable.detectables.npm.lockfile.model.PackageLockDependency)1 NpmLockfileGraphTransformer (com.synopsys.integration.detectable.detectables.npm.lockfile.parse.NpmLockfileGraphTransformer)1 GraphAssert (com.synopsys.integration.detectable.util.graph.GraphAssert)1 Map (java.util.Map)1 Test (org.junit.jupiter.api.Test)1