From d55499bae704f7eebb266bab208256d51b2c8cee Mon Sep 17 00:00:00 2001 From: fraxken Date: Sat, 29 Nov 2025 11:47:38 +0100 Subject: [PATCH] chore!: update scanner to v8.x --- package.json | 2 +- public/components/views/home/home.js | 2 +- public/components/views/home/report/report.js | 6 ++--- public/main.js | 5 ++--- src/commands/summary.js | 4 ++-- test/commands/cache.test.js | 6 ++++- test/fixtures/result-test1.json | 6 ++++- test/fixtures/result-test2.json | 6 ++++- workspaces/cache/package.json | 2 +- workspaces/cache/src/index.ts | 22 ++++++++++--------- workspaces/cache/test/index.test.ts | 17 +++++++++++--- workspaces/server/src/endpoints/data.ts | 7 +++--- workspaces/server/src/endpoints/report.ts | 6 ++--- .../server/src/websocket/commands/search.ts | 3 +-- .../server/test/fixtures/httpServer.json | 6 ++++- workspaces/vis-network/package.json | 2 +- workspaces/vis-network/src/dataset.js | 2 +- .../vis-network/test/dataset-payload.json | 6 ++++- 18 files changed, 71 insertions(+), 39 deletions(-) diff --git a/package.json b/package.json index 2326ed67..56d0015c 100644 --- a/package.json +++ b/package.json @@ -99,7 +99,7 @@ "@nodesecure/ossf-scorecard-sdk": "^3.2.1", "@nodesecure/rc": "^5.0.0", "@nodesecure/report": "4.0.0", - "@nodesecure/scanner": "^7.1.0", + "@nodesecure/scanner": "8.1.0", "@nodesecure/server": "1.0.0", "@nodesecure/utils": "^2.2.0", "@nodesecure/vulnera": "^2.0.1", diff --git a/public/components/views/home/home.js b/public/components/views/home/home.js index 5b678b99..4a9af0d9 100644 --- a/public/components/views/home/home.js +++ b/public/components/views/home/home.js @@ -398,7 +398,7 @@ export class HomeView { handleReport() { document.querySelector(".home--header--report").addEventListener("click", async() => { const popupReport = document.createElement("popup-report"); - popupReport.rootDependencyName = this.secureDataSet.data.rootDependencyName; + popupReport.dependencyName = this.secureDataSet.data.rootDependency.name; popupReport.theme = this.secureDataSet.theme; window.dispatchEvent(new CustomEvent(EVENTS.MODAL_OPENED, { detail: { diff --git a/public/components/views/home/report/report.js b/public/components/views/home/report/report.js index 6f88a3a7..b56506e1 100644 --- a/public/components/views/home/report/report.js +++ b/public/components/views/home/report/report.js @@ -157,7 +157,7 @@ class PopupReport extends LitElement { static properties = { theme: { type: String }, - rootDependencyName: { type: String }, + dependencyName: { type: String }, isLoading: { type: Boolean } }; @@ -193,7 +193,7 @@ class PopupReport extends LitElement { render() { const { popup: { report } } = window.i18n[currentLang()]; - const defaultTitle = `${this.rootDependencyName}'s report`; + const defaultTitle = `${this.dependencyName}'s report`; return html`
@@ -236,7 +236,7 @@ class PopupReport extends LitElement { } this.isLoading = true; const formData = new FormData(e.target); - const title = formData.get("title") || `${this.rootDependencyName} 's report`; + const title = formData.get("title") || `${this.dependencyName} 's report`; const theme = formData.get("theme"); const includesAllDeps = formData.get("includesAllDeps") === "includesAllDeps"; diff --git a/public/main.js b/public/main.js index cbd8c9ea..6ad77cc1 100644 --- a/public/main.js +++ b/public/main.js @@ -57,9 +57,8 @@ async function onSocketPayload(event) { const data = event.detail; const { payload } = data; - // TODO: implement rootDependency as a whole spec in scanner - const rootDepVersion = Object.keys(payload.dependencies[payload.rootDependencyName].versions)[0]; - window.activePackage = payload.rootDependencyName + "@" + rootDepVersion; + const { name, version } = payload.rootDependency; + window.activePackage = name + "@" + version; await init({ navigateToNetworkView: true }); initSearchNav(payload, { diff --git a/src/commands/summary.js b/src/commands/summary.js index dc800cd5..a0c9dc75 100644 --- a/src/commands/summary.js +++ b/src/commands/summary.js @@ -19,10 +19,10 @@ export async function main(json = "nsecure-result.json") { await i18n.getLocalLang(); const dataFilePath = path.join(process.cwd(), json); const rawAnalysis = await fs.readFile(dataFilePath, { encoding: "utf-8" }); - const { rootDependencyName, dependencies } = JSON.parse(rawAnalysis); + const { rootDependency, dependencies } = JSON.parse(rawAnalysis); const ui = cliui({ width: 80 }); - const title = `${white().bold(`${i18n.getTokenSync("ui.stats.title")}:`)} ${cyan().bold(rootDependencyName)}`; + const title = `${white().bold(`${i18n.getTokenSync("ui.stats.title")}:`)} ${cyan().bold(rootDependency.name)}`; ui.div( { text: title, width: 50 } ); diff --git a/test/commands/cache.test.js b/test/commands/cache.test.js index 15c8d564..60f47b13 100644 --- a/test/commands/cache.test.js +++ b/test/commands/cache.test.js @@ -29,7 +29,11 @@ describe("Cache command", { concurrency: 1 }, () => { before(async() => { if (fs.existsSync(DEFAULT_PAYLOAD_PATH) === false) { dummyPayload = { - rootDependencyName: "test_runner", + rootDependency: { + name: "test_runner", + version: "1.0.0", + integrity: null + }, dependencies: { test_runner: { versions: { diff --git a/test/fixtures/result-test1.json b/test/fixtures/result-test1.json index 41497758..465573b8 100644 --- a/test/fixtures/result-test1.json +++ b/test/fixtures/result-test1.json @@ -1,6 +1,10 @@ { "id": "mMKxqU", - "rootDependencyName": "express", + "rootDependency": { + "name": "express", + "version": "3.0.0", + "integrity": null + }, "scannerVersion": "6.1.0", "vulnerabilityStrategy": "none", "warnings": [], diff --git a/test/fixtures/result-test2.json b/test/fixtures/result-test2.json index 3cbf2325..5ca4e08e 100644 --- a/test/fixtures/result-test2.json +++ b/test/fixtures/result-test2.json @@ -1,6 +1,10 @@ { "id": "RGGiTs", - "rootDependencyName": "express", + "rootDependency": { + "name": "express", + "version": "3.0.0", + "integrity": null + }, "version": "3.0.0", "vulnerabilityStrategy": "none", "warnings": [] diff --git a/workspaces/cache/package.json b/workspaces/cache/package.json index 296a08ef..6aea1772 100644 --- a/workspaces/cache/package.json +++ b/workspaces/cache/package.json @@ -23,7 +23,7 @@ "dependencies": { "@nodesecure/flags": "3.0.3", "@nodesecure/js-x-ray": "10.2.0", - "@nodesecure/scanner": "7.2.0", + "@nodesecure/scanner": "8.1.0", "cacache": "20.0.3" } } diff --git a/workspaces/cache/src/index.ts b/workspaces/cache/src/index.ts index df20e708..eb47465c 100644 --- a/workspaces/cache/src/index.ts +++ b/workspaces/cache/src/index.ts @@ -152,24 +152,25 @@ export class AppCache { } const payload = JSON.parse(fs.readFileSync(DEFAULT_PAYLOAD_PATH, "utf-8")); - const version = Object.keys(payload.dependencies[payload.rootDependencyName].versions)[0]; - const formatted = `${payload.rootDependencyName}@${version}`; + const { name, version } = payload.rootDependency; + + const spec = `${name}@${version}`; const payloadsList = { - mru: [formatted], + mru: [spec], lru: [], - current: formatted, + current: spec, availables: [], lastUsed: { - [formatted]: Date.now() + [spec]: Date.now() }, - root: formatted + root: spec }; if (logging) { - this.#logger.info(`[cache|init](dep: ${formatted}|version: ${version}|rootDependencyName: ${payload.rootDependencyName})`); + this.#logger.info(`[cache|init](dep: ${spec})`); } await cacache.put(CACHE_PATH, `${this.prefix}${kPayloadsCache}`, JSON.stringify(payloadsList)); - this.updatePayload(formatted, payload); + this.updatePayload(spec, payload); } async initPayloadsList(options: InitPayloadListOptions = {}) { @@ -240,8 +241,9 @@ export class AppCache { async setRootPayload(payload: Payload, options: SetRootPayloadOptions = {}) { const { logging = true, local = false } = options; - const version = Object.keys(payload.dependencies[payload.rootDependencyName].versions)[0]; - const pkg = `${payload.rootDependencyName}@${version}${local ? "#local" : ""}`; + const { name, version } = payload.rootDependency; + + const pkg = `${name}@${version}${local ? "#local" : ""}`; this.updatePayload(pkg, payload); await this.initPayloadsList({ logging }); diff --git a/workspaces/cache/test/index.test.ts b/workspaces/cache/test/index.test.ts index 0b629080..7e72a95f 100644 --- a/workspaces/cache/test/index.test.ts +++ b/workspaces/cache/test/index.test.ts @@ -143,7 +143,10 @@ describe("appCache", () => { appCache.startFromZero = false; t.mock.method(fs, "readdirSync", () => []); t.mock.method(fs, "readFileSync", () => JSON.stringify({ - rootDependencyName: "test_runner", + rootDependency: { + name: "test_runner", + version: "1.0.0" + }, dependencies: { test_runner: { versions: { @@ -277,7 +280,11 @@ describe("appCache", () => { root: null }); const payload: any = { - rootDependencyName: "test_runner-local", + rootDependency: { + name: "test_runner-local", + version: "1.0.0", + integrity: null + }, dependencies: { "test_runner-local": { versions: { @@ -314,7 +321,11 @@ describe("appCache", () => { root: null }); const payload: any = { - rootDependencyName: "test_runner-local", + rootDependency: { + name: "test_runner-local", + version: "1.0.0", + integrity: null + }, dependencies: { "test_runner-local": { versions: { diff --git a/workspaces/server/src/endpoints/data.ts b/workspaces/server/src/endpoints/data.ts index d04b38cc..e4d63e21 100644 --- a/workspaces/server/src/endpoints/data.ts +++ b/workspaces/server/src/endpoints/data.ts @@ -36,8 +36,9 @@ export async function get(_req: Request, res: Response) { const payloadPath = dataFilePath || kDefaultPayloadPath; const payload = JSON.parse(fs.readFileSync(payloadPath, "utf-8")); - const version = Object.keys(payload.dependencies[payload.rootDependencyName].versions)[0]; - const formatted = `${payload.rootDependencyName}@${version}${payload.local ? "#local" : ""}`; + + const { name, version } = payload.rootDependency; + const formatted = `${name}@${version}${payload.local ? "#local" : ""}`; const payloadsList = { mru: [formatted], current: formatted, @@ -48,7 +49,7 @@ export async function get(_req: Request, res: Response) { }, root: formatted }; - logger.info(`[data|get](dep: ${formatted}|version: ${version}|rootDependencyName: ${payload.rootDependencyName})`); + logger.info(`[data|get](dep: ${formatted})`); await cache.updatePayloadsList(payloadsList); cache.updatePayload(formatted, payload); diff --git a/workspaces/server/src/endpoints/report.ts b/workspaces/server/src/endpoints/report.ts index 96942a1e..9eb58aee 100644 --- a/workspaces/server/src/endpoints/report.ts +++ b/workspaces/server/src/endpoints/report.ts @@ -60,8 +60,8 @@ export async function post(req: Request, res: Response) { JSON.parse(fs.readFileSync(dataFilePath, "utf-8")) : cache.getPayload((await cache.payloadsList()).current); - const rootDependencyName = scannerPayload.rootDependencyName; - const [organizationPrefixOrRepo, repo] = rootDependencyName.split("/"); + const name = scannerPayload.rootDependency.name; + const [organizationPrefixOrRepo, repo] = name.split("/"); const reportPayload = structuredClone({ ...kReportPayload, title, @@ -76,7 +76,7 @@ export async function post(req: Request, res: Response) { const dependencies = includesAllDeps ? scannerPayload.dependencies : { - [rootDependencyName]: scannerPayload.dependencies[rootDependencyName] + [name]: scannerPayload.dependencies[name] }; const data = await report( diff --git a/workspaces/server/src/websocket/commands/search.ts b/workspaces/server/src/websocket/commands/search.ts index b30f4364..5fba6923 100644 --- a/workspaces/server/src/websocket/commands/search.ts +++ b/workspaces/server/src/websocket/commands/search.ts @@ -114,8 +114,7 @@ async function* saveInCache( ): AsyncGenerator { const { logger, cache } = context.getStore()!; - const name = payload.rootDependencyName; - const version = Object.keys(payload.dependencies[name].versions)[0]; + const { name, version } = payload.rootDependency; const spec = `${name}@${version}`; const { mru, lru, availables, lastUsed, ...appCache } = await cache.removeLastMRU(); diff --git a/workspaces/server/test/fixtures/httpServer.json b/workspaces/server/test/fixtures/httpServer.json index d53babea..e4a28970 100644 --- a/workspaces/server/test/fixtures/httpServer.json +++ b/workspaces/server/test/fixtures/httpServer.json @@ -1,6 +1,10 @@ { "foo": "bar", - "rootDependencyName": "conf", + "rootDependency": { + "name": "conf", + "version": "1.1.1", + "integrity": null + }, "dependencies": { "conf": { "versions": { diff --git a/workspaces/vis-network/package.json b/workspaces/vis-network/package.json index 82505f91..491d1c25 100644 --- a/workspaces/vis-network/package.json +++ b/workspaces/vis-network/package.json @@ -30,6 +30,6 @@ }, "devDependencies": { "@nodesecure/flags": "^3.0.3", - "@nodesecure/scanner": "^7.1.0" + "@nodesecure/scanner": "8.1.0" } } diff --git a/workspaces/vis-network/src/dataset.js b/workspaces/vis-network/src/dataset.js index 1d9dc8a1..4987684e 100644 --- a/workspaces/vis-network/src/dataset.js +++ b/workspaces/vis-network/src/dataset.js @@ -99,7 +99,7 @@ export default class NodeSecureDataSet extends EventTarget { this.rawEdgesData = []; this.rawNodesData = []; - const rootDependency = dataEntries.find(([name]) => name === data.rootDependencyName); + const rootDependency = dataEntries.find(([name]) => name === data.rootDependency.name); const rootContributors = [ rootDependency[1].metadata.author, ...rootDependency[1].metadata.maintainers, diff --git a/workspaces/vis-network/test/dataset-payload.json b/workspaces/vis-network/test/dataset-payload.json index 52cfa29e..5ac9c4c2 100644 --- a/workspaces/vis-network/test/dataset-payload.json +++ b/workspaces/vis-network/test/dataset-payload.json @@ -1,6 +1,10 @@ { "id": "abcde", - "rootDependencyName": "pkg1", + "rootDependency": { + "name": "pkg1", + "version": "3.0.0", + "integrity": null + }, "highlighted": { "contacts": [ {