Skip to content
This repository has been archived by the owner on Sep 11, 2023. It is now read-only.

Commit

Permalink
fix: display vulns only on dependencies in package.json
Browse files Browse the repository at this point in the history
  • Loading branch information
@bmvermeer
bmvermeer committed May 4, 2020
1 parent 5ecbe36 commit a976345
Showing 1 changed file with 20 additions and 4 deletions.
24 changes: 20 additions & 4 deletions src/getImports/packageJsonParser.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,38 @@ export function getPackages(fileName, source) {
});

const pjson = JSON.parse(source);
const depLines = findDependecyLines(pjson.dependencies, lines);

for (var dep in pjson.dependencies) {
var p = {};
p.fileName = fileName;
p.name = dep;
p.loc = findLoc(dep, lines);
p.loc = findLoc(dep, depLines.lines, depLines.offset);
p.line = p.loc.start.line;
packages.push(p);
}

return packages;
}

function findLoc(dep, lines) {
function findDependecyLines(dependencies, lines) {
const depStartLine = lines.find(x => x.includes('"dependencies"'));
const depLineIndex = lines.indexOf(depStartLine) + 1;

const depLines = lines.slice(
depLineIndex,
depLineIndex + Object.keys(dependencies).length
);
console.log(depLines);

return {
lines: depLines,
offset: depLineIndex,
};
}

function findLoc(dep, lines, offset) {
const line = lines.find(x => x.includes('"' + dep + '"'));
const index = lines.indexOf(line) + 1;
const index = offset + lines.indexOf(line) + 1;

var loc = {
start: {},
Expand Down

0 comments on commit a976345

Please sign in to comment.