Skip to content

Commit

Permalink
Update find-direct-dependencies.cjs
Browse files Browse the repository at this point in the history
  • Loading branch information
@BradyMitch
BradyMitch authored Jul 12, 2024
1 parent f65750e commit 5f3b370
Showing 1 changed file with 41 additions and 20 deletions.
61 changes: 41 additions & 20 deletions .github/helpers/npm-audit/find-direct-dependencies.cjs
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,32 @@
const fs = require('fs');
const path = require('path');
const fs = require("fs");
const path = require("path");

// Function to find direct dependencies of a specified dependency
const findDirectDependencies = (dependencyName) => {
const findDirectDependencies = (dependencyName, directoryPath) => {
// Read and parse the package-lock.json file
const packageLock = JSON.parse(fs.readFileSync(path.resolve(__dirname, '../../../package-lock.json'), 'utf-8'));
const packageLock = JSON.parse(
fs.readFileSync(
path.resolve(__dirname, `../../../${directoryPath}/package-lock.json`),
"utf-8"
)
);
const packageJson = JSON.parse(
fs.readFileSync(
path.resolve(__dirname, `../../../${directoryPath}/package.json`),
"utf-8"
)
);

const dependencies = {
...packageJson.dependencies,
...packageJson.devDependencies,
};

const packages = packageLock.packages || {};
const directDependencies = new Set();
let isDirect = false;

// Check if the specified dependency is a direct dependency
const isDirect = dependencies.hasOwnProperty(dependencyName);

// Function to find dependencies iteratively using a stack
const findDependencies = (startPackage) => {
Expand All @@ -23,27 +41,27 @@ const findDirectDependencies = (dependencyName) => {
const currentPackage = packages[packageName];
if (!currentPackage || !currentPackage.dependencies) continue;

for (const [name] of Object.entries(currentPackage.dependencies)) {
const newPath = [...path, name];
for (const name of Object.keys(currentPackage.dependencies)) {
const packageKey = `node_modules/${name}`;
if (name === dependencyName) {
// Add the top-level dependency to the set if it leads to the specified dependency
directDependencies.add(path[0]);
if (!visited.has(packageKey)) {
stack.push({ packageName: packageKey, path: [...path, name] });
}
if (name !== dependencyName && dependencies.hasOwnProperty(name)) {
directDependencies.add(name);
}
stack.push({ packageName: packageKey, path: newPath });
}
}
};

// Check direct dependencies in the root package
const rootPackage = packages[''] || {};
const rootDependencies = { ...rootPackage.dependencies, ...rootPackage.devDependencies };

// If the specified dependency is a direct dependency, set the flag and add to the set
if (rootDependencies && rootDependencies[dependencyName]) {
isDirect = true;
directDependencies.add(dependencyName);
} else {
const rootPackage = packages[""] || {};
const rootDependencies = {
...rootPackage.dependencies,
...rootPackage.devDependencies,
};

// If the specified dependency is a direct dependency, do nothing
if (!isDirect) {
// Iterate through each root dependency and find the specified dependency
for (const rootDep in rootDependencies) {
const packageKey = `node_modules/${rootDep}`;
Expand All @@ -52,7 +70,10 @@ const findDirectDependencies = (dependencyName) => {
}

// Return the result indicating if it's a direct dependency and the direct dependencies
return { isDirect, directDependencies: Array.from(directDependencies) };
return {
isDirect,
directDependencies: Array.from(directDependencies),
};
};

module.exports = findDirectDependencies;

0 comments on commit 5f3b370

Please sign in to comment.