go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/npm/packagejson.go

go.mondoo.com/cnquery@v0.0.0-20231005093811-59568235f6ea/providers/os/resources/npm/packagejson.go (about)

     1  // Copyright (c) Mondoo, Inc.
     2  // SPDX-License-Identifier: BUSL-1.1
     3  
     4  package npm
     5  
     6  import (
     7  	"encoding/json"
     8  	"io"
     9  
    10  	"go.mondoo.com/cnquery/providers-sdk/v1/upstream/mvd"
    11  )
    12  
    13  // PackageJson allows parsing the package json file
    14  type PackageJson struct {
    15  	Name            string            `json:"name"`
    16  	Description     string            `json:"description"`
    17  	Version         string            `json:"version"`
    18  	License         string            `jsonn:"license"`
    19  	Dependencies    map[string]string `jsonn:"dependencies"`
    20  	DevDependencies map[string]string `jsonn:"devDependencies"`
    21  }
    22  
    23  type PackageJsonLockEntry struct {
    24  	Version string `json:"version"`
    25  	Dev     bool   `json:"dev"`
    26  }
    27  
    28  // PackageJsonLock is the struct to represent the package.lock file
    29  type PackageJsonLock struct {
    30  	Name         string                          `json:"name"`
    31  	Version      string                          `json:"version"`
    32  	Dependencies map[string]PackageJsonLockEntry `jsonn:"dependencies"`
    33  }
    34  
    35  func ParsePackageJson(r io.Reader) ([]*mvd.Package, error) {
    36  	data, err := io.ReadAll(r)
    37  	if err != nil {
    38  		return nil, err
    39  	}
    40  
    41  	var packageJson PackageJson
    42  	err = json.Unmarshal(data, &packageJson)
    43  	if err != nil {
    44  		return nil, err
    45  	}
    46  
    47  	entries := []*mvd.Package{}
    48  
    49  	// add own package
    50  	entries = append(entries, &mvd.Package{
    51  		Name:      packageJson.Name,
    52  		Version:   packageJson.Version,
    53  		Format:    "npm",
    54  		Namespace: "nodejs",
    55  	})
    56  
    57  	// add all dependencies
    58  
    59  	for k, v := range packageJson.Dependencies {
    60  		entries = append(entries, &mvd.Package{
    61  			Name:      k,
    62  			Version:   v,
    63  			Format:    "npm",
    64  			Namespace: "nodejs",
    65  		})
    66  	}
    67  
    68  	return entries, nil
    69  }
    70  
    71  func ParsePackageJsonLock(r io.Reader) ([]*mvd.Package, error) {
    72  	data, err := io.ReadAll(r)
    73  	if err != nil {
    74  		return nil, err
    75  	}
    76  
    77  	var packageJsonLock PackageJsonLock
    78  	err = json.Unmarshal(data, &packageJsonLock)
    79  	if err != nil {
    80  		return nil, err
    81  	}
    82  
    83  	entries := []*mvd.Package{}
    84  
    85  	// add own package
    86  	entries = append(entries, &mvd.Package{
    87  		Name:      packageJsonLock.Name,
    88  		Version:   packageJsonLock.Version,
    89  		Format:    "npm",
    90  		Namespace: "nodejs",
    91  	})
    92  
    93  	// add all dependencies
    94  	for k, v := range packageJsonLock.Dependencies {
    95  		entries = append(entries, &mvd.Package{
    96  			Name:      k,
    97  			Version:   v.Version,
    98  			Format:    "npm",
    99  			Namespace: "nodejs",
   100  		})
   101  	}
   102  
   103  	return entries, nil
   104  }