gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 07:10:41 -08:00
Code Issues Packages Projects Releases Wiki Activity

add yarn.lock parser (fanal#16)

Browse Source 
* add yarn.lock parser

* skip analyze package files in dependency folder
This commit is contained in:
Tomoya Amachi
2019-05-16 09:29:14 +09:00
committed by Teppei Fukuda
parent ce1f557cf7
commit b7debf7f0a
6 changed files with 70 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
analyzer/library/npm/npm.go
View File

@@ -3,6 +3,7 @@ package npm
import (
"bytes"
"path/filepath"
"strings"
"github.com/knqyf263/fanal/analyzer"
"github.com/knqyf263/fanal/extractor"
@@ -28,6 +29,11 @@ func (a npmLibraryAnalyzer) Analyze(fileMap extractor.FileMap) (map[analyzer.Fil
continue
}
// skip analyze files which in dependency folder
if utils.StringInSlice(utils.NODE_DEP_DIR, strings.Split(filename, utils.PathSeparator)) {
continue
}
r := bytes.NewBuffer(content)
libs, err := npm.Parse(r)
if err != nil {