Sha256: 9d995e48bb6bd7733e06d6bc6f3276f010c06caa02425b3434ebc4bd09e030f0
Contents?: true
Size: 1.42 KB
Versions: 9
Compression:
Stored size: 1.42 KB
Contents
# frozen_string_literal: true
module Spandx
module Js
class YarnPkg < ::Spandx::Core::Gateway
DEFAULT_SOURCE = 'https://registry.yarnpkg.com'
attr_reader :http
def initialize(http: Spandx.http)
@http = http
end
def matches?(dependency)
%i[npm yarn].include?(dependency.package_manager)
end
def licenses_for(dependency)
metadata = metadata_for(dependency)
return [] if metadata.empty?
[metadata['license']].compact
end
def metadata_for(dependency)
uri = uri_for(dependency)
response = http.get(uri, escape: false)
if http.ok?(response)
json = JSON.parse(response.body)
json['versions'] ? json['versions'][dependency.version] : json
else
{}
end
end
private
def uri_for(dependency)
URI.parse(source_for(dependency)).tap do |uri|
uri.path = if dependency.name.include?('/')
'/' + dependency.name.sub('/', '%2f')
else
'/' + dependency.name + '/' + dependency.version
end
end
end
def source_for(dependency)
if dependency.meta['resolved']
uri = URI.parse(dependency.meta['resolved'])
"#{uri.scheme}://#{uri.host}:#{uri.port}"
else
DEFAULT_SOURCE
end
end
end
end
end
Version data entries
9 entries across 9 versions & 1 rubygems