Merge pull request #14 from kyoshidajp/support_npm

Support npm

README.md

@@ -10,12 +10,12 @@
 
 ## Support dependencies files
 
-| Language | package manager | file (e.g.) | status |
+| language | package manager | file (e.g.) | status |
 | -------- | ------------- | -- | :----: |
 | Ruby | bundler | Gemfile.lock | :heavy_check_mark: |
-| Ruby | bundler | gemspec | (soon) |
+| Ruby | bundler | rake.gemspec | (soon) |
 | JavaScript | yarn | yarn.lock | :heavy_check_mark: |
-| JavaScript | npm | package.json | (soon) |
+| JavaScript | npm | package-lock.json | :heavy_check_mark: |
 | Python | pip | requirements.txt | :heavy_check_mark: |
 | Go | | go.sum | (soon) |
 

cmd/diagnose.go

@@ -57,6 +57,7 @@ var doctors = map[string]Doctor{
 	"bundler": NewBundlerDoctor(),
 	"yarn":    NewYarnDoctor(),
 	"pip":     NewPipDoctor(),
+	"npm":     NewNPMDoctor(),
 }
 
 var diagnoseCmd = &cobra.Command{

cmd/npm.go

@@ -0,0 +1,101 @@
+package cmd
+
+import (
+	"fmt"
+
+	parser_io "github.com/aquasecurity/go-dep-parser/pkg/io"
+	"github.com/aquasecurity/go-dep-parser/pkg/nodejs/npm"
+	"github.com/kyoshidajp/dep-doctor/cmd/github"
+)
+
+type NPMDoctor struct {
+}
+
+func NewNPMDoctor() *NPMDoctor {
+	return &NPMDoctor{}
+}
+
+func (d *NPMDoctor) Diagnose(r parser_io.ReadSeekerAt, year int) map[string]Diagnosis {
+	diagnoses := make(map[string]Diagnosis)
+	slicedNameWithOwners := [][]github.NameWithOwner{}
+	nameWithOwners := d.NameWithOwners(r)
+	sliceSize := len(nameWithOwners)
+
+	for i := 0; i < sliceSize; i += github.SEARCH_REPOS_PER_ONCE {
+		end := i + github.SEARCH_REPOS_PER_ONCE
+		if sliceSize < end {
+			end = sliceSize
+		}
+		slicedNameWithOwners = append(slicedNameWithOwners, nameWithOwners[i:end])
+	}
+
+	for _, nameWithOwners := range slicedNameWithOwners {
+		repos := github.FetchFromGitHub(nameWithOwners)
+		for _, r := range repos {
+			diagnosis := Diagnosis{
+				Name:      r.Name,
+				Url:       r.Url,
+				Archived:  r.Archived,
+				Diagnosed: true,
+				IsActive:  r.IsActive(year),
+			}
+			diagnoses[r.Name] = diagnosis
+		}
+	}
+
+	for _, nameWithOwner := range nameWithOwners {
+		if nameWithOwner.CanSearch {
+			continue
+		}
+
+		diagnosis := Diagnosis{
+			Name:      nameWithOwner.PackageName,
+			Diagnosed: false,
+		}
+		diagnoses[nameWithOwner.PackageName] = diagnosis
+	}
+	return diagnoses
+}
+
+func (d *NPMDoctor) NameWithOwners(r parser_io.ReadSeekerAt) []github.NameWithOwner {
+	var nameWithOwners []github.NameWithOwner
+	libs, _, _ := npm.NewParser().Parse(r)
+
+	nodejs := Nodejs{}
+	for _, lib := range libs {
+		fmt.Printf("%s\n", lib.Name)
+
+		githubUrl, err := nodejs.fetchURLFromRegistry(lib.Name)
+		if err != nil {
+			nameWithOwners = append(nameWithOwners,
+				github.NameWithOwner{
+					PackageName: lib.Name,
+					CanSearch:   false,
+				},
+			)
+			continue
+		}
+
+		repo, err := github.ParseGitHubUrl(githubUrl)
+		if err != nil {
+			nameWithOwners = append(nameWithOwners,
+				github.NameWithOwner{
+					PackageName: lib.Name,
+					CanSearch:   false,
+				},
+			)
+			continue
+		}
+
+		nameWithOwners = append(nameWithOwners,
+			github.NameWithOwner{
+				Repo:        repo.Repo,
+				Owner:       repo.Owner,
+				PackageName: lib.Name,
+				CanSearch:   true,
+			},
+		)
+	}
+
+	return nameWithOwners
+}

go.mod

@@ -8,6 +8,7 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/liamg/jfather v0.0.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect