oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 16:33:21 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add comments with examples for yarn.lock regexps (#439)

Browse Source 
Signed-off-by: Dan Luhring <dan.luhring@anchore.com>
This commit is contained in:
Dan Luhring 2021-06-17 09:24:05 -04:00 committed by GitHub
parent 67b7d63875
commit 50928ebd05
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
syft/pkg/cataloger/javascript/parse_yarn_lock.go
View File

@ -15,9 +15,18 @@ import (
var _ common.ParserFn = parseYarnLock
var (
// composedNameExp matches the "composed" variant of yarn.lock entry names,
// where the name appears in quotes and is prefixed with @<some-namespace>.
// For example: "@babel/code-frame@^7.0.0"
composedNameExp = regexp.MustCompile(`^"(@[^@]+)`)
simpleNameExp = regexp.MustCompile(`^(\w[\w-_.]*)@`)
versionExp = regexp.MustCompile(`^\W+version\W+"([\w-_.]+)"`)
// simpleNameExp matches the "simple" variant of yarn.lock entry names, for packages with no namespace prefix.
// For example: aws-sdk@2.706.0
simpleNameExp = regexp.MustCompile(`^(\w[\w-_.]*)@`)
// versionExp matches the "version" line of a yarn.lock entry and captures the version value.
// For example: version "4.10.1" (...and the value "4.10.1" is captured)
versionExp = regexp.MustCompile(`^\W+version\W+"([\w-_.]+)"`)
)
const (