Make getOverridesData helper and fix override value lookup (#672)

Author: jdalton

src/commands/fix/agent-fix.mts

@@ -14,6 +14,7 @@ import {
   resolvePackageName,
 } from '@socketsecurity/registry/lib/packages'
 import { naturalCompare } from '@socketsecurity/registry/lib/sorts'
+import { isNonEmptyString } from '@socketsecurity/registry/lib/strings'
 
 import { getActiveBranchesForPackage } from './fix-branch-helpers.mts'
 import { getActualTree } from './get-actual-tree.mts'
@@ -47,7 +48,7 @@ import { getPurlObject } from '../../utils/purl.mts'
 import { applyRange } from '../../utils/semver.mts'
 import { getCveInfoFromAlertsMap } from '../../utils/socket-package-alert.mts'
 import { idToPurl } from '../../utils/spec.mts'
-import { overridesDataByAgent } from '../optimize/get-overrides-by-agent.mts'
+import { getOverridesData } from '../optimize/get-overrides-by-agent.mts'
 
 import type { CiEnv } from './fix-env-helpers.mts'
 import type { PrMatch } from './open-pr.mts'
@@ -146,8 +147,6 @@ export async function agentFix(
     (a, b) => naturalCompare(a[0], b[0]),
   )
 
-  const getOverridesData = overridesDataByAgent.get(pkgEnvDetails.agent)!
-
   const cleanupInfoEntriesLoop = () => {
     logger.dedent()
     spinner?.dedent()
@@ -324,18 +323,17 @@ export async function agentFix(
             continue infosLoop
           }
 
-          const oldOverrides = getOverridesData(
+          const { overrides: oldOverrides } = getOverridesData(
             pkgEnvDetails,
             editablePkgJson.content,
           )
-          const overrideKey = `${name}@${vulnerableVersionRange}`
-
-          const newVersionRange = applyRange(
-            (oldOverrides as any)?.[overrideKey] ?? oldVersion,
-            newVersion,
-            rangeStyle,
-          )
-          const newId = `${name}@${newVersionRange}`
+          let refRange = oldOverrides?.[`${name}@${vulnerableVersionRange}`]
+          if (!isNonEmptyString(refRange)) {
+            refRange = oldOverrides?.[name]
+          }
+          if (!isNonEmptyString(refRange)) {
+            refRange = oldVersion
+          }
 
           // eslint-disable-next-line no-await-in-loop
           await beforeInstall(
@@ -346,7 +344,6 @@ export async function agentFix(
             vulnerableVersionRange,
             options,
           )
-
           updatePackageJsonFromNode(
             editablePkgJson,
             actualTree,
@@ -370,6 +367,8 @@ export async function agentFix(
             workspaceLogCallCount = logger.logCallCount
           }
 
+          const newId = `${name}@${applyRange(refRange, newVersion, rangeStyle)}`
+
           spinner?.start()
           spinner?.info(`Installing ${newId} in ${workspace}.`)
 

src/commands/optimize/add-overrides.mts

@@ -10,7 +10,11 @@ import { Spinner } from '@socketsecurity/registry/lib/spinner'
 
 import { depsIncludesByAgent } from './deps-includes-by-agent.mts'
 import { getDependencyEntries } from './get-dependency-entries.mts'
-import { overridesDataByAgent } from './get-overrides-by-agent.mts'
+import {
+  getOverridesData,
+  getOverridesDataNpm,
+  getOverridesDataYarnClassic,
+} from './get-overrides-by-agent.mts'
 import { lockfileIncludesByAgent } from './lockfile-includes-by-agent.mts'
 import { lsByAgent } from './ls-by-agent.mts'
 import { CMD_NAME } from './shared.mts'
@@ -43,7 +47,7 @@ type AddOverridesState = {
   warnedPnpmWorkspaceRequiresNpm: boolean
 }
 
-const { NPM, PNPM, YARN_CLASSIC } = constants
+const { NPM, PNPM } = constants
 
 const manifestNpmOverrides = getManifestData(NPM)
 
@@ -95,11 +99,11 @@ export async function addOverrides(
 
   const overridesDataObjects = [] as GetOverridesResult[]
   if (isWorkspace || pkgEnvDetails.editablePkgJson.content['private']) {
-    overridesDataObjects.push(overridesDataByAgent.get(agent)!(pkgEnvDetails))
+    overridesDataObjects.push(getOverridesData(pkgEnvDetails))
   } else {
     overridesDataObjects.push(
-      overridesDataByAgent.get(NPM)!(pkgEnvDetails),
-      overridesDataByAgent.get(YARN_CLASSIC)!(pkgEnvDetails),
+      getOverridesDataNpm(pkgEnvDetails),
+      getOverridesDataYarnClassic(pkgEnvDetails),
     )
   }
 

src/commands/optimize/get-overrides-by-agent.mts

@@ -79,11 +79,23 @@ export type GetOverrides = (
 
 export type GetOverridesResult = { type: Agent; overrides: Overrides }
 
-export const overridesDataByAgent = new Map<Agent, GetOverrides>([
-  [BUN, getOverridesDataBun],
-  [NPM, getOverridesDataNpm],
-  [PNPM, getOverridesDataPnpm],
-  [VLT, getOverridesDataVlt],
-  [YARN_BERRY, getOverridesDataYarn],
-  [YARN_CLASSIC, getOverridesDataYarnClassic],
-] as ReadonlyArray<[Agent, GetOverrides]>)
+export function getOverridesData(
+  pkgEnvDetails: EnvDetails,
+  pkgJson?: PackageJson | undefined,
+): GetOverridesResult {
+  switch (pkgEnvDetails.agent) {
+    case BUN:
+      return getOverridesDataBun(pkgEnvDetails, pkgJson)
+    case PNPM:
+      return getOverridesDataPnpm(pkgEnvDetails, pkgJson)
+    case VLT:
+      return getOverridesDataVlt(pkgEnvDetails, pkgJson)
+    case YARN_BERRY:
+      return getOverridesDataYarn(pkgEnvDetails, pkgJson)
+    case YARN_CLASSIC:
+      return getOverridesDataYarnClassic(pkgEnvDetails, pkgJson)
+    case NPM:
+    default:
+      return getOverridesDataNpm(pkgEnvDetails, pkgJson)
+  }
+}