Skip to content

Commit 3d9e7ba

Browse files
committed
Update Packument type
1 parent 512f6c1 commit 3d9e7ba

File tree

1 file changed

+32
-32
lines changed
  • src/shadow/arborist/lib/arborist

1 file changed

+32
-32
lines changed

src/shadow/arborist/lib/arborist/reify.ts

+32-32
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,10 @@ import type { SocketArtifact } from '../../../../utils/alert/artifact'
3333
import type { SafeNode } from '../node'
3434
import type { Writable } from 'node:stream'
3535

36-
type Packument = Awaited<ReturnType<typeof fetchPackagePackument>>
36+
type Packument = Exclude<
37+
Awaited<ReturnType<typeof fetchPackagePackument>>,
38+
null
39+
>
3740

3841
type SocketPackageAlert = {
3942
key: string
@@ -284,25 +287,24 @@ async function updateAdvisoryDependencies(
284287
for (const name of Object.keys(patchDataByPkg)) {
285288
const nodes = findPackageNodes(tree, name)
286289
const patchData = patchDataByPkg[name]!
287-
if (!nodes.length || !patchData.length) {
288-
continue
289-
}
290-
// eslint-disable-next-line no-await-in-loop
291-
const packument = await fetchPackagePackument(name)
292-
if (!packument) {
293-
continue
294-
}
295-
for (const node of nodes) {
296-
for (const {
297-
firstPatchedVersionIdentifier,
298-
vulnerableVersionRange
299-
} of patchData) {
300-
updateNode(
301-
node,
302-
packument,
303-
vulnerableVersionRange,
304-
firstPatchedVersionIdentifier
305-
)
290+
const packument =
291+
nodes.length && patchData.length
292+
? // eslint-disable-next-line no-await-in-loop
293+
await fetchPackagePackument(name)
294+
: null
295+
if (packument) {
296+
for (const node of nodes) {
297+
for (const {
298+
firstPatchedVersionIdentifier,
299+
vulnerableVersionRange
300+
} of patchData) {
301+
updateNode(
302+
node,
303+
packument,
304+
vulnerableVersionRange,
305+
firstPatchedVersionIdentifier
306+
)
307+
}
306308
}
307309
}
308310
}
@@ -314,16 +316,14 @@ async function updateSocketRegistryDependencies(arb: SafeArborist) {
314316
const tree = arb.idealTree!
315317
for (const { 1: data } of manifest) {
316318
const nodes = findPackageNodes(tree, data.name)
317-
if (!nodes.length) {
318-
continue
319-
}
320-
// eslint-disable-next-line no-await-in-loop
321-
const packument = await fetchPackagePackument(data.name)
322-
if (!packument) {
323-
continue
324-
}
325-
for (const node of nodes) {
326-
updateNode(node, packument)
319+
const packument = nodes.length
320+
? // eslint-disable-next-line no-await-in-loop
321+
await fetchPackagePackument(data.name)
322+
: null
323+
if (packument) {
324+
for (const node of nodes) {
325+
updateNode(node, packument)
326+
}
327327
}
328328
}
329329
}
@@ -336,7 +336,7 @@ function updateNode(
336336
) {
337337
const { version } = node
338338
const majorVerNum = semver.major(version)
339-
const availableVersions = packument ? Object.keys(packument.versions) : []
339+
const availableVersions = Object.keys(packument.versions)
340340
// Find the highest non-vulnerable version within the same major range
341341
const targetVersion = findBestPatchVersion(
342342
node.name,
@@ -346,7 +346,7 @@ function updateNode(
346346
firstPatchedVersionIdentifier
347347
)
348348
const targetPackument = targetVersion
349-
? packument!.versions[targetVersion]
349+
? packument.versions[targetVersion]
350350
: undefined
351351
// Check !targetVersion to make TypeScript happy.
352352
if (!targetVersion || !targetPackument) {

0 commit comments

Comments
 (0)