Skip to content

v1.23.1 - npm lockfile graph optimizations and four new case studies

Latest
Latest

Choose a tag to compare

View all tags
@sonukapoor sonukapoor released this 15 Jun 12:58
v1.23.1
This tag was signed with the committer’s verified signature.
sonukapoor Sonu Kapoor
GPG key ID: 3306B2C5600CA6DB
Verified
Learn about vigilant mode.
b4a6913
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Performance

  • npm lockfile graph construction reduced from O(E*V) to O(E) using Set accumulators for edge lists
  • npm lockfile graph nodes and arrays pre-frozen at construction time; redundant uniquePathArrays removed
  • Remediation package lookup replaced with Map for O(1) access

Docs

  • Four new case studies: Strapi (Yarn Berry, 2,887 packages), Twenty (Yarn Berry, 5,451 packages), Presenton (dual npm lockfiles), Payload CMS (pnpm, 2,602 packages)
  • OWASP Lab Project status reflected across all project docs: README, CONTRIBUTING, comparison page, case studies index, and press page

Changed

  • SARIF, CycloneDX, and HTML reporter file-write cleanup refactored for clarity; test spy coverage refined
  • Case study contribution scope clarified in CONTRIBUTING: contributors submit case-study files only, shared index files maintained by maintainer

Validation

  • npm test
  • npm run build

Contributors

Contributors

luojiyin1987, Ayush7614, and raj-krr
Assets 3
Loading