feat(sca): add dev, optional dep for npm

analyser_sca/src/main/kotlin/org/archguard/analyser/sca/model/DepDeclaration.kt

@@ -26,7 +26,9 @@ class DepDeclaration(
 enum class DEP_SCOPE {
     NORMAL,
     RUNTIME,
-    TEST;
+    TEST,
+    OPTIONAL,
+    DEV;
 
     companion object {
         fun from(str: String): DEP_SCOPE {

analyser_sca/src/main/kotlin/org/archguard/analyser/sca/parser/NpmParser.kt

@@ -1,31 +1,59 @@
 package org.archguard.analyser.sca.parser
 
+import com.jayway.jsonpath.Configuration
 import com.jayway.jsonpath.JsonPath
+import com.jayway.jsonpath.JsonPath.using
+import com.jayway.jsonpath.Option
+import org.archguard.analyser.sca.model.DEP_SCOPE
 import org.archguard.analyser.sca.model.DeclFileTree
 import org.archguard.analyser.sca.model.DepDeclaration
 import org.archguard.analyser.sca.model.DepDependency
 
 class NpmParser : Parser() {
+    val conf: Configuration = Configuration.builder().options(Option.SUPPRESS_EXCEPTIONS).build()
+    var depTypeMap: Map<String, DEP_SCOPE> = mapOf(
+        "dependencies" to DEP_SCOPE.NORMAL,
+        "optionalDependencies" to DEP_SCOPE.OPTIONAL,
+        "devDependencies" to DEP_SCOPE.DEV
+    )
+
     override fun lookupSource(file: DeclFileTree): List<DepDeclaration> {
         val name: String = JsonPath.read(file.content, "$.name")
         val version: String = JsonPath.read(file.content, "$.version")
-        val depMap: Map<String, String> = JsonPath.read(file.content, "$.dependencies")
+
+        val deps = listOf("dependencies", "optionalDependencies", "devDependencies").flatMap {
+            createDepByType(it, file.content)
+        }.toList()
 
         return listOf(DepDeclaration(
             name,
             version,
             "npm",
-            this.createDependencies(depMap)
+            deps
         ))
     }
 
-    private fun createDependencies(depMap: Map<String, String>): List<DepDependency> {
+    private fun createDepByType(
+        field: String,
+        content: String,
+    ): List<DepDependency> {
+        val listOf = mutableListOf<DepDependency>()
+        val optionalDep: Map<String, String>? = using(conf).parse(content).read("$.$field");
+        if (optionalDep != null) {
+            listOf += createDependencies(optionalDep, depTypeMap[field]!!)
+        }
+
+        return listOf
+    }
+
+    private fun createDependencies(depMap: Map<String, String>, scope: DEP_SCOPE): List<DepDependency> {
         return depMap.map {
             DepDependency(
                 name = it.key,
                 group = "",
                 artifact = it.key,
-                version = it.value
+                version = it.value,
+                scope = scope
             )
         }.toList()
     }

analyser_sca/src/test/kotlin/org/archguard/analyser/sca/parser/NpmParserTest.kt

@@ -1,5 +1,6 @@
 package org.archguard.analyser.sca.parser
 
+import org.archguard.analyser.sca.model.DEP_SCOPE
 import org.archguard.analyser.sca.model.DeclFileTree
 import org.junit.jupiter.api.Test
 import kotlin.test.assertEquals
@@ -11,18 +12,31 @@ internal class NpmParserTest {
   "dependencies": {
     "my_dep": "^1.0.0",
     "another_dep": "~2.2.0"
+  },
+  "devDependencies": {
+    "another_dep": "~2.2.0"
   }
 }
 """.trimIndent()
 
     @Test
-    fun first_dep() {
+    fun normal_dep() {
         val declFileTree = DeclFileTree("package.json", "package.json", samplePackageJson)
         val declTree = NpmParser().lookupSource(declFileTree)
 
         assertEquals(1, declTree.size)
         assertEquals("my_package", declTree[0].name)
         assertEquals("1.0.0", declTree[0].version)
-        assertEquals(2, declTree[0].dependencies.size)
+        assertEquals(3, declTree[0].dependencies.size)
+        assertEquals(DEP_SCOPE.NORMAL, declTree[0].dependencies[0].scope)
+    }
+
+    @Test
+    fun dev_scope() {
+        val declFileTree = DeclFileTree("package.json", "package.json", samplePackageJson)
+        val declTree = NpmParser().lookupSource(declFileTree)
+
+        assertEquals(3, declTree[0].dependencies.size)
+        assertEquals(DEP_SCOPE.DEV, declTree[0].dependencies[2].scope)
     }
 }