feat: enable yarn to send graphs for cli monitor

snyk · Dec 18, 2019 · 1d9f519 · 1d9f519
1 parent fd4ac39
commit 1d9f519
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 25 deletions.
diff --git a/src/lib/package-managers.ts b/src/lib/package-managers.ts
@@ -44,6 +44,7 @@ export const PROTECT_SUPPORTED_PACKAGE_MANAGERS: SupportedPackageManagers[] = [
 export const GRAPH_SUPPORTED_PACKAGE_MANAGERS: SupportedPackageManagers[] = [
   'npm',
   'sbt',
+  'yarn',
 ];
 // For ecosystems with a flat set of libraries (e.g. Python, JVM), one can
 // "pin" a transitive dependency

diff --git a/test/acceptance/cli-monitor/cli-monitor.acceptance.test.ts b/test/acceptance/cli-monitor/cli-monitor.acceptance.test.ts
@@ -314,19 +314,26 @@ test('`monitor yarn-package`', async (t) => {
   chdirWorkspaces();
   await cli.monitor('yarn-package');
   const req = server.popRequest();
-  const pkg = req.body.package;
   t.equal(req.method, 'PUT', 'makes PUT request');
   t.equal(
     req.headers['x-snyk-cli-version'],
     versionNumber,
     'sends version number',
   );
-  t.match(req.url, '/monitor/yarn', 'puts at correct url');
-  t.ok(pkg.dependencies.debug, 'dependency');
+  t.match(req.url, '/monitor/yarn/graph', 'puts at correct url');
+
+  const depGraphJSON = req.body.depGraphJSON;
+  t.ok(depGraphJSON);
+  const debug = depGraphJSON.pkgs.find((pkg) => pkg.info.name === 'debug');
+  const objectAssign = depGraphJSON.pkgs.find(
+    (pkg) => pkg.info.name === 'object-assign',
+  );
+
+  t.ok(debug, 'dependency');
   t.notOk(req.body.targetFile, 'doesnt send the targetFile');
-  t.notOk(pkg.dependencies['object-assign'], 'no dev dependency');
-  t.notOk(pkg.from, 'no "from" array on root');
-  t.notOk(pkg.dependencies.debug.from, 'no "from" array on dep');
+  t.notOk(objectAssign, 'no dev dependency');
+  t.notOk(depGraphJSON.from, 'no "from" array on root');
+  t.notOk(debug.from, 'no "from" array on dep');
   if (process.platform === 'win32') {
     t.true(
       req.body.targetFileRelativePath.endsWith(
@@ -348,19 +355,26 @@ test('`monitor yarn-package from within folder`', async (t) => {
   chdirWorkspaces('yarn-package');
   await cli.monitor();
   const req = server.popRequest();
-  const pkg = req.body.package;
   t.equal(req.method, 'PUT', 'makes PUT request');
   t.equal(
     req.headers['x-snyk-cli-version'],
     versionNumber,
     'sends version number',
   );
-  t.match(req.url, '/monitor/yarn', 'puts at correct url');
-  t.ok(pkg.dependencies.debug, 'dependency');
+  const depGraphJSON = req.body.depGraphJSON;
+  t.ok(depGraphJSON);
+  const debug = depGraphJSON.pkgs.find((pkg) => pkg.info.name === 'debug');
+  const objectAssign = depGraphJSON.pkgs.find(
+    (pkg) => pkg.info.name === 'object-assign',
+  );
+
+  t.ok(debug, 'dependency');
   t.notOk(req.body.targetFile, 'doesnt send the targetFile');
-  t.notOk(pkg.dependencies['object-assign'], 'no dev dependency');
-  t.notOk(pkg.from, 'no "from" array on root');
-  t.notOk(pkg.dependencies.debug.from, 'no "from" array on dep');
+  t.notOk(objectAssign, 'no dev dependency');
+  t.notOk(depGraphJSON.from, 'no "from" array on root');
+  t.notOk(debug.from, 'no "from" array on dep');
+
+  t.match(req.url, '/monitor/yarn/graph', 'puts at correct url');
   if (process.platform === 'win32') {
     t.true(
       req.body.targetFileRelativePath.endsWith(
@@ -444,13 +458,17 @@ test('`monitor yarn-package with dev dep flag`', async (t) => {
     versionNumber,
     'sends version number',
   );
-  t.match(req.url, '/monitor/yarn', 'puts at correct url');
+  t.match(req.url, '/monitor/yarn/graph', 'puts at correct url');
   t.notOk(req.body.targetFile, 'doesnt send the targetFile');
-  t.ok(req.body.package.dependencies.debug, 'dependency');
-  t.ok(
-    req.body.package.dependencies['object-assign'],
-    'includes dev dependency',
+  const depGraphJSON = req.body.depGraphJSON;
+  t.ok(depGraphJSON);
+  const debug = depGraphJSON.pkgs.find((pkg) => pkg.info.name === 'debug');
+  const objectAssign = depGraphJSON.pkgs.find(
+    (pkg) => pkg.info.name === 'object-assign',
   );
+
+  t.ok(debug, 'dependency');
+  t.ok(objectAssign, 'dev dependency');
 });
 
 test('`monitor ruby-app`', async (t) => {
@@ -603,21 +621,19 @@ test('`monitor yarn-app`', async (t) => {
   chdirWorkspaces('yarn-app');
   await cli.monitor();
   const req = server.popRequest();
-  const pkg = req.body.package;
   t.equal(req.method, 'PUT', 'makes PUT request');
   t.equal(
     req.headers['x-snyk-cli-version'],
     versionNumber,
     'sends version number',
   );
-  t.match(req.url, '/monitor/yarn', 'puts at correct url');
-  t.equal(pkg.name, 'yarn-app-one', 'specifies name');
-  t.ok(pkg.dependencies.marked, 'specifies dependency');
-  t.equal(pkg.dependencies.marked.name, 'marked', 'marked dep name');
-  t.equal(pkg.dependencies.marked.version, '0.3.6', 'marked dep version');
+  const depGraphJSON = req.body.depGraphJSON;
+  t.ok(depGraphJSON);
+  const marked = depGraphJSON.pkgs.find((pkg) => pkg.info.name === 'marked');
+  t.match(req.url, '/monitor/yarn/graph', 'puts at correct url');
+  t.notOk(depGraphJSON.from, 'no "from" array on root');
+  t.ok(marked, 'specifies dependency');
   t.notOk(req.body.targetFile, 'doesnt send the targetFile');
-  t.notOk(pkg.from, 'no "from" array on root');
-  t.notOk(pkg.dependencies.marked.from, 'no "from" array on dep');
 });
 
 test('`monitor pip-app --file=requirements.txt`', async (t) => {