Skip to content

GitLab Next

Why GitLab
Pricing
Contact Sales
Explore

Sign in
Get free trial

Implement npm lock file v2 support

Review changes
Download
Patches
Plain diff

Fabien Catteau requested to merge npm-lockfile-v2 into master Jan 08, 2021

Overview 38
Commits 11
Pipelines 10
Changes 7

What does this MR do?

Implement npm lockfile v2 support

When parsing lockfile v2, package information is extracted from the new packages JSON field. The keys packages (map) are the paths to the packages, like x/node_modules/y/node_modules/z. The parser extracts the local path, like z in this case. packages contains all package versions, so there's no recursion in the case of lockfile v2.

fixtures/big-lockfile-v2 was created by converting fixtures/big to lock file version v2, using npm 7. The packages returned by the parser are exactly the same.

What are the relevant issue numbers?

gitlab-org/gitlab#273651 (closed)

Does this MR meet the acceptance criteria?

Changelog entry added
Documentation created/updated for GitLab EE, if necessary
Documentation created/updated for this project, if necessary
Documentation reviewed by technical writer or follow-up review issue created
Tests added for this feature/bug
Job definition updated, if necessary
Conforms to the code review guidelines
Conforms to the Go guidelines
Security reports checked/validated by reviewer

Edited Jan 14, 2021 by Fabien Catteau

Merge request reports

Assignee Loading

Reviewers Loading

Request review from

Loading

Time tracking Loading

Loading