vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-06 18:30:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(ci): parse quoted pnpm snapshot keys

Browse Source
This commit is contained in:
Gustavo Madeira Santana
2026-04-14 21:15:43 -04:00
parent da43277cc9
commit 4c52731051
2 changed files with 67 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
test/scripts/pnpm-audit-prod.test.ts
View File

@@ -105,6 +105,35 @@ snapshots:
});
});
it("resolves quoted snapshot keys that contain tarball URLs", () => {
const lockfile = `lockfileVersion: '9.0'
importers:
.:
dependencies:
wrapper:
version: 1.0.0
snapshots:
wrapper@1.0.0:
dependencies:
libsignal: '@whiskeysockets/libsignal-node@https://codeload.github.com/whiskeysockets/libsignal-node/tar.gz/abc123'
'@whiskeysockets/libsignal-node@https://codeload.github.com/whiskeysockets/libsignal-node/tar.gz/abc123':
dependencies:
curve25519-js: 0.0.4
curve25519-js@0.0.4: {}
`;
const payload = createBulkAdvisoryPayload(collectProdResolvedPackagesFromLockfile(lockfile));
expect(payload).toEqual({
"@whiskeysockets/libsignal-node": [
"https://codeload.github.com/whiskeysockets/libsignal-node/tar.gz/abc123",
],
"curve25519-js": ["0.0.4"],
wrapper: ["1.0.0"],
});
});
it("filters advisory findings by minimum severity", () => {
const findings = filterFindingsBySeverity(
{