search

lirantal / lockfile-lint

Lint an npm or yarn lockfile to analyze and detect security issues
Apache License 2.0
781 stars 35 forks source link

Parsing empty `yarn.lock` fails #158

Closed candrews closed 1 year ago

candrews commented 1 year ago

Expected Behavior

lockfile-lint should be able to parse any valid yarn.lock file. An empty file is a valid yarn.lock, so running lockfile-lint again it should succeed.

Current Behavior

 ℹ ABORTING lockfile lint process due to error exceptions 

Unable to parse yarn lockfile "yarn.lock" 

TypeError: undefined is not iterable (cannot read property Symbol(Symbol.iterator))
    at checkSampleContent (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint-api/src/ParseLockfile.js:24:36)
    at yarnParseAndVerify (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint-api/src/ParseLockfile.js:41:49)
    at ParseLockfile.parseYarnLockfile (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint-api/src/ParseLockfile.js:160:20)
    at ParseLockfile.parseSync (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint-api/src/ParseLockfile.js:122:27)
    at ValidateHostManager (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint/src/validators/index.js:49:27)
    at /home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint/src/main.js:41:28
    at Array.forEach (<anonymous>)
    at Object.runValidators (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint/src/main.js:31:14)
    at Object.<anonymous> (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint/bin/lockfile-lint.js:80:17)
    at Module._compile (node:internal/modules/cjs/loader:1254:14) 

/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint/bin/lockfile-lint.js:89
  error('Error: command failed with exit code 1')
  ^

TypeError: error is not a function
    at Object.<anonymous> (/home/candrews/.npm/_npx/456ed9a151c5043a/node_modules/lockfile-lint/bin/lockfile-lint.js:89:3)
    at Module._compile (node:internal/modules/cjs/loader:1254:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1308:10)
    at Module.load (node:internal/modules/cjs/loader:1117:32)
    at Module._load (node:internal/modules/cjs/loader:958:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
    at node:internal/main/run_main_module:23:47

Node.js v18.16.0
[1]

Possible Solution

Steps to Reproduce (for bugs)

  1. $ touch yarn.lock && npx lockfile-lint@4.10.1 --path yarn.lock --type yarn --allowed-hosts yarn npm yarn

Context

Your Environment

lirantal commented 1 year ago

That's correct, thanks for noticing this issue and opening a PR. I'm taking a look at it now.

lirantal commented 1 year ago

Closing this issue for a merged PR.