Merge pull request #6016 from dependabot/bdragon/rm-yarn-lockfile-parser

Removes `YarnLockfileParser`
dependabot · Nov 2, 2022 · 2c0fae2 · 2c0fae2
2 parents 65a44d3 + 07b7570
commit 2c0fae2
Show file tree

Hide file tree

Showing 5 changed files with 14 additions and 132 deletions.
diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_fetcher/path_dependency_builder.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_fetcher/path_dependency_builder.rb
@@ -4,7 +4,6 @@
 require "dependabot/dependency_file"
 require "dependabot/errors"
 require "dependabot/npm_and_yarn/file_fetcher"
-require "dependabot/npm_and_yarn/file_parser/yarn_lockfile_parser"
 
 module Dependabot
   module NpmAndYarn
@@ -122,7 +121,17 @@ def parsed_yarn_lock
           return {} unless yarn_lock
 
           @parsed_yarn_lock ||=
-            FileParser::YarnLockfileParser.new(lockfile: yarn_lock).parse
+            SharedHelpers.in_a_temporary_directory do
+              File.write("yarn.lock", yarn_lock.content)
+
+              SharedHelpers.run_helper_subprocess(
+                command: NativeHelpers.helper_path,
+                function: "yarn:parseLockfile",
+                args: [Dir.pwd]
+              )
+            rescue SharedHelpers::HelperSubprocessFailed
+              raise Dependabot::DependencyFileNotParseable, yarn_lock.path
+            end
         end
 
         # The path back to the root lockfile

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser.rb
@@ -105,7 +105,7 @@ def build_dependency(file:, type:, name:, requirement:)
         # TODO: Handle aliased packages:
         # https://github.com/dependabot/dependabot-core/pull/1115
         #
-        # Ignore dependencies with an alias in the name (only supported by Yarn)
+        # Ignore dependencies with an alias in the name
         # Example: "my-fetch-factory@npm:fetch-factory"
         return if aliased_package_name?(name)
 

diff --git a/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser/yarn_lockfile_parser.rb b/npm_and_yarn/lib/dependabot/npm_and_yarn/file_parser/yarn_lockfile_parser.rb
diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_fetcher/path_dependency_builder_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_fetcher/path_dependency_builder_spec.rb
@@ -81,13 +81,8 @@
       context "that can't be parsed" do
         let(:project_name) { "yarn/unparseable" }
 
-        it "raises a PathDependenciesNotReachable error with details" do
-          expect { dependency_file }.
-            to raise_error(
-              Dependabot::PathDependenciesNotReachable,
-              "The following path based dependencies could not be retrieved: " \
-              "etag"
-            )
+        it "raises DependencyFileNotParseable" do
+          expect { dependency_file }.to raise_error(Dependabot::DependencyFileNotParseable)
         end
       end
 

diff --git a/npm_and_yarn/spec/dependabot/npm_and_yarn/file_parser/yarn_lockfile_parser_spec.rb b/npm_and_yarn/spec/dependabot/npm_and_yarn/file_parser/yarn_lockfile_parser_spec.rb