refactor: helpers (#1313)

Signed-off-by: Jan Kowalleck <[email protected]>

Author: jkowalleck

src/_helpers.ts

@@ -20,24 +20,35 @@ Copyright (c) OWASP Foundation. All Rights Reserved.
 import { existsSync, readdirSync, readFileSync } from 'fs'
 import { dirname, extname, isAbsolute, join, sep } from 'path'
 
+export function isNonNullable<T> (value: T): value is NonNullable<T> {
+  // NonNullable: not null and not undefined
+  return value !== null && value !== undefined
+}
+
+export const structuredClonePolyfill: <T>(value: T) => T = typeof structuredClone === 'function'
+  ? structuredClone
+  : function (value) { return JSON.parse(JSON.stringify(value)) }
+
 export interface PackageDescription {
   path: string
   packageJson: any
 }
 
+const PACKAGE_MANIFEST_FILENAME = 'package.json'
+
 export function getPackageDescription (path: string): PackageDescription | undefined {
   const isSubDirOfNodeModules = isSubDirectoryOfNodeModulesFolder(path)
 
   while (isAbsolute(path)) {
-    const pathToPackageJson = join(path, 'package.json')
+    const pathToPackageJson = join(path, PACKAGE_MANIFEST_FILENAME)
     if (existsSync(pathToPackageJson)) {
       try {
         const contentOfPackageJson = loadJsonFile(pathToPackageJson) ?? {}
         // only look for valid candidate if we are in a node_modules subdirectory
         if (!isSubDirOfNodeModules || isValidPackageJSON(contentOfPackageJson)) {
           return {
             path: pathToPackageJson,
-            packageJson: loadJsonFile(pathToPackageJson) ?? {}
+            packageJson: contentOfPackageJson
           }
         }
       } catch {
@@ -54,12 +65,14 @@ export function getPackageDescription (path: string): PackageDescription | undef
   return undefined
 }
 
+const NODE_MODULES_FOLDERNAME = 'node_modules'
+
 function isNodeModulesFolder (path: string): boolean {
-  return path.endsWith(`${sep}node_modules`)
+  return path.endsWith(`${sep}${NODE_MODULES_FOLDERNAME}`)
 }
 
 function isSubDirectoryOfNodeModulesFolder (path: string): boolean {
-  return path.includes(`${sep}node_modules${sep}`)
+  return path.includes(`${sep}${NODE_MODULES_FOLDERNAME}${sep}`)
 }
 
 export function isValidPackageJSON (pkg: any): boolean {

src/extractor.ts

@@ -21,9 +21,9 @@ import * as CDX from '@cyclonedx/cyclonedx-library'
 import { readFileSync } from 'fs'
 import * as normalizePackageJson from 'normalize-package-data'
 import { basename, dirname } from 'path'
-import { type Compilation, type Module } from 'webpack'
+import type { Compilation, Module } from 'webpack'
 
-import { getPackageDescription, type PackageDescription, searchEvidenceSources } from './_helpers'
+import { getPackageDescription, isNonNullable, type PackageDescription, searchEvidenceSources, structuredClonePolyfill } from './_helpers'
 
 type WebpackLogger = Compilation['logger']
 
@@ -158,12 +158,3 @@ export class Extractor {
     return cdxComponentEvidence
   }
 }
-
-function isNonNullable<T> (value: T): value is NonNullable<T> {
-  // NonNullable: not null and not undefined
-  return value !== null && value !== undefined
-}
-
-const structuredClonePolyfill: <T>(value: T) => T = typeof structuredClone === 'function'
-  ? structuredClone
-  : function (value) { return JSON.parse(JSON.stringify(value)) }