File tree Expand file tree Collapse file tree 1 file changed +9
-5
lines changed
javascript/ql/src/semmle/javascript/dependencies Expand file tree Collapse file tree 1 file changed +9
-5
lines changed Original file line number Diff line number Diff line change @@ -127,18 +127,22 @@ class ExternalNPMDependency extends NPMDependency {
127127 exists ( PackageDependencies pkgdeps | this = pkgdeps .getPropValue ( result ) )
128128 }
129129
130- override string getVersion ( ) {
130+ private string getVersionNumber ( ) {
131131 exists ( string versionRange | versionRange = this .( JSONString ) .getValue ( ) |
132132 // extract a concrete version from the version range; currently,
133133 // we handle exact versions as well as `<=`, `>=`, `~` and `^` ranges
134134 result = versionRange .regexpCapture ( "(?:[><]=|[=~^])?v?(\\d+(\\.\\d+){1,2})" , 1 )
135- or
136- // if no version is specified, report version `unknown`
137- result = "unknown" and
138- ( versionRange = "" or versionRange = "*" )
139135 )
140136 }
141137
138+ override string getVersion ( ) {
139+ result = getVersionNumber ( )
140+ or
141+ // if no version is specified or could not be parsed, report version `unknown`
142+ not exists ( getVersionNumber ( ) ) and
143+ result = "unknown"
144+ }
145+
142146 override Import getAnImport ( ) {
143147 exists ( int depth | depth = importsDependency ( result , getDeclaringPackage ( ) , this ) |
144148 // restrict to those results for which this is the closest matching dependency
You can’t perform that action at this time.
0 commit comments