From 848d92d9c188aab96f5702b6ae3dcbda042616be Mon Sep 17 00:00:00 2001
From: Jossef Harush <jossef12@gmail.com>
Date: Thu, 1 Apr 2021 06:02:18 +0000
Subject: [PATCH] fix(): ignoring package.json urls and aliases close #2

---
 dependencies/dependencies.go      | 33 +++++++++++++++++++++----------
 dependencies/dependencies_test.go |  8 ++++++++
 main.go                           |  2 +-
 3 files changed, 32 insertions(+), 11 deletions(-)

diff --git a/dependencies/dependencies.go b/dependencies/dependencies.go
index 5b56abd..850eaf6 100644
--- a/dependencies/dependencies.go
+++ b/dependencies/dependencies.go
@@ -3,6 +3,7 @@ package dependencies
 import (
 	"bufio"
 	"encoding/json"
+	"fmt"
 	"regexp"
 	"strings"
 )
@@ -76,23 +77,35 @@ func ParsePackagesJsonFile(reader *bufio.Reader) ([]string, error) {
 		return nil, err
 	}
 
+	processPackageName := func(npmPackageName string) {
+		if strings.HasPrefix(npmPackageName, "@") {
+			return
+		}
+
+		value, _ := (*t.Dependencies)[npmPackageName]
+		version := fmt.Sprintf("%v", value)
+		version = strings.ToLower(version)
+
+		if strings.HasPrefix(version, "npm:") {
+			return
+		}
+
+		if strings.Contains(version, "://") {
+			return
+		}
+
+		packageNamesSet[npmPackageName] = true
+	}
+
 	if t.Dependencies != nil {
 		for npmPackageName := range *t.Dependencies {
-			if strings.HasPrefix(npmPackageName, "@") {
-				continue
-			}
-			packageNamesSet[npmPackageName] = true
-			continue
+			processPackageName(npmPackageName)
 		}
 	}
 
 	if t.DevDependencies != nil {
 		for npmPackageName := range *t.DevDependencies {
-			if strings.HasPrefix(npmPackageName, "@") {
-				continue
-			}
-			packageNamesSet[npmPackageName] = true
-			continue
+			processPackageName(npmPackageName)
 		}
 	}
 
diff --git a/dependencies/dependencies_test.go b/dependencies/dependencies_test.go
index ea6efe6..6a16a45 100644
--- a/dependencies/dependencies_test.go
+++ b/dependencies/dependencies_test.go
@@ -21,6 +21,14 @@ var npmTests = []t{
 		content:  `{"dependencies":{"@angular/core":"123"}}`,
 		expected: []string{},
 	},
+	{
+		content:  `{"dependencies":{"gulp": "git+ssh://git@github.com:gulpjs/gulp.git"}}`,
+		expected: []string{},
+	},
+	{
+		content:  `{"dependencies":{"appboy-web-sdk": "^2.2.7","appboy-web-sdk-v2": "npm:appboy-web-sdk@^2.7.0"}}`,
+		expected: []string{"appboy-web-sdk"},
+	},
 }
 var pythonTests = []t{
 
diff --git a/main.go b/main.go
index c80b741..b20609d 100644
--- a/main.go
+++ b/main.go
@@ -55,7 +55,7 @@ func main() {
 	}
 
 	if hasAnyPackageAvailableForRegistration {
-		_, _ = fmt.Fprintln(os.Stderr, "one or more packages is available for public registration")
+		_, _ = fmt.Fprintln(os.Stderr, "one or more packages are available for public registration")
 		if !auditValue {
 			os.Exit(1)
 		}