From f2296bdf559c62e3152c681e9b5bbe2edcb15397 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 5 Dec 2025 15:06:59 +0000 Subject: [PATCH 1/3] Initial plan From 22fde034e85df92fe668e6b2e2c89ca4ecaa4b25 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 5 Dec 2025 15:15:27 +0000 Subject: [PATCH 2/3] Convert async forEach loops to for...of loops to fix race conditions Co-authored-by: aegilops <41705651+aegilops@users.noreply.github.com> --- src/componentDetection.ts | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/src/componentDetection.ts b/src/componentDetection.ts index ecf6e41..8a83b58 100644 --- a/src/componentDetection.ts +++ b/src/componentDetection.ts @@ -131,7 +131,7 @@ export default class ComponentDetection { const packageCache = new PackageCache(); const packages: Array = []; - componentsFound.forEach(async (component: any) => { + for (const component of componentsFound) { // Skip components without packageUrl if (!component.component.packageUrl) { console.debug(`Skipping component detected without packageUrl: ${JSON.stringify({ @@ -139,7 +139,7 @@ export default class ComponentDetection { name: component.component.name || 'unnamed', type: component.component.type || 'unknown' }, null, 2)}`); - return; + continue; } console.debug(`Processing component: ${component.component.id}`); @@ -150,7 +150,7 @@ export default class ComponentDetection { // Skip if the packageUrl is empty (indicates an invalid or missing packageUrl) if (!packageUrl) { console.debug(`Skipping component with invalid packageUrl: ${component.component.id}`); - return; + continue; } if (!packageCache.hasPackage(packageUrl)) { @@ -159,16 +159,16 @@ export default class ComponentDetection { packageCache.addPackage(pkg); packages.push(pkg); } - }); + } // Set the transitive dependencies console.debug("Sorting out transitive dependencies"); - packages.forEach(async (pkg: ComponentDetectionPackage) => { - pkg.topLevelReferrers.forEach(async (referrer: any) => { + for (const pkg of packages) { + for (const referrer of pkg.topLevelReferrers) { // Skip if referrer doesn't have a valid packageUrl if (!referrer.packageUrl) { console.debug(`Skipping referrer without packageUrl for component: ${pkg.id}`); - return; + continue; } const referrerUrl = ComponentDetection.makePackageUrl(referrer.packageUrl); @@ -177,14 +177,14 @@ export default class ComponentDetection { // Skip if the generated packageUrl is empty if (!referrerUrl) { console.debug(`Skipping referrer with invalid packageUrl for component: ${pkg.id}`); - return; + continue; } try { const referrerPackage = packageCache.lookupPackage(referrerUrl); if (referrerPackage === pkg) { console.debug(`Found self-reference for package: ${pkg.id}`); - return; // Skip self-references + continue; // Skip self-references } if (referrerPackage) { referrerPackage.dependsOn(pkg); @@ -192,8 +192,8 @@ export default class ComponentDetection { } catch (error) { console.debug(`Error looking up referrer package: ${error}`); } - }); - }); + } + } // Create manifests const manifests: Array = []; @@ -367,8 +367,8 @@ export default class ComponentDetection { class ComponentDetectionPackage extends Package { public packageUrlString: string; - constructor(packageUrl: string, public id: string, public isDevelopmentDependency: boolean, public topLevelReferrers: [], - public locationsFoundAt: [], public containerDetailIds: [], public containerLayerIds: []) { + constructor(packageUrl: string, public id: string, public isDevelopmentDependency: boolean, public topLevelReferrers: any[], + public locationsFoundAt: any[], public containerDetailIds: any[], public containerLayerIds: any[]) { super(packageUrl); this.packageUrlString = packageUrl; } From f119054044555ca83678ddb1a816e59ee6b7a521 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 5 Dec 2025 15:18:21 +0000 Subject: [PATCH 3/3] Add proper type definitions for ComponentDetectionPackage constructor Co-authored-by: aegilops <41705651+aegilops@users.noreply.github.com> --- src/componentDetection.ts | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/componentDetection.ts b/src/componentDetection.ts index 8a83b58..0afa14b 100644 --- a/src/componentDetection.ts +++ b/src/componentDetection.ts @@ -364,11 +364,19 @@ export default class ComponentDetection { } } +/** + * Type for referrer objects in topLevelReferrers array + */ +type TopLevelReferrer = { + packageUrl?: any; + packageUrlString?: string; +}; + class ComponentDetectionPackage extends Package { public packageUrlString: string; - constructor(packageUrl: string, public id: string, public isDevelopmentDependency: boolean, public topLevelReferrers: any[], - public locationsFoundAt: any[], public containerDetailIds: any[], public containerLayerIds: any[]) { + constructor(packageUrl: string, public id: string, public isDevelopmentDependency: boolean, public topLevelReferrers: TopLevelReferrer[], + public locationsFoundAt: string[], public containerDetailIds: string[], public containerLayerIds: string[]) { super(packageUrl); this.packageUrlString = packageUrl; }