cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon phylum-dev

Include `alias` information in the output of `phylum parse`

Open andreaphylum opened this issue 2 years ago • 0 comments

Overview

Currently, the output schema of phylum parse does not include information about the aliases. This information could be useful to the vuln-reach cli for correctly resolving aliased dependencies.

Proposed formats

There could be more than one alias for a given package, so either of these solutions could work:

  • One package per alias. 
    { "name": "vue-loader", "version": "17.0.1", "alias": "vue-loader-vue3" },
{ "name": "vue-loader", "version": "17.0.1", "alias": "vue-loader-svelte" },
  • An array of aliases: 
    { "name": "vue-loader", "version": "17.0.1", "aliases": [ "vue-loader-vue3", "vue-loader-svelte" ] },

Acceptance Criteria

  • [ ] phylum parse outputs an optional field with alias information alongside the rest of the package information.

andreaphylum avatar Nov 21 '23 17:11 andreaphylum