diff --git a/pkg/dependency/parser/nodejs/npm/parse.go b/pkg/dependency/parser/nodejs/npm/parse.go index 72337b173bf2..8e3c6ad0470e 100644 --- a/pkg/dependency/parser/nodejs/npm/parse.go +++ b/pkg/dependency/parser/nodejs/npm/parse.go @@ -345,7 +345,15 @@ func (p *Parser) pkgNameFromPath(pkgPath string) string { // node_modules/function1 // node_modules/nested_func/node_modules/debug if index := strings.LastIndex(pkgPath, nodeModulesDir); index != -1 { - return pkgPath[index+len(nodeModulesDir)+1:] + pkgName := pkgPath[index+len(nodeModulesDir):] + pkgName = strings.TrimPrefix(pkgName, "/") + + if pkgName == "" { + p.logger.Warn("Invalid package-lock.json file. Package path doesn't have package name suffix", log.String("pkg_path", pkgPath)) + return "" + } + + return pkgName } p.logger.Warn("Package path doesn't have `node_modules` prefix", log.String("pkg_path", pkgPath)) return pkgPath diff --git a/pkg/dependency/parser/nodejs/npm/parse_test.go b/pkg/dependency/parser/nodejs/npm/parse_test.go index 9a1c08f70660..f9984b21128f 100644 --- a/pkg/dependency/parser/nodejs/npm/parse_test.go +++ b/pkg/dependency/parser/nodejs/npm/parse_test.go @@ -88,3 +88,43 @@ func TestParse(t *testing.T) { }) } } + +func TestPkgNameFromPath(t *testing.T) { + tests := []struct { + path string + expected string + }{ + { + path: "node_modules/package-name", + expected: "package-name", + }, + { + path: "node_modules/@package-namespace/package-name", + expected: "@package-namespace/package-name", + }, + { + path: "node_modules/package-name/node_modules/sub-sub-package", + expected: "sub-sub-package", + }, + { + path: "no/node/modules/dir", + expected: "no/node/modules/dir", + }, + { + path: "node_modules", + expected: "", + }, + { + path: "node_modules/", + expected: "", + }, + } + + parser := NewParser() + for _, test := range tests { + t.Run(test.path, func(t *testing.T) { + path := parser.pkgNameFromPath(test.path) + assert.Equal(t, test.expected, path) + }) + } +}