From 42421d7b96bfff1888f8dc80fcc3ee3fdee1e42d Mon Sep 17 00:00:00 2001
From: Craig Andrews <candrews@integralblue.com>
Date: Mon, 22 May 2023 14:39:56 -0400
Subject: [PATCH 1/7] test: should fail with an empty npm lock file

Ensure that empty npm lock files are currently and continue to be handled properly
---
 .../__tests__/fixtures/empty.json             |  0
 packages/lockfile-lint/__tests__/main.test.js | 21 +++++++++++++++++++
 2 files changed, 21 insertions(+)
 create mode 100644 packages/lockfile-lint/__tests__/fixtures/empty.json

diff --git a/packages/lockfile-lint/__tests__/fixtures/empty.json b/packages/lockfile-lint/__tests__/fixtures/empty.json
new file mode 100644
index 0000000..e69de29
diff --git a/packages/lockfile-lint/__tests__/main.test.js b/packages/lockfile-lint/__tests__/main.test.js
index f2851b7..1b8726e 100644
--- a/packages/lockfile-lint/__tests__/main.test.js
+++ b/packages/lockfile-lint/__tests__/main.test.js
@@ -164,6 +164,27 @@ describe('Main CLI logic', () => {
       expect(result.validatorCount).toEqual(1)
       expect(result.validatorSuccesses).toEqual(1)
     })
+
+    test('should fail with an empty npm lock file', () => {
+      const lockfilePath = path.join(__dirname, '/fixtures/empty.json')
+      const lockfileType = 'npm'
+      const validators = [
+        {
+          name: 'validateHosts',
+          values: ['npm']
+        }
+      ]
+
+      expect(() =>
+        main
+          .runValidators({
+            path: lockfilePath,
+            type: lockfileType,
+            validators
+          })
+          .toThrow('Lockfile does not seem to contain a valid dependency list')
+      )
+    })
   })
 
   describe('validateSchemes', () => {

From 0709f42271af61fecfe007a0045267d78cc3d42e Mon Sep 17 00:00:00 2001
From: Craig Andrews <candrews@integralblue.com>
Date: Mon, 15 May 2023 14:22:48 -0400
Subject: [PATCH 2/7] fix: error handling for empty yarn lock files (#158)

---
 .../lockfile-lint-api/src/ParseLockfile.js    |  3 +++
 packages/lockfile-lint/__tests__/main.test.js | 21 +++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/packages/lockfile-lint-api/src/ParseLockfile.js b/packages/lockfile-lint-api/src/ParseLockfile.js
index b9f6d50..7b82d7f 100644
--- a/packages/lockfile-lint-api/src/ParseLockfile.js
+++ b/packages/lockfile-lint-api/src/ParseLockfile.js
@@ -21,6 +21,9 @@ const {
  * @return boolean
  */
 function checkSampleContent (lockfile, isYarnBerry) {
+  if (Object.entries(lockfile).length < (isYarnBerry ? 2 : 1)) {
+    return false
+  }
   const [sampleKey, sampleValue] = Object.entries(lockfile)[isYarnBerry ? 1 : 0]
   return (
     sampleKey.match(/.*@.*/) &&
diff --git a/packages/lockfile-lint/__tests__/main.test.js b/packages/lockfile-lint/__tests__/main.test.js
index 1b8726e..caeb390 100644
--- a/packages/lockfile-lint/__tests__/main.test.js
+++ b/packages/lockfile-lint/__tests__/main.test.js
@@ -185,6 +185,27 @@ describe('Main CLI logic', () => {
           .toThrow('Lockfile does not seem to contain a valid dependency list')
       )
     })
+
+    test('should fail with an empty yarn lock file', () => {
+      const lockfilePath = path.join(__dirname, '/fixtures/empty.json')
+      const lockfileType = 'yarn'
+      const validators = [
+        {
+          name: 'validateHosts',
+          values: ['npm']
+        }
+      ]
+
+      expect(() =>
+        main
+          .runValidators({
+            path: lockfilePath,
+            type: lockfileType,
+            validators
+          })
+          .toThrow('Lockfile does not seem to contain a valid dependency list')
+      )
+    })
   })
 
   describe('validateSchemes', () => {

From 5a5cf57469af58b2b07e4255ccc457dfd9a5ffaf Mon Sep 17 00:00:00 2001
From: Liran Tal <liran.tal@gmail.com>
Date: Wed, 24 May 2023 02:18:45 +0300
Subject: [PATCH 3/7] Update packages/lockfile-lint/__tests__/main.test.js

---
 packages/lockfile-lint/__tests__/main.test.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/lockfile-lint/__tests__/main.test.js b/packages/lockfile-lint/__tests__/main.test.js
index caeb390..a7f6308 100644
--- a/packages/lockfile-lint/__tests__/main.test.js
+++ b/packages/lockfile-lint/__tests__/main.test.js
@@ -188,7 +188,7 @@ describe('Main CLI logic', () => {
 
     test('should fail with an empty yarn lock file', () => {
       const lockfilePath = path.join(__dirname, '/fixtures/empty.json')
-      const lockfileType = 'yarn'
+      const lockfileType = 'npm'
       const validators = [
         {
           name: 'validateHosts',

From a18f193a18bbf495c64c8872b7664c2aec9d56d0 Mon Sep 17 00:00:00 2001
From: Liran Tal <liran.tal@gmail.com>
Date: Wed, 24 May 2023 02:19:16 +0300
Subject: [PATCH 4/7] Update packages/lockfile-lint/__tests__/main.test.js

---
 packages/lockfile-lint/__tests__/main.test.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/lockfile-lint/__tests__/main.test.js b/packages/lockfile-lint/__tests__/main.test.js
index a7f6308..3cd4227 100644
--- a/packages/lockfile-lint/__tests__/main.test.js
+++ b/packages/lockfile-lint/__tests__/main.test.js
@@ -171,7 +171,7 @@ describe('Main CLI logic', () => {
       const validators = [
         {
           name: 'validateHosts',
-          values: ['npm']
+          values: ['yarn']
         }
       ]
 

From 4f4f1d106bfebfa4a9c798fef57e0611f50ad977 Mon Sep 17 00:00:00 2001
From: Liran Tal <liran.tal@gmail.com>
Date: Wed, 24 May 2023 02:21:21 +0300
Subject: [PATCH 5/7] Update packages/lockfile-lint/__tests__/main.test.js

---
 packages/lockfile-lint/__tests__/main.test.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/lockfile-lint/__tests__/main.test.js b/packages/lockfile-lint/__tests__/main.test.js
index 3cd4227..4e84ac5 100644
--- a/packages/lockfile-lint/__tests__/main.test.js
+++ b/packages/lockfile-lint/__tests__/main.test.js
@@ -192,7 +192,7 @@ describe('Main CLI logic', () => {
       const validators = [
         {
           name: 'validateHosts',
-          values: ['npm']
+          values: ['yarn']
         }
       ]
 

From 579883e62846f647484a789eeac9f00c5732485e Mon Sep 17 00:00:00 2001
From: Liran Tal <liran.tal@gmail.com>
Date: Wed, 24 May 2023 02:21:26 +0300
Subject: [PATCH 6/7] Update packages/lockfile-lint/__tests__/main.test.js

---
 packages/lockfile-lint/__tests__/main.test.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/lockfile-lint/__tests__/main.test.js b/packages/lockfile-lint/__tests__/main.test.js
index 4e84ac5..a52d008 100644
--- a/packages/lockfile-lint/__tests__/main.test.js
+++ b/packages/lockfile-lint/__tests__/main.test.js
@@ -188,7 +188,7 @@ describe('Main CLI logic', () => {
 
     test('should fail with an empty yarn lock file', () => {
       const lockfilePath = path.join(__dirname, '/fixtures/empty.json')
-      const lockfileType = 'npm'
+      const lockfileType = 'yarn'
       const validators = [
         {
           name: 'validateHosts',

From d386047d680a2ce9943dd50ddcff477531f628a9 Mon Sep 17 00:00:00 2001
From: Liran Tal <liran.tal@gmail.com>
Date: Wed, 24 May 2023 02:21:32 +0300
Subject: [PATCH 7/7] Update packages/lockfile-lint/__tests__/main.test.js

---
 packages/lockfile-lint/__tests__/main.test.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/lockfile-lint/__tests__/main.test.js b/packages/lockfile-lint/__tests__/main.test.js
index a52d008..3b1d325 100644
--- a/packages/lockfile-lint/__tests__/main.test.js
+++ b/packages/lockfile-lint/__tests__/main.test.js
@@ -171,7 +171,7 @@ describe('Main CLI logic', () => {
       const validators = [
         {
           name: 'validateHosts',
-          values: ['yarn']
+          values: ['npm']
         }
       ]