Skip to content
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
package com.blackduck.integration.detectable.detectables.pnpm.lockfile.process;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.List;

Expand Down Expand Up @@ -115,9 +116,9 @@ public List<CodeLocation> parse(File pnpmLockYamlFile, @Nullable NameVersion pro
*
* @param pnpmLockYamlFile the File path to the pnpm-lock.yaml file
* @return a memory representation of the lock file, or null if the file is empty
* @throws FileNotFoundException if the file does not exist
* @throws IOException if the file cannot be read
*/
private PnpmLockYamlBase parseYamlFile(File pnpmLockYamlFile) throws FileNotFoundException {
private PnpmLockYamlBase parseYamlFile(File pnpmLockYamlFile) throws IOException {
Comment thread
bd-spratikbharti marked this conversation as resolved.
DumperOptions dumperOptions = new DumperOptions();
Representer representer = new Representer(dumperOptions);
representer.getPropertyUtils().setSkipMissingProperties(true);
Expand All @@ -128,7 +129,10 @@ private PnpmLockYamlBase parseYamlFile(File pnpmLockYamlFile) throws FileNotFoun
// Step 1: Try to read the lockfile into the v6/v9 Yaml classes first (more common).
logger.debug("Attempting to parse '{}' as v6/v9 format.", pnpmLockYamlFile.getName());
Yaml yaml = new Yaml(new Constructor(PnpmLockYaml.class, loaderOptions), representer);
PnpmLockYamlBase result = yaml.load(new FileReader(pnpmLockYamlFile));
PnpmLockYamlBase result;
try (InputStreamReader reader = new InputStreamReader(new FileInputStream(pnpmLockYamlFile), StandardCharsets.UTF_8)) {
result = yaml.load(reader);
}

if (result == null) {
// Step 1a: File was empty or contained only comments — SnakeYAML returns null.
Expand Down Expand Up @@ -156,7 +160,9 @@ private PnpmLockYamlBase parseYamlFile(File pnpmLockYamlFile) throws FileNotFoun
// Step 2: Re-parse as v5.
logger.debug("Attempting to parse '{}' as v5 format.", pnpmLockYamlFile.getName());
Yaml yaml = new Yaml(new Constructor(PnpmLockYamlv5.class, loaderOptions), representer);
return yaml.load(new FileReader(pnpmLockYamlFile));
try (InputStreamReader reader = new InputStreamReader(new FileInputStream(pnpmLockYamlFile), StandardCharsets.UTF_8)) {
return yaml.load(reader);
}
}

/**
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
package com.blackduck.integration.detectable.detectables.pnpm.unit;

import java.io.File;
import java.io.IOException;
import java.util.Collections;
import java.util.List;

import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;

import com.google.gson.Gson;
import com.blackduck.integration.detectable.detectable.codelocation.CodeLocation;
import com.blackduck.integration.detectable.detectable.util.EnumListFilter;
import com.blackduck.integration.detectable.detectables.pnpm.lockfile.PnpmLockOptions;
import com.blackduck.integration.detectable.detectables.pnpm.lockfile.model.PnpmDependencyType;
import com.blackduck.integration.detectable.detectables.pnpm.lockfile.process.PnpmLinkedPackageResolver;
import com.blackduck.integration.detectable.detectables.pnpm.lockfile.process.PnpmLockYamlParserInitial;
import com.blackduck.integration.detectable.detectables.yarn.packagejson.PackageJsonFiles;
import com.blackduck.integration.detectable.detectables.yarn.packagejson.PackageJsonReader;
import com.blackduck.integration.detectable.util.FunctionalTestFiles;
import com.blackduck.integration.exception.IntegrationException;
import com.blackduck.integration.util.NameVersion;

/**
* Tests that pnpm-lock.yaml files containing emojis and non-ASCII content
* are parsed correctly when read with explicit UTF-8 encoding
* (InputStreamReader + StandardCharsets.UTF_8).
*/
public class PnpmLockYamlParserUtf8Test {

private List<CodeLocation> parseLockFile(String resourcePath) throws IOException, IntegrationException {
File pnpmLockYaml = FunctionalTestFiles.asFile(resourcePath);

EnumListFilter<PnpmDependencyType> dependencyTypeFilter = EnumListFilter.excludeNone();
PnpmLockOptions pnpmLockOptions = new PnpmLockOptions(dependencyTypeFilter, Collections.emptyList(), Collections.emptyList());

PnpmLockYamlParserInitial parser = new PnpmLockYamlParserInitial(pnpmLockOptions);
PnpmLinkedPackageResolver linkedPackageResolver = new PnpmLinkedPackageResolver(
pnpmLockYaml.getParentFile(),
new PackageJsonFiles(new PackageJsonReader(new Gson()))
);

return parser.parse(pnpmLockYaml, new NameVersion("project", "1.0.0"), linkedPackageResolver);
}

@Test
public void testParseV9WithEmojiComments() throws IOException, IntegrationException {
// YAML contains emoji characters (🚀🎉✅❌🔥💡) in comments
List<CodeLocation> codeLocations = parseLockFile("/pnpm/unicode/v9-emoji-comments/pnpm-lock.yaml");

Assertions.assertNotNull(codeLocations, "Code locations should not be null when parsing YAML with emoji comments");
Assertions.assertFalse(codeLocations.isEmpty(), "Should produce at least one code location");
}

@Test
public void testParseV5WithAccentedComments() throws IOException, IntegrationException {
// YAML contains accented (Ünïcödé, Ñoño, résumé, naïveté) and Greek characters in comments
List<CodeLocation> codeLocations = parseLockFile("/pnpm/unicode/v5-accented/pnpm-lock.yaml");

Assertions.assertNotNull(codeLocations, "Code locations should not be null when parsing YAML with accented comments");
Assertions.assertFalse(codeLocations.isEmpty(), "Should produce at least one code location");
}

}

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.