Validate packageUrlJson structure in makePackageUrl method

This commit is contained in:
Chad Bentz
2025-05-12 22:25:29 +00:00
parent 47ec470b21
commit 73e1388139
3 changed files with 13 additions and 3 deletions
+7 -1
View File
@@ -156,7 +156,13 @@ export default class ComponentDetection {
public static makePackageUrl(packageUrlJson: any): string {
// Handle case when packageUrlJson is null or undefined
if (!packageUrlJson) {
if (
!packageUrlJson ||
typeof packageUrlJson.Scheme !== 'string' ||
typeof packageUrlJson.Type !== 'string' ||
!packageUrlJson.Scheme ||
!packageUrlJson.Type
) {
core.debug(`Warning: Received null or undefined packageUrlJson. Unable to create package URL.`);
return ""; // Return a blank string for unknown packages
}