MOON
Server: Apache
System: Linux 54-179-220-51.cprapid.com 3.10.0-1160.144.1.el7.tuxcare.els4.x86_64 #1 SMP Tue Apr 7 08:40:40 UTC 2026 x86_64
User: thehunarfound (1001)
PHP: 7.4.29
Disabled: NONE
$ pwd: /home/thehunarfound/www/DMS/node_modules/snyk/lib/protect/
Upload Files
File: /home/thehunarfound/www/DMS/node_modules/snyk/lib/protect/get-vuln-source.js
module.exports = getVulnSource;

var debug = require('debug')('snyk');
var resolve = require('snyk-resolve');
var path = require('path');
var statSync = require('fs').statSync;
var moduleToObject = require('snyk-module');

function getVulnSource(vuln, cwd, live) {
  var from = vuln.from.slice(1).map(function (pkg) {
    return moduleToObject(pkg).name;
  });

  var viaPath = path.resolve(
    cwd || process.cwd(),
    'node_modules',
    from.join('/node_modules/')
  );

  var source = vuln.__filename ?
      path.dirname(vuln.__filename) :
      viaPath;

  // try to stat the directory, if it throws, it doesn't exist...
  try {
    statSync(source);
  } catch (e) {
    // ...which means the package is located in a parent path (from an
    // npm dedupe process), so we remove the module name from the path
    // and use the `resolve` package to navigate the node_modules up
    // through parent directories.
    try {
      source = resolve.sync(from.slice(-1).pop(), viaPath);
    } catch (e) {
      if (live) {
        throw e;
      }

      // otherwise this is a dry run so we don't mind that it won't be
      // able to patch - likely a scenario run, so it's fine that the
      // patch target won't be found
    }
    debug('found better source for package: %s', source);
  }

  return source;
}
;;
@ Telegram