Resolve dependencies and improve JS support

src/packagedcode/__init__.py

@@ -150,6 +150,9 @@
     npm.NpmShrinkwrapJsonHandler,
     npm.YarnLockV1Handler,
     npm.YarnLockV2Handler,
+    npm.PnpmShrinkwrapYamlHandler,
+    npm.PnpmLockYamlHandler,
+    npm.PnpmWorkspaceYamlHandler,
 
     nuget.NugetNupkgHandler,
     nuget.NugetNuspecHandler,

src/packagedcode/bower.py

@@ -29,8 +29,10 @@ def parse(cls, location, package_only=False):
         with io.open(location, encoding='utf-8') as loc:
             package_data = json.load(loc)
 
-        # note: having no name is not a problem for private packages. See #1514
         name = package_data.get('name')
+        is_private = False
+        if not name:
+            is_private = True
 
         description = package_data.get('description')
         version = package_data.get('version')
@@ -99,5 +101,6 @@ def parse(cls, location, package_only=False):
             homepage_url=homepage_url,
             vcs_url=vcs_url,
             dependencies=dependencies,
+            is_private=is_private,
         )
         yield models.PackageData.from_data(package_data, package_only)

src/packagedcode/models.py

@@ -371,6 +371,14 @@ class DependentPackage(ModelMixin):
              'been resolved and this dependency url points to an '
              'exact version.')
 
+    is_direct = Boolean(
+        default=True,
+        label='is direct flag',
+        help='True if this dependency version requirement is '
+             'a direct dependency relation between two packages '
+             'as opposed to a transitive dependency relation, '
+             'which are present in lockfiles/dependency list.')
+
     resolved_package = Mapping(
         label='resolved package data',
         help='A mapping of resolved package data for this dependent package, '
@@ -682,6 +690,22 @@ class PackageData(IdentifiablePackageData):
              'package type or datafile format.'
     )
 
+    is_private = Boolean(
+        default=False,
+        label='is resolved flag',
+        help='True if the associated package for this package manifest '
+             'is never meant to be published to the corresponding package '
+             'repository, and is a private package.'
+    )
+
+    is_virtual = Boolean(
+        default=False,
+        label='is virtual flag',
+        help='True if this package or any of its files are not present in '
+             'the codebase, but this package was created from a resolved '
+             'package, typically present in a lockfile.'
+    )
+
     extra_data = Mapping(
         label='extra data',
         help='A mapping of arbitrary extra package data.',
@@ -1026,6 +1050,9 @@ class DatafileHandler:
     # Informational: Default primary language for this parser.
     default_primary_language = None
 
+    # If the datafilehandler contains only resolved dependencies
+    is_lockfile = False
+
     # Informational: Description of this parser
     description = None