(Tarball) support artefacts with TS only source

I think as time goes on we will see more packages with ts-only sources which is a bit of a problem for the current scanner.

We probably need to review the implementations and make sure that we use: https://github.com/NodeSecure/js-x-ray/tree/master/workspaces/ts-source-parser for analysing TS files.