@aegis-scan/core 0.16.3 → 0.16.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/utils.d.ts +17 -1
  2. package/dist/utils.d.ts.map +1 -1
  3. package/dist/utils.js +87 -2
  4. package/dist/utils.js.map +1 -1
  5. package/package.json +4 -2
  6. package/sbom.cdx.json +1 -0
package/dist/utils.d.ts CHANGED
@@ -35,7 +35,23 @@ export declare const MAX_FILE_SIZE_BYTES: number;
35
35
  * Clears the walkFiles result cache. Useful in tests or between audit runs.
36
36
  */
37
37
  export declare function clearWalkFilesCache(): void;
38
- export declare function walkFiles(dir: string, ignore?: string[], extensions?: string[]): string[];
38
+ /**
39
+ * v0.17.3 SC-1 — gitignore-aware walking via the `ignore` npm package
40
+ * (gitignore(5)-spec compliant, ~900k weekly downloads, battle-tested).
41
+ *
42
+ * Default ON: closes the v0.17.2 dogfood-paradox where parallel-session
43
+ * operator-local work in `aegis-precision/` polluted self-scan output
44
+ * and required a workaround path-filter at the §6 gate-check. With this
45
+ * on, the scanner honors the repo's `.gitignore` at project-root and
46
+ * any composed child `.gitignore` files encountered during the walk.
47
+ *
48
+ * Opt-out via `opts.respectGitignore = false` for scanner-internal
49
+ * test-fixtures that need a full walk regardless of ignore-state.
50
+ */
51
+ export interface WalkFilesOptions {
52
+ respectGitignore?: boolean;
53
+ }
54
+ export declare function walkFiles(dir: string, ignore?: string[], extensions?: string[], opts?: WalkFilesOptions): string[];
39
55
  /**
40
56
  * Reads a file, returning null on any failure (file not found, permission denied, etc.).
41
57
  */
package/dist/utils.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;CACzB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;;;GAKG;AACH,wBAAgB,IAAI,CAClB,OAAO,EAAE,MAAM,EACf,IAAI,GAAE,MAAM,EAAO,EACnB,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,UAAU,CAAC,CA2BrB;AAED;;GAEG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAQrE;AAED;;;;;;;;;;GAUG;AACH,eAAO,MAAM,mBAAmB,QAAkB,CAAC;AAMnD;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C;AAkCD,wBAAgB,SAAS,CACvB,GAAG,EAAE,MAAM,EACX,MAAM,GAAE,MAAM,EAAO,EACrB,UAAU,GAAE,MAAM,EAAO,GACxB,MAAM,EAAE,CA4FV;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAM5D;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAW9E"}
1
+ {"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAYA,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC;CACzB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;;;GAKG;AACH,wBAAgB,IAAI,CAClB,OAAO,EAAE,MAAM,EACf,IAAI,GAAE,MAAM,EAAO,EACnB,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,UAAU,CAAC,CA2BrB;AAED;;GAEG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAQrE;AAED;;;;;;;;;;GAUG;AACH,eAAO,MAAM,mBAAmB,QAAkB,CAAC;AAMnD;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C;AAkCD;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,gBAAgB;IAC/B,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAeD,wBAAgB,SAAS,CACvB,GAAG,EAAE,MAAM,EACX,MAAM,GAAE,MAAM,EAAO,EACrB,UAAU,GAAE,MAAM,EAAO,EACzB,IAAI,GAAE,gBAAqB,GAC1B,MAAM,EAAE,CA4JV;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAM5D;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAW9E"}
package/dist/utils.js CHANGED
@@ -1,7 +1,10 @@
1
1
  import * as childProcess from 'node:child_process';
2
2
  import * as fs from 'node:fs';
3
3
  import * as path from 'node:path';
4
+ import ignoreLib from 'ignore';
4
5
  import picomatch from 'picomatch';
6
+ // ignore@7's default export is the factory; destructure for consistent call-shape.
7
+ const createIgnore = ignoreLib;
5
8
  /**
6
9
  * Safe child_process.execFile wrapper.
7
10
  * ALWAYS resolves — even on non-zero exit codes — so callers can read stdout/stderr
@@ -95,12 +98,42 @@ export function clearWalkFilesCache() {
95
98
  function isGlobPattern(pattern) {
96
99
  return /[*?[{]/.test(pattern);
97
100
  }
98
- export function walkFiles(dir, ignore = [], extensions = []) {
101
+ /** Load a `.gitignore` file's patterns; returns [] when absent/unreadable. */
102
+ function readGitignorePatterns(gitignorePath) {
103
+ try {
104
+ const raw = fs.readFileSync(gitignorePath, 'utf-8');
105
+ return raw
106
+ .split(/\r?\n/)
107
+ .map((l) => l.trim())
108
+ .filter((l) => l.length > 0 && !l.startsWith('#'));
109
+ }
110
+ catch {
111
+ return [];
112
+ }
113
+ }
114
+ export function walkFiles(dir, ignore = [], extensions = [], opts = {}) {
115
+ const respectGitignore = opts.respectGitignore ?? true;
99
116
  const resolvedDir = path.resolve(dir);
100
- const cacheKey = `${resolvedDir}:${ignore.join(',')}:${extensions.join(',')}`;
117
+ const cacheKey = `${resolvedDir}:${ignore.join(',')}:${extensions.join(',')}:gi=${respectGitignore ? '1' : '0'}`;
101
118
  const cached = _walkFilesCache.get(cacheKey);
102
119
  if (cached)
103
120
  return cached;
121
+ // Pre-load root `.gitignore` when enabled. Child `.gitignore` files
122
+ // encountered during walk compose via their own `ignore` instance keyed
123
+ // by containing-dir relative to resolvedDir. Composition order: a file
124
+ // is filtered if the ROOT matcher OR any ANCESTOR matcher between root
125
+ // and the file's containing dir ignores it. Negation (`!pattern`) is
126
+ // handled by the `ignore` library per gitignore(5) spec.
127
+ const rootGitignoreMatcher = respectGitignore
128
+ ? (() => {
129
+ const rootPatterns = readGitignorePatterns(path.join(resolvedDir, '.gitignore'));
130
+ if (rootPatterns.length === 0)
131
+ return null;
132
+ return createIgnore().add(rootPatterns);
133
+ })()
134
+ : null;
135
+ /** dirRelative (from resolvedDir) → ignore-matcher for that subdir's .gitignore */
136
+ const childMatchers = new Map();
104
137
  // Split ignore entries into any-depth (bare) and root-only (leading `/`).
105
138
  // v0.15.4 D-C-001 — each bucket compiles its patterns via picomatch so
106
139
  // literal strings stay exact-match while wildcards (Templates*,
@@ -127,6 +160,40 @@ export function walkFiles(dir, ignore = [], extensions = []) {
127
160
  : () => false;
128
161
  const results = [];
129
162
  const visited = new Set();
163
+ /**
164
+ * gitignore-check: path is considered ignored iff the root matcher OR any
165
+ * ancestor child-matcher (up the chain to resolvedDir) reports ignored.
166
+ * The `ignore` library interprets paths relative to the matcher's base.
167
+ * Returns false if respectGitignore is off or no matchers exist.
168
+ */
169
+ function isGitignored(fullPath, isDir) {
170
+ if (!respectGitignore)
171
+ return false;
172
+ const rel = path.relative(resolvedDir, fullPath);
173
+ if (rel.length === 0)
174
+ return false;
175
+ // `ignore` treats trailing-slash as directory; pass explicit relPath.
176
+ const relForCheck = isDir ? `${rel}/` : rel;
177
+ if (rootGitignoreMatcher && rootGitignoreMatcher.ignores(relForCheck))
178
+ return true;
179
+ // Walk ancestor child-matchers: for a file at a/b/c.ts, check matchers
180
+ // attached to 'a/b', 'a', root (root already checked).
181
+ let cursor = path.dirname(rel);
182
+ while (cursor && cursor !== '.') {
183
+ const matcher = childMatchers.get(cursor);
184
+ if (matcher) {
185
+ const relFromCursor = path.relative(cursor, rel);
186
+ const cursorRel = isDir ? `${relFromCursor}/` : relFromCursor;
187
+ if (matcher.ignores(cursorRel))
188
+ return true;
189
+ }
190
+ const parent = path.dirname(cursor);
191
+ if (parent === cursor)
192
+ break;
193
+ cursor = parent;
194
+ }
195
+ return false;
196
+ }
130
197
  function walk(current, atRoot) {
131
198
  // Resolve symlinks to detect cycles
132
199
  let realPath;
@@ -139,6 +206,18 @@ export function walkFiles(dir, ignore = [], extensions = []) {
139
206
  if (visited.has(realPath))
140
207
  return;
141
208
  visited.add(realPath);
209
+ // If this subdir has its own .gitignore, attach a child-matcher keyed
210
+ // by its path relative to resolvedDir. Root .gitignore already loaded.
211
+ if (respectGitignore && current !== resolvedDir) {
212
+ const subGitignore = path.join(current, '.gitignore');
213
+ if (fs.existsSync(subGitignore)) {
214
+ const subPatterns = readGitignorePatterns(subGitignore);
215
+ if (subPatterns.length > 0) {
216
+ const key = path.relative(resolvedDir, current);
217
+ childMatchers.set(key, createIgnore().add(subPatterns));
218
+ }
219
+ }
220
+ }
142
221
  let entries;
143
222
  try {
144
223
  entries = fs.readdirSync(current, { withFileTypes: true });
@@ -155,6 +234,9 @@ export function walkFiles(dir, ignore = [], extensions = []) {
155
234
  continue;
156
235
  if (atRoot && (matchDirRootOnly(entry.name) || matchDirRootOnly(relPath)))
157
236
  continue;
237
+ // SC-1: honor .gitignore for directories (prunes the walk early)
238
+ if (isGitignored(fullPath, true))
239
+ continue;
158
240
  walk(fullPath, false);
159
241
  }
160
242
  else if (entry.isFile()) {
@@ -164,6 +246,9 @@ export function walkFiles(dir, ignore = [], extensions = []) {
164
246
  continue;
165
247
  if (atRoot && (matchFileRootOnly(entry.name) || matchFileRootOnly(relPath)))
166
248
  continue;
249
+ // SC-1: honor .gitignore for files
250
+ if (isGitignored(fullPath, false))
251
+ continue;
167
252
  if (extensions.length > 0) {
168
253
  // Fix: path.extname returns '.ts' — slice(1) removes the dot to match ['ts', 'js']
169
254
  const ext = path.extname(entry.name).slice(1);
package/dist/utils.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,YAAY,MAAM,oBAAoB,CAAC;AACnD,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,SAAS,MAAM,WAAW,CAAC;AAclC;;;;;GAKG;AACH,MAAM,UAAU,IAAI,CAClB,OAAe,EACf,OAAiB,EAAE,EACnB,UAAuB,EAAE;IAEzB,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAEhD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,YAAY,CAAC,QAAQ,CACnB,OAAO,EACP,IAAI,EACJ;YACE,GAAG;YACH,OAAO;YACP,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,QAAQ;YACrC,GAAG,EAAE,GAAG,IAAI,OAAO,CAAC,GAAG;SACxB,EACD,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;YACxB,IAAI,KAAK,IAAK,KAAsC,CAAC,MAAM,EAAE,CAAC;gBAC5D,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;gBACrE,OAAO;YACT,CAAC;YACD,mEAAmE;YACnE,OAAO,CAAC;gBACN,MAAM,EAAE,MAAM,IAAI,EAAE;gBACpB,MAAM,EAAE,MAAM,IAAI,EAAE;gBACpB,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAE,KAAmC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;aACrE,CAAC,CAAC;QACL,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAe;IACjD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC;QACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAClE,OAAO,MAAM,CAAC,QAAQ,KAAK,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;AAEnD;8EAC8E;AAC9E,MAAM,eAAe,GAAG,IAAI,GAAG,EAAoB,CAAC;AAEpD;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,eAAe,CAAC,KAAK,EAAE,CAAC;AAC1B,CAAC;AAED;;;;;GAKG;AACH;;;;;;;;;;;;;;;GAeG;AACH;;;;;GAKG;AACH,SAAS,aAAa,CAAC,OAAe;IACpC,OAAO,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,SAAS,CACvB,GAAW,EACX,SAAmB,EAAE,EACrB,aAAuB,EAAE;IAEzB,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;IAE9E,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC7C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,0EAA0E;IAC1E,uEAAuE;IACvE,gEAAgE;IAChE,sEAAsE;IACtE,kEAAkE;IAClE,wEAAwE;IACxE,oEAAoE;IACpE,uCAAuC;IACvC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IAClE,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACxF,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAE7D,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,MAAM;QAC9C,CAAC,CAAC,SAAS,CAAC,gBAAgB,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QAC5C,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAChB,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,MAAM;QAC9C,CAAC,CAAC,SAAS,CAAC,gBAAgB,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QAC5C,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAChB,MAAM,iBAAiB,GAAG,aAAa,CAAC,MAAM;QAC5C,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QACzC,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAChB,MAAM,iBAAiB,GAAG,aAAa,CAAC,MAAM;QAC5C,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QACzC,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAEhB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAElC,SAAS,IAAI,CAAC,OAAe,EAAE,MAAe;QAC5C,oCAAoC;QACpC,IAAI,QAAgB,CAAC;QACrB,IAAI,CAAC;YACH,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QACD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,OAAO;QAClC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,IAAI,OAAoB,CAAC;QACzB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YAChD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YAErD,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACxB,mEAAmE;gBACnE,IAAI,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBACxE,IAAI,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;oBAAE,SAAS;gBACpF,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACxB,CAAC;iBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;gBAC1B,2DAA2D;gBAC3D,qDAAqD;gBACrD,IAAI,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,iBAAiB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBAC1E,IAAI,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,iBAAiB,CAAC,OAAO,CAAC,CAAC;oBAAE,SAAS;gBAEtF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC1B,mFAAmF;oBACnF,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;oBAC9C,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC;wBAAE,SAAS;gBAC1C,CAAC;gBAED,gEAAgE;gBAChE,8DAA8D;gBAC9D,iEAAiE;gBACjE,IAAI,CAAC;oBACH,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,GAAG,mBAAmB;wBAAE,SAAS;gBACjE,CAAC;gBAAC,MAAM,CAAC;oBACP,SAAS;gBACX,CAAC;gBAED,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IACxB,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,WAAmB,EAAE,OAAe;IAClE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAClC,4CAA4C,OAAO,SAAS,EAC5D,EAAE,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAC1D,CAAC;IACF,OAAO,MAAM;SACV,IAAI,EAAE;SACN,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;SACjC,GAAG,CAAC,CAAC,YAAY,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC;AACrE,CAAC"}
1
+ {"version":3,"file":"utils.js","sourceRoot":"","sources":["../src/utils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,YAAY,MAAM,oBAAoB,CAAC;AACnD,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,SAAS,MAAM,QAAQ,CAAC;AAC/B,OAAO,SAAS,MAAM,WAAW,CAAC;AAElC,mFAAmF;AACnF,MAAM,YAAY,GAAG,SAGpB,CAAC;AAcF;;;;;GAKG;AACH,MAAM,UAAU,IAAI,CAClB,OAAe,EACf,OAAiB,EAAE,EACnB,UAAuB,EAAE;IAEzB,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,OAAO,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC;IAEhD,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,YAAY,CAAC,QAAQ,CACnB,OAAO,EACP,IAAI,EACJ;YACE,GAAG;YACH,OAAO;YACP,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,QAAQ;YACrC,GAAG,EAAE,GAAG,IAAI,OAAO,CAAC,GAAG;SACxB,EACD,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE;YACxB,IAAI,KAAK,IAAK,KAAsC,CAAC,MAAM,EAAE,CAAC;gBAC5D,MAAM,CAAC,IAAI,KAAK,CAAC,sBAAsB,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;gBACrE,OAAO;YACT,CAAC;YACD,mEAAmE;YACnE,OAAO,CAAC;gBACN,MAAM,EAAE,MAAM,IAAI,EAAE;gBACpB,MAAM,EAAE,MAAM,IAAI,EAAE;gBACpB,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAE,KAAmC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;aACrE,CAAC,CAAC;QACL,CAAC,CACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAe;IACjD,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC;QACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAClE,OAAO,MAAM,CAAC,QAAQ,KAAK,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;AAEnD;8EAC8E;AAC9E,MAAM,eAAe,GAAG,IAAI,GAAG,EAAoB,CAAC;AAEpD;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,eAAe,CAAC,KAAK,EAAE,CAAC;AAC1B,CAAC;AAED;;;;;GAKG;AACH;;;;;;;;;;;;;;;GAeG;AACH;;;;;GAKG;AACH,SAAS,aAAa,CAAC,OAAe;IACpC,OAAO,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAChC,CAAC;AAmBD,8EAA8E;AAC9E,SAAS,qBAAqB,CAAC,aAAqB;IAClD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACpD,OAAO,GAAG;aACP,KAAK,CAAC,OAAO,CAAC;aACd,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACpB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,SAAS,CACvB,GAAW,EACX,SAAmB,EAAE,EACrB,aAAuB,EAAE,EACzB,OAAyB,EAAE;IAE3B,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC;IACvD,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,GAAG,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,gBAAgB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;IAEjH,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC7C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,oEAAoE;IACpE,wEAAwE;IACxE,uEAAuE;IACvE,uEAAuE;IACvE,qEAAqE;IACrE,yDAAyD;IACzD,MAAM,oBAAoB,GAAG,gBAAgB;QAC3C,CAAC,CAAC,CAAC,GAAG,EAAE;YACJ,MAAM,YAAY,GAAG,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC,CAAC;YACjF,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YAC3C,OAAO,YAAY,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1C,CAAC,CAAC,EAAE;QACN,CAAC,CAAC,IAAI,CAAC;IACT,mFAAmF;IACnF,MAAM,aAAa,GAAG,IAAI,GAAG,EAA2C,CAAC;IAEzE,0EAA0E;IAC1E,uEAAuE;IACvE,gEAAgE;IAChE,sEAAsE;IACtE,kEAAkE;IAClE,wEAAwE;IACxE,oEAAoE;IACpE,uCAAuC;IACvC,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IAClE,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACxF,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,gBAAgB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;IAE7D,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,MAAM;QAC9C,CAAC,CAAC,SAAS,CAAC,gBAAgB,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QAC5C,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAChB,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,MAAM;QAC9C,CAAC,CAAC,SAAS,CAAC,gBAAgB,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QAC5C,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAChB,MAAM,iBAAiB,GAAG,aAAa,CAAC,MAAM;QAC5C,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QACzC,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAChB,MAAM,iBAAiB,GAAG,aAAa,CAAC,MAAM;QAC5C,CAAC,CAAC,SAAS,CAAC,aAAa,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;QACzC,CAAC,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAEhB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAElC;;;;;OAKG;IACH,SAAS,YAAY,CAAC,QAAgB,EAAE,KAAc;QACpD,IAAI,CAAC,gBAAgB;YAAE,OAAO,KAAK,CAAC;QACpC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QACjD,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QACnC,sEAAsE;QACtE,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QAC5C,IAAI,oBAAoB,IAAI,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC;YAAE,OAAO,IAAI,CAAC;QACnF,uEAAuE;QACvE,uDAAuD;QACvD,IAAI,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC/B,OAAO,MAAM,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YAChC,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;gBACjD,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,aAAa,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC;gBAC9D,IAAI,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC;oBAAE,OAAO,IAAI,CAAC;YAC9C,CAAC;YACD,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,MAAM,KAAK,MAAM;gBAAE,MAAM;YAC7B,MAAM,GAAG,MAAM,CAAC;QAClB,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,SAAS,IAAI,CAAC,OAAe,EAAE,MAAe;QAC5C,oCAAoC;QACpC,IAAI,QAAgB,CAAC;QACrB,IAAI,CAAC;YACH,QAAQ,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QACD,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;YAAE,OAAO;QAClC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAEtB,sEAAsE;QACtE,uEAAuE;QACvE,IAAI,gBAAgB,IAAI,OAAO,KAAK,WAAW,EAAE,CAAC;YAChD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YACtD,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;gBAChC,MAAM,WAAW,GAAG,qBAAqB,CAAC,YAAY,CAAC,CAAC;gBACxD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;oBAChD,aAAa,CAAC,GAAG,CAAC,GAAG,EAAE,YAAY,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC;gBAC1D,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,OAAoB,CAAC;QACzB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAC7D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YAChD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YAErD,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACxB,mEAAmE;gBACnE,IAAI,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBACxE,IAAI,MAAM,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;oBAAE,SAAS;gBACpF,iEAAiE;gBACjE,IAAI,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC;oBAAE,SAAS;gBAC3C,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACxB,CAAC;iBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;gBAC1B,2DAA2D;gBAC3D,qDAAqD;gBACrD,IAAI,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,iBAAiB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBAC1E,IAAI,MAAM,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,iBAAiB,CAAC,OAAO,CAAC,CAAC;oBAAE,SAAS;gBACtF,mCAAmC;gBACnC,IAAI,YAAY,CAAC,QAAQ,EAAE,KAAK,CAAC;oBAAE,SAAS;gBAE5C,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC1B,mFAAmF;oBACnF,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;oBAC9C,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC;wBAAE,SAAS;gBAC1C,CAAC;gBAED,gEAAgE;gBAChE,8DAA8D;gBAC9D,iEAAiE;gBACjE,IAAI,CAAC;oBACH,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,GAAG,mBAAmB;wBAAE,SAAS;gBACjE,CAAC;gBAAC,MAAM,CAAC;oBACP,SAAS;gBACX,CAAC;gBAED,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IACxB,eAAe,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACvC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB;IAC3C,IAAI,CAAC;QACH,OAAO,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,WAAmB,EAAE,OAAe;IAClE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAClC,4CAA4C,OAAO,SAAS,EAC5D,EAAE,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAC1D,CAAC;IACF,OAAO,MAAM;SACV,IAAI,EAAE;SACN,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;SACjC,GAAG,CAAC,CAAC,YAAY,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC;AACrE,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aegis-scan/core",
3
- "version": "0.16.3",
3
+ "version": "0.16.5",
4
4
  "description": "AEGIS core engine — orchestrator, scoring (0-1000), config loader with Zod-strict schema, suppression filter, shared types + utilities. The foundation of the AEGIS security-scanner suite for Next.js + Supabase.",
5
5
  "license": "MIT",
6
6
  "author": "RideMatch1 <230386010+RideMatch1@users.noreply.github.com>",
@@ -32,7 +32,8 @@
32
32
  "provenance": true
33
33
  },
34
34
  "files": [
35
- "dist"
35
+ "dist",
36
+ "sbom.cdx.json"
36
37
  ],
37
38
  "type": "module",
38
39
  "main": "dist/index.js",
@@ -44,6 +45,7 @@
44
45
  }
45
46
  },
46
47
  "dependencies": {
48
+ "ignore": "7.0.5",
47
49
  "picomatch": "^4.0.0",
48
50
  "zod": "^3.23.0"
49
51
  },
package/sbom.cdx.json ADDED
@@ -0,0 +1 @@
1
+ {"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:62173a39-589e-4494-8cca-534003dbfc16","version":1,"metadata":{"timestamp":"2026-04-24T17:51:53Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"core","group":"@aegis-scan","version":"0.16.5","description":"AEGIS core engine — orchestrator, scoring (0-1000), config loader with Zod-strict schema, suppression filter, shared types + utilities. The foundation of the AEGIS security-scanner suite for Next.js + Supabase.","purl":"pkg:npm/%40aegis-scan/core@0.16.5","bom-ref":"pkg:npm/@aegis-scan/core@0.16.5","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/core/node_modules/@types/node/package.json\\npackages/core/node_modules/@types/picomatch/package.json\\npackages/core/node_modules/ignore/package.json\\npackages/core/node_modules/picomatch/package.json\\npackages/core/node_modules/typescript/package.json\\npackages/core/node_modules/vitest/package.json\\npackages/core/node_modules/zod/package.json"}]},"components":[{"authors":[{"name":"Colin McDonnell <zod@colinhacks.com>"}],"group":"","name":"zod","version":"3.25.76","description":"TypeScript-first schema declaration and validation library with static type inference","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/zod@3.25.76","externalReferences":[{"type":"website","url":"https://zod.dev"},{"type":"vcs","url":"git+https://github.com/colinhacks/zod.git"}],"type":"library","bom-ref":"pkg:npm/zod@3.25.76","properties":[{"name":"SrcFile","value":"packages/core/node_modules/zod/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/zod/package.json"}],"concludedValue":"packages/core/node_modules/zod/package.json"}]},"tags":["validation"]},{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/core/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/vitest/package.json"}],"concludedValue":"packages/core/node_modules/vitest/package.json"}]},"tags":["framework"]},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/core/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/typescript/package.json"}],"concludedValue":"packages/core/node_modules/typescript/package.json"}]}},{"authors":[{"name":"Jon Schlinkert (https://github.com/jonschlinkert)"}],"group":"","name":"picomatch","version":"4.0.4","description":"Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/picomatch@4.0.4","externalReferences":[{"type":"vcs","url":"https://github.com/micromatch/picomatch"}],"type":"library","bom-ref":"pkg:npm/picomatch@4.0.4","properties":[{"name":"SrcFile","value":"packages/core/node_modules/picomatch/package.json"},{"name":"ImportedModules","value":"picomatch"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/picomatch/package.json"}],"concludedValue":"packages/core/node_modules/picomatch/package.json"}],"occurrences":[{"location":"dist/utils.js#5"},{"location":"src/utils.ts#5"}]}},{"authors":[{"name":"kael"}],"group":"","name":"ignore","version":"7.0.5","description":"Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/ignore@7.0.5","type":"library","bom-ref":"pkg:npm/ignore@7.0.5","properties":[{"name":"SrcFile","value":"packages/core/node_modules/ignore/package.json"},{"name":"ImportedModules","value":"ignore"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/ignore/package.json"}],"concludedValue":"packages/core/node_modules/ignore/package.json"}],"occurrences":[{"location":"dist/utils.js#4"},{"location":"src/utils.ts#4"}]}},{"group":"@types","name":"picomatch","version":"3.0.2","description":"TypeScript definitions for picomatch","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/picomatch@3.0.2","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/picomatch"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/picomatch@3.0.2","properties":[{"name":"SrcFile","value":"packages/core/node_modules/@types/picomatch/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/@types/picomatch/package.json"}],"concludedValue":"packages/core/node_modules/@types/picomatch/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/core/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/@types/node/package.json"}],"concludedValue":"packages/core/node_modules/@types/node/package.json"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/core@0.16.5"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-04-24T17:51:53Z","text":"This Software Bill-of-Materials (SBOM) document was created on Friday, April 24, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'core' with version '0.16.5'. The package type in this SBOM is npm with a single purl namespace '@types' described under components. The components were identified from 7 source files."}]}