@cyclonedx/cdxgen 10.5.1 → 10.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/README.md +86 -127
  2. package/bin/cdxgen.js +4 -2
  3. package/bin/evinse.js +2 -1
  4. package/bin/repl.js +38 -23
  5. package/bin/verify.js +2 -1
  6. package/binary.js +6 -6
  7. package/data/spdx.schema.json +117 -1
  8. package/display.js +28 -0
  9. package/docker.js +21 -6
  10. package/index.js +330 -91
  11. package/package.json +21 -12
  12. package/types/analyzer.d.ts +4 -7
  13. package/types/binary.d.ts +8 -12
  14. package/types/binary.d.ts.map +1 -1
  15. package/types/cbomutils.d.ts +1 -1
  16. package/types/db.d.ts +9 -22
  17. package/types/display.d.ts +2 -1
  18. package/types/display.d.ts.map +1 -1
  19. package/types/docker.d.ts +33 -52
  20. package/types/docker.d.ts.map +1 -1
  21. package/types/envcontext.d.ts +40 -40
  22. package/types/evinser.d.ts +717 -3436
  23. package/types/index.d.ts +48 -67
  24. package/types/index.d.ts.map +1 -1
  25. package/types/jest.config.d.ts +2 -2
  26. package/types/piptree.d.ts +2 -6
  27. package/types/postgen.d.ts +1 -1
  28. package/types/protobom.d.ts +2 -6
  29. package/types/server.d.ts +1 -1
  30. package/types/utils.d.ts +344 -510
  31. package/types/utils.d.ts.map +1 -1
  32. package/types/validator.d.ts +1 -1
  33. package/utils.js +315 -25
  34. package/utils.test.js +207 -18
package/types/utils.d.ts CHANGED
@@ -4,11 +4,7 @@
4
4
  * @param {string} dirPath Root directory for search
5
5
  * @param {string} pattern Glob pattern (eg: *.gradle)
6
6
  */
7
- export function getAllFiles(
8
- dirPath: string,
9
- pattern: string,
10
- options?: {},
11
- ): string[];
7
+ export function getAllFiles(dirPath: string, pattern: string, options?: {}): string[];
12
8
  /**
13
9
  * Method to get files matching a pattern
14
10
  *
@@ -16,11 +12,7 @@ export function getAllFiles(
16
12
  * @param {string} pattern Glob pattern (eg: *.gradle)
17
13
  * @param {Array} ignoreList Directory patterns to ignore
18
14
  */
19
- export function getAllFilesWithIgnore(
20
- dirPath: string,
21
- pattern: string,
22
- ignoreList: any[],
23
- ): string[];
15
+ export function getAllFilesWithIgnore(dirPath: string, pattern: string, ignoreList: any[]): string[];
24
16
  /**
25
17
  * Return the current timestamp in YYYY-MM-DDTHH:MM:SSZ format.
26
18
  *
@@ -70,11 +62,8 @@ export function addLicenseText(pkg: any, l: any, licenseContent: any): void;
70
62
  * Read the file from the given path to the license text object and includes
71
63
  * content-type attribute, if not default. Returns the license text object.
72
64
  */
73
- export function readLicenseText(
74
- licenseFilepath: any,
75
- licenseContentType: any,
76
- ): {
77
- content: string;
65
+ export function readLicenseText(licenseFilepath: any, licenseContentType: any): {
66
+ content: string;
78
67
  };
79
68
  export function getSwiftPackageMetadata(pkgList: any): Promise<any[]>;
80
69
  /**
@@ -89,22 +78,16 @@ export function getNpmMetadata(pkgList: any[]): Promise<any[]>;
89
78
  * @param {string} pkgJsonFile package.json file
90
79
  * @param {boolean} simple Return a simpler representation of the component by skipping extended attributes and license fetch.
91
80
  */
92
- export function parsePkgJson(
93
- pkgJsonFile: string,
94
- simple?: boolean,
95
- ): Promise<any[]>;
81
+ export function parsePkgJson(pkgJsonFile: string, simple?: boolean): Promise<any[]>;
96
82
  /**
97
83
  * Parse nodejs package lock file
98
84
  *
99
85
  * @param {string} pkgLockFile package-lock.json file
100
86
  * @param {object} options Command line options
101
87
  */
102
- export function parsePkgLock(
103
- pkgLockFile: string,
104
- options?: object,
105
- ): Promise<{
106
- pkgList: any;
107
- dependenciesList: any;
88
+ export function parsePkgLock(pkgLockFile: string, options?: object): Promise<{
89
+ pkgList: any;
90
+ dependenciesList: any;
108
91
  }>;
109
92
  /**
110
93
  * Given a lock file this method would return an Object with the identiy as the key and parsed name and value
@@ -121,8 +104,8 @@ export function yarnLockToIdentMap(lockData: string): {};
121
104
  * @param {string} yarnLockFile yarn.lock file
122
105
  */
123
106
  export function parseYarnLock(yarnLockFile: string): Promise<{
124
- pkgList: any[];
125
- dependenciesList: any[];
107
+ pkgList: any[];
108
+ dependenciesList: any[];
126
109
  }>;
127
110
  /**
128
111
  * Parse nodejs shrinkwrap deps file
@@ -136,22 +119,16 @@ export function parseNodeShrinkwrap(swFile: string): Promise<any[]>;
136
119
  * @param {string} pnpmLock pnpm-lock.yaml file
137
120
  * @param {object} parentComponent parent component
138
121
  */
139
- export function parsePnpmLock(
140
- pnpmLock: string,
141
- parentComponent?: object,
142
- ): Promise<
143
- | {
144
- pkgList?: undefined;
145
- dependenciesList?: undefined;
146
- }
147
- | {
148
- pkgList: any[];
149
- dependenciesList: {
122
+ export function parsePnpmLock(pnpmLock: string, parentComponent?: object): Promise<{
123
+ pkgList?: undefined;
124
+ dependenciesList?: undefined;
125
+ } | {
126
+ pkgList: any[];
127
+ dependenciesList: {
150
128
  ref: string;
151
129
  dependsOn: string[];
152
- }[];
153
- }
154
- >;
130
+ }[];
131
+ }>;
155
132
  /**
156
133
  * Parse bower json file
157
134
  *
@@ -170,44 +147,42 @@ export function parseMinJs(minJsFile: string): Promise<any[]>;
170
147
  * @param {string} pom file to parse
171
148
  */
172
149
  export function parsePom(pomFile: any): {
173
- group: any;
174
- name: any;
175
- version: any;
176
- qualifiers: {
177
- type: string;
178
- };
179
- properties: {
180
- name: string;
181
- value: any;
182
- }[];
183
- evidence: {
184
- identity: {
185
- field: string;
186
- confidence: number;
187
- methods: {
188
- technique: string;
189
- confidence: number;
150
+ group: any;
151
+ name: any;
152
+ version: any;
153
+ qualifiers: {
154
+ type: string;
155
+ };
156
+ properties: {
157
+ name: string;
190
158
  value: any;
191
- }[];
159
+ }[];
160
+ evidence: {
161
+ identity: {
162
+ field: string;
163
+ confidence: number;
164
+ methods: {
165
+ technique: string;
166
+ confidence: number;
167
+ value: any;
168
+ }[];
169
+ };
192
170
  };
193
- };
194
171
  }[];
195
172
  /**
196
173
  * Parse maven tree output
197
174
  * @param {string} rawOutput Raw string output
198
175
  */
199
- export function parseMavenTree(rawOutput: string):
200
- | {
201
- pkgList?: undefined;
202
- dependenciesList?: undefined;
203
- }
204
- | {
205
- pkgList: any[];
206
- dependenciesList: {
176
+ export function parseMavenTree(rawOutput: string): {
177
+ pkgList?: undefined;
178
+ dependenciesList?: undefined;
179
+ } | {
180
+ pkgList: any[];
181
+ dependenciesList: {
207
182
  ref: string;
208
183
  dependsOn: any;
209
- }[];
210
- };
184
+ }[];
185
+ };
211
186
  /**
212
187
  * Parse gradle dependencies output
213
188
  * @param {string} rawOutput Raw string output
@@ -215,30 +190,23 @@ export function parseMavenTree(rawOutput: string):
215
190
  * @param {string} rootProjectName Root project name
216
191
  * @param {string} rootProjectVersion Root project version
217
192
  */
218
- export function parseGradleDep(
219
- rawOutput: string,
220
- rootProjectGroup?: string,
221
- rootProjectName?: string,
222
- rootProjectVersion?: string,
223
- ):
224
- | {
225
- pkgList: {
193
+ export function parseGradleDep(rawOutput: string, rootProjectGroup?: string, rootProjectName?: string, rootProjectVersion?: string): {
194
+ pkgList: {
226
195
  group: any;
227
196
  name: any;
228
197
  version: any;
229
198
  qualifiers: {
230
- type: string;
199
+ type: string;
231
200
  };
232
- }[];
233
- dependenciesList: {
201
+ }[];
202
+ dependenciesList: {
234
203
  ref: string;
235
204
  dependsOn: any;
236
- }[];
237
- }
238
- | {
239
- pkgList?: undefined;
240
- dependenciesList?: undefined;
241
- };
205
+ }[];
206
+ } | {
207
+ pkgList?: undefined;
208
+ dependenciesList?: undefined;
209
+ };
242
210
  /**
243
211
  * Parse clojure cli dependencies output
244
212
  * @param {string} rawOutput Raw string output
@@ -256,8 +224,8 @@ export function parseLeinMap(node: any, keys_cache: any, deps: any): any;
256
224
  * @param {string} rawOutput Raw string output
257
225
  */
258
226
  export function parseGradleProjects(rawOutput: string): {
259
- rootProject: string;
260
- projects: any[];
227
+ rootProject: string;
228
+ projects: any[];
261
229
  };
262
230
  /**
263
231
  * Parse gradle properties output
@@ -265,13 +233,13 @@ export function parseGradleProjects(rawOutput: string): {
265
233
  * @param {string} rawOutput Raw string output
266
234
  */
267
235
  export function parseGradleProperties(rawOutput: string): {
268
- rootProject: string;
269
- projects: any[];
270
- metadata: {
271
- group: string;
272
- version: string;
273
- properties: any[];
274
- };
236
+ rootProject: string;
237
+ projects: any[];
238
+ metadata: {
239
+ group: string;
240
+ version: string;
241
+ properties: any[];
242
+ };
275
243
  };
276
244
  /**
277
245
  * Execute gradle properties command using multi-threading and return parsed output
@@ -282,11 +250,7 @@ export function parseGradleProperties(rawOutput: string): {
282
250
  *
283
251
  * @returns {string} The combined output for all subprojects of the Gradle properties task
284
252
  */
285
- export function executeParallelGradleProperties(
286
- dir: string,
287
- rootPath: string,
288
- allProjectsStr: any[],
289
- ): string;
253
+ export function executeParallelGradleProperties(dir: string, rootPath: string, allProjectsStr: any[]): string;
290
254
  /**
291
255
  * Execute gradle properties command and return parsed output
292
256
  *
@@ -294,11 +258,7 @@ export function executeParallelGradleProperties(
294
258
  * @param {string} rootPath Root directory
295
259
  * @param {string} subProject Sub project name
296
260
  */
297
- export function executeGradleProperties(
298
- dir: string,
299
- rootPath: string,
300
- subProject: string,
301
- ): {};
261
+ export function executeGradleProperties(dir: string, rootPath: string, subProject: string): {};
302
262
  /**
303
263
  * Parse bazel action graph output
304
264
  * @param {string} rawOutput Raw string output
@@ -336,10 +296,7 @@ export function guessLicenseId(content: any): any;
336
296
  * @param {Array} pkgList Package list
337
297
  * @param {Object} jarNSMapping Jar Namespace mapping object
338
298
  */
339
- export function getMvnMetadata(
340
- pkgList: any[],
341
- jarNSMapping?: any,
342
- ): Promise<any[]>;
299
+ export function getMvnMetadata(pkgList: any[], jarNSMapping?: any): Promise<any[]>;
343
300
  /**
344
301
  * Method to compose URL of pom.xml
345
302
  *
@@ -350,12 +307,7 @@ export function getMvnMetadata(
350
307
  *
351
308
  * @return {String} fullUrl
352
309
  */
353
- export function composePomXmlUrl({
354
- urlPrefix,
355
- group,
356
- name,
357
- version,
358
- }: string): string;
310
+ export function composePomXmlUrl({ urlPrefix, group, name, version }: string): string;
359
311
  /**
360
312
  * Method to fetch pom.xml data and parse it to JSON
361
313
  *
@@ -366,12 +318,7 @@ export function composePomXmlUrl({
366
318
  *
367
319
  * @return {Object|undefined}
368
320
  */
369
- export function fetchPomXmlAsJson({
370
- urlPrefix,
371
- group,
372
- name,
373
- version,
374
- }: string): any | undefined;
321
+ export function fetchPomXmlAsJson({ urlPrefix, group, name, version }: string): any | undefined;
375
322
  /**
376
323
  * Method to fetch pom.xml data
377
324
  *
@@ -382,12 +329,7 @@ export function fetchPomXmlAsJson({
382
329
  *
383
330
  * @return {Promise<String>}
384
331
  */
385
- export function fetchPomXml({
386
- urlPrefix,
387
- group,
388
- name,
389
- version,
390
- }: string): Promise<string>;
332
+ export function fetchPomXml({ urlPrefix, group, name, version }: string): Promise<string>;
391
333
  /**
392
334
  * Method extract single or multiple license entries that might appear in pom.xml
393
335
  *
@@ -404,20 +346,15 @@ export function parseLicenseEntryOrArrayFromPomXml(license: any | any[]): any[];
404
346
  *
405
347
  * @return {Promise<String>} License ID
406
348
  */
407
- export function extractLicenseCommentFromPomXml({
408
- urlPrefix,
409
- group,
410
- name,
411
- version,
412
- }: string): Promise<string>;
349
+ export function extractLicenseCommentFromPomXml({ urlPrefix, group, name, version, }: string): Promise<string>;
413
350
  /**
414
351
  * Method to parse python requires_dist attribute found in pypi setup.py
415
352
  *
416
353
  * @param requires_dist string
417
354
  */
418
355
  export function parsePyRequiresDist(dist_string: any): {
419
- name: string;
420
- version: string;
356
+ name: string;
357
+ version: string;
421
358
  };
422
359
  /**
423
360
  * Method to mimic pip version solver using node-semver
@@ -425,20 +362,14 @@ export function parsePyRequiresDist(dist_string: any): {
425
362
  * @param {Array} versionsList List of version numbers available
426
363
  * @param {*} versionSpecifiers pip version specifier
427
364
  */
428
- export function guessPypiMatchingVersion(
429
- versionsList: any[],
430
- versionSpecifiers: any,
431
- ): any;
365
+ export function guessPypiMatchingVersion(versionsList: any[], versionSpecifiers: any): any;
432
366
  /**
433
367
  * Method to retrieve metadata for python packages by querying pypi
434
368
  *
435
369
  * @param {Array} pkgList Package list
436
370
  * @param {Boolean} fetchDepsInfo Fetch dependencies info from pypi
437
371
  */
438
- export function getPyMetadata(
439
- pkgList: any[],
440
- fetchDepsInfo: boolean,
441
- ): Promise<any[]>;
372
+ export function getPyMetadata(pkgList: any[], fetchDepsInfo: boolean): Promise<any[]>;
442
373
  /**
443
374
  * Method to parse bdist_wheel metadata
444
375
  *
@@ -463,30 +394,21 @@ export function parsePyProjectToml(tomlFile: string): {};
463
394
  * @param {Object} lockData JSON data from poetry.lock
464
395
  * @param {string} lockFile Lock file name for evidence
465
396
  */
466
- export function parsePoetrylockData(
467
- lockData: any,
468
- lockFile: string,
469
- ): Promise<
470
- | any[]
471
- | {
472
- pkgList: any[];
473
- rootList: any[];
474
- dependenciesList: {
397
+ export function parsePoetrylockData(lockData: any, lockFile: string): Promise<any[] | {
398
+ pkgList: any[];
399
+ rootList: any[];
400
+ dependenciesList: {
475
401
  ref: string;
476
402
  dependsOn: any[];
477
- }[];
478
- }
479
- >;
403
+ }[];
404
+ }>;
480
405
  /**
481
406
  * Method to parse requirements.txt data
482
407
  *
483
408
  * @param {Object} reqData Requirements.txt data
484
409
  * @param {Boolean} fetchDepsInfo Fetch dependencies info from pypi
485
410
  */
486
- export function parseReqFile(
487
- reqData: any,
488
- fetchDepsInfo: boolean,
489
- ): Promise<any[]>;
411
+ export function parseReqFile(reqData: any, fetchDepsInfo: boolean): Promise<any[]>;
490
412
  /**
491
413
  * Method to find python modules by parsing the imports and then checking with PyPI to obtain the latest version
492
414
  *
@@ -494,18 +416,14 @@ export function parseReqFile(
494
416
  * @param {Array} epkgList Existing package list
495
417
  * @returns List of packages
496
418
  */
497
- export function getPyModules(
498
- src: string,
499
- epkgList: any[],
500
- options: any,
501
- ): Promise<{
502
- allImports: {};
503
- pkgList: any;
504
- dependenciesList: {
505
- ref: string;
506
- dependsOn: any[];
507
- }[];
508
- modList: any;
419
+ export function getPyModules(src: string, epkgList: any[], options: any): Promise<{
420
+ allImports: {};
421
+ pkgList: any;
422
+ dependenciesList: {
423
+ ref: string;
424
+ dependsOn: any[];
425
+ }[];
426
+ modList: any;
509
427
  }>;
510
428
  /**
511
429
  * Method to parse setup.py data
@@ -518,9 +436,7 @@ export function parseSetupPyFile(setupPyData: any): Promise<any[]>;
518
436
  * @param {Object} repoMetadata Repo metadata with group and name
519
437
  * @return {String|undefined} github api url (or undefined - if not enough data)
520
438
  */
521
- export function repoMetadataToGitHubApiUrl(
522
- repoMetadata: any,
523
- ): string | undefined;
439
+ export function repoMetadataToGitHubApiUrl(repoMetadata: any): string | undefined;
524
440
  /**
525
441
  * Method to split GitHub url into its parts
526
442
  * @param {String} repoUrl Repository url
@@ -533,10 +449,7 @@ export function getGithubUrlParts(repoUrl: string): [string];
533
449
  * @param {Object} repoMetadata Object containing group and package name strings
534
450
  * @return {String|undefined} github api url (or undefined - if not a GitHub repo)
535
451
  */
536
- export function toGitHubApiUrl(
537
- repoUrl: string,
538
- repoMetadata: any,
539
- ): string | undefined;
452
+ export function toGitHubApiUrl(repoUrl: string, repoMetadata: any): string | undefined;
540
453
  /**
541
454
  * Method to retrieve repo license by querying github api
542
455
  *
@@ -544,22 +457,14 @@ export function toGitHubApiUrl(
544
457
  * @param {Object} repoMetadata Object containing group and package name strings
545
458
  * @return {Promise<String>} SPDX license id
546
459
  */
547
- export function getRepoLicense(
548
- repoUrl: string,
549
- repoMetadata: any,
550
- ): Promise<string>;
460
+ export function getRepoLicense(repoUrl: string, repoMetadata: any): Promise<string>;
551
461
  /**
552
462
  * Method to get go pkg license from go.dev site.
553
463
  *
554
464
  * @param {Object} repoMetadata Repo metadata
555
465
  */
556
466
  export function getGoPkgLicense(repoMetadata: any): Promise<any>;
557
- export function getGoPkgComponent(
558
- group: any,
559
- name: any,
560
- version: any,
561
- hash: any,
562
- ): Promise<{}>;
467
+ export function getGoPkgComponent(group: any, name: any, version: any, hash: any): Promise<{}>;
563
468
  export function parseGoModData(goModData: any, gosumMap: any): Promise<any[]>;
564
469
  /**
565
470
  * Parse go list output
@@ -567,12 +472,9 @@ export function parseGoModData(goModData: any, gosumMap: any): Promise<any[]>;
567
472
  * @param {string} rawOutput Output from go list invocation
568
473
  * @returns Object with parent component and List of packages
569
474
  */
570
- export function parseGoListDep(
571
- rawOutput: string,
572
- gosumMap: any,
573
- ): Promise<{
574
- parentComponent: {};
575
- pkgList: {}[];
475
+ export function parseGoListDep(rawOutput: string, gosumMap: any): Promise<{
476
+ parentComponent: {};
477
+ pkgList: {}[];
576
478
  }>;
577
479
  /**
578
480
  * Parse go mod graph
@@ -584,18 +486,12 @@ export function parseGoListDep(
584
486
  *
585
487
  * @returns Object containing List of packages and dependencies
586
488
  */
587
- export function parseGoModGraph(
588
- rawOutput: string,
589
- goModFile: string,
590
- gosumMap: any,
591
- epkgList?: any[],
592
- parentComponent?: {},
593
- ): Promise<{
594
- pkgList: any[];
595
- dependenciesList: {
596
- ref: string;
597
- dependsOn: any[];
598
- }[];
489
+ export function parseGoModGraph(rawOutput: string, goModFile: string, gosumMap: any, epkgList?: any[], parentComponent?: {}): Promise<{
490
+ pkgList: any[];
491
+ dependenciesList: {
492
+ ref: string;
493
+ dependsOn: any[];
494
+ }[];
599
495
  }>;
600
496
  /**
601
497
  * Parse go mod why output
@@ -629,28 +525,21 @@ export function parseGemspecData(gemspecData: string): Promise<any[]>;
629
525
  * @param {object} gemLockData Gemfile.lock data
630
526
  * @param {string} lockFile Lock file
631
527
  */
632
- export function parseGemfileLockData(
633
- gemLockData: object,
634
- lockFile: string,
635
- ): Promise<
636
- | any[]
637
- | {
638
- pkgList: any[];
639
- dependenciesList: {
528
+ export function parseGemfileLockData(gemLockData: object, lockFile: string): Promise<any[] | {
529
+ pkgList: any[];
530
+ dependenciesList: {
640
531
  ref: string;
641
532
  dependsOn: any[];
642
- }[];
643
- rootList?: undefined;
644
- }
645
- | {
646
- pkgList: any[];
647
- dependenciesList: {
533
+ }[];
534
+ rootList?: undefined;
535
+ } | {
536
+ pkgList: any[];
537
+ dependenciesList: {
648
538
  ref: string;
649
539
  dependsOn: any[];
650
- }[];
651
- rootList: any[];
652
- }
653
- >;
540
+ }[];
541
+ rootList: any[];
542
+ }>;
654
543
  /**
655
544
  * Method to retrieve metadata for rust packages by querying crates
656
545
  *
@@ -675,42 +564,37 @@ export function getDartMetadata(pkgList: any[]): Promise<any[]>;
675
564
  * first as a convention, but it is not enforced.
676
565
  * https://doc.rust-lang.org/stable/style-guide/cargo.html#formatting-conventions
677
566
  *
678
- * @param {string} cargoTomlFile cargo.toml file
567
+ * @param {String} cargoTomlFile cargo.toml file
679
568
  * @param {boolean} simple Return a simpler representation of the component by skipping extended attributes and license fetch.
569
+ * @param {Object} pkgFilesMap Object with package name and list of files
680
570
  *
681
- * @returns {array} Package list
571
+ * @returns {Array} Package list
682
572
  */
683
- export function parseCargoTomlData(
684
- cargoTomlFile: string,
685
- simple?: boolean,
686
- ): any[];
573
+ export function parseCargoTomlData(cargoTomlFile: string, simple?: boolean, pkgFilesMap?: any): any[];
687
574
  /**
688
575
  * Parse a Cargo.lock file to find components within the Rust project.
689
576
  *
690
- * @param {string} cargoLockFile A path to a Cargo.lock file. The Cargo.lock-file path may be used as information for extended attributes, such as manifest based evidence.
577
+ * @param {String} cargoLockFile A path to a Cargo.lock file. The Cargo.lock-file path may be used as information for extended attributes, such as manifest based evidence.
691
578
  * @param {boolean} simple Return a simpler representation of the component by skipping extended attributes and license fetch.
579
+ * @param {Object} pkgFilesMap Object with package name and list of files
692
580
  *
693
- * @returns {array} A list of the project's components as described by the Cargo.lock-file.
581
+ * @returns {Array} A list of the project's components as described by the Cargo.lock-file.
694
582
  */
695
- export function parseCargoData(cargoLockFile: string, simple?: boolean): any[];
583
+ export function parseCargoData(cargoLockFile: string, simple?: boolean, pkgFilesMap?: any): any[];
696
584
  export function parseCargoDependencyData(cargoLockData: any): {
697
- ref: string;
698
- dependsOn: any;
585
+ ref: string;
586
+ dependsOn: any;
699
587
  }[];
700
588
  export function parseCargoAuditableData(cargoData: any): Promise<any[]>;
701
589
  export function parsePubLockData(pubLockData: any): Promise<any[]>;
702
590
  export function parsePubYamlData(pubYamlData: any): any[];
703
591
  export function parseHelmYamlData(helmData: any): any[];
704
- export function recurseImageNameLookup(
705
- keyValueObj: any,
706
- pkgList: any,
707
- imgList: any,
708
- ): any;
592
+ export function recurseImageNameLookup(keyValueObj: any, pkgList: any, imgList: any): any;
709
593
  export function parseContainerFile(fileContents: any): {
710
- image: any;
594
+ image: any;
711
595
  }[];
712
596
  export function parseBitbucketPipelinesFile(fileContents: any): {
713
- image: any;
597
+ image: any;
714
598
  }[];
715
599
  export function parseContainerSpecData(dcData: any): any[];
716
600
  export function identifyFlow(processingObj: any): string;
@@ -724,31 +608,44 @@ export function parseConanLockData(conanLockData: any): any[];
724
608
  export function parseConanData(conanData: any): any[];
725
609
  export function parseLeiningenData(leinData: any): any[];
726
610
  export function parseEdnData(rawEdnData: any): any[];
727
- export function parseNupkg(nupkgFile: any): Promise<any[]>;
728
- export function parseNuspecData(nupkgFile: any, nuspecData: any): any[];
729
- export function parseCsPkgData(pkgData: any): any[];
730
- export function parseCsProjData(csProjData: any, projFile: any): any[];
731
- export function parseCsProjAssetsData(
732
- csProjData: any,
733
- assetsJsonFile: any,
734
- ): {
735
- pkgList: any[];
736
- dependenciesList: any[];
611
+ /**
612
+ * Method to parse .nupkg files
613
+ *
614
+ * @param {String} nupkgFile .nupkg file
615
+ * @returns {Object} Object containing package list and dependencies
616
+ */
617
+ export function parseNupkg(nupkgFile: string): any;
618
+ /**
619
+ * Method to parse .nuspec files
620
+ *
621
+ * @param {String} nupkgFile .nupkg file
622
+ * @param {String} nuspecData Raw nuspec data
623
+ * @returns {Object} Object containing package list and dependencies
624
+ */
625
+ export function parseNuspecData(nupkgFile: string, nuspecData: string): any;
626
+ export function parseCsPkgData(pkgData: any, pkgFile: any): any[];
627
+ /**
628
+ * Method to parse .csproj like xml files
629
+ *
630
+ * @param {String} csProjData Raw data
631
+ * @param {String} projFile File name
632
+ * @param {Object} pkgNameVersions Package name - version map object
633
+ *
634
+ * @returns {Object} Containing parent component, package, and dependencies
635
+ */
636
+ export function parseCsProjData(csProjData: string, projFile: string, pkgNameVersions?: any): any;
637
+ export function parseCsProjAssetsData(csProjData: any, assetsJsonFile: any): {
638
+ pkgList: any[];
639
+ dependenciesList: any[];
737
640
  };
738
- export function parseCsPkgLockData(
739
- csLockData: any,
740
- pkgLockFile: any,
741
- ): {
742
- pkgList: any[];
743
- dependenciesList: any[];
744
- rootList: any[];
641
+ export function parseCsPkgLockData(csLockData: any, pkgLockFile: any): {
642
+ pkgList: any[];
643
+ dependenciesList: any[];
644
+ rootList: any[];
745
645
  };
746
- export function parsePaketLockData(
747
- paketLockData: any,
748
- pkgLockFile: any,
749
- ): {
750
- pkgList: any[];
751
- dependenciesList: any[];
646
+ export function parsePaketLockData(paketLockData: any, pkgLockFile: any): {
647
+ pkgList: any[];
648
+ dependenciesList: any[];
752
649
  };
753
650
  /**
754
651
  * Parse composer lock file
@@ -756,13 +653,8 @@ export function parsePaketLockData(
756
653
  * @param {string} pkgLockFile composer.lock file
757
654
  * @param {array} rootRequires require section from composer.json
758
655
  */
759
- export function parseComposerLock(
760
- pkgLockFile: string,
761
- rootRequires: any[],
762
- ):
763
- | any[]
764
- | {
765
- pkgList: {
656
+ export function parseComposerLock(pkgLockFile: string, rootRequires: any[]): any[] | {
657
+ pkgList: {
766
658
  group: string;
767
659
  name: string;
768
660
  purl: string;
@@ -773,26 +665,26 @@ export function parseComposerLock(
773
665
  description: any;
774
666
  scope: string;
775
667
  properties: {
776
- name: string;
777
- value: string;
668
+ name: string;
669
+ value: string;
778
670
  }[];
779
671
  evidence: {
780
- identity: {
781
- field: string;
782
- confidence: number;
783
- methods: {
784
- technique: string;
785
- confidence: number;
786
- value: string;
787
- }[];
788
- };
672
+ identity: {
673
+ field: string;
674
+ confidence: number;
675
+ methods: {
676
+ technique: string;
677
+ confidence: number;
678
+ value: string;
679
+ }[];
680
+ };
789
681
  };
790
- }[];
791
- dependenciesList: {
682
+ }[];
683
+ dependenciesList: {
792
684
  ref: string;
793
685
  dependsOn: any[];
794
- }[];
795
- rootList: {
686
+ }[];
687
+ rootList: {
796
688
  group: string;
797
689
  name: string;
798
690
  purl: string;
@@ -803,28 +695,28 @@ export function parseComposerLock(
803
695
  description: any;
804
696
  scope: string;
805
697
  properties: {
806
- name: string;
807
- value: string;
698
+ name: string;
699
+ value: string;
808
700
  }[];
809
701
  evidence: {
810
- identity: {
811
- field: string;
812
- confidence: number;
813
- methods: {
814
- technique: string;
815
- confidence: number;
816
- value: string;
817
- }[];
818
- };
702
+ identity: {
703
+ field: string;
704
+ confidence: number;
705
+ methods: {
706
+ technique: string;
707
+ confidence: number;
708
+ value: string;
709
+ }[];
710
+ };
819
711
  };
820
- }[];
821
- };
712
+ }[];
713
+ };
822
714
  export function parseSbtTree(sbtTreeFile: any): {
823
- pkgList: any[];
824
- dependenciesList: {
825
- ref: string;
826
- dependsOn: any;
827
- }[];
715
+ pkgList: any[];
716
+ dependenciesList: {
717
+ ref: string;
718
+ dependsOn: any;
719
+ }[];
828
720
  };
829
721
  /**
830
722
  * Parse sbt lock file
@@ -832,26 +724,26 @@ export function parseSbtTree(sbtTreeFile: any): {
832
724
  * @param {string} pkgLockFile build.sbt.lock file
833
725
  */
834
726
  export function parseSbtLock(pkgLockFile: string): {
835
- group: any;
836
- name: any;
837
- version: any;
838
- _integrity: string;
839
- scope: string;
840
- properties: {
841
- name: string;
842
- value: string;
843
- }[];
844
- evidence: {
845
- identity: {
846
- field: string;
847
- confidence: number;
848
- methods: {
849
- technique: string;
850
- confidence: number;
727
+ group: any;
728
+ name: any;
729
+ version: any;
730
+ _integrity: string;
731
+ scope: string;
732
+ properties: {
733
+ name: string;
851
734
  value: string;
852
- }[];
735
+ }[];
736
+ evidence: {
737
+ identity: {
738
+ field: string;
739
+ confidence: number;
740
+ methods: {
741
+ technique: string;
742
+ confidence: number;
743
+ value: string;
744
+ }[];
745
+ };
853
746
  };
854
- };
855
747
  }[];
856
748
  /**
857
749
  * Method to execute dpkg --listfiles to determine the files provided by a given package
@@ -896,75 +788,60 @@ export function executeEqueryList(pkgName: string): string[];
896
788
  * @param {Array} results Query Results
897
789
  * @param {Boolean} enhance Optionally enhance results by invoking additional package manager commands
898
790
  */
899
- export function convertOSQueryResults(
900
- queryCategory: any,
901
- queryObj: any,
902
- results: any[],
903
- enhance?: boolean,
904
- ): {
905
- name: any;
906
- group: string;
907
- version: any;
908
- description: any;
909
- publisher: any;
910
- "bom-ref": string;
911
- purl: string;
912
- scope: any;
913
- type: any;
791
+ export function convertOSQueryResults(queryCategory: any, queryObj: any, results: any[], enhance?: boolean): {
792
+ name: any;
793
+ group: string;
794
+ version: any;
795
+ description: any;
796
+ publisher: any;
797
+ "bom-ref": string;
798
+ purl: string;
799
+ scope: any;
800
+ type: any;
914
801
  }[];
915
802
  /**
916
803
  * Parse swift dependency tree output json object
917
804
  * @param {string} jsonObject Swift dependencies json object
918
805
  * @param {string} pkgFile Package.swift file
919
806
  */
920
- export function parseSwiftJsonTreeObject(
921
- pkgList: any,
922
- dependenciesList: any,
923
- jsonObject: string,
924
- pkgFile: string,
925
- ): string;
807
+ export function parseSwiftJsonTreeObject(pkgList: any, dependenciesList: any, jsonObject: string, pkgFile: string): string;
926
808
  /**
927
809
  * Parse swift dependency tree output
928
810
  * @param {string} rawOutput Swift dependencies json output
929
811
  * @param {string} pkgFile Package.swift file
930
812
  */
931
- export function parseSwiftJsonTree(
932
- rawOutput: string,
933
- pkgFile: string,
934
- ):
935
- | {
936
- pkgList?: undefined;
937
- dependenciesList?: undefined;
938
- }
939
- | {
940
- pkgList: any[];
941
- dependenciesList: any[];
942
- };
813
+ export function parseSwiftJsonTree(rawOutput: string, pkgFile: string): {
814
+ pkgList?: undefined;
815
+ dependenciesList?: undefined;
816
+ } | {
817
+ pkgList: any[];
818
+ dependenciesList: any[];
819
+ };
943
820
  /**
944
821
  * Parse swift package resolved file
945
822
  * @param {string} resolvedFile Package.resolved file
946
823
  */
947
824
  export function parseSwiftResolved(resolvedFile: string): {
948
- name: string;
949
- group: string;
950
- version: string;
951
- purl: string;
952
- "bom-ref": string;
953
- properties: {
954
825
  name: string;
955
- value: string;
956
- }[];
957
- evidence: {
958
- identity: {
959
- field: string;
960
- confidence: number;
961
- methods: {
962
- technique: string;
963
- confidence: number;
826
+ group: string;
827
+ version: string;
828
+ purl: string;
829
+ "bom-ref": string;
830
+ properties: {
831
+ name: string;
964
832
  value: string;
965
- }[];
833
+ }[];
834
+ evidence: {
835
+ identity: {
836
+ field: string;
837
+ confidence: number;
838
+ methods: {
839
+ technique: string;
840
+ confidence: number;
841
+ value: string;
842
+ }[];
843
+ };
966
844
  };
967
- };
968
845
  }[];
969
846
  /**
970
847
  * Collect maven dependencies
@@ -974,18 +851,8 @@ export function parseSwiftResolved(resolvedFile: string): {
974
851
  * @param {boolean} cleanup Remove temporary directories
975
852
  * @param {boolean} includeCacheDir Include maven and gradle cache directories
976
853
  */
977
- export function collectMvnDependencies(
978
- mavenCmd: string,
979
- basePath: string,
980
- cleanup?: boolean,
981
- includeCacheDir?: boolean,
982
- ): Promise<{}>;
983
- export function collectGradleDependencies(
984
- gradleCmd: any,
985
- basePath: any,
986
- cleanup?: boolean,
987
- includeCacheDir?: boolean,
988
- ): Promise<{}>;
854
+ export function collectMvnDependencies(mavenCmd: string, basePath: string, cleanup?: boolean, includeCacheDir?: boolean): Promise<{}>;
855
+ export function collectGradleDependencies(gradleCmd: any, basePath: any, cleanup?: boolean, includeCacheDir?: boolean): Promise<{}>;
989
856
  /**
990
857
  * Method to collect class names from all jars in a directory
991
858
  *
@@ -996,35 +863,35 @@ export function collectGradleDependencies(
996
863
  */
997
864
  export function collectJarNS(jarPath: string, pomPathMap?: object): Promise<{}>;
998
865
  export function convertJarNSToPackages(jarNSMapping: any): {
999
- name: any;
1000
- group: any;
1001
- version: any;
1002
- description: any;
1003
- purl: string;
1004
- "bom-ref": string;
1005
- evidence: {
1006
- identity: {
1007
- field: string;
1008
- confidence: number;
1009
- methods: {
1010
- technique: string;
1011
- confidence: number;
1012
- value: any;
1013
- }[];
866
+ name: any;
867
+ group: any;
868
+ version: any;
869
+ description: any;
870
+ purl: string;
871
+ "bom-ref": string;
872
+ evidence: {
873
+ identity: {
874
+ field: string;
875
+ confidence: number;
876
+ methods: {
877
+ technique: string;
878
+ confidence: number;
879
+ value: any;
880
+ }[];
881
+ };
1014
882
  };
1015
- };
1016
- properties: {
1017
- name: string;
1018
- value: any;
1019
- }[];
883
+ properties: {
884
+ name: string;
885
+ value: any;
886
+ }[];
1020
887
  }[];
1021
888
  export function parsePomXml(pomXmlData: any): {
1022
- artifactId: any;
1023
- groupId: any;
1024
- version: any;
1025
- description: any;
1026
- url: any;
1027
- scm: any;
889
+ artifactId: any;
890
+ groupId: any;
891
+ version: any;
892
+ description: any;
893
+ url: any;
894
+ scm: any;
1028
895
  };
1029
896
  export function parseJarManifest(jarMetadata: any): {};
1030
897
  export function parsePomProperties(pomProperties: any): {};
@@ -1054,11 +921,7 @@ export function checksumFile(hashName: string, path: string): Promise<string>;
1054
921
  *
1055
922
  * @return pkgList Package list
1056
923
  */
1057
- export function extractJarArchive(
1058
- jarFile: string,
1059
- tempDir: string,
1060
- jarNSMapping?: object,
1061
- ): Promise<any[]>;
924
+ export function extractJarArchive(jarFile: string, tempDir: string, jarNSMapping?: object): Promise<any[]>;
1062
925
  /**
1063
926
  * Determine the version of SBT used in compilation of this project.
1064
927
  * By default it looks into a standard SBT location i.e.
@@ -1088,10 +951,7 @@ export function addPlugin(projectPath: string, plugin: string): string;
1088
951
  * @param {string} projectPath Path to the SBT project
1089
952
  * @param {string} originalPluginsFile Location of the original plugins file, if any
1090
953
  */
1091
- export function cleanupPlugin(
1092
- projectPath: string,
1093
- originalPluginsFile: string,
1094
- ): boolean;
954
+ export function cleanupPlugin(projectPath: string, originalPluginsFile: string): boolean;
1095
955
  /**
1096
956
  * Returns a default location of the plugins file.
1097
957
  *
@@ -1107,11 +967,7 @@ export function sbtPluginsPath(projectPath: string): string;
1107
967
  *
1108
968
  * @returns File contents
1109
969
  */
1110
- export function readZipEntry(
1111
- zipFile: string,
1112
- filePattern: string,
1113
- contentEncoding?: string,
1114
- ): Promise<any>;
970
+ export function readZipEntry(zipFile: string, filePattern: string, contentEncoding?: string): Promise<any>;
1115
971
  /**
1116
972
  * Method to get the classes and relevant sources in a jar file
1117
973
  *
@@ -1155,12 +1011,7 @@ export function executeAtom(src: any, args: any): boolean;
1155
1011
  * @param {string} slicesFile
1156
1012
  * @returns List of imported modules
1157
1013
  */
1158
- export function findAppModules(
1159
- src: string,
1160
- language: string,
1161
- methodology?: string,
1162
- slicesFile?: string,
1163
- ): any;
1014
+ export function findAppModules(src: string, language: string, methodology?: string, slicesFile?: string): any;
1164
1015
  /**
1165
1016
  * Execute pip freeze by creating a virtual env in a temp directory and construct the dependency tree
1166
1017
  *
@@ -1169,43 +1020,39 @@ export function findAppModules(
1169
1020
  * @param {string} tempVenvDir Temp venv dir
1170
1021
  * @returns List of packages from the virtual env
1171
1022
  */
1172
- export function getPipFrozenTree(
1173
- basePath: string,
1174
- reqOrSetupFile: string,
1175
- tempVenvDir: string,
1176
- ): {
1177
- pkgList: {
1178
- name: any;
1179
- version: any;
1180
- purl: string;
1181
- "bom-ref": string;
1182
- evidence: {
1183
- identity: {
1184
- field: string;
1185
- confidence: number;
1186
- methods: {
1187
- technique: string;
1188
- confidence: number;
1189
- value: any;
1190
- }[];
1191
- };
1192
- };
1193
- }[];
1194
- rootList: {
1195
- name: any;
1196
- version: any;
1197
- }[];
1198
- dependenciesList: {
1199
- ref: string;
1200
- dependsOn: any;
1201
- }[];
1202
- frozen: boolean;
1023
+ export function getPipFrozenTree(basePath: string, reqOrSetupFile: string, tempVenvDir: string): {
1024
+ pkgList: {
1025
+ name: any;
1026
+ version: any;
1027
+ purl: string;
1028
+ "bom-ref": string;
1029
+ evidence: {
1030
+ identity: {
1031
+ field: string;
1032
+ confidence: number;
1033
+ methods: {
1034
+ technique: string;
1035
+ confidence: number;
1036
+ value: any;
1037
+ }[];
1038
+ };
1039
+ };
1040
+ }[];
1041
+ rootList: {
1042
+ name: any;
1043
+ version: any;
1044
+ }[];
1045
+ dependenciesList: {
1046
+ ref: string;
1047
+ dependsOn: any;
1048
+ }[];
1049
+ frozen: boolean;
1203
1050
  };
1204
1051
  export function parsePackageJsonName(name: any): {
1205
- scope: any;
1206
- fullName: string;
1207
- projectName: string;
1208
- moduleName: string;
1052
+ scope: any;
1053
+ fullName: string;
1054
+ projectName: string;
1055
+ moduleName: string;
1209
1056
  };
1210
1057
  /**
1211
1058
  * Method to add occurrence evidence for components based on import statements. Currently useful for js
@@ -1214,32 +1061,19 @@ export function parsePackageJsonName(name: any): {
1214
1061
  * @param {object} allImports Import statements object with package name as key and an object with file and location details
1215
1062
  * @param {object} allExports Exported modules if available from node_modules
1216
1063
  */
1217
- export function addEvidenceForImports(
1218
- pkgList: any[],
1219
- allImports: object,
1220
- allExports: object,
1221
- deep: any,
1222
- ): Promise<any[]>;
1064
+ export function addEvidenceForImports(pkgList: any[], allImports: object, allExports: object, deep: any): Promise<any[]>;
1223
1065
  export function componentSorter(a: any, b: any): any;
1224
- export function parseCmakeDotFile(
1225
- dotFile: any,
1226
- pkgType: any,
1227
- options?: {},
1228
- ): {
1229
- parentComponent: {};
1230
- pkgList: any[];
1231
- dependenciesList: {
1232
- ref: string;
1233
- dependsOn: any[];
1234
- }[];
1066
+ export function parseCmakeDotFile(dotFile: any, pkgType: any, options?: {}): {
1067
+ parentComponent: {};
1068
+ pkgList: any[];
1069
+ dependenciesList: {
1070
+ ref: string;
1071
+ dependsOn: any[];
1072
+ }[];
1235
1073
  };
1236
- export function parseCmakeLikeFile(
1237
- cmakeListFile: any,
1238
- pkgType: any,
1239
- options?: {},
1240
- ): {
1241
- parentComponent: {};
1242
- pkgList: any[];
1074
+ export function parseCmakeLikeFile(cmakeListFile: any, pkgType: any, options?: {}): {
1075
+ parentComponent: {};
1076
+ pkgList: any[];
1243
1077
  };
1244
1078
  export function getOSPackageForFile(afile: any, osPkgsList: any): any;
1245
1079
  /**
@@ -1250,18 +1084,13 @@ export function getOSPackageForFile(afile: any, osPkgsList: any): any;
1250
1084
  * @param {array} osPkgsList Array of OS pacakges represented as components
1251
1085
  * @param {array} epkgList Existing packages list
1252
1086
  */
1253
- export function getCppModules(
1254
- src: string,
1255
- options: object,
1256
- osPkgsList: any[],
1257
- epkgList: any[],
1258
- ): {
1259
- parentComponent: {};
1260
- pkgList: any[];
1261
- dependenciesList: {
1262
- ref: any;
1263
- dependsOn: any[];
1264
- }[];
1087
+ export function getCppModules(src: string, options: object, osPkgsList: any[], epkgList: any[]): {
1088
+ parentComponent: {};
1089
+ pkgList: any[];
1090
+ dependenciesList: {
1091
+ ref: any;
1092
+ dependsOn: any[];
1093
+ }[];
1265
1094
  };
1266
1095
  /**
1267
1096
  * NOT IMPLEMENTED YET.
@@ -1277,14 +1106,19 @@ export function parseCUsageSlice(sliceData: any): {};
1277
1106
  *
1278
1107
  * @param {Array} pkgList Package list
1279
1108
  */
1280
- export function getNugetMetadata(
1281
- pkgList: any[],
1282
- dependencies?: any,
1283
- ): Promise<{
1284
- pkgList: any[];
1285
- dependencies: any[];
1109
+ export function getNugetMetadata(pkgList: any[], dependencies?: any): Promise<{
1110
+ pkgList: any[];
1111
+ dependencies: any[];
1286
1112
  }>;
1287
1113
  export function addEvidenceForDotnet(pkgList: any, slicesFile: any): any;
1114
+ /**
1115
+ * Function to parse the .d make files
1116
+ *
1117
+ * @param {String} dfile .d file path
1118
+ *
1119
+ * @returns {Object} pkgFilesMap Object with package name and list of files
1120
+ */
1121
+ export function parseMakeDFile(dfile: string): any;
1288
1122
  export const dirNameStr: string;
1289
1123
  export const isWin: boolean;
1290
1124
  export const isMac: boolean;
@@ -1312,4 +1146,4 @@ export let LEIN_CMD: string;
1312
1146
  export let SWIFT_CMD: string;
1313
1147
  export const cdxgenAgent: any;
1314
1148
  export const RUBY_PLATFORM_PREFIXES: string[];
1315
- //# sourceMappingURL=utils.d.ts.map
1149
+ //# sourceMappingURL=utils.d.ts.map