@cyclonedx/cdxgen 10.5.2 → 10.6.2

package/index.js

@@ -35,6 +35,7 @@ import {
   FETCH_LICENSE,
   LEIN_CMD,
   MAX_BUFFER,
+  PREFER_MAVEN_DEPS_TREE,
   SWIFT_CMD,
   TIMEOUT_MS,
   addEvidenceForDotnet,
@@ -66,6 +67,7 @@ import {
   getSwiftPackageMetadata,
   getTimestamp,
   includeMavenTestScope,
+  isValidIriReference,
   parseBazelActionGraph,
   parseBazelSkyframe,
   parseBdistMetadata,
@@ -726,7 +728,9 @@ function addExternalReferences(opkg) {
       }
     }
   }
-  return externalReferences;
+  return externalReferences
+    .map((reference) => ({ ...reference, url: reference.url.trim() }))
+    .filter((reference) => isValidIriReference(reference.url));
 }
 
 /**
@@ -1185,6 +1189,7 @@ export async function createJavaBom(path, options) {
   // Support for tracking all the tools that created the BOM
   // For java, this would correctly include the cyclonedx maven plugin.
   let tools = undefined;
+  let possible_misses = false;
   // war/ear mode
   if (path.endsWith(".war") || path.endsWith(".jar")) {
     // Check if the file exists
@@ -1225,11 +1230,16 @@ export async function createJavaBom(path, options) {
     pomFiles?.length &&
     !["scala", "sbt", "gradle"].includes(options.projectType)
   ) {
+    let result = undefined;
     const cdxMavenPlugin =
       process.env.CDX_MAVEN_PLUGIN ||
       "org.cyclonedx:cyclonedx-maven-plugin:2.8.0";
     const cdxMavenGoal = process.env.CDX_MAVEN_GOAL || "makeAggregateBom";
-    let mvnArgs = [`${cdxMavenPlugin}:${cdxMavenGoal}`, "-DoutputName=bom"];
+    let mvnArgs = [
+      "-fn",
+      `${cdxMavenPlugin}:${cdxMavenGoal}`,
+      "-DoutputName=bom",
+    ];
     if (includeMavenTestScope) {
       mvnArgs.push("-DincludeTestScope=true");
     }
@@ -1247,6 +1257,7 @@ export async function createJavaBom(path, options) {
     if (options.specVersion === 1.4) {
       mvnArgs = mvnArgs.concat("-DschemaVersion=1.4");
     }
+    const firstPom = pomFiles.length ? pomFiles[0] : undefined;
     for (const f of pomFiles) {
       const basePath = dirname(f);
       const settingsXml = join(basePath, "settings.xml");
@@ -1268,44 +1279,97 @@ export async function createJavaBom(path, options) {
           jarNSMapping = { ...jarNSMapping, ...tmpjarNSMapping };
         }
       }
-      console.log(`Executing '${mavenCmd} ${mvnArgs.join(" ")}' in`, basePath);
-      let result = spawnSync(mavenCmd, mvnArgs, {
-        cwd: basePath,
-        shell: true,
-        encoding: "utf-8",
-        timeout: TIMEOUT_MS,
-        maxBuffer: MAX_BUFFER,
-      });
-      // Check if the cyclonedx plugin created the required bom.json file
-      // Sometimes the plugin fails silently for complex maven projects
-      bomJsonFiles = getAllFiles(path, "**/target/*.json", options);
-      // Check if the bom json files got created in a directory other than target
-      if (!bomJsonFiles.length) {
-        bomJsonFiles = getAllFiles(path, "**/bom*.json", options);
-      }
-      const bomGenerated = bomJsonFiles.length;
-      if (!bomGenerated || result.status !== 0 || result.error) {
-        const tempDir = mkdtempSync(join(tmpdir(), "cdxmvn-"));
-        const tempMvnTree = join(tempDir, "mvn-tree.txt");
-        let mvnTreeArgs = ["dependency:tree", `-DoutputFile=${tempMvnTree}`];
-        if (process.env.MVN_ARGS) {
-          const addArgs = process.env.MVN_ARGS.split(" ");
-          mvnTreeArgs = mvnTreeArgs.concat(addArgs);
-        }
+      // Use the cyclonedx maven plugin if there is no preference for maven deps tree
+      if (!PREFER_MAVEN_DEPS_TREE) {
         console.log(
-          `Fallback to executing ${mavenCmd} ${mvnTreeArgs.join(" ")}`,
+          `Executing '${mavenCmd} ${mvnArgs.join(" ")}' in`,
+          basePath,
         );
-        result = spawnSync(mavenCmd, mvnTreeArgs, {
+        result = spawnSync(mavenCmd, mvnArgs, {
           cwd: basePath,
           shell: true,
           encoding: "utf-8",
           timeout: TIMEOUT_MS,
           maxBuffer: MAX_BUFFER,
         });
+        // Check if the cyclonedx plugin created the required bom.json file
+        // Sometimes the plugin fails silently for complex maven projects
+        bomJsonFiles = getAllFiles(path, "**/target/*.json", options);
+        // Check if the bom json files got created in a directory other than target
+        if (!bomJsonFiles.length) {
+          bomJsonFiles = getAllFiles(
+            path,
+            "target/**/*{cdx,bom}*.json",
+            options,
+          );
+        }
+      }
+      // Also check if the user has a preference for maven deps tree command
+      if (
+        PREFER_MAVEN_DEPS_TREE ||
+        !bomJsonFiles.length ||
+        result?.status !== 0 ||
+        result?.error
+      ) {
+        const tempDir = mkdtempSync(join(tmpdir(), "cdxmvn-"));
+        const tempMvnTree = join(tempDir, "mvn-tree.txt");
+        const tempMvnParentTree = join(tempDir, "mvn-parent-tree.txt");
+        let mvnTreeArgs = ["dependency:tree", `-DoutputFile=${tempMvnTree}`];
+        if (process.env.MVN_ARGS) {
+          const addArgs = process.env.MVN_ARGS.split(" ");
+          mvnTreeArgs = mvnTreeArgs.concat(addArgs);
+        }
+        // Automatically use settings.xml to improve the success for fallback
+        if (existsSync(settingsXml)) {
+          mvnTreeArgs.push("-s");
+          mvnTreeArgs.push(settingsXml);
+        }
+        // For the first pom alone, we need to execute first in non-recursive mode to capture
+        // the parent component. Then, we execute all of them in recursive mode
+        if (f === firstPom) {
+          result = spawnSync(
+            "mvn",
+            ["dependency:tree", "-N", `-DoutputFile=${tempMvnParentTree}`],
+            {
+              cwd: basePath,
+              shell: true,
+              encoding: "utf-8",
+              timeout: TIMEOUT_MS,
+              maxBuffer: MAX_BUFFER,
+            },
+          );
+          if (result.status === 0) {
+            if (existsSync(tempMvnParentTree)) {
+              const mvnTreeString = readFileSync(tempMvnParentTree, {
+                encoding: "utf-8",
+              });
+              const parsedList = parseMavenTree(mvnTreeString, f);
+              const dlist = parsedList.pkgList;
+              const tmpParentComponent = dlist.splice(0, 1)[0];
+              tmpParentComponent.type = "application";
+              parentComponent = tmpParentComponent;
+              parentComponent.components = [];
+            }
+          }
+        }
+        console.log(`Executing 'mvn ${mvnTreeArgs.join(" ")}' in ${basePath}`);
+        // Prefer the built-in maven
+        result = spawnSync(
+          PREFER_MAVEN_DEPS_TREE ? "mvn" : mavenCmd,
+          mvnTreeArgs,
+          {
+            cwd: basePath,
+            shell: true,
+            encoding: "utf-8",
+            timeout: TIMEOUT_MS,
+            maxBuffer: MAX_BUFFER,
+          },
+        );
         if (result.status !== 0 || result.error) {
+          possible_misses = true;
           // Our approach to recursively invoking the maven plugin for each sub-module is bound to result in failures
           // These could be due to a range of reasons that are covered below.
-          if (pomFiles.length === 1 || DEBUG_MODE) {
+          if (pomFiles.length === 1 || DEBUG_MODE || PREFER_MAVEN_DEPS_TREE) {
             console.error(result.stdout, result.stderr);
             console.log("The above build errors could be due to:\n");
             if (
@@ -1319,7 +1383,10 @@ export async function createJavaBom(path, options) {
             } else if (
               result.stdout &&
               (result.stdout.includes("Could not resolve dependencies") ||
-                result.stdout.includes("no dependency information available"))
+                result.stdout.includes("no dependency information available") ||
+                result.stdout.includes(
+                  "The following artifacts could not be resolved",
+                ))
             ) {
               console.log(
                 "1. Try building the project with 'mvn package -Dmaven.test.skip=true' using the correct version of Java and maven before invoking cdxgen.",
@@ -1358,95 +1425,120 @@ export async function createJavaBom(path, options) {
             const mvnTreeString = readFileSync(tempMvnTree, {
               encoding: "utf-8",
             });
-            const parsedList = parseMavenTree(mvnTreeString);
+            const parsedList = parseMavenTree(mvnTreeString, f);
             const dlist = parsedList.pkgList;
-            parentComponent = dlist.splice(0, 1)[0];
-            parentComponent.type = "application";
+            const tmpParentComponent = dlist.splice(0, 1)[0];
+            tmpParentComponent.type = "application";
             if (dlist?.length) {
               pkgList = pkgList.concat(dlist);
             }
+            // Retain the parent hierarchy
+            if (!Object.keys(parentComponent).length) {
+              parentComponent = tmpParentComponent;
+              parentComponent.components = [];
+            } else {
+              parentComponent.components.push(tmpParentComponent);
+            }
             if (parsedList.dependenciesList && parsedList.dependenciesList) {
-              dependencies = dependencies.concat(parsedList.dependenciesList);
+              dependencies = mergeDependencies(
+                dependencies,
+                parsedList.dependenciesList,
+                tmpParentComponent,
+              );
             }
             unlinkSync(tempMvnTree);
           }
         }
       }
     } // for
-    for (const abjson of bomJsonFiles) {
-      let bomJsonObj = undefined;
-      try {
-        if (DEBUG_MODE) {
-          console.log(`Extracting data from generated bom file ${abjson}`);
-        }
-        bomJsonObj = JSON.parse(
-          readFileSync(abjson, {
-            encoding: "utf-8",
-          }),
-        );
-        if (bomJsonObj) {
-          if (
-            !tools &&
-            bomJsonObj.metadata &&
-            bomJsonObj.metadata.tools &&
-            Array.isArray(bomJsonObj.metadata.tools)
-          ) {
-            tools = bomJsonObj.metadata.tools;
-          }
-          if (
-            bomJsonObj.metadata?.component &&
-            !Object.keys(parentComponent).length
-          ) {
-            parentComponent = bomJsonObj.metadata.component;
-            options.parentComponent = parentComponent;
-            pkgList = [];
+    // Locate and parse all bom.json files from the maven plugin
+    if (!PREFER_MAVEN_DEPS_TREE) {
+      for (const abjson of bomJsonFiles) {
+        let bomJsonObj = undefined;
+        try {
+          if (DEBUG_MODE) {
+            console.log(`Extracting data from generated bom file ${abjson}`);
           }
-          if (bomJsonObj.components) {
-            // Inject evidence into the components. #994
-            if (options.specVersion >= 1.5) {
-              // maven would usually generate a target directory closest to the pom.xml
-              // I am sure there would be cases where this assumption is not true :)
-              const srcPomFile = join(dirname(abjson), "..", "pom.xml");
-              for (const acomp of bomJsonObj.components) {
-                if (!acomp.evidence) {
-                  acomp.evidence = {
-                    identity: {
-                      field: "purl",
-                      confidence: 0.8,
-                      methods: [
-                        {
-                          technique: "manifest-analysis",
-                          confidence: 0.8,
-                          value: srcPomFile,
-                        },
-                      ],
-                    },
-                  };
-                }
-                if (!acomp.properties) {
-                  acomp.properties = [];
+          bomJsonObj = JSON.parse(
+            readFileSync(abjson, {
+              encoding: "utf-8",
+            }),
+          );
+          if (bomJsonObj) {
+            if (
+              !tools &&
+              bomJsonObj.metadata &&
+              bomJsonObj.metadata.tools &&
+              Array.isArray(bomJsonObj.metadata.tools)
+            ) {
+              tools = bomJsonObj.metadata.tools;
+            }
+            if (
+              bomJsonObj.metadata?.component &&
+              !Object.keys(parentComponent).length
+            ) {
+              parentComponent = bomJsonObj.metadata.component;
+              options.parentComponent = parentComponent;
+              pkgList = [];
+            }
+            if (bomJsonObj.components) {
+              // Inject evidence into the components. #994
+              if (options.specVersion >= 1.5) {
+                // maven would usually generate a target directory closest to the pom.xml
+                // I am sure there would be cases where this assumption is not true :)
+                const srcPomFile = join(dirname(abjson), "..", "pom.xml");
+                for (const acomp of bomJsonObj.components) {
+                  if (!acomp.evidence) {
+                    acomp.evidence = {
+                      identity: {
+                        field: "purl",
+                        confidence: 0.8,
+                        methods: [
+                          {
+                            technique: "manifest-analysis",
+                            confidence: 0.8,
+                            value: srcPomFile,
+                          },
+                        ],
+                      },
+                    };
+                  }
+                  if (!acomp.properties) {
+                    acomp.properties = [];
+                  }
+                  acomp.properties.push({
+                    name: "SrcFile",
+                    value: srcPomFile,
+                  });
                 }
-                acomp.properties.push({
-                  name: "SrcFile",
-                  value: srcPomFile,
-                });
               }
+              pkgList = pkgList.concat(bomJsonObj.components);
+            }
+            if (bomJsonObj.dependencies) {
+              dependencies = mergeDependencies(
+                dependencies,
+                bomJsonObj.dependencies,
+                parentComponent,
+              );
             }
-            pkgList = pkgList.concat(bomJsonObj.components);
           }
-          if (bomJsonObj.dependencies) {
-            dependencies = mergeDependencies(
-              dependencies,
-              bomJsonObj.dependencies,
-              parentComponent,
-            );
+        } catch (err) {
+          if (options.failOnError || DEBUG_MODE) {
+            console.log(err);
+            options.failOnError && process.exit(1);
           }
         }
-      } catch (err) {
-        if (options.failOnError || DEBUG_MODE) {
-          console.log(err);
-          options.failOnError && process.exit(1);
-        }
+      }
+    }
+    if (possible_misses) {
+      if (!DEBUG_MODE) {
+        console.warn(
+          "Multiple errors occurred while building this project with maven. The SBOM is therefore incomplete!",
+        );
+      } else if (!PREFER_MAVEN_DEPS_TREE) {
+        console.log(
+          "Try generating an SBOM with the maven dependency tree plugin. Set the environment variable PREFER_MAVEN_DEPS_TREE to true to enable this.",
+        );
       }
     }
     if (pkgList) {
@@ -4708,12 +4800,7 @@ export async function createCsharpBom(path, options) {
     for (const f of filesToRestore) {
       const buildCmd =
         options.projectType === "dotnet-framework" ? "nuget" : "dotnet";
-      if (DEBUG_MODE) {
-        const basePath = dirname(f);
-        console.log(`Executing '${buildCmd} restore' in ${basePath}`);
-      }
-      const result = spawnSync(
-        buildCmd,
+      const buildArgs =
         options.projectType === "dotnet-framework"
           ? [
               "restore",
@@ -4724,23 +4811,38 @@ export async function createCsharpBom(path, options) {
               "-Verbosity",
               "quiet",
             ]
-          : ["restore", "--force", "--ignore-failed-sources", f],
-        {
-          cwd: path,
-          encoding: "utf-8",
-        },
-      );
-      if (DEBUG_MODE && (result.status !== 0 || result.error)) {
-        console.error(
-          `Restore has failed. Check if ${buildCmd} is installed and available in PATH.`,
-        );
-        console.log(
-          "Authenticate with any private registries such as Azure Artifacts feed before running cdxgen.",
-        );
+          : ["restore", "--force", "--ignore-failed-sources", f];
+      if (DEBUG_MODE) {
+        const basePath = dirname(f);
         console.log(
-          "Alternatively, try using the unofficial `ghcr.io/appthreat/cdxgen-dotnet6:v10` container image, which bundles nuget (mono) and a range of dotnet SDKs.",
+          `Executing '${buildCmd} ${buildArgs.join(" ")}' in ${basePath}`,
         );
-        console.log(result.stderr);
+      }
+      const result = spawnSync(buildCmd, buildArgs, {
+        cwd: path,
+        encoding: "utf-8",
+        env: { ...process.env, DOTNET_ROLL_FORWARD: "Major" },
+      });
+      if (DEBUG_MODE && (result.status !== 0 || result.error)) {
+        if (result?.stderr?.includes("To install missing framework")) {
+          console.log(
+            "This project requires a specific version of dotnet sdk to be installed. The cdxgen container image bundles dotnet SDK 8.0, which might be incompatible.",
+          );
+          console.log(
+            "Try using the unofficial `ghcr.io/appthreat/cdxgen-dotnet6:v10` or `ghcr.io/appthreat/cdxgen-dotnet7:v10` container images.",
+          );
+        } else {
+          console.error(
+            `Restore has failed. Check if ${buildCmd} is installed and available in PATH.`,
+          );
+          console.log(
+            "Authenticate with any private registries such as Azure Artifacts feed before running cdxgen.",
+          );
+          console.log(
+            "Alternatively, try using the unofficial `ghcr.io/appthreat/cdxgen-dotnet6:v10` container image, which bundles nuget (mono) and a range of dotnet SDKs.",
+          );
+        }
+        console.log(result.stdout, result.stderr);
         options.failOnError && process.exit(1);
       }
     }
@@ -4932,7 +5034,7 @@ export async function createCsharpBom(path, options) {
           parentComponent = retMap.parentComponent;
         }
       }
-      if (retMap?.pkgList.length) {
+      if (retMap?.pkgList?.length) {
         pkgList = pkgList.concat(retMap.pkgList);
       }
       if (retMap.dependencies?.length) {
@@ -5062,10 +5164,11 @@ export function mergeDependencies(
     }
     if (adep["dependsOn"]) {
       for (const eachDepends of adep["dependsOn"]) {
-        if (
-          parentRef &&
-          eachDepends.toLowerCase() !== parentRef.toLowerCase()
-        ) {
+        if (parentRef) {
+          if (eachDepends.toLowerCase() !== parentRef.toLowerCase()) {
+            deps_map[adep.ref].add(eachDepends);
+          }
+        } else {
           deps_map[adep.ref].add(eachDepends);
         }
       }
@@ -5132,6 +5235,14 @@ export function trimComponents(components) {
           }
         }
       }
+      // If the component is required in any of the child projects, then make it required
+      if (
+        existingComponent?.scope !== "required" &&
+        comp?.scope === "required"
+      ) {
+        existingComponent.scope = "required";
+        keyCache[key] = existingComponent;
+      }
       if (compProps.length) {
         existingComponent.properties = compProps;
         keyCache[key] = existingComponent;
@@ -6194,6 +6305,7 @@ export async function createBom(path, options) {
  *
  * @param {Object} args CLI args
  * @param {Object} bomContents BOM Json
+ * @return {Promise<{ token: string } | { errors: string[] } | undefined>} a promise with a token (if request was successful), a body with errors (if request failed) or undefined (in case of invalid arguments)
  */
 export async function submitBom(args, bomContents) {
   const serverUrl = `${args.serverUrl.replace(/\/$/, "")}/api/v1/bom`;
@@ -6277,11 +6389,11 @@ export async function submitBom(args, bomContents) {
         console.log(
           "Unable to submit the SBOM to the Dependency-Track server using POST method",
         );
-        console.log(error);
       }
     } else {
       console.log("Unable to submit the SBOM to the Dependency-Track server");
-      console.log(error);
     }
+    console.log(error.response?.body);
+    return error.response?.body;
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen",
-  "version": "10.5.2",
+  "version": "10.6.2",
   "description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
   "homepage": "http://github.com/cyclonedx/cdxgen",
   "author": "Prabhu Subramanian <prabhu@appthreat.com>",
@@ -47,14 +47,6 @@
     "evinse": "bin/evinse.js",
     "cdx-verify": "bin/verify.js"
   },
-  "scripts": {
-    "test": "node --experimental-vm-modules node_modules/jest/bin/jest.js --inject-globals false docker.test.js utils.test.js display.test.js postgen.test.js",
-    "watch": "node --experimental-vm-modules node_modules/jest/bin/jest.js --watch --inject-globals false",
-    "lint:check": "biome check *",
-    "lint": "biome check --apply *",
-    "lint:errors": "biome check * --diagnostic-level=error",
-    "gen-types": "npx -p typescript tsc"
-  },
   "engines": {
     "node": ">=20"
   },
@@ -90,7 +82,8 @@
     "tar": "^6.2.1",
     "uuid": "^9.0.1",
     "xml-js": "^1.6.11",
-    "yargs": "^17.7.2"
+    "yargs": "^17.7.2",
+    "validate-iri": "^1.0.1"
   },
   "optionalDependencies": {
     "@appthreat/atom": "2.0.12",
@@ -109,10 +102,23 @@
     "sequelize": "^6.37.3",
     "sqlite3": "^5.1.7"
   },
-  "files": ["*.js", "bin/", "data/", "types/"],
+  "files": [
+    "*.js",
+    "bin/",
+    "data/",
+    "types/"
+  ],
   "devDependencies": {
-    "@biomejs/biome": "1.7.3",
+    "@biomejs/biome": "1.8.1",
     "jest": "^29.7.0",
     "typescript": "^5.4.5"
+  },
+  "scripts": {
+    "test": "node --experimental-vm-modules node_modules/jest/bin/jest.js --inject-globals false docker.test.js utils.test.js display.test.js postgen.test.js",
+    "watch": "node --experimental-vm-modules node_modules/jest/bin/jest.js --watch --inject-globals false",
+    "lint:check": "biome check",
+    "lint": "biome check --fix",
+    "lint:errors": "biome check --diagnostic-level=error",
+    "gen-types": "npx -p typescript tsc"
   }
-}
+}

package/server.js

@@ -131,10 +131,11 @@ const start = (options) => {
     if (!filePath) {
       res.writeHead(500, { "Content-Type": "application/json" });
       return res.end(
-        "{'error': 'true', 'message': 'path or url is required.'}\n",
+        JSON.stringify({
+          error: "path or url is required.",
+        }),
       );
     }
-    res.writeHead(200, { "Content-Type": "application/json" });
     let srcDir = filePath;
     if (filePath.startsWith("http") || filePath.startsWith("git")) {
       srcDir = gitClone(filePath, reqOptions.gitBranch);
@@ -145,6 +146,21 @@ const start = (options) => {
     if (reqOptions.requiredOnly || reqOptions["filter"] || reqOptions["only"]) {
       bomNSData = postProcess(bomNSData, reqOptions);
     }
+    if (reqOptions.serverUrl && reqOptions.apiKey) {
+      console.log("Publishing SBOM to Dependency Track");
+      const response = await submitBom(reqOptions, bomNSData.bomJson);
+      const errorMessages = response?.errors;
+      if (errorMessages) {
+        res.writeHead(500, { "Content-Type": "application/json" });
+        return res.end(
+          JSON.stringify({
+            error: "Unable to submit the SBOM to the Dependency-Track server",
+            details: errorMessages,
+          }),
+        );
+      }
+    }
+    res.writeHead(200, { "Content-Type": "application/json" });
     if (bomNSData.bomJson) {
       if (
         typeof bomNSData.bomJson === "string" ||
@@ -155,10 +171,6 @@ const start = (options) => {
         res.write(JSON.stringify(bomNSData.bomJson, null, null));
       }
     }
-    if (reqOptions.serverUrl && reqOptions.apiKey) {
-      console.log("Publishing SBOM to Dependency Track");
-      submitBom(reqOptions, bomNSData.bomJson);
-    }
     res.end("\n");
     if (cleanup && srcDir && srcDir.startsWith(os.tmpdir()) && fs.rmSync) {
       console.log(`Cleaning up ${srcDir}`);

package/types/display.d.ts

@@ -1,4 +1,5 @@
 export function printVulnerabilities(vulnerabilities: any): void;
+export function printSponsorBanner(options: any): void;
 export function printTable(bomJson: any, filterTypes?: any): void;
 export function printOSTable(bomJson: any): void;
 export function printServices(bomJson: any): void;

package/types/display.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"display.d.ts","sourceRoot":"","sources":["../display.js"],"names":[],"mappings":"AAuVA,iEA0BC;AAnWM,kEA+DN;AAQM,iDAkBN;AACM,kDAsBN;AAeM,qDA4BN;AACM,mDA8CN;AACM,uEAiCN;AA4DM,2DA+BN"}
+{"version":3,"file":"display.d.ts","sourceRoot":"","sources":["../display.js"],"names":[],"mappings":"AAuVA,iEA0BC;AAED,uDAoBC;AAzXM,kEA+DN;AAQM,iDAkBN;AACM,kDAsBN;AAeM,qDA4BN;AACM,mDA8CN;AACM,uEAiCN;AA4DM,2DA+BN"}