npm - @cyclonedx/cdxgen - Versions diffs - 12.1.3 → 12.1.4 - Mend

@cyclonedx/cdxgen 12.1.3 → 12.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (80) hide show

package/README.md CHANGED Viewed

@@ -104,7 +104,7 @@ docker run --rm -e CDXGEN_DEBUG_MODE=debug -v /tmp:/tmp -v $(pwd):/app:rw -t ghc
 In deno applications, cdxgen could be directly imported without any conversion. Please see the section on [integration as a library](#integration-as-library)
 ```ts
-import { createBom, submitBom } from "npm:@cyclonedx/cdxgen@^11.0.0";
+import { createBom, submitBom } from "npm:@cyclonedx/cdxgen@^12.1.0";
 ```
 ## Getting Help

package/lib/cli/index.js CHANGED Viewed

@@ -2883,7 +2883,7 @@ export async function createNodejsBom(path, options) {
   // Only perform npm install for smaller projects (< 2 package.json) without the correct number of lock files
   if (
     (pkgJsonLockFiles?.length === 0 ||
-      pkgJsonLockFiles?.length < pkgJsonFiles?.length) &&
+      pkgJsonLockFiles?.length < pkgJsonFiles?.length - 1) &&
     yarnLockFiles?.length === 0 &&
     pnpmLockFiles?.length === 0 &&
     pkgJsonFiles?.length <= npmInstallCount &&
@@ -2930,11 +2930,15 @@ export async function createNodejsBom(path, options) {
           process.env[`${pkgMgr.toUpperCase()}_INSTALL_ARGS`].split(" ");
         installArgs = installArgs.concat(addArgs);
       }
-      if (pkgMgr === "npm" && isSecureMode) {
+      // Always invoke the install command with ignore-scripts to guard against version spoofing
+      if (["npm", "pnpm", "yarn"].includes(pkgMgr)) {
         if (!installArgs.includes("--ignore-scripts")) {
           installArgs.push("--ignore-scripts");
         }
-        if (!installArgs.includes("--no-audit")) {
+        if (pkgMgr === "pnpm") {
+          installArgs.push("--ignore-pnpmfile");
+        }
+        if (pkgMgr === "npm" && !installArgs.includes("--no-audit")) {
           installArgs.push("--no-audit");
         }
       }

package/lib/helpers/utils.js CHANGED Viewed

@@ -1462,6 +1462,40 @@ export async function parsePkgLock(pkgLockFile, options = {}) {
           value: "true",
         });
       }
+      // Detect version spoofing by comparing the version in the lockfile with the version in package.json
+      if (node.path && safeExistsSync(join(node.path, "package.json"))) {
+        try {
+          const diskPkgStr = readFileSync(
+            join(node.path, "package.json"),
+            "utf8",
+          );
+          const diskPkg = JSON.parse(diskPkgStr);
+          if (!diskPkg.name || diskPkg.name !== node.packageName) {
+            console.warn(
+              `\x1b[1;35mWARNING: Package name spoofing detected for ${node.packageName}! Lockfile says ${node.packageName}, but disk says ${diskPkg.name}.\x1b[0m`,
+            );
+            if (diskPkg.name) {
+              pkg.properties.push({
+                name: "cdx:npm:nameMismatchError",
+                value: `${diskPkg.name} used instead of ${node.packageName}`,
+              });
+            }
+          }
+          if (!diskPkg.version || diskPkg.version !== node.version) {
+            console.warn(
+              `\x1b[1;35mWARNING: Package version spoofing detected for ${node.packageName}! Lockfile says ${node.version}, but disk says ${diskPkg.version}.\x1b[0m`,
+            );
+            if (diskPkg.version) {
+              pkg.properties.push({
+                name: "cdx:npm:versionMismatchError",
+                value: `${diskPkg.version} used instead of ${node.version}`,
+              });
+            }
+          }
+        } catch (_err) {
+          // ignore
+        }
+      }
       if (node?.inBundle) {
         pkg.properties.push({
           name: "cdx:npm:inBundle",
@@ -16048,6 +16082,7 @@ export async function addEvidenceForImports(
     const aliases = group?.length
       ? [name, `${group}/${name}`, `@${group}/${name}`]
       : [name];
+    let isImported = false;
     for (const alias of aliases) {
       const all_includes = impPkgs.filter(
         (find_pkg) =>
@@ -16096,6 +16131,7 @@ export async function addEvidenceForImports(
       }
       // Identify all the imported modules of a component
       if (impPkgs.includes(alias) || all_includes.length) {
+        isImported = true;
         let importedModules = new Set();
         pkg.scope = "required";
         for (const subevidence of all_includes) {
@@ -16133,6 +16169,11 @@ export async function addEvidenceForImports(
         }
         break;
       }
+      if (impPkgs?.length > 0 && !isImported && DEBUG_MODE) {
+        console.debug(
+          `\x1b[1;35mNotice: Package ${pkg.name} has no usage in code. Check if it is needed.\x1b[0m`,
+        );
+      }
       // Capture metadata such as description from local node_modules in deep mode
       if (deep && !pkg.description && pkg.properties) {
         let localNodeModulesPath;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen",
-  "version": "12.1.3",
+  "version": "12.1.4",
   "description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
   "keywords": [
     "sbom",
@@ -129,21 +129,21 @@
     "semver": "7.7.4",
     "ssri": "13.0.1",
     "table": "6.9.0",
-    "tar": "7.5.11",
+    "tar": "7.5.13",
     "treeverse": "3.0.0",
     "uuid": "13.0.0",
     "walk-up-path": "4.0.0",
     "xml-js": "1.6.11",
-    "yaml": "2.8.2",
+    "yaml": "2.8.3",
     "yargs": "18.0.0",
     "yoctocolors": "2.1.2"
   },
   "devDependencies": {
-    "@biomejs/biome": "2.4.7",
+    "@biomejs/biome": "2.4.8",
     "esmock": "2.7.3",
     "poku": "4.1.0",
     "sinon": "21.0.3",
-    "typescript": "5.9.3"
+    "typescript": "6.0.2"
   },
   "optionalDependencies": {
     "@appthreat/atom": "2.5.2",

package/types/lib/cli/index.d.ts CHANGED Viewed

@@ -7,7 +7,7 @@
  * @param {Object} pkg Package object
  * @param {string} ptype Package type
  */
-export function listComponents(options: any, allImports: any, pkg: any, ptype?: string): any[];
+export function listComponents(options: Object, allImports: Object, pkg: Object, ptype?: string): any[];
 /**
  * Function to create bom string for Java jars
  *
@@ -16,43 +16,43 @@ export function listComponents(options: any, allImports: any, pkg: any, ptype?:
  *
  * @returns {Object} BOM with namespace mapping
  */
-export function createJarBom(path: string, options: any): any;
+export function createJarBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for Android apps using blint
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createAndroidBom(path: string, options: any): {
+export function createAndroidBom(path: string, options: Object): {
     bomJson: any;
     dependencies: any;
     parentComponent: any;
-};
+} | undefined;
 /**
  * Function to create bom string for binaries using blint
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createBinaryBom(path: string, options: any): {
+export function createBinaryBom(path: string, options: Object): {
     bomJson: any;
     dependencies: any;
     parentComponent: any;
-};
+} | undefined;
 /**
  * Function to create bom string for Java projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createJavaBom(path: string, options: any): Promise<any>;
+export function createJavaBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for Node.js projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createNodejsBom(path: string, options: any): Promise<any>;
+export function createNodejsBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for Projects that use Pixi package manager.
  * createPixiBom is based on createPythonBom.
@@ -64,161 +64,161 @@ export function createNodejsBom(path: string, options: any): Promise<any>;
  * @param {String} path
  * @param {Object} options
  */
-export function createPixiBom(path: string, options: any): any;
+export function createPixiBom(path: string, options: Object): Object | null;
 /**
  * Function to create bom string for Python projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createPythonBom(path: string, options: any): Promise<any>;
+export function createPythonBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for Go projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createGoBom(path: string, options: any): Promise<any>;
+export function createGoBom(path: string, options: Object): Promise<Object | undefined>;
 /**
  * Function to create bom string for Rust projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createRustBom(path: string, options: any): Promise<any>;
+export function createRustBom(path: string, options: Object): Promise<Object | undefined>;
 /**
  * Function to create bom string for Dart projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createDartBom(path: string, options: any): Promise<any>;
+export function createDartBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for cpp projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createCppBom(path: string, options: any): any;
+export function createCppBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for clojure projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createClojureBom(path: string, options: any): any;
+export function createClojureBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for Haskell projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createHaskellBom(path: string, options: any): any;
+export function createHaskellBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for Elixir projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createElixirBom(path: string, options: any): any;
+export function createElixirBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for GitHub action workflows
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createGitHubBom(path: string, options: any): any;
+export function createGitHubBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for cloudbuild yaml
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createCloudBuildBom(path: string, options: any): any;
+export function createCloudBuildBom(path: string, options: Object): Object;
 /**
  * Function to create obom string for the current OS using osquery
  *
  * @param {string} _path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createOSBom(_path: string, options: any): Promise<any>;
+export function createOSBom(_path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for Jenkins plugins
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createJenkinsBom(path: string, options: any): Promise<any>;
+export function createJenkinsBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for Helm charts
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createHelmBom(path: string, options: any): any;
+export function createHelmBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for swift projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createSwiftBom(path: string, options: any): Promise<any>;
+export function createSwiftBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for cocoa projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createCocoaBom(path: string, options: any): Promise<any>;
+export function createCocoaBom(path: string, options: Object): Promise<Object | undefined>;
 /**
  * Function to create bom string for Nix flakes
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createNixBom(path: string, options: any): Promise<any>;
+export function createNixBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for caxa SEA binaries
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createCaxaBom(path: string, options: any): Promise<any>;
+export function createCaxaBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for docker compose
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createContainerSpecLikeBom(path: string, options: any): any;
+export function createContainerSpecLikeBom(path: string, options: Object): any;
 /**
  * Function to create bom string for php projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createPHPBom(path: string, options: any): any;
+export function createPHPBom(path: string, options: Object): Object;
 /**
  * Function to create bom string for ruby projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createRubyBom(path: string, options: any): Promise<any>;
+export function createRubyBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for csharp projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createCsharpBom(path: string, options: any): Promise<any>;
+export function createCsharpBom(path: string, options: Object): Promise<Object | undefined>;
 /**
  * Function to create bom object for cryptographic certificate files
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createCryptoCertsBom(path: string, options: any): Promise<{
+export function createCryptoCertsBom(path: string, options: Object): Promise<{
     bomJson: {
         components: {
             name: any;
@@ -241,11 +241,11 @@ export function createCryptoCertsBom(path: string, options: any): Promise<{
 }>;
 export function mergeDependencies(dependencies: any, newDependencies: any, parentComponent?: {}): ({
     ref: string;
-    dependsOn: any;
-    provides: any;
+    dependsOn: any[];
+    provides: any[];
 } | {
     ref: string;
-    dependsOn: any;
+    dependsOn: any[];
     provides?: undefined;
 })[];
 /**
@@ -266,28 +266,28 @@ export function trimComponents(components: any[]): any[];
  *
  * @returns {Object} Object including BOM Json
  */
-export function dedupeBom(options: any, components: any[], parentComponent: any, dependencies: any[]): any;
+export function dedupeBom(options: Object, components: any[], parentComponent: Object, dependencies: any[]): Object;
 /**
  * Function to create bom string for all languages
  *
  * @param {string[]} pathList list of to the project
  * @param {Object} options Parse options from the cli
  */
-export function createMultiXBom(pathList: string[], options: any): Promise<any>;
+export function createMultiXBom(pathList: string[], options: Object): Promise<Object>;
 /**
  * Function to create bom string for various languages
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createXBom(path: string, options: any): Promise<any>;
+export function createXBom(path: string, options: Object): Promise<any>;
 /**
  * Function to create bom string for various languages
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
  */
-export function createBom(path: string, options: any): any;
+export function createBom(path: string, options: Object): any;
 /**
  * Method to submit the generated bom to dependency-track or cyclonedx server
  *
@@ -296,7 +296,7 @@ export function createBom(path: string, options: any): any;
  * @return {Promise<{ token: string } | undefined>} a promise with a token (if request was successful) or undefined (in case of invalid arguments)
  * @throws {Error} if the request fails
  */
-export function submitBom(args: any, bomContents: any): Promise<{
+export function submitBom(args: Object, bomContents: Object): Promise<{
     token: string;
 } | undefined>;
 //# sourceMappingURL=index.d.ts.map

package/types/lib/cli/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/cli/index.js"],"names":[],"mappings":"AAg+BA;;;;;;;;GAQG;AACH,~~gFAFW~~,MAAM,SAchB;AAqYD;;;;;;;GAOG;AACH,mCALW,MAAM,~~qBA6EhB~~;AAED;;;;;GAKG;AACH,uCAHW,MAAM;;;;~~EAKhB~~;AAED;;;;;GAKG;AACH,sCAHW,MAAM;;;;~~EAkBhB~~;AAED;;;;;GAKG;AACH,oCAHW,MAAM,~~8BA0tChB~~;AAED;;;;;GAKG;AACH,sCAHW,MAAM,~~8BA+1BhB~~;AAED;;;;;;;;;;GAUG;AACH~~,+DAsEC~~;AAED;;;;;GAKG;AACH,sCAHW,MAAM,~~8BA0ehB~~;AAED;;;;;GAKG;AACH,kCAHW,MAAM,~~8BAqahB~~;AAED;;;;;GAKG;AACH,oCAHW,MAAM,~~8BAsIhB~~;AAED;;;;;GAKG;AACH,oCAHW,MAAM,~~8BAkEhB~~;AAED;;;;;GAKG;AACH,mCAHW,MAAM,~~qBA8MhB~~;AAED;;;;;GAKG;AACH,uCAHW,MAAM,~~qBAgHhB~~;AAED;;;;;GAKG;AACH,uCAHW,MAAM,~~qBA2BhB~~;AAED;;;;;GAKG;AACH,sCAHW,MAAM,~~qBA2BhB~~;AAED;;;;;GAKG;AACH,sCAHW,MAAM,~~qBA0BhB~~;AAED;;;;;GAKG;AACH,0CAHW,MAAM,~~qBAuBhB~~;AAED;;;;;GAKG;AACH,mCAHW,MAAM,~~8BAqDhB~~;AAED;;;;;GAKG;AACH,uCAHW,MAAM,~~8BA4ChB~~;AAED;;;;;GAKG;AACH,oCAHW,MAAM,~~qBA2BhB~~;AAED;;;;;GAKG;AACH,qCAHW,MAAM,~~8BA2IhB~~;AAED;;;;;GAKG;AACH,qCAHW,MAAM,~~8BAqJhB~~;AAED;;;;;GAKG;AACH,mCAHW,MAAM,~~8BAqHhB~~;AAED;;;;;GAKG;AACH,oCAHW,MAAM,~~8BA8ChB~~;AAED;;;;;GAKG;AACH,iDAHW,MAAM,~~qBAmUhB~~;AAED;;;;;GAKG;AACH,mCAHW,MAAM,~~qBA2JhB~~;AAED;;;;;GAKG;AACH,oCAHW,MAAM,~~8BAwPhB~~;AAED;;;;;GAKG;AACH,sCAHW,MAAM,~~8BAmbhB~~;AAED;;;;;GAKG;AACH,2CAHW,MAAM;;;;;;;;;;;;;;;;;;;;~~GAoChB~~;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA+GC;AAED;;;;;;;;;GASG;AACH,~~2GAuCC~~;AAED;;;;;GAKG;AACH,0CAHW,MAAM,EAAE,~~8BAwyBlB~~;AAED;;;;;GAKG;AACH,iCAHW,MAAM,~~8BAoVhB~~;AAED;;;;;GAKG;AACH,gCAHW,MAAM,~~qBAiRhB~~;AAED;;;;;;;GAOG;AACH,~~wDAHY~~,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAAC,CA0IjD"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/cli/index.js"],"names":[],"mappings":"AAg+BA;;;;;;;;GAQG;AACH,wCALW,MAAM,cACN,MAAM,OACN,MAAM,UACN,MAAM,SAchB;AAqYD;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM,GAEJ,MAAM,CA0ElB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM;;;;cAIhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM;;;;cAiBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBAytChB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,mBAk2BhB;AAED;;;;;;;;;;GAUG;AACH,qDAFW,MAAM,iBAwEhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,mBAyehB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,WACN,MAAM,+BAoahB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,+BAqIhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBAiEhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,UA6MhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM,UA+GhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM,UA0BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,UA0BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,UAyBhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,MAAM,UAsBhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,mBAoDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM,mBA2ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,UA0BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,mBA0IhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,+BAoJhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,mBAoHhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBA6ChB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,WACN,MAAM,OAkUhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,UA0JhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBAuPhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,+BAkbhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,WACN,MAAM;;;;;;;;;;;;;;;;;;;;GAmChB;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA+GC;AAED;;;;;;;;;GASG;AACH,mCAPW,MAAM,sCAEN,MAAM,wBAGJ,MAAM,CAyClB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,EAAE,WACR,MAAM,mBAuyBhB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,WACN,MAAM,gBAmVhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,WACN,MAAM,OAgRhB;AAED;;;;;;;GAOG;AACH,gCALW,MAAM,eACN,MAAM,GACL,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAAC,CA0IjD"}

package/types/lib/evinser/evinser.d.ts CHANGED Viewed

@@ -3,33 +3,33 @@
  *
  * @param {Object} options Command line options
  */
-export function prepareDB(options: any): Promise<{
+export function prepareDB(options: Object): Promise<{
     sequelize: any;
     Namespaces: {
         db: any;
         tableName: any;
         init(): Promise<any>;
         findByPk(purl: any): Promise<any>;
-        findOrCreate(options: any): Promise<any>;
-        findAll(options: any): Promise<any>;
+        findOrCreate(options: Object): Promise<any>;
+        findAll(options: Object): Promise<any>;
     };
     Usages: {
         db: any;
         tableName: any;
         init(): Promise<any>;
         findByPk(purl: any): Promise<any>;
-        findOrCreate(options: any): Promise<any>;
-        findAll(options: any): Promise<any>;
+        findOrCreate(options: Object): Promise<any>;
+        findAll(options: Object): Promise<any>;
     };
     DataFlows: {
         db: any;
         tableName: any;
         init(): Promise<any>;
         findByPk(purl: any): Promise<any>;
-        findOrCreate(options: any): Promise<any>;
-        findAll(options: any): Promise<any>;
+        findOrCreate(options: Object): Promise<any>;
+        findAll(options: Object): Promise<any>;
     };
-}>;
+} | undefined>;
 export function catalogMavenDeps(dirPath: any, purlsJars: any, Namespaces: any, options?: {}): Promise<void>;
 export function catalogGradleDeps(dirPath: any, purlsJars: any, Namespaces: any): Promise<void>;
 export function createAndStoreSlice(purl: any, purlsJars: any, Usages: any, options?: {}): Promise<any>;
@@ -52,7 +52,7 @@ export function createSlice(purlOrLanguages: any, filePath: any, sliceType?: str
     openapiSpecFile: any;
     semanticsSlicesFile: any;
 }>;
-export function purlToLanguage(purl: any, filePath: any): string;
+export function purlToLanguage(purl: any, filePath: any): string | undefined;
 export function initFromSbom(components: any, language: any): {
     purlLocationMap: {};
     purlImportsMap: {};
@@ -63,7 +63,7 @@ export function initFromSbom(components: any, language: any): {
  * @param {Object} dbObjMap DB and model instances
  * @param {Object} options Command line options
  */
-export function analyzeProject(dbObjMap: any, options: any): Promise<{
+export function analyzeProject(dbObjMap: Object, options: Object): Promise<{
     atomFile: any;
     usagesSlicesFile: any;
     dataFlowSlicesFile: any;
@@ -78,7 +78,7 @@ export function analyzeProject(dbObjMap: any, options: any): Promise<{
     cryptoGeneratePurls: {};
     openapiSpecFile: any;
 }>;
-export function parseObjectSlices(language: any, usageSlice: any, dbObjMap: any, servicesMap?: {}, purlLocationMap?: {}, purlImportsMap?: {}, openapiSpecFile?: any): Promise<{}>;
+export function parseObjectSlices(language: any, usageSlice: any, dbObjMap: any, servicesMap?: {}, purlLocationMap?: {}, purlImportsMap?: {}, openapiSpecFile?: undefined): Promise<{}>;
 /**
  * The implementation of this function is based on the logic proposed in the atom slices specification
  * https://github.com/AppThreat/atom/blob/main/specification/docs/slices.md#use
@@ -91,7 +91,7 @@ export function parseObjectSlices(language: any, usageSlice: any, dbObjMap: any,
  * @param {Object} purlImportsMap Object to track package urls and their import aliases
  * @returns
  */
-export function parseSliceUsages(language: string, userDefinedTypesMap: any, slice: any[], dbObjMap: any, purlLocationMap: any, purlImportsMap: any): Promise<void>;
+export function parseSliceUsages(language: string, userDefinedTypesMap: Object, slice: any[], dbObjMap: Object, purlLocationMap: Object, purlImportsMap: Object): Promise<void>;
 /**
  * Method to parse semantic slice data. Currently supported for swift and scala languages.
  *
@@ -100,7 +100,7 @@ export function parseSliceUsages(language: string, userDefinedTypesMap: any, sli
  * @param {Object} semanticsSlice Semantic slice data
  * @returns {Object} Parsed metadata
  */
-export function parseSemanticSlices(language: string, components: any[], semanticsSlice: any): any;
+export function parseSemanticSlices(language: string, components: any[], semanticsSlice: Object): Object;
 export function isFilterableType(language: any, userDefinedTypesMap: any, typeFullName: any): boolean;
 export function detectServicesFromOpenAPI(_language: any, openapiSpecFile: any, servicesMap: any): void;
 /**
@@ -110,7 +110,7 @@ export function detectServicesFromOpenAPI(_language: any, openapiSpecFile: any,
  * @param {Array} slice Usages array for each objectSlice
  * @param {Object} servicesMap Existing service map
  */
-export function detectServicesFromUsages(language: string, slice: any[], servicesMap?: any): any[];
+export function detectServicesFromUsages(language: string, slice: any[], servicesMap?: Object): never[] | undefined;
 /**
  * Method to detect services from user defined types in the usage slice
  *
@@ -118,7 +118,7 @@ export function detectServicesFromUsages(language: string, slice: any[], service
  * @param {Array} userDefinedTypes User defined types
  * @param {Object} servicesMap Existing service map
  */
-export function detectServicesFromUDT(language: string, userDefinedTypes: any[], servicesMap: any): void;
+export function detectServicesFromUDT(language: string, userDefinedTypes: any[], servicesMap: Object): void;
 export function constructServiceName(_language: any, slice: any): string;
 export function extractEndpoints(language: any, code: any): any;
 /**
@@ -128,7 +128,7 @@ export function extractEndpoints(language: any, code: any): any;
  * @param {Object} options Command line options
  * @returns
  */
-export function createEvinseFile(sliceArtefacts: any, options: any): any;
+export function createEvinseFile(sliceArtefacts: Object, options: Object): any;
 /**
  * Method to convert dataflow slice into usable callstack frames
  * Implemented based on the logic proposed here - https://github.com/AppThreat/atom/blob/main/specification/docs/slices.md#data-flow-slice
@@ -140,7 +140,7 @@ export function createEvinseFile(sliceArtefacts: any, options: any): any;
  * @param {Object} _purlLocationMap Object to track locations where purls are used
  * @param {Object} purlImportsMap Object to track package urls and their import aliases
  */
-export function collectDataFlowFrames(language: string, userDefinedTypesMap: any, dataFlowSlice: any, dbObjMap: any, _purlLocationMap: any, purlImportsMap: any): Promise<{}>;
+export function collectDataFlowFrames(language: string, userDefinedTypesMap: Object, dataFlowSlice: Object, dbObjMap: Object, _purlLocationMap: Object, purlImportsMap: Object): Promise<{}>;
 /**
  * Method to convert reachable slice into usable callstack frames and crypto components
  *
@@ -149,7 +149,7 @@ export function collectDataFlowFrames(language: string, userDefinedTypesMap: any
  * @param {string} _language Application language
  * @param {Object} reachablesSlice Reachables slice object from atom
  */
-export function collectReachableFrames(_language: string, reachablesSlice: any): {
+export function collectReachableFrames(_language: string, reachablesSlice: Object): {
     dataFlowFrames: {};
     cryptoComponents: {
         type: string;
@@ -177,5 +177,5 @@ export function framePicker(dfFrames: any[]): any;
  * @returns Simplified type string
  */
 export function simplifyType(typeFullName: string): string;
-export function getClassTypeFromSignature(language: any, typeFullName: any): string;
+export function getClassTypeFromSignature(language: any, typeFullName: any): string | undefined;
 //# sourceMappingURL=evinser.d.ts.map

package/types/lib/evinser/evinser.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"evinser.d.ts","sourceRoot":"","sources":["../../../lib/evinser/evinser.js"],"names":[],"mappings":"AA6BA;;;;GAIG;AACH;;;;;;;;;;;;;;;;;;;;;;;;;;~~GAiEC~~;AAED,6GAiDC;AAED,gGAkCC;AAED,wGAqBC;AAED;;;;;;;;;;;;;;;;;;GAuKC;AAED,~~iEAuBC~~;AAED;;;EA8BC;AAcD;;;;;GAKG;AACH;;;;;;;;;;;;;;~~GA0KC~~;AAED,~~kLA~~+DC;AAED;;;;;;;;;;;GAWG;AACH,2CARW,MAAM,~~mHA0OhB~~;AAED;;;;;;;GAOG;AACH,~~mGA+FC~~;AAyBD,sGAyEC;AAED,wGAmCC;AAED;;;;;;GAMG;AACH,mDAJW,MAAM,~~0CA+DhB~~;AAED;;;;;;GAMG;AACH,gDAJW,MAAM,~~mDAoDhB~~;AAED,yEAWC;AAED,gEAsFC;AAED;;;;;;GAMG;AACH,~~yEAwKC~~;AAED;;;;;;;;;;GAUG;AACH,gDAPW,MAAM,~~wHAyHhB~~;AAED;;;;;;;GAOG;AACH,kDAHW,MAAM;;;;;;;;;;;;;~~EA6FhB~~;AAED;;;;;GAKG;AACH,kDAaC;AAED;;;;;GAKG;AACH,2CAHW,MAAM,UAKhB;AAED,~~oFAiDC~~"}
1	+ {"version":3,"file":"evinser.d.ts","sourceRoot":"","sources":["../../../lib/evinser/evinser.js"],"names":[],"mappings":"AA6BA;;;;GAIG;AACH,mCAFW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;eAmEhB;AAED,6GAiDC;AAED,gGAkCC;AAED,wGAqBC;AAED;;;;;;;;;;;;;;;;;;GAuKC;AAED,6EAuBC;AAED;;;EA8BC;AAcD;;;;;GAKG;AACH,yCAHW,MAAM,WACN,MAAM;;;;;;;;;;;;;;GA4KhB;AAED,wLA+DC;AAED;;;;;;;;;;;GAWG;AACH,2CARW,MAAM,uBACN,MAAM,0BAEN,MAAM,mBACN,MAAM,kBACN,MAAM,iBAqOhB;AAED;;;;;;;GAOG;AACH,yFAHW,MAAM,GACJ,MAAM,CAiGlB;AAyBD,sGAyEC;AAED,wGAmCC;AAED;;;;;;GAMG;AACH,mDAJW,MAAM,8BAEN,MAAM,uBA6DhB;AAED;;;;;;GAMG;AACH,gDAJW,MAAM,wCAEN,MAAM,QAkDhB;AAED,yEAWC;AAED,gEAsFC;AAED;;;;;;GAMG;AACH,iDAJW,MAAM,WACN,MAAM,OA2KhB;AAED;;;;;;;;;;GAUG;AACH,gDAPW,MAAM,uBACN,MAAM,iBACN,MAAM,YACN,MAAM,oBACN,MAAM,kBACN,MAAM,eAoHhB;AAED;;;;;;;GAOG;AACH,kDAHW,MAAM,mBACN,MAAM;;;;;;;;;;;;;EA4FhB;AAED;;;;;GAKG;AACH,kDAaC;AAED;;;;;GAKG;AACH,2CAHW,MAAM,UAKhB;AAED,gGAiDC"}