npm - @cyclonedx/cdxgen - Versions diffs - 12.1.4 → 12.2.0 - Mend

@cyclonedx/cdxgen 12.1.4 → 12.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (184) hide show

package/README.md +47 -39
package/bin/cdxgen.js +181 -90
package/bin/evinse.js +4 -4
package/bin/repl.js +3 -3
package/bin/sign.js +102 -0
package/bin/validate.js +233 -0
package/bin/verify.js +69 -28
package/data/queries.json +1 -1
package/data/rules/ci-permissions.yaml +186 -0
package/data/rules/dependency-sources.yaml +123 -0
package/data/rules/package-integrity.yaml +135 -0
package/data/rules/vscode-extensions.yaml +228 -0
package/lib/cli/index.js +484 -440
package/lib/evinser/db.js +137 -0
package/lib/{helpers → evinser}/db.poku.js +2 -6
package/lib/evinser/evinser.js +5 -18
package/lib/evinser/swiftsem.js +1 -1
package/lib/helpers/bomSigner.js +312 -0
package/lib/helpers/bomSigner.poku.js +156 -0
package/lib/helpers/caxa.js +1 -1
package/lib/helpers/ciParsers/azurePipelines.js +295 -0
package/lib/helpers/ciParsers/azurePipelines.poku.js +253 -0
package/lib/helpers/ciParsers/circleCi.js +286 -0
package/lib/helpers/ciParsers/circleCi.poku.js +230 -0
package/lib/helpers/ciParsers/common.js +24 -0
package/lib/helpers/ciParsers/githubActions.js +636 -0
package/lib/helpers/ciParsers/githubActions.poku.js +802 -0
package/lib/helpers/ciParsers/gitlabCi.js +213 -0
package/lib/helpers/ciParsers/gitlabCi.poku.js +247 -0
package/lib/helpers/ciParsers/jenkins.js +181 -0
package/lib/helpers/ciParsers/jenkins.poku.js +197 -0
package/lib/helpers/depsUtils.js +203 -0
package/lib/helpers/depsUtils.poku.js +150 -0
package/lib/helpers/display.js +429 -14
package/lib/helpers/envcontext.js +23 -8
package/lib/helpers/formulationParsers.js +351 -0
package/lib/helpers/logger.js +14 -0
package/lib/helpers/protobom.js +9 -9
package/lib/helpers/pythonutils.js +305 -0
package/lib/helpers/pythonutils.poku.js +469 -0
package/lib/helpers/utils.js +970 -528
package/lib/helpers/utils.poku.js +139 -256
package/lib/helpers/versutils.js +202 -0
package/lib/helpers/versutils.poku.js +315 -0
package/lib/helpers/vsixutils.js +1061 -0
package/lib/helpers/vsixutils.poku.js +2247 -0
package/lib/managers/binary.js +19 -19
package/lib/managers/docker.js +108 -1
package/lib/managers/oci.js +10 -0
package/lib/managers/piptree.js +4 -10
package/lib/parsers/npmrc.js +92 -0
package/lib/parsers/npmrc.poku.js +528 -0
package/lib/server/openapi.yaml +1 -10
package/lib/server/server.js +58 -16
package/lib/server/server.poku.js +123 -144
package/lib/stages/postgen/annotator.js +1 -1
package/lib/stages/postgen/auditBom.js +197 -0
package/lib/stages/postgen/auditBom.poku.js +378 -0
package/lib/stages/postgen/postgen.js +54 -1
package/lib/stages/postgen/postgen.poku.js +90 -1
package/lib/stages/postgen/ruleEngine.js +369 -0
package/lib/stages/pregen/envAudit.js +299 -0
package/lib/stages/pregen/envAudit.poku.js +572 -0
package/lib/stages/pregen/pregen.js +12 -8
package/lib/third-party/arborist/lib/deepest-nesting-target.js +1 -1
package/lib/third-party/arborist/lib/node.js +3 -3
package/lib/third-party/arborist/lib/shrinkwrap.js +1 -1
package/lib/third-party/arborist/lib/tree-check.js +1 -1
package/lib/{helpers/validator.js → validator/bomValidator.js} +107 -47
package/lib/validator/complianceEngine.js +241 -0
package/lib/validator/complianceEngine.poku.js +168 -0
package/lib/validator/complianceRules.js +1610 -0
package/lib/validator/complianceRules.poku.js +328 -0
package/lib/validator/index.js +222 -0
package/lib/validator/index.poku.js +144 -0
package/lib/validator/reporters/annotations.js +121 -0
package/lib/validator/reporters/console.js +149 -0
package/lib/validator/reporters/index.js +41 -0
package/lib/validator/reporters/json.js +37 -0
package/lib/validator/reporters/sarif.js +184 -0
package/lib/validator/reporters.poku.js +150 -0
package/package.json +8 -8
package/types/bin/sign.d.ts +3 -0
package/types/bin/sign.d.ts.map +1 -0
package/types/bin/validate.d.ts +3 -0
package/types/bin/validate.d.ts.map +1 -0
package/types/helpers/utils.d.ts +0 -1
package/types/lib/cli/index.d.ts +49 -52
package/types/lib/cli/index.d.ts.map +1 -1
package/types/lib/evinser/db.d.ts +34 -0
package/types/lib/evinser/db.d.ts.map +1 -0
package/types/lib/evinser/evinser.d.ts +63 -16
package/types/lib/evinser/evinser.d.ts.map +1 -1
package/types/lib/helpers/bomSigner.d.ts +27 -0
package/types/lib/helpers/bomSigner.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/azurePipelines.d.ts +17 -0
package/types/lib/helpers/ciParsers/azurePipelines.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/circleCi.d.ts +17 -0
package/types/lib/helpers/ciParsers/circleCi.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/common.d.ts +11 -0
package/types/lib/helpers/ciParsers/common.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/githubActions.d.ts +34 -0
package/types/lib/helpers/ciParsers/githubActions.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/gitlabCi.d.ts +17 -0
package/types/lib/helpers/ciParsers/gitlabCi.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/jenkins.d.ts +17 -0
package/types/lib/helpers/ciParsers/jenkins.d.ts.map +1 -0
package/types/lib/helpers/depsUtils.d.ts +21 -0
package/types/lib/helpers/depsUtils.d.ts.map +1 -0
package/types/lib/helpers/display.d.ts +111 -11
package/types/lib/helpers/display.d.ts.map +1 -1
package/types/lib/helpers/envcontext.d.ts +19 -7
package/types/lib/helpers/envcontext.d.ts.map +1 -1
package/types/lib/helpers/formulationParsers.d.ts +50 -0
package/types/lib/helpers/formulationParsers.d.ts.map +1 -0
package/types/lib/helpers/logger.d.ts +15 -1
package/types/lib/helpers/logger.d.ts.map +1 -1
package/types/lib/helpers/protobom.d.ts +2 -2
package/types/lib/helpers/pythonutils.d.ts +18 -0
package/types/lib/helpers/pythonutils.d.ts.map +1 -0
package/types/lib/helpers/utils.d.ts +532 -128
package/types/lib/helpers/utils.d.ts.map +1 -1
package/types/lib/helpers/versutils.d.ts +8 -0
package/types/lib/helpers/versutils.d.ts.map +1 -0
package/types/lib/helpers/vsixutils.d.ts +130 -0
package/types/lib/helpers/vsixutils.d.ts.map +1 -0
package/types/lib/managers/docker.d.ts +12 -31
package/types/lib/managers/docker.d.ts.map +1 -1
package/types/lib/managers/oci.d.ts +11 -1
package/types/lib/managers/oci.d.ts.map +1 -1
package/types/lib/managers/piptree.d.ts.map +1 -1
package/types/lib/parsers/npmrc.d.ts +26 -0
package/types/lib/parsers/npmrc.d.ts.map +1 -0
package/types/lib/server/server.d.ts +21 -2
package/types/lib/server/server.d.ts.map +1 -1
package/types/lib/stages/postgen/auditBom.d.ts +20 -0
package/types/lib/stages/postgen/auditBom.d.ts.map +1 -0
package/types/lib/stages/postgen/postgen.d.ts +8 -1
package/types/lib/stages/postgen/postgen.d.ts.map +1 -1
package/types/lib/stages/postgen/ruleEngine.d.ts +18 -0
package/types/lib/stages/postgen/ruleEngine.d.ts.map +1 -0
package/types/lib/stages/pregen/envAudit.d.ts +8 -0
package/types/lib/stages/pregen/envAudit.d.ts.map +1 -0
package/types/lib/stages/pregen/pregen.d.ts.map +1 -1
package/types/lib/{helpers/validator.d.ts → validator/bomValidator.d.ts} +1 -1
package/types/lib/validator/bomValidator.d.ts.map +1 -0
package/types/lib/validator/complianceEngine.d.ts +66 -0
package/types/lib/validator/complianceEngine.d.ts.map +1 -0
package/types/lib/validator/complianceRules.d.ts +70 -0
package/types/lib/validator/complianceRules.d.ts.map +1 -0
package/types/lib/validator/index.d.ts +70 -0
package/types/lib/validator/index.d.ts.map +1 -0
package/types/lib/validator/reporters/annotations.d.ts +31 -0
package/types/lib/validator/reporters/annotations.d.ts.map +1 -0
package/types/lib/validator/reporters/console.d.ts +30 -0
package/types/lib/validator/reporters/console.d.ts.map +1 -0
package/types/lib/validator/reporters/index.d.ts +21 -0
package/types/lib/validator/reporters/index.d.ts.map +1 -0
package/types/lib/validator/reporters/json.d.ts +11 -0
package/types/lib/validator/reporters/json.d.ts.map +1 -0
package/types/lib/validator/reporters/sarif.d.ts +16 -0
package/types/lib/validator/reporters/sarif.d.ts.map +1 -0
package/lib/helpers/db.js +0 -162
package/types/helpers/db.d.ts +0 -35
package/types/helpers/db.d.ts.map +0 -1
package/types/lib/helpers/db.d.ts +0 -35
package/types/lib/helpers/db.d.ts.map +0 -1
package/types/lib/helpers/validator.d.ts.map +0 -1
package/types/managers/binary.d.ts +0 -37
package/types/managers/binary.d.ts.map +0 -1
package/types/managers/docker.d.ts +0 -56
package/types/managers/docker.d.ts.map +0 -1
package/types/managers/oci.d.ts +0 -2
package/types/managers/oci.d.ts.map +0 -1
package/types/managers/piptree.d.ts +0 -2
package/types/managers/piptree.d.ts.map +0 -1
package/types/server/server.d.ts +0 -34
package/types/server/server.d.ts.map +0 -1
package/types/stages/postgen/annotator.d.ts +0 -27
package/types/stages/postgen/annotator.d.ts.map +0 -1
package/types/stages/postgen/postgen.d.ts +0 -51
package/types/stages/postgen/postgen.d.ts.map +0 -1
package/types/stages/pregen/pregen.d.ts +0 -59
package/types/stages/pregen/pregen.d.ts.map +0 -1

package/types/lib/validator/index.d.ts ADDED Viewed

@@ -0,0 +1,70 @@
+/**
+ * Run structural + compliance validation against a parsed BOM.
+ *
+ * @param {object} bomJson Parsed CycloneDX JSON BOM.
+ * @param {object} [options]
+ * @param {boolean} [options.schema]            Run JSON-Schema validation (default true).
+ * @param {boolean} [options.deep]              Run purl/ref/metadata deep checks (default true).
+ * @param {Array<string>} [options.benchmarks]  Aliases to include in the scorecards (default: all).
+ * @param {Array<string>} [options.categories]  Restrict compliance rules to these categories.
+ * @param {string} [options.minSeverity]        Minimum severity for returned findings.
+ * @param {boolean} [options.includeManual]     Include manual-review findings (default true).
+ * @param {boolean} [options.includePass]       Include passing findings (default false).
+ * @param {string} [options.publicKey]          If set, verify the BOM signature.
+ * @returns {{
+ *   schemaValid: boolean,
+ *   deepValid: boolean,
+ *   signatureVerified: boolean | null,
+ *   signatureDetails: object | null,
+ *   findings: Array<object>,
+ *   allFindings: Array<object>,
+ *   benchmarks: Array<object>,
+ *   summary: object
+ * }}
+ */
+export function validateBomAdvanced(bomJson: object, options?: {
+    schema?: boolean | undefined;
+    deep?: boolean | undefined;
+    benchmarks?: string[] | undefined;
+    categories?: string[] | undefined;
+    minSeverity?: string | undefined;
+    includeManual?: boolean | undefined;
+    includePass?: boolean | undefined;
+    publicKey?: string | undefined;
+}): {
+    schemaValid: boolean;
+    deepValid: boolean;
+    signatureVerified: boolean | null;
+    signatureDetails: object | null;
+    findings: Array<object>;
+    allFindings: Array<object>;
+    benchmarks: Array<object>;
+    summary: object;
+};
+/**
+ * Decide whether a report should trigger a non-zero CLI exit.
+ *
+ * @param {object} report
+ * @param {object} opts
+ * @param {string} [opts.failSeverity] Severity level at or above which failing findings are considered a failure (default "high").
+ * @param {boolean} [opts.strict]      When true, failing on any `fail` status regardless of severity, and a failing schema/deep validation also counts.
+ * @param {boolean} [opts.requireSignature] Require a valid signature when verification was requested.
+ * @returns {{ shouldFail: boolean, reason: string | null }}
+ */
+export function shouldFail(report: object, opts?: {
+    failSeverity?: string | undefined;
+    strict?: boolean | undefined;
+    requireSignature?: boolean | undefined;
+}): {
+    shouldFail: boolean;
+    reason: string | null;
+};
+export namespace SEVERITY_ORDER {
+    let info: number;
+    let low: number;
+    let medium: number;
+    let high: number;
+    let critical: number;
+}
+export { buildBenchmarkReports, evaluateAll } from "./complianceEngine.js";
+//# sourceMappingURL=index.d.ts.map

package/types/lib/validator/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/validator/index.js"],"names":[],"mappings":"AAqHA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,6CArBW,MAAM,YAEd;IAA0B,MAAM;IACN,IAAI;IACE,UAAU;IACV,UAAU;IACjB,WAAW;IACV,aAAa;IACb,WAAW;IACZ,SAAS;CAClC,GAAU;IACR,WAAW,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,iBAAiB,EAAE,OAAO,GAAG,IAAI,CAAC;IAClC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACxB,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3B,UAAU,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC1B,OAAO,EAAE,MAAM,CAAA;CAChB,CA2CH;AAED;;;;;;;;;GASG;AACH,mCAPW,MAAM,SAEd;IAAsB,YAAY;IACX,MAAM;IACN,gBAAgB;CACvC,GAAU;IAAE,UAAU,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,CA0B1D"}

package/types/lib/validator/reporters/annotations.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+/**
+ * Render a set of findings into CycloneDX annotations.
+ *
+ * @param {Array<object>} findings Finding objects emitted by the validator or auditBom engine.
+ * @param {object} bomJson Full CycloneDX BOM (needed for annotator/subject wiring).
+ * @returns {Array<object>} CycloneDX annotation objects.
+ */
+export function buildAnnotations(findings: Array<object>, bomJson: object): Array<object>;
+/**
+ * Produce a new BOM object with findings embedded as annotations. The caller
+ * is responsible for writing the result to disk.
+ *
+ * @param {object} bomJson
+ * @param {Array<object>} findings
+ * @returns {object}
+ */
+export function renderBom(bomJson: object, findings: Array<object>): object;
+/**
+ * Convenience wrapper matching the signature of the other reporters. The
+ * second argument expects `{ bomJson }` because annotations are BOM-shaped,
+ * not report-shaped.
+ *
+ * @param {object} report Output of validateBomAdvanced().
+ * @param {object} options
+ * @param {object} options.bomJson The BOM to annotate.
+ * @returns {string} JSON string of the annotated BOM.
+ */
+export function render(report: object, options?: {
+    bomJson: object;
+}): string;
+//# sourceMappingURL=annotations.d.ts.map

package/types/lib/validator/reporters/annotations.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"annotations.d.ts","sourceRoot":"","sources":["../../../../lib/validator/reporters/annotations.js"],"names":[],"mappings":"AAYA;;;;;;GAMG;AACH,2CAJW,KAAK,CAAC,MAAM,CAAC,WACb,MAAM,GACJ,KAAK,CAAC,MAAM,CAAC,CAqEzB;AAED;;;;;;;GAOG;AACH,mCAJW,MAAM,YACN,KAAK,CAAC,MAAM,CAAC,GACX,MAAM,CAUlB;AAED;;;;;;;;;GASG;AACH,+BALW,MAAM,YAEd;IAAwB,OAAO,EAAvB,MAAM;CACd,GAAU,MAAM,CAMlB"}

package/types/lib/validator/reporters/console.d.ts ADDED Viewed

@@ -0,0 +1,30 @@
+/**
+ * Produce a human-readable summary of findings.
+ *
+ * @param {Array<object>} findings
+ * @param {object} [options]
+ * @returns {string}
+ */
+export function formatFindings(findings: Array<object>, options?: object): string;
+/**
+ * Produce a scorecard table for benchmark reports.
+ *
+ * @param {Array<object>} reports
+ * @returns {string}
+ */
+export function formatBenchmarks(reports: Array<object>): string;
+/**
+ * Produce a compact one-line summary for CI logs.
+ *
+ * @param {object} summary
+ * @returns {string}
+ */
+export function formatSummary(summary: object): string;
+/**
+ * Render the full report as a single string.
+ *
+ * @param {object} report Output of validateBomAdvanced().
+ * @returns {string}
+ */
+export function render(report: object): string;
+//# sourceMappingURL=console.d.ts.map

package/types/lib/validator/reporters/console.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"console.d.ts","sourceRoot":"","sources":["../../../../lib/validator/reporters/console.js"],"names":[],"mappings":"AAuBA;;;;;;GAMG;AACH,yCAJW,KAAK,CAAC,MAAM,CAAC,YACb,MAAM,GACJ,MAAM,CAiClB;AAED;;;;;GAKG;AACH,0CAHW,KAAK,CAAC,MAAM,CAAC,GACX,MAAM,CAmClB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,GACJ,MAAM,CAWlB;AAED;;;;;GAKG;AACH,+BAHW,MAAM,GACJ,MAAM,CAuBlB"}

package/types/lib/validator/reporters/index.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Render a validation report using the named reporter.
+ *
+ * @param {string} name   Reporter identifier.
+ * @param {object} report Output of validateBomAdvanced().
+ * @param {object} [opts] Reporter-specific options.
+ * @returns {string}
+ */
+export function render(name: string, report: object, opts?: object): string;
+export namespace reporters {
+    export { consoleReporter as console };
+    export { json };
+    export { sarif };
+    export { annotations };
+}
+import * as consoleReporter from "./console.js";
+import * as json from "./json.js";
+import * as sarif from "./sarif.js";
+import * as annotations from "./annotations.js";
+export { annotations, consoleReporter as console, json, sarif };
+//# sourceMappingURL=index.d.ts.map

package/types/lib/validator/reporters/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../lib/validator/reporters/index.js"],"names":[],"mappings":"AAsBA;;;;;;;GAOG;AACH,6BALW,MAAM,UACN,MAAM,SACN,MAAM,GACJ,MAAM,CAUlB;;;;;;;iCA9BgC,cAAc;sBACzB,WAAW;uBACV,YAAY;6BAHN,kBAAkB"}

package/types/lib/validator/reporters/json.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * JSON reporter — emits a stable, documented structure for programmatic use.
+ * No dependencies.
+ */
+/**
+ * @param {object} report Output of validateBomAdvanced().
+ * @param {object} [_options] Unused
+ * @returns {string}
+ */
+export function render(report: object, _options?: object): string;
+//# sourceMappingURL=json.d.ts.map

package/types/lib/validator/reporters/json.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"json.d.ts","sourceRoot":"","sources":["../../../../lib/validator/reporters/json.js"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;;;GAIG;AACH,+BAJW,MAAM,aACN,MAAM,GACJ,MAAM,CA4BlB"}

package/types/lib/validator/reporters/sarif.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Render a validation report as SARIF.
+ *
+ * @param {object} report Output of validateBomAdvanced().
+ * @param {object} [options]
+ * @param {string} [options.toolName]    Override driver name.
+ * @param {string} [options.toolVersion] Driver version to embed.
+ * @param {boolean} [options.includeManual] Include manual-review findings (default false).
+ * @returns {string}
+ */
+export function render(report: object, options?: {
+    toolName?: string | undefined;
+    toolVersion?: string | undefined;
+    includeManual?: boolean | undefined;
+}): string;
+//# sourceMappingURL=sarif.d.ts.map

package/types/lib/validator/reporters/sarif.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"sarif.d.ts","sourceRoot":"","sources":["../../../../lib/validator/reporters/sarif.js"],"names":[],"mappings":"AAqIA;;;;;;;;;GASG;AACH,+BAPW,MAAM,YAEd;IAAyB,QAAQ;IACR,WAAW;IACV,aAAa;CACvC,GAAU,MAAM,CA0ClB"}

package/lib/helpers/db.js DELETED Viewed

@@ -1,162 +0,0 @@
-import path from "node:path";
-import sqlite3 from "@appthreat/sqlite3";
-const {
-  Database,
-  OPEN_READWRITE,
-  OPEN_CREATE,
-  OPEN_NOMUTEX,
-  OPEN_SHAREDCACHE,
-} = sqlite3;
-/**
- * A lightweight Model wrapper to mimic Sequelize behavior using raw sqlite3
- */
-class Model {
-  constructor(db, tableName) {
-    this.db = db;
-    this.tableName = tableName;
-  }
-  /**
-   * Initialize table
-   */
-  async init() {
-    const sql = `CREATE TABLE IF NOT EXISTS ${this.tableName} (
-      purl TEXT PRIMARY KEY,
-      data JSON NOT NULL,
-      createdAt DATETIME NOT NULL,
-      updatedAt DATETIME NOT NULL
-    )`;
-    return new Promise((resolve, reject) => {
-      this.db.run(sql, (err) => {
-        if (err) reject(err);
-        else resolve();
-      });
-    });
-  }
-  /**
-   * findByPk
-   * Returns null if not found, or an object { purl, data (parsed object) }
-   */
-  async findByPk(purl) {
-    const sql = `SELECT * FROM ${this.tableName} WHERE purl = ?`;
-    return new Promise((resolve, reject) => {
-      this.db.get(sql, [purl], (err, row) => {
-        if (err) {
-          reject(err);
-        } else if (!row) {
-          resolve(null);
-        } else {
-          try {
-            row.data = JSON.parse(row.data);
-          } catch (_e) {
-            // ignore
-          }
-          resolve(row);
-        }
-      });
-    });
-  }
-  /**
-   * findOrCreate
-   * @param {Object} options { where: { purl }, defaults: { purl, data } }
-   */
-  async findOrCreate(options) {
-    const { where, defaults } = options;
-    const existing = await this.findByPk(where.purl);
-    if (existing) {
-      return [existing, false];
-    }
-    const insertSql = `INSERT INTO ${this.tableName} (purl, data, createdAt, updatedAt) VALUES (?, ?, ?, ?)`;
-    const dataStr =
-      typeof defaults.data === "string"
-        ? defaults.data
-        : JSON.stringify(defaults.data);
-    const now = new Date().toISOString();
-    return new Promise((resolve, reject) => {
-      this.db.run(insertSql, [defaults.purl, dataStr, now, now], (err) => {
-        if (err) reject(err);
-        else {
-          const instance = {
-            purl: defaults.purl,
-            data: defaults.data,
-            createdAt: now,
-            updatedAt: now,
-          };
-          resolve([instance, true]);
-        }
-      });
-    });
-  }
-  /**
-   * findAll to handle the specific LIKE query from evinser.js
-   * @param {Object} options
-   */
-  async findAll(options) {
-    let sql = `SELECT * FROM ${this.tableName}`;
-    const params = [];
-    if (options?.where?.data) {
-      if (options.where.data.like) {
-        sql += " WHERE data LIKE ?";
-        params.push(options.where.data.like);
-      }
-    }
-    return new Promise((resolve, reject) => {
-      this.db.all(sql, params, (err, rows) => {
-        if (err) {
-          reject(err);
-        } else {
-          const results = rows.map((r) => {
-            try {
-              r.data = JSON.parse(r.data);
-            } catch (_e) {
-              // ignore
-            }
-            return r;
-          });
-          resolve(results);
-        }
-      });
-    });
-  }
-}
-export const createOrLoad = async (dbName, dbPath, logging = false) => {
-  const fullPath = dbPath.includes("memory")
-    ? dbPath
-    : path.join(dbPath, dbName);
-  const mode = OPEN_READWRITE | OPEN_CREATE | OPEN_NOMUTEX | OPEN_SHAREDCACHE;
-  const db = new Database(fullPath, mode, (err) => {
-    if (err && logging) console.error(err.message);
-  });
-  if (logging) {
-    db.on("trace", (sql) => console.log(`[sqlite] ${sql}`));
-  }
-  const Namespaces = new Model(db, "Namespaces");
-  const Usages = new Model(db, "Usages");
-  const DataFlows = new Model(db, "DataFlows");
-  await Namespaces.init();
-  await Usages.init();
-  await DataFlows.init();
-  return {
-    sequelize: db,
-    Namespaces,
-    Usages,
-    DataFlows,
-  };
-};

package/types/helpers/db.d.ts DELETED Viewed

@@ -1,35 +0,0 @@
-export function createOrLoad(dbName: any, dbPath: any, logging?: boolean): Promise<{
-    sequelize: any;
-    Namespaces: Model;
-    Usages: Model;
-    DataFlows: Model;
-}>;
-/**
- * A lightweight Model wrapper to mimic Sequelize behavior using raw sqlite3
- */
-declare class Model {
-    constructor(db: any, tableName: any);
-    db: any;
-    tableName: any;
-    /**
-     * Initialize table
-     */
-    init(): Promise<any>;
-    /**
-     * findByPk
-     * Returns null if not found, or an object { purl, data (parsed object) }
-     */
-    findByPk(purl: any): Promise<any>;
-    /**
-     * findOrCreate
-     * @param {Object} options { where: { purl }, defaults: { purl, data } }
-     */
-    findOrCreate(options: any): Promise<any>;
-    /**
-     * findAll to handle the specific LIKE query from evinser.js
-     * @param {Object} options
-     */
-    findAll(options: any): Promise<any>;
-}
-export {};
-//# sourceMappingURL=db.d.ts.map

package/types/helpers/db.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"db.d.ts","sourceRoot":"","sources":["../../lib/helpers/db.js"],"names":[],"mappings":"AAoIO;;;;;GA6BN;AArJD;;GAEG;AACH;IACE,qCAGC;IAFC,QAAY;IACZ,eAA0B;IAG5B;;OAEG;IACH,qBAaC;IAED;;;OAGG;IACH,kCAkBC;IAED;;;OAGG;IACH,yCA4BC;IAED;;;OAGG;IACH,oCA4BC;CACF"}

package/types/lib/helpers/db.d.ts DELETED Viewed

@@ -1,35 +0,0 @@
-export function createOrLoad(dbName: any, dbPath: any, logging?: boolean): Promise<{
-    sequelize: any;
-    Namespaces: Model;
-    Usages: Model;
-    DataFlows: Model;
-}>;
-/**
- * A lightweight Model wrapper to mimic Sequelize behavior using raw sqlite3
- */
-declare class Model {
-    constructor(db: any, tableName: any);
-    db: any;
-    tableName: any;
-    /**
-     * Initialize table
-     */
-    init(): Promise<any>;
-    /**
-     * findByPk
-     * Returns null if not found, or an object { purl, data (parsed object) }
-     */
-    findByPk(purl: any): Promise<any>;
-    /**
-     * findOrCreate
-     * @param {Object} options { where: { purl }, defaults: { purl, data } }
-     */
-    findOrCreate(options: Object): Promise<any>;
-    /**
-     * findAll to handle the specific LIKE query from evinser.js
-     * @param {Object} options
-     */
-    findAll(options: Object): Promise<any>;
-}
-export {};
-//# sourceMappingURL=db.d.ts.map

package/types/lib/helpers/db.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"db.d.ts","sourceRoot":"","sources":["../../../lib/helpers/db.js"],"names":[],"mappings":"AAoIO;;;;;GA6BN;AArJD;;GAEG;AACH;IACE,qCAGC;IAFC,QAAY;IACZ,eAA0B;IAG5B;;OAEG;IACH,qBAaC;IAED;;;OAGG;IACH,kCAkBC;IAED;;;OAGG;IACH,sBAFW,MAAM,gBA8BhB;IAED;;;OAGG;IACH,iBAFW,MAAM,gBA8BhB;CACF"}

package/types/lib/helpers/validator.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["../../../lib/helpers/validator.js"],"names":[],"mappings":"AA8XA;;;;GAIG;AACH,uCAFW,MAAM,WA0FhB;AAvcM,qCAJI,MAAM,WAiEhB;AAOM,0CAFI,MAAM,WAmEhB;AAOM,uCAFI,MAAM,WA2GhB;AA6BM,sCAFI,MAAM,WAwFhB"}

package/types/managers/binary.d.ts DELETED Viewed

@@ -1,37 +0,0 @@
-export function getCargoAuditableInfo(src: any): any;
-/**
- * Execute sourcekitten plugin with the given arguments
- *
- * @param args {Array} Arguments
- * @returns {undefined|Object} Command output
- */
-export function executeSourcekitten(args: any[]): undefined | any;
-/**
- * Get the packages installed in the container image filesystem.
- *
- * @param src {String} Source directory containing the extracted filesystem.
- * @param imageConfig {Object} Image configuration containing environment variables, command, entrypoints etc
- *
- * @returns {Object} Metadata containing packages, dependencies, etc
- */
-export function getOSPackages(src: string, imageConfig: any): any;
-export function executeOsQuery(query: any): any;
-/**
- * Method to execute dosai to create slices for dotnet
- *
- * @param {string} src Source Path
- * @param {string} slicesFile Slices file name
- * @returns boolean
- */
-export function getDotnetSlices(src: string, slicesFile: string): boolean;
-/**
- * Method to generate binary SBOM using blint
- *
- * @param {string} src Path to binary or its directory
- * @param {string} binaryBomFile Path to binary
- * @param {boolean} deepMode Deep mode flag
- *
- * @return {boolean} Result of the generation
- */
-export function getBinaryBom(src: string, binaryBomFile: string, deepMode: boolean): boolean;
-//# sourceMappingURL=binary.d.ts.map

package/types/managers/binary.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"binary.d.ts","sourceRoot":"","sources":["../../lib/managers/binary.js"],"names":[],"mappings":"AAsYA,qDAgBC;AAED;;;;;GAKG;AACH,kDAFa,SAAS,MAAO,CAkB5B;AAED;;;;;;;GAOG;AACH,kEAieC;AA+DD,gDAgDC;AAED;;;;;;GAMG;AACH,qCAJW,MAAM,cACN,MAAM,WAwChB;AAED;;;;;;;;GAQG;AACH,kCANW,MAAM,iBACN,MAAM,YACN,OAAO,GAEN,OAAO,CAiClB"}

package/types/managers/docker.d.ts DELETED Viewed

@@ -1,56 +0,0 @@
-/**
- * Detect colima
- */
-export function detectColima(): any;
-/**
- * Detect if Rancher desktop is running on a mac.
- */
-export function detectRancherDesktop(): any;
-export const isWin: boolean;
-export const DOCKER_HUB_REGISTRY: "docker.io";
-export function stripAbsolutePath(path: any): any;
-export function getDirs(dirPath: string, dirName: string, hidden?: boolean, recurse?: boolean): string[];
-export function getOnlyDirs(srcpath: any, dirName: any): any[];
-export function getConnection(options: any, forRegistry: any): Promise<any>;
-export function makeRequest(path: any, method: any, forRegistry: any): Promise<any>;
-export function parseImageName(fullImageName: any): {
-    registry: string;
-    repo: string;
-    tag: string;
-    digest: string;
-    platform: string;
-    group: string;
-    name: string;
-};
-export function getImage(fullImageName: any): Promise<any>;
-export function extractTar(fullImageName: any, dir: any, options: any): Promise<boolean>;
-export function exportArchive(fullImageName: any, options?: {}): Promise<{
-    manifest: {};
-    allLayersDir: any;
-    allLayersExplodedDir: any;
-    lastLayerConfig: {};
-    lastWorkingDir: string;
-} | {
-    inspectData: any;
-    manifest: any;
-    allLayersDir: any;
-    allLayersExplodedDir: any;
-    lastLayerConfig: {};
-    lastWorkingDir: string;
-    binPaths: any;
-}>;
-export function extractFromManifest(manifestFile: any, localData: any, tempDir: any, allLayersExplodedDir: any, options: any): Promise<{
-    inspectData: any;
-    manifest: any;
-    allLayersDir: any;
-    allLayersExplodedDir: any;
-    lastLayerConfig: {};
-    lastWorkingDir: string;
-    binPaths: any;
-}>;
-export function exportImage(fullImageName: any, options: any): Promise<any>;
-export function getPkgPathList(exportData: any, lastWorkingDir: any): any;
-export function removeImage(fullImageName: any, force?: boolean): Promise<any>;
-export function getCredsFromHelper(exeSuffix: any, serverAddress: any): any;
-export function addSkippedSrcFiles(skippedImageSrcs: any, components: any): void;
-//# sourceMappingURL=docker.d.ts.map

package/types/managers/docker.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"docker.d.ts","sourceRoot":"","sources":["../../lib/managers/docker.js"],"names":[],"mappings":"AAmFA;;GAEG;AACH,oCAoBC;AAED;;GAEG;AACH,4CA2CC;AA5HD,4BAA6C;AAC7C,kCAAmC,WAAW,CAAC;AAmCxC,kDAeN;AAoFM,iCAHI,MAAM,WACN,MAAM,iDAehB;AAqBM,+DAkBN;AA0LM,4EAoGN;AAEM,oFAwBN;AAUM;;;;;;;;EA2EN;AAyBM,2DA+LN;AA6EM,yFAsFN;AAMM;;;;;;;;;;;;;;GAwDN;AAEM;;;;;;;;GAyGN;AAMM,4EA8IN;AAKM,0EA8GN;AAEM,+EAEN;AAEM,4EA0CN;AAEM,iFA0BN"}

package/types/managers/oci.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export function getBomWithOras(image: any, platform?: any): any;
2	- //# sourceMappingURL=oci.d.ts.map

package/types/managers/oci.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"oci.d.ts","sourceRoot":"","sources":["../../lib/managers/oci.js"],"names":[],"mappings":"AAWA,gEAyEC"}

package/types/managers/piptree.d.ts DELETED Viewed

	@@ -1,2 +0,0 @@
1	- export function getTreeWithPlugin(env: any, python_cmd: string, basePath: string): any;
2	- //# sourceMappingURL=piptree.d.ts.map

package/types/managers/piptree.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"piptree.d.ts","sourceRoot":"","sources":["../../lib/managers/piptree.js"],"names":[],"mappings":"AAwOO,uFAmCN"}

package/types/server/server.d.ts DELETED Viewed

@@ -1,34 +0,0 @@
-/**
- * Checks the given hostname against the allowed list.
- *
- * @param {string} hostname Host name to check
- * @returns {boolean} true if the hostname in its entirety is allowed. false otherwise.
- */
-export function isAllowedHost(hostname: string): boolean;
-/**
- * Checks the given path string to belong to a drive in Windows.
- *
- * @param {string} p Path string to check
- * @returns {boolean} true if the windows path belongs to a drive. false otherwise (device names)
- */
-export function isAllowedWinPath(p: string): boolean;
-/**
- * Checks the given path against the allowed list.
- *
- * @param {string} p Path string to check
- * @returns {boolean} true if the path is present in the allowed paths. false otherwise.
- */
-export function isAllowedPath(p: string): boolean;
-/**
- * Method to safely parse value passed via the query string or body.
- *
- * @param {string|number|Array<string|number>} raw
- * @returns {string|number|boolean|Array<string|number|boolean>}
- * @throws {TypeError} if raw (or any array element) isn’t string or number
- */
-export function parseValue(raw: string | number | Array<string | number>): string | number | boolean | Array<string | number | boolean>;
-export function parseQueryString(q: any, body?: {}, options?: {}): {};
-export function getQueryParams(req: any): {};
-export function configureServer(cdxgenServer: any): void;
-export function start(options: any): void;
-//# sourceMappingURL=server.d.ts.map

package/types/server/server.d.ts.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../lib/server/server.js"],"names":[],"mappings":"AAoEA;;;;;GAKG;AACH,wCAHW,MAAM,GACJ,OAAO,CAanB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,GACJ,OAAO,CAsCnB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,GACJ,OAAO,CAoBnB;AA0CD;;;;;;GAMG;AACH,gCAJW,MAAM,GAAC,MAAM,GAAC,KAAK,CAAC,MAAM,GAAC,MAAM,CAAC,GAChC,MAAM,GAAC,MAAM,GAAC,OAAO,GAAC,KAAK,CAAC,MAAM,GAAC,MAAM,GAAC,OAAO,CAAC,CAwC9D;AAED,sEAiBC;AAED,6CA+BC;AAiBD,yDAKC;AAID,0CA0LC"}

package/types/stages/postgen/annotator.d.ts DELETED Viewed

@@ -1,27 +0,0 @@
-/**
- * Method to determine the type of the BOM.
- *
- * @param {Object} bomJson BOM JSON Object
- *
- * @returns {String} Type of the bom such as sbom, cbom, obom, ml-bom etc
- */
-export function findBomType(bomJson: any): string;
-/**
- * Create the textual representation of the metadata section.
- *
- * @param {Object} bomJson BOM JSON Object
- *
- * @returns {String | undefined} Textual representation of the metadata
- */
-export function textualMetadata(bomJson: any): string | undefined;
-/**
- * Extract interesting tags from the component attribute
- *
- * @param {Object} component CycloneDX component
- * @param {String} bomType BOM type
- * @param {String} parentComponentType Parent component type
- *
- * @returns {Array | undefined} Array of string tags
- */
-export function extractTags(component: any, bomType?: string, parentComponentType?: string): any[] | undefined;
-//# sourceMappingURL=annotator.d.ts.map

package/types/stages/postgen/annotator.d.ts.map DELETED Viewed

	@@ -1 +0,0 @@
1	- {"version":3,"file":"annotator.d.ts","sourceRoot":"","sources":["../../../lib/stages/postgen/annotator.js"],"names":[],"mappings":"AA4CA;;;;;;GAMG;AACH,kDAkCC;AAED;;;;;;GAMG;AACH,+CAFa,SAAS,SAAS,CA2N9B;AAED;;;;;;;;GAQG;AACH,6FAFa,QAAQ,SAAS,CAsF7B"}