@cyclonedx/cdxgen 12.1.5 → 12.2.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cyclonedx/cdxgen",
-  "version": "12.1.5",
+  "version": "12.2.1",
   "description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
   "keywords": [
     "sbom",
@@ -82,7 +82,9 @@
   "types": "./types/lib/cli/index.d.ts",
   "bin": {
     "cbom": "bin/cdxgen.js",
+    "cdx-validate": "bin/validate.js",
     "cdx-verify": "bin/verify.js",
+    "cdx-sign": "bin/sign.js",
     "cdxgen": "bin/cdxgen.js",
     "cdxgen-secure": "bin/cdxgen.js",
     "cdxi": "bin/repl.js",
@@ -117,7 +119,6 @@
     "got": "14.6.6",
     "iconv-lite": "0.7.2",
     "json-stringify-nice": "1.1.4",
-    "jws": "4.0.1",
     "keyv": "5.6.0",
     "node-stream-zip": "1.15.0",
     "npm-package-arg": "13.0.2",
@@ -128,7 +129,6 @@
     "read-package-json-fast": "5.0.0",
     "semver": "7.7.4",
     "ssri": "13.0.1",
-    "table": "6.9.0",
     "tar": "7.5.13",
     "treeverse": "3.0.0",
     "uuid": "13.0.0",
@@ -139,17 +139,16 @@
     "yoctocolors": "2.1.2"
   },
   "devDependencies": {
-    "@biomejs/biome": "2.4.10",
+    "@biomejs/biome": "2.4.12",
     "esmock": "2.7.3",
-    "poku": "4.2.0",
-    "sinon": "21.0.3",
+    "poku": "4.2.1",
+    "sinon": "21.1.2",
     "typescript": "6.0.2"
   },
   "optionalDependencies": {
     "@appthreat/atom": "2.5.2",
-    "@appthreat/atom-parsetools": "1.1.3",
-    "@appthreat/cdx-proto": "1.2.1",
-    "@appthreat/sqlite3": "8.0.1",
+    "@appthreat/atom-parsetools": "1.1.4",
+    "@appthreat/cdx-proto": "1.3.0",
     "@bufbuild/protobuf": "2.11.0",
     "@cdxgen/cdxgen-plugins-bin": "2.0.3",
     "@cdxgen/cdxgen-plugins-bin-darwin-amd64": "2.0.3",

package/types/bin/sign.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=sign.d.ts.map

package/types/bin/sign.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sign.d.ts","sourceRoot":"","sources":["../../bin/sign.js"],"names":[],"mappings":""}

package/types/bin/validate.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=validate.d.ts.map

package/types/bin/validate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../bin/validate.js"],"names":[],"mappings":""}

package/types/helpers/utils.d.ts

@@ -1540,7 +1540,6 @@ export const dirNameStr: any;
 export const isSecureMode: any;
 export const isWin: boolean;
 export const isMac: boolean;
-export let ATOM_DB: any;
 export const commandsExecuted: any;
 export const frameworksList: any;
 export const CDXGEN_VERSION: any;

package/types/lib/cli/index.d.ts

@@ -6,8 +6,9 @@
  * @param {Object} allImports All imports
  * @param {Object} pkg Package object
  * @param {string} ptype Package type
+ * @returns {Object[]} Array of component objects
  */
-export function listComponents(options: Object, allImports: Object, pkg: Object, ptype?: string): any[];
+export function listComponents(options: Object, allImports: Object, pkg: Object, ptype?: string): Object[];
 /**
  * Function to create bom string for Java jars
  *
@@ -22,28 +23,23 @@ export function createJarBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object|undefined} BOM object
  */
-export function createAndroidBom(path: string, options: Object): {
-    bomJson: any;
-    dependencies: any;
-    parentComponent: any;
-} | undefined;
+export function createAndroidBom(path: string, options: Object): Object | undefined;
 /**
  * Function to create bom string for binaries using blint
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object|undefined} BOM object
  */
-export function createBinaryBom(path: string, options: Object): {
-    bomJson: any;
-    dependencies: any;
-    parentComponent: any;
-} | undefined;
+export function createBinaryBom(path: string, options: Object): Object | undefined;
 /**
  * Function to create bom string for Java projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createJavaBom(path: string, options: Object): Promise<Object>;
 /**
@@ -51,6 +47,7 @@ export function createJavaBom(path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createNodejsBom(path: string, options: Object): Promise<Object>;
 /**
@@ -63,6 +60,7 @@ export function createNodejsBom(path: string, options: Object): Promise<Object>;
  *
  * @param {String} path
  * @param {Object} options
+ * @returns {Object | null} BOM object, or `null` when `pixi.lock` is absent and `options.installDeps` is false
  */
 export function createPixiBom(path: string, options: Object): Object | null;
 /**
@@ -70,6 +68,7 @@ export function createPixiBom(path: string, options: Object): Object | null;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createPythonBom(path: string, options: Object): Promise<Object>;
 /**
@@ -77,6 +76,7 @@ export function createPythonBom(path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object | undefined>} Promise resolving to a BOM object or `undefined`
  */
 export function createGoBom(path: string, options: Object): Promise<Object | undefined>;
 /**
@@ -84,6 +84,7 @@ export function createGoBom(path: string, options: Object): Promise<Object | und
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object|undefined>} Promise resolving to a BOM object or undefined
  */
 export function createRustBom(path: string, options: Object): Promise<Object | undefined>;
 /**
@@ -91,6 +92,7 @@ export function createRustBom(path: string, options: Object): Promise<Object | u
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createDartBom(path: string, options: Object): Promise<Object>;
 /**
@@ -98,6 +100,7 @@ export function createDartBom(path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createCppBom(path: string, options: Object): Object;
 /**
@@ -105,6 +108,7 @@ export function createCppBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createClojureBom(path: string, options: Object): Object;
 /**
@@ -112,6 +116,7 @@ export function createClojureBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createHaskellBom(path: string, options: Object): Object;
 /**
@@ -119,6 +124,7 @@ export function createHaskellBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createElixirBom(path: string, options: Object): Object;
 /**
@@ -126,6 +132,7 @@ export function createElixirBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createGitHubBom(path: string, options: Object): Object;
 /**
@@ -133,6 +140,7 @@ export function createGitHubBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createCloudBuildBom(path: string, options: Object): Object;
 /**
@@ -140,6 +148,7 @@ export function createCloudBuildBom(path: string, options: Object): Object;
  *
  * @param {string} _path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createOSBom(_path: string, options: Object): Promise<Object>;
 /**
@@ -147,6 +156,7 @@ export function createOSBom(_path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createJenkinsBom(path: string, options: Object): Promise<Object>;
 /**
@@ -154,6 +164,7 @@ export function createJenkinsBom(path: string, options: Object): Promise<Object>
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createHelmBom(path: string, options: Object): Object;
 /**
@@ -161,6 +172,7 @@ export function createHelmBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createSwiftBom(path: string, options: Object): Promise<Object>;
 /**
@@ -168,6 +180,7 @@ export function createSwiftBom(path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object | undefined>} Promise resolving to a BOM object, or `undefined` when no Podfiles are found
  */
 export function createCocoaBom(path: string, options: Object): Promise<Object | undefined>;
 /**
@@ -175,6 +188,7 @@ export function createCocoaBom(path: string, options: Object): Promise<Object |
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createNixBom(path: string, options: Object): Promise<Object>;
 /**
@@ -182,6 +196,7 @@ export function createNixBom(path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createCaxaBom(path: string, options: Object): Promise<Object>;
 /**
@@ -189,13 +204,15 @@ export function createCaxaBom(path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
-export function createContainerSpecLikeBom(path: string, options: Object): any;
+export function createContainerSpecLikeBom(path: string, options: Object): Promise<Object>;
 /**
  * Function to create bom string for php projects
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Object} BOM object
  */
 export function createPHPBom(path: string, options: Object): Object;
 /**
@@ -203,6 +220,7 @@ export function createPHPBom(path: string, options: Object): Object;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createRubyBom(path: string, options: Object): Promise<Object>;
 /**
@@ -210,52 +228,28 @@ export function createRubyBom(path: string, options: Object): Promise<Object>;
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object|undefined>} Promise resolving to BOM object
  */
 export function createCsharpBom(path: string, options: Object): Promise<Object | undefined>;
 /**
- * Function to create bom object for cryptographic certificate files
+ * Function to create BOM for VS Code / IDE extensions.
+ * Supports two modes:
+ * 1. Directory scan: Discovers `.vsix` files and installed extension directories
+ * 2. IDE discovery: Automatically finds extensions installed by known IDEs
  *
- * @param {string} path to the project
+ * @param {string} path to the project or directory to scan
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
-export function createCryptoCertsBom(path: string, options: Object): Promise<{
-    bomJson: {
-        components: {
-            name: any;
-            type: string;
-            version: string;
-            "bom-ref": string;
-            cryptoProperties: {
-                assetType: string;
-                algorithmProperties: {
-                    executionEnvironment: string;
-                    implementationPlatform: string;
-                };
-            };
-            properties: {
-                name: string;
-                value: any;
-            }[];
-        }[];
-    };
-}>;
-export function mergeDependencies(dependencies: any, newDependencies: any, parentComponent?: {}): ({
-    ref: string;
-    dependsOn: any[];
-    provides: any[];
-} | {
-    ref: string;
-    dependsOn: any[];
-    provides?: undefined;
-})[];
-/**
- * Trim duplicate components by retaining all the properties
- *
- * @param {Array} components Components
+export function createVscodeExtensionBom(path: string, options: Object): Promise<Object>;
+/**
+ * Function to create bom object for cryptographic certificate files
  *
- * @returns {Array} Filtered components
+ * @param {string} path to the project
+ * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
-export function trimComponents(components: any[]): any[];
+export function createCryptoCertsBom(path: string, options: Object): Promise<Object>;
 /**
  * Dedupe components
  *
@@ -272,6 +266,7 @@ export function dedupeBom(options: Object, components: any[], parentComponent: O
  *
  * @param {string[]} pathList list of to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
 export function createMultiXBom(pathList: string[], options: Object): Promise<Object>;
 /**
@@ -279,15 +274,17 @@ export function createMultiXBom(pathList: string[], options: Object): Promise<Ob
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object|undefined>} Promise resolving to BOM object, or undefined if path is not readable
  */
-export function createXBom(path: string, options: Object): Promise<any>;
+export function createXBom(path: string, options: Object): Promise<Object | undefined>;
 /**
  * Function to create bom string for various languages
  *
  * @param {string} path to the project
  * @param {Object} options Parse options from the cli
+ * @returns {Promise<Object>} Promise resolving to BOM object
  */
-export function createBom(path: string, options: Object): any;
+export function createBom(path: string, options: Object): Promise<Object>;
 /**
  * Method to submit the generated bom to dependency-track or cyclonedx server
  *

package/types/lib/cli/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/cli/index.js"],"names":[],"mappings":"AAk+BA;;;;;;;;GAQG;AACH,wCALW,MAAM,cACN,MAAM,OACN,MAAM,UACN,MAAM,SAchB;AAqYD;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM,GAEJ,MAAM,CA0ElB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM;;;;cAIhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM;;;;cAiBhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBAytChB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,mBA24BhB;AAED;;;;;;;;;;GAUG;AACH,qDAFW,MAAM,iBAwEhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,mBAuhBhB;AAED;;;;;GAKG;AACH,kCAHW,MAAM,WACN,MAAM,+BAoahB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,+BAqIhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBAiEhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,UA6MhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM,UA+GhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM,UA0BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,UA0BhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,UAyBhB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,WACN,MAAM,UAsBhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,mBAoDhB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,WACN,MAAM,mBA2ChB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,UA0BhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,mBA0IhB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,WACN,MAAM,+BAoJhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,mBAoHhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBA6ChB;AAED;;;;;GAKG;AACH,iDAHW,MAAM,WACN,MAAM,OAkUhB;AAED;;;;;GAKG;AACH,mCAHW,MAAM,WACN,MAAM,UA0JhB;AAED;;;;;GAKG;AACH,oCAHW,MAAM,WACN,MAAM,mBAuPhB;AAED;;;;;GAKG;AACH,sCAHW,MAAM,WACN,MAAM,+BAkbhB;AAED;;;;;GAKG;AACH,2CAHW,MAAM,WACN,MAAM;;;;;;;;;;;;;;;;;;;;GAmChB;AAED;;;;;;;;KA+DC;AAED;;;;;;GAMG;AACH,yDA+GC;AAED;;;;;;;;;GASG;AACH,mCAPW,MAAM,sCAEN,MAAM,wBAGJ,MAAM,CAyClB;AAED;;;;;GAKG;AACH,0CAHW,MAAM,EAAE,WACR,MAAM,mBAuyBhB;AAED;;;;;GAKG;AACH,iCAHW,MAAM,WACN,MAAM,gBAmVhB;AAED;;;;;GAKG;AACH,gCAHW,MAAM,WACN,MAAM,OAgRhB;AAED;;;;;;;GAOG;AACH,gCALW,MAAM,eACN,MAAM,GACL,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAAC,CA0IjD"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/cli/index.js"],"names":[],"mappings":"AA60BA;;;;;;;;;GASG;AACH,wCANW,MAAM,cACN,MAAM,OACN,MAAM,UACN,MAAM,GACJ,MAAM,EAAE,CAcpB;AA2ZD;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM,GAEJ,MAAM,CA0ElB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,MAAM,GAAC,SAAS,CAI5B;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,MAAM,GAAC,SAAS,CAiB5B;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA+tC3B;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAi6B3B;AAgFD;;;;;;;;;;;GAWG;AACH,qDAHW,MAAM,GACJ,MAAM,GAAG,IAAI,CAwEzB;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAuhB3B;AAED;;;;;;GAMG;AACH,kCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAoavC;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAC,SAAS,CAAC,CAqIrC;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAiE3B;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA6MlB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA+GlB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA0BlB;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA0BlB;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CAyBlB;AAED;;;;;;GAMG;AACH,0CAJW,MAAM,WACN,MAAM,GACJ,MAAM,CAsBlB;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAoD3B;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA2C3B;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA0BlB;AAED;;;;;;GAMG;AACH,qCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA0I3B;AAED;;;;;;GAMG;AACH,qCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAoJvC;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAoH3B;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA6C3B;AAED;;;;;;GAMG;AACH,iDAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAkU3B;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA4JlB;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAuP3B;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAC,SAAS,CAAC,CAkbrC;AAED;;;;;;;;;GASG;AACH,+CAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA2F3B;AA2FD;;;;;;GAMG;AACH,2CAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAmC3B;AAED;;;;;;;;;GASG;AACH,mCAPW,MAAM,sCAEN,MAAM,wBAGJ,MAAM,CAyClB;AAED;;;;;;GAMG;AACH,0CAJW,MAAM,EAAE,WACR,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAy0B3B;AAED;;;;;;GAMG;AACH,iCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAC,SAAS,CAAC,CA6VrC;AAED;;;;;;GAMG;AACH,gCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAmR3B;AAED;;;;;;;GAOG;AACH,gCALW,MAAM,eACN,MAAM,GACL,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAAC,CA8FjD"}

package/types/lib/evinser/db.d.ts

@@ -0,0 +1,34 @@
+export function createOrLoad(): Promise<{
+    sequelize: {
+        close: () => boolean;
+    };
+    Namespaces: Model;
+    Usages: Model;
+    DataFlows: Model;
+}>;
+declare class Model {
+    constructor(tableName: any);
+    tableName: any;
+    store: Map<any, any>;
+    init(): Promise<void>;
+    findByPk(purl: any): Promise<{
+        purl: any;
+        data: any;
+        createdAt: any;
+        updatedAt: any;
+    } | null>;
+    findOrCreate(options: any): Promise<(boolean | {
+        purl: any;
+        data: any;
+        createdAt: any;
+        updatedAt: any;
+    })[]>;
+    findAll(options: any): Promise<{
+        purl: any;
+        data: any;
+        createdAt: any;
+        updatedAt: any;
+    }[]>;
+}
+export {};
+//# sourceMappingURL=db.d.ts.map

package/types/lib/evinser/db.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"db.d.ts","sourceRoot":"","sources":["../../../lib/evinser/db.js"],"names":[],"mappings":"AAmHO;;;;;;;GAqBN;AAxID;IACE,4BAGC;IAFC,eAA0B;IAC1B,qBAAsB;IAGxB,sBAEC;IAED;;;;;cAoBC;IAED;;;;;UA2CC;IAED;;;;;SAmCC;CACF"}

package/types/lib/evinser/evinser.d.ts

@@ -4,30 +4,77 @@
  * @param {Object} options Command line options
  */
 export function prepareDB(options: Object): Promise<{
-    sequelize: any;
+    sequelize: {
+        close: () => boolean;
+    };
     Namespaces: {
-        db: any;
         tableName: any;
-        init(): Promise<any>;
-        findByPk(purl: any): Promise<any>;
-        findOrCreate(options: Object): Promise<any>;
-        findAll(options: Object): Promise<any>;
+        store: Map<any, any>;
+        init(): Promise<void>;
+        findByPk(purl: any): Promise<{
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        } | null>;
+        findOrCreate(options: any): Promise<(boolean | {
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        })[]>;
+        findAll(options: any): Promise<{
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        }[]>;
     };
     Usages: {
-        db: any;
         tableName: any;
-        init(): Promise<any>;
-        findByPk(purl: any): Promise<any>;
-        findOrCreate(options: Object): Promise<any>;
-        findAll(options: Object): Promise<any>;
+        store: Map<any, any>;
+        init(): Promise<void>;
+        findByPk(purl: any): Promise<{
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        } | null>;
+        findOrCreate(options: any): Promise<(boolean | {
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        })[]>;
+        findAll(options: any): Promise<{
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        }[]>;
     };
     DataFlows: {
-        db: any;
         tableName: any;
-        init(): Promise<any>;
-        findByPk(purl: any): Promise<any>;
-        findOrCreate(options: Object): Promise<any>;
-        findAll(options: Object): Promise<any>;
+        store: Map<any, any>;
+        init(): Promise<void>;
+        findByPk(purl: any): Promise<{
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        } | null>;
+        findOrCreate(options: any): Promise<(boolean | {
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        })[]>;
+        findAll(options: any): Promise<{
+            purl: any;
+            data: any;
+            createdAt: any;
+            updatedAt: any;
+        }[]>;
     };
 } | undefined>;
 export function catalogMavenDeps(dirPath: any, purlsJars: any, Namespaces: any, options?: {}): Promise<void>;

package/types/lib/evinser/evinser.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"evinser.d.ts","sourceRoot":"","sources":["../../../lib/evinser/evinser.js"],"names":[],"mappings":"AA6BA;;;;GAIG;AACH,mCAFW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;eAmEhB;AAED,6GAiDC;AAED,gGAkCC;AAED,wGAqBC;AAED;;;;;;;;;;;;;;;;;;GAuKC;AAED,6EAuBC;AAED;;;EA8BC;AAcD;;;;;GAKG;AACH,yCAHW,MAAM,WACN,MAAM;;;;;;;;;;;;;;GA4KhB;AAED,wLA8DC;AAED;;;;;;;;;;;GAWG;AACH,2CARW,MAAM,uBACN,MAAM,0BAEN,MAAM,mBACN,MAAM,kBACN,MAAM,iBAqOhB;AAED;;;;;;;GAOG;AACH,yFAHW,MAAM,GACJ,MAAM,CAiGlB;AAyBD,sGAyEC;AAED,wGAmCC;AAED;;;;;;GAMG;AACH,mDAJW,MAAM,8BAEN,MAAM,uBA6DhB;AAED;;;;;;GAMG;AACH,gDAJW,MAAM,wCAEN,MAAM,QAkDhB;AAED,yEAWC;AAED,gEAsFC;AAED;;;;;;GAMG;AACH,iDAJW,MAAM,WACN,MAAM,OA2KhB;AAED;;;;;;;;;;GAUG;AACH,gDAPW,MAAM,uBACN,MAAM,iBACN,MAAM,YACN,MAAM,oBACN,MAAM,kBACN,MAAM,eAoHhB;AAED;;;;;;;GAOG;AACH,kDAHW,MAAM,mBACN,MAAM;;;;;;;;;;;;;EA4FhB;AAED;;;;;GAKG;AACH,kDAaC;AAED;;;;;GAKG;AACH,2CAHW,MAAM,UAKhB;AAED,gGAiDC"}
+{"version":3,"file":"evinser.d.ts","sourceRoot":"","sources":["../../../lib/evinser/evinser.js"],"names":[],"mappings":"AA2BA;;;;GAIG;AACH,mCAFW,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;eAyDhB;AAED,6GAiDC;AAED,gGAkCC;AAED,wGAqBC;AAED;;;;;;;;;;;;;;;;;;GAuKC;AAED,6EAuBC;AAED;;;EA8BC;AAcD;;;;;GAKG;AACH,yCAHW,MAAM,WACN,MAAM;;;;;;;;;;;;;;GA4KhB;AAED,wLA8DC;AAED;;;;;;;;;;;GAWG;AACH,2CARW,MAAM,uBACN,MAAM,0BAEN,MAAM,mBACN,MAAM,kBACN,MAAM,iBAqOhB;AAED;;;;;;;GAOG;AACH,yFAHW,MAAM,GACJ,MAAM,CAiGlB;AAyBD,sGAyEC;AAED,wGAmCC;AAED;;;;;;GAMG;AACH,mDAJW,MAAM,8BAEN,MAAM,uBA6DhB;AAED;;;;;;GAMG;AACH,gDAJW,MAAM,wCAEN,MAAM,QAkDhB;AAED,yEAWC;AAED,gEAsFC;AAED;;;;;;GAMG;AACH,iDAJW,MAAM,WACN,MAAM,OA2KhB;AAED;;;;;;;;;;GAUG;AACH,gDAPW,MAAM,uBACN,MAAM,iBACN,MAAM,YACN,MAAM,oBACN,MAAM,kBACN,MAAM,eAoHhB;AAED;;;;;;;GAOG;AACH,kDAHW,MAAM,mBACN,MAAM;;;;;;;;;;;;;EA4FhB;AAED;;;;;GAKG;AACH,kDAaC;AAED;;;;;GAKG;AACH,2CAHW,MAAM,UAKhB;AAED,gGAiDC"}

package/types/lib/helpers/analyzer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../../lib/helpers/analyzer.js"],"names":[],"mappings":"AAmSO;;;GAkBN"}
+{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../../lib/helpers/analyzer.js"],"names":[],"mappings":"AA83BO;;;GAkBN"}

package/types/lib/helpers/bomSigner.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Recursively applies signatures to the BOM and its granular components.
+ *
+ * @param {Object} bomJson - CycloneDX BOM Object
+ * @param {Object} options - Signing options { privateKey, algorithm, mode, ... }
+ * @returns {Object} - Signed BOM Object
+ */
+export function signBom(bomJson: Object, options?: Object): Object;
+/**
+ * Verifies the integrity of a specific element node (e.g., BOM root, Component, Service, Annotation).
+ * Resolves standard JSF signatures, multisignature (signers), and chains.
+ *
+ * @param {Object} node - The BOM or granular object to verify
+ * @param {string|crypto.KeyObject} publicKey - The public key corresponding to the signature
+ * @returns {boolean|Object} - Signature block if signature is valid. False otherwise.
+ */
+export function verifyNode(node: Object, publicKey: string | crypto.KeyObject): boolean | Object;
+/**
+ * Verifies the integrity of a BOM's top-level signature, as well as nested components, services, and annotations.
+ * Returns true only if the root signature is valid AND all signed nested elements are valid.
+ *
+ * @param {Object} bom - CycloneDX BOM Object
+ * @param {string|crypto.KeyObject} publicKey - The public key corresponding to the signature
+ * @returns {boolean|Object} - Signature block if signature is valid. False otherwise.
+ */
+export function verifyBom(bom: Object, publicKey: string | crypto.KeyObject): boolean | Object;
+//# sourceMappingURL=bomSigner.d.ts.map

package/types/lib/helpers/bomSigner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bomSigner.d.ts","sourceRoot":"","sources":["../../../lib/helpers/bomSigner.js"],"names":[],"mappings":"AAiIA;;;;;;GAMG;AACH,iCAJW,MAAM,YACN,MAAM,GACJ,MAAM,CAkDlB;AAuDD;;;;;;;GAOG;AACH,iCAJW,MAAM,aACN,MAAM,GAAC,MAAM,CAAC,SAAS,GACrB,OAAO,GAAC,MAAM,CA0B1B;AAED;;;;;;;GAOG;AACH,+BAJW,MAAM,aACN,MAAM,GAAC,MAAM,CAAC,SAAS,GACrB,OAAO,GAAC,MAAM,CAgC1B"}

package/types/lib/helpers/ciParsers/azurePipelines.d.ts

@@ -0,0 +1,17 @@
+export namespace azurePipelinesParser {
+    let id: string;
+    let patterns: string[];
+    /**
+     * @param {string[]} files Matched pipeline file paths
+     * @param {Object} options CLI options
+     * @returns {{ workflows: Object[], components: Object[], services: Object[], properties: Object[], dependencies: Object[] }}
+     */
+    function parse(files: string[], options: Object): {
+        workflows: Object[];
+        components: Object[];
+        services: Object[];
+        properties: Object[];
+        dependencies: Object[];
+    };
+}
+//# sourceMappingURL=azurePipelines.d.ts.map

package/types/lib/helpers/ciParsers/azurePipelines.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"azurePipelines.d.ts","sourceRoot":"","sources":["../../../../lib/helpers/ciParsers/azurePipelines.js"],"names":[],"mappings":";;;IA6QE;;;;OAIG;IACH,sBAJW,MAAM,EAAE,WACR,MAAM,GACJ;QAAE,SAAS,EAAE,MAAM,EAAE,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAAC,YAAY,EAAE,MAAM,EAAE,CAAA;KAAE,CAqB3H"}

package/types/lib/helpers/ciParsers/circleCi.d.ts

@@ -0,0 +1,17 @@
+export namespace circleCiParser {
+    let id: string;
+    let patterns: string[];
+    /**
+     * @param {string[]} files Matched config file paths
+     * @param {Object} options CLI options
+     * @returns {{ workflows: Object[], components: Object[], services: Object[], properties: Object[], dependencies: Object[] }}
+     */
+    function parse(files: string[], options: Object): {
+        workflows: Object[];
+        components: Object[];
+        services: Object[];
+        properties: Object[];
+        dependencies: Object[];
+    };
+}
+//# sourceMappingURL=circleCi.d.ts.map

package/types/lib/helpers/ciParsers/circleCi.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"circleCi.d.ts","sourceRoot":"","sources":["../../../../lib/helpers/ciParsers/circleCi.js"],"names":[],"mappings":";;;IAoQE;;;;OAIG;IACH,sBAJW,MAAM,EAAE,WACR,MAAM,GACJ;QAAE,SAAS,EAAE,MAAM,EAAE,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAAC,YAAY,EAAE,MAAM,EAAE,CAAA;KAAE,CAqB3H"}

package/types/lib/helpers/ciParsers/common.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Ensure all step objects in the array are unique (CycloneDX `uniqueItems: true`).
+ *
+ * Identical steps are disambiguated by appending a ` (N)` counter to the step name.
+ * The first occurrence is always left unchanged.
+ *
+ * @param {Object[]} steps
+ * @returns {Object[]|undefined}
+ */
+export function disambiguateSteps(steps: Object[]): Object[] | undefined;
+//# sourceMappingURL=common.d.ts.map

package/types/lib/helpers/ciParsers/common.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"common.d.ts","sourceRoot":"","sources":["../../../../lib/helpers/ciParsers/common.js"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,yCAHW,MAAM,EAAE,GACN,MAAM,EAAE,GAAC,SAAS,CAgB9B"}