npm - @cyclonedx/cdxgen - Versions diffs - 12.2.0 → 12.3.0 - Mend

@cyclonedx/cdxgen 12.2.0 → 12.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (181) hide show

package/README.md +242 -90
package/bin/audit.js +191 -0
package/bin/cdxgen.js +532 -168
package/bin/convert.js +99 -0
package/bin/evinse.js +23 -0
package/bin/repl.js +339 -8
package/bin/sign.js +8 -0
package/bin/validate.js +8 -0
package/bin/verify.js +8 -0
package/data/container-knowledge-index.json +125 -0
package/data/gtfobins-index.json +6296 -0
package/data/lolbas-index.json +150 -0
package/data/queries-darwin.json +63 -3
package/data/queries-win.json +45 -3
package/data/queries.json +74 -2
package/data/rules/chrome-extensions.yaml +240 -0
package/data/rules/ci-permissions.yaml +478 -18
package/data/rules/container-risk.yaml +270 -0
package/data/rules/obom-runtime.yaml +891 -0
package/data/rules/package-integrity.yaml +49 -0
package/data/spdx-export.schema.json +6794 -0
package/data/spdx-model-v3.0.1.jsonld +15999 -0
package/lib/audit/index.js +1924 -0
package/lib/audit/index.poku.js +1488 -0
package/lib/audit/progress.js +137 -0
package/lib/audit/progress.poku.js +188 -0
package/lib/audit/reporters.js +618 -0
package/lib/audit/scoring.js +310 -0
package/lib/audit/scoring.poku.js +341 -0
package/lib/audit/targets.js +260 -0
package/lib/audit/targets.poku.js +331 -0
package/lib/cli/index.js +276 -68
package/lib/cli/index.poku.js +368 -0
package/lib/helpers/analyzer.js +1052 -5
package/lib/helpers/analyzer.poku.js +301 -0
package/lib/helpers/annotationFormatter.js +49 -0
package/lib/helpers/annotationFormatter.poku.js +44 -0
package/lib/helpers/bomUtils.js +36 -0
package/lib/helpers/bomUtils.poku.js +51 -0
package/lib/helpers/caxa.js +2 -2
package/lib/helpers/chromextutils.js +1153 -0
package/lib/helpers/chromextutils.poku.js +493 -0
package/lib/helpers/ciParsers/githubActions.js +1632 -45
package/lib/helpers/ciParsers/githubActions.poku.js +853 -1
package/lib/helpers/containerRisk.js +186 -0
package/lib/helpers/containerRisk.poku.js +52 -0
package/lib/helpers/depsUtils.js +16 -0
package/lib/helpers/depsUtils.poku.js +58 -1
package/lib/helpers/display.js +245 -61
package/lib/helpers/display.poku.js +162 -2
package/lib/helpers/exportUtils.js +123 -0
package/lib/helpers/exportUtils.poku.js +60 -0
package/lib/helpers/formulationParsers.js +69 -0
package/lib/helpers/formulationParsers.poku.js +44 -0
package/lib/helpers/gtfobins.js +189 -0
package/lib/helpers/gtfobins.poku.js +49 -0
package/lib/helpers/lolbas.js +267 -0
package/lib/helpers/lolbas.poku.js +39 -0
package/lib/helpers/osqueryTransform.js +84 -0
package/lib/helpers/osqueryTransform.poku.js +49 -0
package/lib/helpers/provenanceUtils.js +193 -0
package/lib/helpers/provenanceUtils.poku.js +145 -0
package/lib/helpers/pylockutils.js +281 -0
package/lib/helpers/pylockutils.poku.js +48 -0
package/lib/helpers/registryProvenance.js +793 -0
package/lib/helpers/registryProvenance.poku.js +452 -0
package/lib/helpers/remote/dependency-track.js +84 -0
package/lib/helpers/remote/dependency-track.poku.js +119 -0
package/lib/helpers/source.js +1267 -0
package/lib/helpers/source.poku.js +771 -0
package/lib/helpers/spdxUtils.js +97 -0
package/lib/helpers/spdxUtils.poku.js +70 -0
package/lib/helpers/table.js +384 -0
package/lib/helpers/table.poku.js +186 -0
package/lib/helpers/unicodeScan.js +147 -0
package/lib/helpers/unicodeScan.poku.js +45 -0
package/lib/helpers/utils.js +882 -136
package/lib/helpers/utils.poku.js +995 -91
package/lib/managers/binary.js +29 -5
package/lib/managers/docker.js +179 -52
package/lib/managers/docker.poku.js +327 -28
package/lib/managers/oci.js +107 -23
package/lib/managers/oci.poku.js +132 -0
package/lib/server/openapi.yaml +50 -0
package/lib/server/server.js +228 -331
package/lib/server/server.poku.js +220 -5
package/lib/stages/postgen/annotator.js +7 -0
package/lib/stages/postgen/annotator.poku.js +40 -0
package/lib/stages/postgen/auditBom.js +20 -5
package/lib/stages/postgen/auditBom.poku.js +1729 -67
package/lib/stages/postgen/postgen.js +40 -0
package/lib/stages/postgen/postgen.poku.js +47 -0
package/lib/stages/postgen/ruleEngine.js +80 -2
package/lib/stages/postgen/spdxConverter.js +796 -0
package/lib/stages/postgen/spdxConverter.poku.js +341 -0
package/lib/validator/bomValidator.js +232 -0
package/lib/validator/bomValidator.poku.js +70 -0
package/lib/validator/complianceRules.js +70 -7
package/lib/validator/complianceRules.poku.js +30 -0
package/lib/validator/reporters/annotations.js +2 -2
package/lib/validator/reporters/console.js +13 -2
package/lib/validator/reporters.poku.js +13 -0
package/package.json +10 -8
package/types/bin/audit.d.ts +3 -0
package/types/bin/audit.d.ts.map +1 -0
package/types/bin/convert.d.ts +3 -0
package/types/bin/convert.d.ts.map +1 -0
package/types/bin/repl.d.ts.map +1 -1
package/types/lib/audit/index.d.ts +115 -0
package/types/lib/audit/index.d.ts.map +1 -0
package/types/lib/audit/progress.d.ts +27 -0
package/types/lib/audit/progress.d.ts.map +1 -0
package/types/lib/audit/reporters.d.ts +35 -0
package/types/lib/audit/reporters.d.ts.map +1 -0
package/types/lib/audit/scoring.d.ts +35 -0
package/types/lib/audit/scoring.d.ts.map +1 -0
package/types/lib/audit/targets.d.ts +63 -0
package/types/lib/audit/targets.d.ts.map +1 -0
package/types/lib/cli/index.d.ts +8 -0
package/types/lib/cli/index.d.ts.map +1 -1
package/types/lib/helpers/analyzer.d.ts +13 -0
package/types/lib/helpers/analyzer.d.ts.map +1 -1
package/types/lib/helpers/annotationFormatter.d.ts +23 -0
package/types/lib/helpers/annotationFormatter.d.ts.map +1 -0
package/types/lib/helpers/bomUtils.d.ts +5 -0
package/types/lib/helpers/bomUtils.d.ts.map +1 -0
package/types/lib/helpers/chromextutils.d.ts +97 -0
package/types/lib/helpers/chromextutils.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/githubActions.d.ts +3 -8
package/types/lib/helpers/ciParsers/githubActions.d.ts.map +1 -1
package/types/lib/helpers/containerRisk.d.ts +17 -0
package/types/lib/helpers/containerRisk.d.ts.map +1 -0
package/types/lib/helpers/depsUtils.d.ts.map +1 -1
package/types/lib/helpers/display.d.ts +4 -1
package/types/lib/helpers/display.d.ts.map +1 -1
package/types/lib/helpers/exportUtils.d.ts +40 -0
package/types/lib/helpers/exportUtils.d.ts.map +1 -0
package/types/lib/helpers/formulationParsers.d.ts.map +1 -1
package/types/lib/helpers/gtfobins.d.ts +17 -0
package/types/lib/helpers/gtfobins.d.ts.map +1 -0
package/types/lib/helpers/lolbas.d.ts +16 -0
package/types/lib/helpers/lolbas.d.ts.map +1 -0
package/types/lib/helpers/osqueryTransform.d.ts +7 -0
package/types/lib/helpers/osqueryTransform.d.ts.map +1 -0
package/types/lib/helpers/provenanceUtils.d.ts +90 -0
package/types/lib/helpers/provenanceUtils.d.ts.map +1 -0
package/types/lib/helpers/pylockutils.d.ts +51 -0
package/types/lib/helpers/pylockutils.d.ts.map +1 -0
package/types/lib/helpers/registryProvenance.d.ts +17 -0
package/types/lib/helpers/registryProvenance.d.ts.map +1 -0
package/types/lib/helpers/remote/dependency-track.d.ts +16 -0
package/types/lib/helpers/remote/dependency-track.d.ts.map +1 -0
package/types/lib/helpers/source.d.ts +141 -0
package/types/lib/helpers/source.d.ts.map +1 -0
package/types/lib/helpers/spdxUtils.d.ts +2 -0
package/types/lib/helpers/spdxUtils.d.ts.map +1 -0
package/types/lib/helpers/table.d.ts +6 -0
package/types/lib/helpers/table.d.ts.map +1 -0
package/types/lib/helpers/unicodeScan.d.ts +46 -0
package/types/lib/helpers/unicodeScan.d.ts.map +1 -0
package/types/lib/helpers/utils.d.ts +30 -11
package/types/lib/helpers/utils.d.ts.map +1 -1
package/types/lib/managers/binary.d.ts.map +1 -1
package/types/lib/managers/docker.d.ts.map +1 -1
package/types/lib/managers/oci.d.ts.map +1 -1
package/types/lib/server/server.d.ts +0 -35
package/types/lib/server/server.d.ts.map +1 -1
package/types/lib/stages/postgen/annotator.d.ts.map +1 -1
package/types/lib/stages/postgen/auditBom.d.ts.map +1 -1
package/types/lib/stages/postgen/postgen.d.ts.map +1 -1
package/types/lib/stages/postgen/ruleEngine.d.ts.map +1 -1
package/types/lib/stages/postgen/spdxConverter.d.ts +11 -0
package/types/lib/stages/postgen/spdxConverter.d.ts.map +1 -0
package/types/lib/validator/bomValidator.d.ts +1 -0
package/types/lib/validator/bomValidator.d.ts.map +1 -1
package/types/lib/validator/complianceRules.d.ts.map +1 -1
package/types/lib/validator/reporters/console.d.ts.map +1 -1
package/types/bin/dependencies.d.ts +0 -3
package/types/bin/dependencies.d.ts.map +0 -1
package/types/bin/licenses.d.ts +0 -3
package/types/bin/licenses.d.ts.map +0 -1

package/lib/helpers/spdxUtils.js ADDED Viewed

@@ -0,0 +1,97 @@
+import { PackageURL } from "packageurl-js";
+import { isSpdxJsonLd } from "./bomUtils.js";
+const toArray = (value) => {
+  if (Array.isArray(value)) {
+    return value;
+  }
+  if (value !== undefined && value !== null) {
+    return [value];
+  }
+  return [];
+};
+const toCycloneDxLikeComponent = (spdxElement) => {
+  const purl = spdxElement?.software_packageUrl;
+  let group = "";
+  let name = spdxElement?.name || spdxElement?.spdxId || "unnamed-component";
+  let version = spdxElement?.software_packageVersion || "";
+  if (purl) {
+    try {
+      const purlObj = PackageURL.fromString(purl);
+      group = purlObj.namespace || "";
+      name = purlObj.name || name;
+      version = purlObj.version || version;
+    } catch (_err) {
+      // Keep SPDX element values when purl parsing fails.
+    }
+  }
+  return {
+    type: spdxElement?.type === "software_File" ? "file" : "library",
+    group,
+    name,
+    version,
+    purl,
+    "bom-ref": purl || spdxElement?.spdxId || name,
+    description: spdxElement?.description,
+  };
+};
+export const toCycloneDxLikeBom = (bomJson) => {
+  if (!isSpdxJsonLd(bomJson)) {
+    return bomJson;
+  }
+  const graphElements = toArray(bomJson?.["@graph"]);
+  const packageElements = graphElements.filter((element) =>
+    ["software_Package", "software_File"].includes(element?.type),
+  );
+  const components = packageElements.map(toCycloneDxLikeComponent);
+  const spdxIdToRef = new Map();
+  for (let index = 0; index < packageElements.length; index++) {
+    const spdxId = packageElements[index]?.spdxId;
+    if (spdxId) {
+      spdxIdToRef.set(spdxId, components[index]["bom-ref"]);
+    }
+  }
+  const dependencyMap = new Map();
+  for (const component of components) {
+    dependencyMap.set(component["bom-ref"], new Set());
+  }
+  for (const element of graphElements) {
+    if (
+      element?.type !== "Relationship" ||
+      element?.relationshipType !== "dependsOn"
+    ) {
+      continue;
+    }
+    if (!element?.from || typeof element.from !== "string") {
+      continue;
+    }
+    const fromRef = spdxIdToRef.get(element.from) || element.from;
+    const toRefs = toArray(element?.to).map(
+      (toRef) => spdxIdToRef.get(toRef) || toRef,
+    );
+    if (!dependencyMap.has(fromRef)) {
+      dependencyMap.set(fromRef, new Set());
+    }
+    const dependsOnSet = dependencyMap.get(fromRef);
+    for (const toRef of toRefs) {
+      if (toRef) {
+        dependsOnSet.add(toRef);
+      }
+    }
+  }
+  const dependencies = [];
+  for (const [ref, dependsOnSet] of dependencyMap.entries()) {
+    dependencies.push({
+      ref,
+      dependsOn: Array.from(dependsOnSet).sort(),
+    });
+  }
+  return {
+    ...bomJson,
+    components,
+    dependencies,
+  };
+};

package/lib/helpers/spdxUtils.poku.js ADDED Viewed

@@ -0,0 +1,70 @@
+import { assert, describe, it } from "poku";
+import { toCycloneDxLikeBom } from "./spdxUtils.js";
+const sampleSpdx = {
+  "@context": "https://spdx.org/rdf/3.0.1/spdx-context.jsonld",
+  "@graph": [
+    { type: "CreationInfo", spdxId: "urn:demo#CreationInfo-main" },
+    { type: "SpdxDocument", spdxId: "urn:demo#SPDXRef-DOCUMENT" },
+    {
+      type: "software_Package",
+      spdxId: "urn:demo#SPDXRef-app",
+      name: "app",
+      software_packageUrl: "pkg:npm/@acme/app@1.2.3",
+      software_packageVersion: "1.2.3",
+    },
+    {
+      type: "software_Package",
+      spdxId: "urn:demo#SPDXRef-lib",
+      name: "lib",
+      software_packageUrl: "pkg:npm/lodash@4.17.21",
+      software_packageVersion: "4.17.21",
+    },
+    {
+      type: "Relationship",
+      spdxId: "urn:demo#Relationship-1",
+      relationshipType: "dependsOn",
+      from: "urn:demo#SPDXRef-app",
+      to: ["urn:demo#SPDXRef-lib"],
+    },
+  ],
+};
+describe("spdxUtils", () => {
+  it("returns non-SPDX BOMs unchanged", () => {
+    const cyclonedxBom = { bomFormat: "CycloneDX", components: [] };
+    assert.strictEqual(toCycloneDxLikeBom(cyclonedxBom), cyclonedxBom);
+  });
+  it("converts SPDX package and relationship graph into CycloneDX-like components/dependencies", () => {
+    const converted = toCycloneDxLikeBom(sampleSpdx);
+    assert.strictEqual(Array.isArray(converted.components), true);
+    assert.strictEqual(converted.components.length, 2);
+    assert.strictEqual(converted.components[0].name, "app");
+    assert.strictEqual(converted.components[0].version, "1.2.3");
+    assert.strictEqual(Array.isArray(converted.dependencies), true);
+    const appDependency = converted.dependencies.find(
+      (dep) => dep.ref === "pkg:npm/@acme/app@1.2.3",
+    );
+    assert.ok(appDependency);
+    assert.deepStrictEqual(appDependency.dependsOn, ["pkg:npm/lodash@4.17.21"]);
+  });
+  it("ignores invalid SPDX relationships where 'from' is not a string", () => {
+    const malformedSpdx = structuredClone(sampleSpdx);
+    malformedSpdx["@graph"].push({
+      type: "Relationship",
+      spdxId: "urn:demo#Relationship-2",
+      relationshipType: "dependsOn",
+      from: ["urn:demo#SPDXRef-app"],
+      to: ["urn:demo#SPDXRef-lib"],
+    });
+    const converted = toCycloneDxLikeBom(malformedSpdx);
+    const appDependency = converted.dependencies.find(
+      (dep) => dep.ref === "pkg:npm/@acme/app@1.2.3",
+    );
+    assert.ok(appDependency);
+    assert.deepStrictEqual(appDependency.dependsOn, ["pkg:npm/lodash@4.17.21"]);
+  });
+});

package/lib/helpers/table.js ADDED Viewed

@@ -0,0 +1,384 @@
+import process from "node:process";
+import { TABLE_BORDER_STYLE } from "./utils.js";
+const ANSI_PATTERN = "\\u001B\\[[0-?]*[ -/]*[@-~]";
+const ANSI_REGEX = new RegExp(ANSI_PATTERN, "g");
+const COMBINING_MARK_REGEX = /\p{Mark}/u;
+const BORDER_STYLES = {
+  ascii: {
+    bottomJoin: "+",
+    bottomLeft: "+",
+    bottomRight: "+",
+    horizontal: "-",
+    midJoin: "+",
+    midLeft: "+",
+    midRight: "+",
+    topJoin: "+",
+    topLeft: "+",
+    topRight: "+",
+    vertical: "|",
+  },
+  unicode: {
+    bottomJoin: "┴",
+    bottomLeft: "└",
+    bottomRight: "┘",
+    horizontal: "─",
+    midJoin: "┼",
+    midLeft: "├",
+    midRight: "┤",
+    topJoin: "┬",
+    topLeft: "┌",
+    topRight: "┐",
+    vertical: "│",
+  },
+};
+const stripAnsi = (input) => `${input ?? ""}`.replace(ANSI_REGEX, "");
+const isFullWidthCodePoint = (codePoint) => {
+  return (
+    codePoint >= 0x1100 &&
+    (codePoint <= 0x115f ||
+      codePoint === 0x2329 ||
+      codePoint === 0x232a ||
+      (codePoint >= 0x2e80 && codePoint <= 0xa4cf && codePoint !== 0x303f) ||
+      (codePoint >= 0xac00 && codePoint <= 0xd7a3) ||
+      (codePoint >= 0xf900 && codePoint <= 0xfaff) ||
+      (codePoint >= 0xfe10 && codePoint <= 0xfe19) ||
+      (codePoint >= 0xfe30 && codePoint <= 0xfe6f) ||
+      (codePoint >= 0xff00 && codePoint <= 0xff60) ||
+      (codePoint >= 0xffe0 && codePoint <= 0xffe6) ||
+      (codePoint >= 0x1f300 && codePoint <= 0x1f64f) ||
+      (codePoint >= 0x1f900 && codePoint <= 0x1f9ff))
+  );
+};
+const stringWidth = (input) => {
+  const clean = stripAnsi(input);
+  let width = 0;
+  for (const char of clean) {
+    if (char === "\n" || char === "\r") {
+      continue;
+    }
+    if (COMBINING_MARK_REGEX.test(char)) {
+      continue;
+    }
+    const codePoint = char.codePointAt(0);
+    width += isFullWidthCodePoint(codePoint) ? 2 : 1;
+  }
+  return width;
+};
+const alignText = (text, width, alignment = "left") => {
+  const visibleWidth = stringWidth(text);
+  if (visibleWidth >= width) {
+    return text;
+  }
+  const totalPad = width - visibleWidth;
+  if (alignment === "right") {
+    return `${" ".repeat(totalPad)}${text}`;
+  }
+  if (alignment === "center") {
+    const left = Math.floor(totalPad / 2);
+    const right = totalPad - left;
+    return `${" ".repeat(left)}${text}${" ".repeat(right)}`;
+  }
+  return `${text}${" ".repeat(totalPad)}`;
+};
+const splitAnsiTokens = (line) => {
+  const tokens = [];
+  const ansiRegex = new RegExp(ANSI_PATTERN, "g");
+  let cursor = 0;
+  for (const match of line.matchAll(ansiRegex)) {
+    const index = match.index ?? 0;
+    if (index > cursor) {
+      tokens.push({ isAnsi: false, value: line.slice(cursor, index) });
+    }
+    tokens.push({ isAnsi: true, value: match[0] });
+    cursor = index + match[0].length;
+  }
+  if (cursor < line.length) {
+    tokens.push({ isAnsi: false, value: line.slice(cursor) });
+  }
+  return tokens;
+};
+const wrapLineByChars = (line, width) => {
+  if (line === "") {
+    return [""];
+  }
+  if (width <= 0 || stringWidth(line) <= width) {
+    return [line];
+  }
+  const wrapped = [];
+  let chunk = "";
+  let chunkWidth = 0;
+  for (const token of splitAnsiTokens(line)) {
+    if (token.isAnsi) {
+      // Keep full ANSI sequences attached to the current chunk.
+      chunk += token.value;
+      continue;
+    }
+    for (const char of token.value) {
+      const charWidth = stringWidth(char);
+      if (chunkWidth + charWidth > width && chunk) {
+        wrapped.push(chunk);
+        chunk = "";
+        chunkWidth = 0;
+      }
+      chunk += char;
+      chunkWidth += charWidth;
+    }
+  }
+  if (chunk) {
+    wrapped.push(chunk);
+  }
+  return wrapped.length ? wrapped : [""];
+};
+const wrapLineByWords = (line, width) => {
+  if (!line) {
+    return [""];
+  }
+  if (width <= 0 || stringWidth(line) <= width) {
+    return [line];
+  }
+  const words = line.split(/\s+/).filter(Boolean);
+  if (!words.length) {
+    return wrapLineByChars(line, width);
+  }
+  const wrapped = [];
+  let current = "";
+  for (const word of words) {
+    const candidate = current ? `${current} ${word}` : word;
+    if (stringWidth(candidate) <= width) {
+      current = candidate;
+      continue;
+    }
+    if (current) {
+      wrapped.push(current);
+    }
+    if (stringWidth(word) > width) {
+      wrapped.push(...wrapLineByChars(word, width));
+      current = "";
+    } else {
+      current = word;
+    }
+  }
+  if (current) {
+    wrapped.push(current);
+  }
+  return wrapped.length ? wrapped : [""];
+};
+const wrapCellText = (text, width, wrapWord) => {
+  const normalized = `${text ?? ""}`;
+  const lines = normalized.split(/\r?\n/);
+  const wrapped = [];
+  for (const line of lines) {
+    if (wrapWord) {
+      wrapped.push(...wrapLineByChars(line, width));
+    } else {
+      wrapped.push(...wrapLineByWords(line, width));
+    }
+  }
+  return wrapped.length ? wrapped : [""];
+};
+const getColumnCount = (rows, config = {}) => {
+  let maxCols = 0;
+  for (const row of rows) {
+    if (Array.isArray(row)) {
+      maxCols = Math.max(maxCols, row.length);
+    }
+  }
+  if (Array.isArray(config.columns)) {
+    maxCols = Math.max(maxCols, config.columns.length);
+  }
+  if (config.columnCount) {
+    maxCols = Math.max(maxCols, config.columnCount);
+  }
+  return maxCols;
+};
+const inferColumnWidth = (rows, columnIndex) => {
+  let maxWidth = 3;
+  for (const row of rows) {
+    const cell = row?.[columnIndex];
+    if (cell === undefined || cell === null) {
+      continue;
+    }
+    const lines = `${cell}`.split(/\r?\n/);
+    for (const line of lines) {
+      maxWidth = Math.max(maxWidth, stringWidth(line));
+    }
+  }
+  return Math.min(maxWidth, 120);
+};
+const buildColumns = (rows, config = {}) => {
+  const columnDefault = config.columnDefault || {};
+  const columns = Array.isArray(config.columns) ? config.columns : [];
+  const count = getColumnCount(rows, config);
+  const built = [];
+  for (let i = 0; i < count; i++) {
+    const explicit = columns[i] || {};
+    const inferredWidth = inferColumnWidth(rows, i);
+    built.push({
+      alignment: explicit.alignment || columnDefault.alignment || "left",
+      width: Math.max(
+        1,
+        explicit.width || columnDefault.width || inferredWidth,
+      ),
+      wrapWord: explicit.wrapWord ?? columnDefault.wrapWord ?? false,
+    });
+  }
+  return built;
+};
+const resolveBorderStyle = (config = {}) => {
+  const configBorderStyle = `${config.borderStyle || ""}`.toLowerCase();
+  if (configBorderStyle === "ascii" || configBorderStyle === "unicode") {
+    return configBorderStyle;
+  }
+  if (TABLE_BORDER_STYLE === "ascii" || TABLE_BORDER_STYLE === "unicode") {
+    return TABLE_BORDER_STYLE;
+  }
+  const inCI = `${process.env.CI || ""}`.toLowerCase() === "true";
+  return process.stdout?.isTTY && !inCI ? "unicode" : "ascii";
+};
+const resolveBorderChars = (config = {}) => {
+  return BORDER_STYLES[resolveBorderStyle(config)] || BORDER_STYLES.ascii;
+};
+const drawBorder = (columns, borderChars, position = "mid") => {
+  const left =
+    position === "top"
+      ? borderChars.topLeft
+      : position === "bottom"
+        ? borderChars.bottomLeft
+        : borderChars.midLeft;
+  const join =
+    position === "top"
+      ? borderChars.topJoin
+      : position === "bottom"
+        ? borderChars.bottomJoin
+        : borderChars.midJoin;
+  const right =
+    position === "top"
+      ? borderChars.topRight
+      : position === "bottom"
+        ? borderChars.bottomRight
+        : borderChars.midRight;
+  return `${left}${columns.map((c) => borderChars.horizontal.repeat(c.width + 2)).join(join)}${right}`;
+};
+const renderRow = (row, columns, borderChars) => {
+  const wrappedColumns = columns.map((column, index) => {
+    return wrapCellText(row?.[index] ?? "", column.width, column.wrapWord);
+  });
+  let maxHeight = 1;
+  for (const lines of wrappedColumns) {
+    maxHeight = Math.max(maxHeight, lines.length);
+  }
+  const rendered = [];
+  for (let lineIndex = 0; lineIndex < maxHeight; lineIndex++) {
+    const columnSeparator = ` ${borderChars.vertical} `;
+    const line = columns
+      .map((column, columnIndex) => {
+        const raw = wrappedColumns[columnIndex][lineIndex] ?? "";
+        return alignText(raw, column.width, column.alignment);
+      })
+      .join(columnSeparator);
+    rendered.push(`${borderChars.vertical} ${line} ${borderChars.vertical}`);
+  }
+  return rendered;
+};
+const renderHeader = (header, columns, borderChars) => {
+  if (!header?.content) {
+    return [];
+  }
+  const contentAlignment = header.alignment || "left";
+  const totalWidth =
+    columns.reduce((sum, c) => sum + c.width, 0) + (columns.length - 1) * 3;
+  const headerLines = `${header.content}`.split(/\r?\n/);
+  const rendered = [];
+  for (const line of headerLines) {
+    const wrapped = wrapLineByChars(line, totalWidth);
+    for (const wrappedLine of wrapped) {
+      rendered.push(
+        `${borderChars.vertical} ${alignText(wrappedLine, totalWidth, contentAlignment)} ${borderChars.vertical}`,
+      );
+    }
+  }
+  return rendered;
+};
+const formatTable = (rows, config = {}) => {
+  if (!rows?.length) {
+    return "";
+  }
+  const columns = buildColumns(rows, config);
+  const borderChars = resolveBorderChars(config);
+  const topBorder = drawBorder(columns, borderChars, "top");
+  const middleBorder = drawBorder(columns, borderChars, "mid");
+  const bottomBorder = drawBorder(columns, borderChars, "bottom");
+  const output = [topBorder];
+  const headerLines = renderHeader(config.header, columns, borderChars);
+  if (headerLines.length) {
+    output.push(...headerLines);
+    output.push(middleBorder);
+  }
+  for (let i = 0; i < rows.length; i++) {
+    output.push(...renderRow(rows[i], columns, borderChars));
+    output.push(i < rows.length - 1 ? middleBorder : bottomBorder);
+  }
+  return output.join("\n");
+};
+export function table(rows, config = {}) {
+  return formatTable(rows, config);
+}
+export function createStream(config = {}) {
+  let columns;
+  let middleBorder;
+  let bottomBorder;
+  let hasRows = false;
+  let closed = false;
+  const borderChars = resolveBorderChars(config);
+  return {
+    write(row) {
+      if (closed) {
+        return;
+      }
+      if (!columns) {
+        const seedRows = Array.isArray(row) ? [row] : [[row]];
+        columns = buildColumns(seedRows, config);
+        const topBorder = drawBorder(columns, borderChars, "top");
+        middleBorder = drawBorder(columns, borderChars, "mid");
+        bottomBorder = drawBorder(columns, borderChars, "bottom");
+        process.stdout.write(`${topBorder}\n`);
+      }
+      if (hasRows) {
+        process.stdout.write(`${middleBorder}\n`);
+      }
+      const safeRow = Array.isArray(row) ? row : [row];
+      const rendered = renderRow(safeRow, columns, borderChars);
+      process.stdout.write(`${rendered.join("\n")}\n`);
+      hasRows = true;
+    },
+    end() {
+      if (!columns || closed) {
+        return;
+      }
+      process.stdout.write(`${bottomBorder}\n`);
+      closed = true;
+    },
+  };
+}