npm - @cyclonedx/cdxgen - Versions diffs - 12.2.0 → 12.3.0 - Mend

@cyclonedx/cdxgen 12.2.0 → 12.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (181) hide show

package/README.md +242 -90
package/bin/audit.js +191 -0
package/bin/cdxgen.js +532 -168
package/bin/convert.js +99 -0
package/bin/evinse.js +23 -0
package/bin/repl.js +339 -8
package/bin/sign.js +8 -0
package/bin/validate.js +8 -0
package/bin/verify.js +8 -0
package/data/container-knowledge-index.json +125 -0
package/data/gtfobins-index.json +6296 -0
package/data/lolbas-index.json +150 -0
package/data/queries-darwin.json +63 -3
package/data/queries-win.json +45 -3
package/data/queries.json +74 -2
package/data/rules/chrome-extensions.yaml +240 -0
package/data/rules/ci-permissions.yaml +478 -18
package/data/rules/container-risk.yaml +270 -0
package/data/rules/obom-runtime.yaml +891 -0
package/data/rules/package-integrity.yaml +49 -0
package/data/spdx-export.schema.json +6794 -0
package/data/spdx-model-v3.0.1.jsonld +15999 -0
package/lib/audit/index.js +1924 -0
package/lib/audit/index.poku.js +1488 -0
package/lib/audit/progress.js +137 -0
package/lib/audit/progress.poku.js +188 -0
package/lib/audit/reporters.js +618 -0
package/lib/audit/scoring.js +310 -0
package/lib/audit/scoring.poku.js +341 -0
package/lib/audit/targets.js +260 -0
package/lib/audit/targets.poku.js +331 -0
package/lib/cli/index.js +276 -68
package/lib/cli/index.poku.js +368 -0
package/lib/helpers/analyzer.js +1052 -5
package/lib/helpers/analyzer.poku.js +301 -0
package/lib/helpers/annotationFormatter.js +49 -0
package/lib/helpers/annotationFormatter.poku.js +44 -0
package/lib/helpers/bomUtils.js +36 -0
package/lib/helpers/bomUtils.poku.js +51 -0
package/lib/helpers/caxa.js +2 -2
package/lib/helpers/chromextutils.js +1153 -0
package/lib/helpers/chromextutils.poku.js +493 -0
package/lib/helpers/ciParsers/githubActions.js +1632 -45
package/lib/helpers/ciParsers/githubActions.poku.js +853 -1
package/lib/helpers/containerRisk.js +186 -0
package/lib/helpers/containerRisk.poku.js +52 -0
package/lib/helpers/depsUtils.js +16 -0
package/lib/helpers/depsUtils.poku.js +58 -1
package/lib/helpers/display.js +245 -61
package/lib/helpers/display.poku.js +162 -2
package/lib/helpers/exportUtils.js +123 -0
package/lib/helpers/exportUtils.poku.js +60 -0
package/lib/helpers/formulationParsers.js +69 -0
package/lib/helpers/formulationParsers.poku.js +44 -0
package/lib/helpers/gtfobins.js +189 -0
package/lib/helpers/gtfobins.poku.js +49 -0
package/lib/helpers/lolbas.js +267 -0
package/lib/helpers/lolbas.poku.js +39 -0
package/lib/helpers/osqueryTransform.js +84 -0
package/lib/helpers/osqueryTransform.poku.js +49 -0
package/lib/helpers/provenanceUtils.js +193 -0
package/lib/helpers/provenanceUtils.poku.js +145 -0
package/lib/helpers/pylockutils.js +281 -0
package/lib/helpers/pylockutils.poku.js +48 -0
package/lib/helpers/registryProvenance.js +793 -0
package/lib/helpers/registryProvenance.poku.js +452 -0
package/lib/helpers/remote/dependency-track.js +84 -0
package/lib/helpers/remote/dependency-track.poku.js +119 -0
package/lib/helpers/source.js +1267 -0
package/lib/helpers/source.poku.js +771 -0
package/lib/helpers/spdxUtils.js +97 -0
package/lib/helpers/spdxUtils.poku.js +70 -0
package/lib/helpers/table.js +384 -0
package/lib/helpers/table.poku.js +186 -0
package/lib/helpers/unicodeScan.js +147 -0
package/lib/helpers/unicodeScan.poku.js +45 -0
package/lib/helpers/utils.js +882 -136
package/lib/helpers/utils.poku.js +995 -91
package/lib/managers/binary.js +29 -5
package/lib/managers/docker.js +179 -52
package/lib/managers/docker.poku.js +327 -28
package/lib/managers/oci.js +107 -23
package/lib/managers/oci.poku.js +132 -0
package/lib/server/openapi.yaml +50 -0
package/lib/server/server.js +228 -331
package/lib/server/server.poku.js +220 -5
package/lib/stages/postgen/annotator.js +7 -0
package/lib/stages/postgen/annotator.poku.js +40 -0
package/lib/stages/postgen/auditBom.js +20 -5
package/lib/stages/postgen/auditBom.poku.js +1729 -67
package/lib/stages/postgen/postgen.js +40 -0
package/lib/stages/postgen/postgen.poku.js +47 -0
package/lib/stages/postgen/ruleEngine.js +80 -2
package/lib/stages/postgen/spdxConverter.js +796 -0
package/lib/stages/postgen/spdxConverter.poku.js +341 -0
package/lib/validator/bomValidator.js +232 -0
package/lib/validator/bomValidator.poku.js +70 -0
package/lib/validator/complianceRules.js +70 -7
package/lib/validator/complianceRules.poku.js +30 -0
package/lib/validator/reporters/annotations.js +2 -2
package/lib/validator/reporters/console.js +13 -2
package/lib/validator/reporters.poku.js +13 -0
package/package.json +10 -8
package/types/bin/audit.d.ts +3 -0
package/types/bin/audit.d.ts.map +1 -0
package/types/bin/convert.d.ts +3 -0
package/types/bin/convert.d.ts.map +1 -0
package/types/bin/repl.d.ts.map +1 -1
package/types/lib/audit/index.d.ts +115 -0
package/types/lib/audit/index.d.ts.map +1 -0
package/types/lib/audit/progress.d.ts +27 -0
package/types/lib/audit/progress.d.ts.map +1 -0
package/types/lib/audit/reporters.d.ts +35 -0
package/types/lib/audit/reporters.d.ts.map +1 -0
package/types/lib/audit/scoring.d.ts +35 -0
package/types/lib/audit/scoring.d.ts.map +1 -0
package/types/lib/audit/targets.d.ts +63 -0
package/types/lib/audit/targets.d.ts.map +1 -0
package/types/lib/cli/index.d.ts +8 -0
package/types/lib/cli/index.d.ts.map +1 -1
package/types/lib/helpers/analyzer.d.ts +13 -0
package/types/lib/helpers/analyzer.d.ts.map +1 -1
package/types/lib/helpers/annotationFormatter.d.ts +23 -0
package/types/lib/helpers/annotationFormatter.d.ts.map +1 -0
package/types/lib/helpers/bomUtils.d.ts +5 -0
package/types/lib/helpers/bomUtils.d.ts.map +1 -0
package/types/lib/helpers/chromextutils.d.ts +97 -0
package/types/lib/helpers/chromextutils.d.ts.map +1 -0
package/types/lib/helpers/ciParsers/githubActions.d.ts +3 -8
package/types/lib/helpers/ciParsers/githubActions.d.ts.map +1 -1
package/types/lib/helpers/containerRisk.d.ts +17 -0
package/types/lib/helpers/containerRisk.d.ts.map +1 -0
package/types/lib/helpers/depsUtils.d.ts.map +1 -1
package/types/lib/helpers/display.d.ts +4 -1
package/types/lib/helpers/display.d.ts.map +1 -1
package/types/lib/helpers/exportUtils.d.ts +40 -0
package/types/lib/helpers/exportUtils.d.ts.map +1 -0
package/types/lib/helpers/formulationParsers.d.ts.map +1 -1
package/types/lib/helpers/gtfobins.d.ts +17 -0
package/types/lib/helpers/gtfobins.d.ts.map +1 -0
package/types/lib/helpers/lolbas.d.ts +16 -0
package/types/lib/helpers/lolbas.d.ts.map +1 -0
package/types/lib/helpers/osqueryTransform.d.ts +7 -0
package/types/lib/helpers/osqueryTransform.d.ts.map +1 -0
package/types/lib/helpers/provenanceUtils.d.ts +90 -0
package/types/lib/helpers/provenanceUtils.d.ts.map +1 -0
package/types/lib/helpers/pylockutils.d.ts +51 -0
package/types/lib/helpers/pylockutils.d.ts.map +1 -0
package/types/lib/helpers/registryProvenance.d.ts +17 -0
package/types/lib/helpers/registryProvenance.d.ts.map +1 -0
package/types/lib/helpers/remote/dependency-track.d.ts +16 -0
package/types/lib/helpers/remote/dependency-track.d.ts.map +1 -0
package/types/lib/helpers/source.d.ts +141 -0
package/types/lib/helpers/source.d.ts.map +1 -0
package/types/lib/helpers/spdxUtils.d.ts +2 -0
package/types/lib/helpers/spdxUtils.d.ts.map +1 -0
package/types/lib/helpers/table.d.ts +6 -0
package/types/lib/helpers/table.d.ts.map +1 -0
package/types/lib/helpers/unicodeScan.d.ts +46 -0
package/types/lib/helpers/unicodeScan.d.ts.map +1 -0
package/types/lib/helpers/utils.d.ts +30 -11
package/types/lib/helpers/utils.d.ts.map +1 -1
package/types/lib/managers/binary.d.ts.map +1 -1
package/types/lib/managers/docker.d.ts.map +1 -1
package/types/lib/managers/oci.d.ts.map +1 -1
package/types/lib/server/server.d.ts +0 -35
package/types/lib/server/server.d.ts.map +1 -1
package/types/lib/stages/postgen/annotator.d.ts.map +1 -1
package/types/lib/stages/postgen/auditBom.d.ts.map +1 -1
package/types/lib/stages/postgen/postgen.d.ts.map +1 -1
package/types/lib/stages/postgen/ruleEngine.d.ts.map +1 -1
package/types/lib/stages/postgen/spdxConverter.d.ts +11 -0
package/types/lib/stages/postgen/spdxConverter.d.ts.map +1 -0
package/types/lib/validator/bomValidator.d.ts +1 -0
package/types/lib/validator/bomValidator.d.ts.map +1 -1
package/types/lib/validator/complianceRules.d.ts.map +1 -1
package/types/lib/validator/reporters/console.d.ts.map +1 -1
package/types/bin/dependencies.d.ts +0 -3
package/types/bin/dependencies.d.ts.map +0 -1
package/types/bin/licenses.d.ts +0 -3
package/types/bin/licenses.d.ts.map +0 -1

package/lib/server/openapi.yaml CHANGED Viewed

@@ -94,11 +94,31 @@ paths:
           required: false
           schema:
             $ref: '#/components/schemas/CDXGEN/properties/projectVersion'
+        - name: autoCreate
+          in: query
+          required: false
+          schema:
+            $ref: '#/components/schemas/CDXGEN/properties/autoCreate'
+        - name: isLatest
+          in: query
+          required: false
+          schema:
+            $ref: '#/components/schemas/CDXGEN/properties/isLatest'
         - name: parentUUID
           in: query
           required: false
           schema:
             $ref: '#/components/schemas/CDXGEN/properties/parentUUID'
+        - name: parentProjectName
+          in: query
+          required: false
+          schema:
+            $ref: '#/components/schemas/CDXGEN/properties/parentProjectName'
+        - name: parentProjectVersion
+          in: query
+          required: false
+          schema:
+            $ref: '#/components/schemas/CDXGEN/properties/parentProjectVersion'
         - name: serverUrl
           in: query
           required: false
@@ -114,6 +134,11 @@ paths:
           required: false
           schema:
             $ref: '#/components/schemas/CDXGEN/properties/specVersion'
+        - name: format
+          in: query
+          required: false
+          schema:
+            $ref: '#/components/schemas/CDXGEN/properties/format'
         - name: filter
           in: query
           required: false
@@ -252,9 +277,22 @@ components:
           type: string
           description: Dependency Track project version
           default: ""
+        autoCreate:
+          type: boolean
+          description: Dependency Track autoCreate value for BOM submissions
+          default: true
+        isLatest:
+          type: boolean
+          description: Dependency Track isLatest value for BOM submissions
         parentUUID:
           type: string
           description: UUID of the parent Dependency Track project
+        parentProjectName:
+          type: string
+          description: Name of the parent Dependency Track project
+        parentProjectVersion:
+          type: string
+          description: Version of the parent Dependency Track project
         serverUrl:
           type: string
           description: URL to the Dependency Track API server
@@ -265,6 +303,18 @@ components:
           type: string
           description: CycloneDX Specification version to use
           default: "1.7"
+        format:
+          type: array
+          items:
+            type: string
+            enum:
+              - cyclonedx
+              - cdx
+              - spdx
+              - spdx-json
+              - spdx3
+              - spdx3-json
+          description: Export format(s). Supports cyclonedx and spdx.
         filter:
           type: array
           items: