@cyclonedx/cdxgen 12.4.2 → 12.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -0
- package/bin/audit.js +7 -0
- package/bin/cdxgen.js +48 -2
- package/bin/evinse.js +7 -0
- package/lib/audit/index.js +165 -2
- package/lib/audit/index.poku.js +462 -0
- package/lib/cli/index.js +320 -172
- package/lib/cli/index.poku.js +81 -0
- package/lib/evinser/evinser.js +31 -9
- package/lib/helpers/analyzer.js +890 -0
- package/lib/helpers/analyzer.poku.js +341 -0
- package/lib/helpers/atomUtils.js +445 -0
- package/lib/helpers/atomUtils.poku.js +137 -0
- package/lib/helpers/bomUtils.js +71 -0
- package/lib/helpers/bomUtils.poku.js +45 -0
- package/lib/helpers/depsUtils.js +146 -0
- package/lib/helpers/depsUtils.poku.js +183 -0
- package/lib/helpers/display.js +12 -6
- package/lib/helpers/display.poku.js +38 -0
- package/lib/helpers/utils.js +653 -191
- package/lib/helpers/utils.poku.js +414 -4
- package/lib/managers/binary.js +18 -9
- package/lib/stages/postgen/postgen.js +215 -0
- package/lib/stages/postgen/postgen.poku.js +218 -3
- package/lib/validator/bomValidator.js +11 -2
- package/package.json +8 -8
- package/types/lib/audit/index.d.ts.map +1 -1
- package/types/lib/cli/index.d.ts.map +1 -1
- package/types/lib/helpers/analyzer.d.ts.map +1 -1
- package/types/lib/helpers/atomUtils.d.ts +18 -0
- package/types/lib/helpers/atomUtils.d.ts.map +1 -0
- package/types/lib/helpers/bomUtils.d.ts +10 -0
- package/types/lib/helpers/bomUtils.d.ts.map +1 -1
- package/types/lib/helpers/depsUtils.d.ts +9 -0
- package/types/lib/helpers/depsUtils.d.ts.map +1 -1
- package/types/lib/helpers/display.d.ts.map +1 -1
- package/types/lib/helpers/dosaiParsers.d.ts.map +1 -1
- package/types/lib/helpers/utils.d.ts +19 -0
- package/types/lib/helpers/utils.d.ts.map +1 -1
- package/types/lib/managers/binary.d.ts +2 -1
- package/types/lib/managers/binary.d.ts.map +1 -1
- package/types/lib/stages/postgen/postgen.d.ts.map +1 -1
- package/types/lib/validator/bomValidator.d.ts.map +1 -1
|
@@ -10,7 +10,9 @@ import {
|
|
|
10
10
|
optionIncludesAiInventoryProjectType,
|
|
11
11
|
} from "../../helpers/aiInventory.js";
|
|
12
12
|
import {
|
|
13
|
+
getSupportedCycloneDxComponentTypes,
|
|
13
14
|
isCycloneDx20SpecVersion,
|
|
15
|
+
normalizeCycloneDxComponentTypeFilter,
|
|
14
16
|
normalizeCycloneDxSpecVersion,
|
|
15
17
|
setCycloneDxFormat,
|
|
16
18
|
toCycloneDxSpecVersionString,
|
|
@@ -166,6 +168,7 @@ const SERVICE_1_6_ONLY_FIELDS = new Set(["tags"]);
|
|
|
166
168
|
const SERVICE_1_7_ONLY_FIELDS = new Set(["patentAssertions"]);
|
|
167
169
|
const METADATA_1_6_ONLY_FIELDS = new Set(["manufacturer"]);
|
|
168
170
|
const METADATA_1_7_ONLY_FIELDS = new Set(["distributionConstraints"]);
|
|
171
|
+
const DEPENDENCY_1_6_ONLY_FIELDS = new Set(["provides"]);
|
|
169
172
|
const METADATA_2_0_REMOVED_FIELDS = new Set(["manufacture"]);
|
|
170
173
|
const COMPONENT_2_0_REMOVED_FIELDS = new Set(["author", "modified"]);
|
|
171
174
|
|
|
@@ -402,6 +405,203 @@ function normalizeMetadataForSpecVersion(subject, specVersion) {
|
|
|
402
405
|
}
|
|
403
406
|
}
|
|
404
407
|
|
|
408
|
+
function normalizeDependencyForSpecVersion(subject, specVersion) {
|
|
409
|
+
if (specVersion < 1.6) {
|
|
410
|
+
deleteFields(subject, DEPENDENCY_1_6_ONLY_FIELDS);
|
|
411
|
+
}
|
|
412
|
+
}
|
|
413
|
+
|
|
414
|
+
function filterComponentArrayByType(components, allowedTypes) {
|
|
415
|
+
if (!Array.isArray(components) || !allowedTypes?.size) {
|
|
416
|
+
return components;
|
|
417
|
+
}
|
|
418
|
+
const filteredComponents = [];
|
|
419
|
+
for (const component of components) {
|
|
420
|
+
if (!isObjectRecord(component)) {
|
|
421
|
+
filteredComponents.push(component);
|
|
422
|
+
continue;
|
|
423
|
+
}
|
|
424
|
+
if (component.type && !allowedTypes.has(component.type)) {
|
|
425
|
+
continue;
|
|
426
|
+
}
|
|
427
|
+
if (Array.isArray(component.components)) {
|
|
428
|
+
component.components = filterComponentArrayByType(
|
|
429
|
+
component.components,
|
|
430
|
+
allowedTypes,
|
|
431
|
+
);
|
|
432
|
+
}
|
|
433
|
+
filteredComponents.push(component);
|
|
434
|
+
}
|
|
435
|
+
return filteredComponents;
|
|
436
|
+
}
|
|
437
|
+
|
|
438
|
+
function filterComponentObjectByType(component, allowedTypes) {
|
|
439
|
+
if (!isObjectRecord(component) || !allowedTypes?.size) {
|
|
440
|
+
return component;
|
|
441
|
+
}
|
|
442
|
+
if (component.type && !allowedTypes.has(component.type)) {
|
|
443
|
+
return undefined;
|
|
444
|
+
}
|
|
445
|
+
if (Array.isArray(component.components)) {
|
|
446
|
+
component.components = filterComponentArrayByType(
|
|
447
|
+
component.components,
|
|
448
|
+
allowedTypes,
|
|
449
|
+
);
|
|
450
|
+
}
|
|
451
|
+
return component;
|
|
452
|
+
}
|
|
453
|
+
|
|
454
|
+
function filterComponentArrayProperty(subject, propertyName, allowedTypes) {
|
|
455
|
+
if (!isObjectRecord(subject) || !Object.hasOwn(subject, propertyName)) {
|
|
456
|
+
return;
|
|
457
|
+
}
|
|
458
|
+
const filteredComponents = filterComponentArrayByType(
|
|
459
|
+
subject[propertyName],
|
|
460
|
+
allowedTypes,
|
|
461
|
+
);
|
|
462
|
+
if (filteredComponents === undefined) {
|
|
463
|
+
delete subject[propertyName];
|
|
464
|
+
return;
|
|
465
|
+
}
|
|
466
|
+
subject[propertyName] = filteredComponents;
|
|
467
|
+
}
|
|
468
|
+
|
|
469
|
+
function filterComponentObjectProperty(subject, propertyName, allowedTypes) {
|
|
470
|
+
if (!isObjectRecord(subject) || !Object.hasOwn(subject, propertyName)) {
|
|
471
|
+
return;
|
|
472
|
+
}
|
|
473
|
+
const filteredComponent = filterComponentObjectByType(
|
|
474
|
+
subject[propertyName],
|
|
475
|
+
allowedTypes,
|
|
476
|
+
);
|
|
477
|
+
if (filteredComponent === undefined) {
|
|
478
|
+
delete subject[propertyName];
|
|
479
|
+
return;
|
|
480
|
+
}
|
|
481
|
+
subject[propertyName] = filteredComponent;
|
|
482
|
+
}
|
|
483
|
+
|
|
484
|
+
function filterTypedComponentCollections(
|
|
485
|
+
subject,
|
|
486
|
+
allowedTypes,
|
|
487
|
+
{ includeMetadata = true } = {},
|
|
488
|
+
) {
|
|
489
|
+
if (!isObjectRecord(subject) || !allowedTypes?.size) {
|
|
490
|
+
return subject;
|
|
491
|
+
}
|
|
492
|
+
filterComponentArrayProperty(subject, "components", allowedTypes);
|
|
493
|
+
if (includeMetadata && isObjectRecord(subject.metadata)) {
|
|
494
|
+
filterComponentObjectProperty(subject.metadata, "component", allowedTypes);
|
|
495
|
+
if (isObjectRecord(subject.metadata.tools)) {
|
|
496
|
+
filterComponentArrayProperty(
|
|
497
|
+
subject.metadata.tools,
|
|
498
|
+
"components",
|
|
499
|
+
allowedTypes,
|
|
500
|
+
);
|
|
501
|
+
} else if (Array.isArray(subject.metadata.tools)) {
|
|
502
|
+
subject.metadata.tools = filterComponentArrayByType(
|
|
503
|
+
subject.metadata.tools,
|
|
504
|
+
allowedTypes,
|
|
505
|
+
);
|
|
506
|
+
}
|
|
507
|
+
}
|
|
508
|
+
if (Array.isArray(subject.formulation)) {
|
|
509
|
+
for (const formula of subject.formulation) {
|
|
510
|
+
filterTypedComponentCollections(formula, allowedTypes, {
|
|
511
|
+
includeMetadata,
|
|
512
|
+
});
|
|
513
|
+
}
|
|
514
|
+
}
|
|
515
|
+
if (isObjectRecord(subject.definitions)) {
|
|
516
|
+
filterComponentArrayProperty(
|
|
517
|
+
subject.definitions,
|
|
518
|
+
"components",
|
|
519
|
+
allowedTypes,
|
|
520
|
+
);
|
|
521
|
+
}
|
|
522
|
+
if (Array.isArray(subject.vulnerabilities)) {
|
|
523
|
+
for (const vulnerability of subject.vulnerabilities) {
|
|
524
|
+
if (isObjectRecord(vulnerability?.tools)) {
|
|
525
|
+
filterComponentArrayProperty(
|
|
526
|
+
vulnerability.tools,
|
|
527
|
+
"components",
|
|
528
|
+
allowedTypes,
|
|
529
|
+
);
|
|
530
|
+
}
|
|
531
|
+
}
|
|
532
|
+
}
|
|
533
|
+
return subject;
|
|
534
|
+
}
|
|
535
|
+
|
|
536
|
+
function collectRetainedBomRefs(subject, retainedRefs = new Set()) {
|
|
537
|
+
if (!subject || typeof subject !== "object") {
|
|
538
|
+
return retainedRefs;
|
|
539
|
+
}
|
|
540
|
+
if (Array.isArray(subject)) {
|
|
541
|
+
subject.forEach((entry) => {
|
|
542
|
+
collectRetainedBomRefs(entry, retainedRefs);
|
|
543
|
+
});
|
|
544
|
+
return retainedRefs;
|
|
545
|
+
}
|
|
546
|
+
if (subject["bom-ref"]) {
|
|
547
|
+
retainedRefs.add(subject["bom-ref"]);
|
|
548
|
+
}
|
|
549
|
+
for (const value of Object.values(subject)) {
|
|
550
|
+
collectRetainedBomRefs(value, retainedRefs);
|
|
551
|
+
}
|
|
552
|
+
return retainedRefs;
|
|
553
|
+
}
|
|
554
|
+
|
|
555
|
+
function pruneDependenciesToRetainedRefs(bomJson) {
|
|
556
|
+
if (!Array.isArray(bomJson?.dependencies)) {
|
|
557
|
+
return;
|
|
558
|
+
}
|
|
559
|
+
const retainedRefs = collectRetainedBomRefs({
|
|
560
|
+
components: bomJson.components,
|
|
561
|
+
metadata: bomJson.metadata,
|
|
562
|
+
services: bomJson.services,
|
|
563
|
+
});
|
|
564
|
+
bomJson.dependencies = bomJson.dependencies
|
|
565
|
+
.filter((dependency) => retainedRefs.has(dependency.ref))
|
|
566
|
+
.map((dependency) => {
|
|
567
|
+
const prunedDependency = {
|
|
568
|
+
ref: dependency.ref,
|
|
569
|
+
dependsOn: (dependency.dependsOn || []).filter((ref) =>
|
|
570
|
+
retainedRefs.has(ref),
|
|
571
|
+
),
|
|
572
|
+
};
|
|
573
|
+
if (dependency.provides?.length) {
|
|
574
|
+
prunedDependency.provides = dependency.provides.filter((ref) =>
|
|
575
|
+
retainedRefs.has(ref),
|
|
576
|
+
);
|
|
577
|
+
}
|
|
578
|
+
return prunedDependency;
|
|
579
|
+
});
|
|
580
|
+
}
|
|
581
|
+
|
|
582
|
+
function applyComponentTypeFilter(bomJson, options) {
|
|
583
|
+
const componentTypes = normalizeCycloneDxComponentTypeFilter(
|
|
584
|
+
options?.componentType,
|
|
585
|
+
);
|
|
586
|
+
if (!componentTypes.length) {
|
|
587
|
+
return bomJson;
|
|
588
|
+
}
|
|
589
|
+
filterTypedComponentCollections(bomJson, new Set(componentTypes), {
|
|
590
|
+
includeMetadata: false,
|
|
591
|
+
});
|
|
592
|
+
pruneDependenciesToRetainedRefs(bomJson);
|
|
593
|
+
return bomJson;
|
|
594
|
+
}
|
|
595
|
+
|
|
596
|
+
function filterUnsupportedComponentTypesForSpecVersion(bomJson, specVersion) {
|
|
597
|
+
const supportedTypes = new Set(
|
|
598
|
+
getSupportedCycloneDxComponentTypes(specVersion),
|
|
599
|
+
);
|
|
600
|
+
filterTypedComponentCollections(bomJson, supportedTypes);
|
|
601
|
+
pruneDependenciesToRetainedRefs(bomJson);
|
|
602
|
+
return bomJson;
|
|
603
|
+
}
|
|
604
|
+
|
|
405
605
|
function authorStringToAuthors(authorValue) {
|
|
406
606
|
if (typeof authorValue !== "string") {
|
|
407
607
|
return undefined;
|
|
@@ -605,6 +805,9 @@ function downgradeSubjectForSpecVersion(subject, specVersion, parentKey) {
|
|
|
605
805
|
if (parentKey === "service" || parentKey === "services") {
|
|
606
806
|
normalizeServiceForSpecVersion(subject, specVersion);
|
|
607
807
|
}
|
|
808
|
+
if (parentKey === "dependencies") {
|
|
809
|
+
normalizeDependencyForSpecVersion(subject, specVersion);
|
|
810
|
+
}
|
|
608
811
|
if (specVersion < 1.6) {
|
|
609
812
|
if (subject.cryptoProperties) {
|
|
610
813
|
delete subject.cryptoProperties;
|
|
@@ -669,6 +872,7 @@ function applySpecVersionCompatibility(bomJson, options) {
|
|
|
669
872
|
return bomJson;
|
|
670
873
|
}
|
|
671
874
|
const specVersion = normalizeCycloneDxSpecVersion(normalizedSpecVersion);
|
|
875
|
+
filterUnsupportedComponentTypesForSpecVersion(bomJson, specVersion);
|
|
672
876
|
if (specVersion < 1.7) {
|
|
673
877
|
downgradeSubjectForSpecVersion(bomJson, specVersion);
|
|
674
878
|
} else if (isCycloneDx20SpecVersion(specVersion)) {
|
|
@@ -706,6 +910,7 @@ export function postProcess(bomNSData, options, filePath) {
|
|
|
706
910
|
bomNSData.formulationList,
|
|
707
911
|
);
|
|
708
912
|
bomNSData.bomJson = applyReleaseNotes(bomNSData.bomJson, options, filePath);
|
|
913
|
+
bomNSData.bomJson = applyComponentTypeFilter(bomNSData.bomJson, options);
|
|
709
914
|
bomNSData.bomJson = applySpecVersionCompatibility(bomNSData.bomJson, options);
|
|
710
915
|
bomNSData.bomJson = validateTlpClassification(bomNSData.bomJson, options);
|
|
711
916
|
// Support for automatic annotations
|
|
@@ -1024,11 +1229,21 @@ export function filterBom(bomJson, options) {
|
|
|
1024
1229
|
if (!bomJson?.components) {
|
|
1025
1230
|
return bomJson;
|
|
1026
1231
|
}
|
|
1232
|
+
const allowedComponentTypes = new Set(
|
|
1233
|
+
normalizeCycloneDxComponentTypeFilter(options?.componentType),
|
|
1234
|
+
);
|
|
1027
1235
|
for (const comp of bomJson.components) {
|
|
1028
1236
|
if (shouldExcludeInventoryType(comp, options)) {
|
|
1029
1237
|
filtered = true;
|
|
1030
1238
|
continue;
|
|
1031
1239
|
}
|
|
1240
|
+
if (
|
|
1241
|
+
allowedComponentTypes.size &&
|
|
1242
|
+
(!comp.type || !allowedComponentTypes.has(comp.type))
|
|
1243
|
+
) {
|
|
1244
|
+
filtered = true;
|
|
1245
|
+
continue;
|
|
1246
|
+
}
|
|
1032
1247
|
// minimum confidence filter
|
|
1033
1248
|
if (options?.minConfidence > 0) {
|
|
1034
1249
|
const confidence = Math.min(options.minConfidence, 1);
|
|
@@ -152,6 +152,45 @@ it("exclude-type mcp removes inventory artifacts but retains MCP SDK packages",
|
|
|
152
152
|
]);
|
|
153
153
|
});
|
|
154
154
|
|
|
155
|
+
it("filterBom keeps only requested component types and prunes dependencies", () => {
|
|
156
|
+
const bomJson = {
|
|
157
|
+
components: [
|
|
158
|
+
{ "bom-ref": "app", name: "demo-app", type: "application" },
|
|
159
|
+
{ "bom-ref": "lib", name: "demo-lib", type: "library" },
|
|
160
|
+
{
|
|
161
|
+
"bom-ref": "crypto",
|
|
162
|
+
name: "demo-key",
|
|
163
|
+
type: "cryptographic-asset",
|
|
164
|
+
},
|
|
165
|
+
{ "bom-ref": "framework", name: "demo-fw", type: "framework" },
|
|
166
|
+
],
|
|
167
|
+
dependencies: [
|
|
168
|
+
{ ref: "app", dependsOn: ["lib", "crypto", "framework"] },
|
|
169
|
+
{ ref: "lib", dependsOn: ["crypto"] },
|
|
170
|
+
{ ref: "framework", dependsOn: ["lib"] },
|
|
171
|
+
],
|
|
172
|
+
metadata: { component: { "bom-ref": "root", type: "application" } },
|
|
173
|
+
};
|
|
174
|
+
|
|
175
|
+
const filteredBom = filterBom(bomJson, {
|
|
176
|
+
autoCompositions: true,
|
|
177
|
+
componentType: ["library", "framework"],
|
|
178
|
+
specVersion: 1.7,
|
|
179
|
+
});
|
|
180
|
+
|
|
181
|
+
assert.deepStrictEqual(
|
|
182
|
+
filteredBom.components.map((component) => component["bom-ref"]),
|
|
183
|
+
["framework", "lib"],
|
|
184
|
+
);
|
|
185
|
+
assert.deepStrictEqual(filteredBom.dependencies, [
|
|
186
|
+
{ ref: "lib", dependsOn: [] },
|
|
187
|
+
{ ref: "framework", dependsOn: ["lib"] },
|
|
188
|
+
]);
|
|
189
|
+
assert.deepStrictEqual(filteredBom.compositions, [
|
|
190
|
+
{ "bom-ref": "root", aggregate: "incomplete" },
|
|
191
|
+
]);
|
|
192
|
+
});
|
|
193
|
+
|
|
155
194
|
it("postProcess adds formulation exactly once when includeFormulation is true", () => {
|
|
156
195
|
const bomNSData = {
|
|
157
196
|
bomJson: {
|
|
@@ -428,7 +467,6 @@ it("postProcess downgrades certificate crypto properties for spec version 1.6",
|
|
|
428
467
|
},
|
|
429
468
|
},
|
|
430
469
|
],
|
|
431
|
-
dependencies: [],
|
|
432
470
|
formulation: [
|
|
433
471
|
{
|
|
434
472
|
components: [
|
|
@@ -477,6 +515,175 @@ it("postProcess downgrades certificate crypto properties for spec version 1.6",
|
|
|
477
515
|
});
|
|
478
516
|
});
|
|
479
517
|
|
|
518
|
+
it("postProcess removes component types unsupported by the target spec version", () => {
|
|
519
|
+
const bomNSData = {
|
|
520
|
+
bomJson: {
|
|
521
|
+
bomFormat: "CycloneDX",
|
|
522
|
+
specVersion: "1.5",
|
|
523
|
+
components: [
|
|
524
|
+
{
|
|
525
|
+
"bom-ref": "crypto-key",
|
|
526
|
+
type: "cryptographic-asset",
|
|
527
|
+
name: "demo-key",
|
|
528
|
+
cryptoProperties: {
|
|
529
|
+
assetType: "related-crypto-material",
|
|
530
|
+
},
|
|
531
|
+
},
|
|
532
|
+
{ "bom-ref": "repo", type: "data", name: "apk repository" },
|
|
533
|
+
],
|
|
534
|
+
dependencies: [
|
|
535
|
+
{ ref: "repo", dependsOn: ["crypto-key"] },
|
|
536
|
+
{ ref: "crypto-key", dependsOn: [] },
|
|
537
|
+
],
|
|
538
|
+
formulation: [
|
|
539
|
+
{
|
|
540
|
+
components: [
|
|
541
|
+
{
|
|
542
|
+
"bom-ref": "formulation-crypto",
|
|
543
|
+
type: "cryptographic-asset",
|
|
544
|
+
name: "formulation-key",
|
|
545
|
+
},
|
|
546
|
+
{
|
|
547
|
+
"bom-ref": "formulation-lib",
|
|
548
|
+
type: "library",
|
|
549
|
+
name: "formulation-lib",
|
|
550
|
+
},
|
|
551
|
+
],
|
|
552
|
+
},
|
|
553
|
+
],
|
|
554
|
+
metadata: {
|
|
555
|
+
properties: [],
|
|
556
|
+
tools: {
|
|
557
|
+
components: [
|
|
558
|
+
{ group: "@cyclonedx", name: "cdxgen", type: "application" },
|
|
559
|
+
],
|
|
560
|
+
},
|
|
561
|
+
},
|
|
562
|
+
},
|
|
563
|
+
};
|
|
564
|
+
|
|
565
|
+
const result = postProcess(bomNSData, { specVersion: 1.5 });
|
|
566
|
+
|
|
567
|
+
assert.deepStrictEqual(
|
|
568
|
+
result.bomJson.components.map((component) => component["bom-ref"]),
|
|
569
|
+
["repo"],
|
|
570
|
+
);
|
|
571
|
+
assert.deepStrictEqual(result.bomJson.dependencies, [
|
|
572
|
+
{ ref: "repo", dependsOn: [] },
|
|
573
|
+
]);
|
|
574
|
+
assert.deepStrictEqual(
|
|
575
|
+
result.bomJson.formulation[0].components.map(
|
|
576
|
+
(component) => component["bom-ref"],
|
|
577
|
+
),
|
|
578
|
+
["formulation-lib"],
|
|
579
|
+
);
|
|
580
|
+
});
|
|
581
|
+
|
|
582
|
+
it("postProcess does not add undefined definitions component collections while downgrading", () => {
|
|
583
|
+
const bomNSData = {
|
|
584
|
+
bomJson: {
|
|
585
|
+
bomFormat: "CycloneDX",
|
|
586
|
+
specVersion: "1.6",
|
|
587
|
+
components: [
|
|
588
|
+
{ "bom-ref": "demo-lib", type: "library", name: "demo-lib" },
|
|
589
|
+
],
|
|
590
|
+
definitions: {
|
|
591
|
+
standards: [
|
|
592
|
+
{
|
|
593
|
+
"bom-ref": "standard-demo",
|
|
594
|
+
name: "Demo Standard",
|
|
595
|
+
version: "1.0",
|
|
596
|
+
},
|
|
597
|
+
],
|
|
598
|
+
},
|
|
599
|
+
dependencies: [],
|
|
600
|
+
metadata: {
|
|
601
|
+
properties: [],
|
|
602
|
+
tools: {
|
|
603
|
+
components: [
|
|
604
|
+
{ group: "@cyclonedx", name: "cdxgen", type: "application" },
|
|
605
|
+
],
|
|
606
|
+
},
|
|
607
|
+
},
|
|
608
|
+
},
|
|
609
|
+
};
|
|
610
|
+
|
|
611
|
+
const result = postProcess(bomNSData, { specVersion: 1.6 });
|
|
612
|
+
|
|
613
|
+
assert.strictEqual(
|
|
614
|
+
Object.hasOwn(result.bomJson.definitions, "components"),
|
|
615
|
+
false,
|
|
616
|
+
);
|
|
617
|
+
assert.deepStrictEqual(result.bomJson.definitions.standards, [
|
|
618
|
+
{
|
|
619
|
+
"bom-ref": "standard-demo",
|
|
620
|
+
name: "Demo Standard",
|
|
621
|
+
version: "1.0",
|
|
622
|
+
},
|
|
623
|
+
]);
|
|
624
|
+
});
|
|
625
|
+
|
|
626
|
+
it("postProcess applies component-type filters after formulation is added", () => {
|
|
627
|
+
const bomNSData = {
|
|
628
|
+
bomJson: {
|
|
629
|
+
bomFormat: "CycloneDX",
|
|
630
|
+
specVersion: "1.7",
|
|
631
|
+
components: [
|
|
632
|
+
{
|
|
633
|
+
"bom-ref": "pkg:generic/demo-lib@1.0.0",
|
|
634
|
+
name: "demo-lib",
|
|
635
|
+
type: "library",
|
|
636
|
+
},
|
|
637
|
+
{
|
|
638
|
+
"bom-ref": "crypto/demo",
|
|
639
|
+
name: "demo-crypto",
|
|
640
|
+
type: "cryptographic-asset",
|
|
641
|
+
},
|
|
642
|
+
],
|
|
643
|
+
dependencies: [
|
|
644
|
+
{
|
|
645
|
+
ref: "pkg:generic/demo-lib@1.0.0",
|
|
646
|
+
dependsOn: ["crypto/demo"],
|
|
647
|
+
},
|
|
648
|
+
],
|
|
649
|
+
metadata: {
|
|
650
|
+
properties: [],
|
|
651
|
+
tools: {
|
|
652
|
+
components: [
|
|
653
|
+
{ group: "@cyclonedx", name: "cdxgen", type: "application" },
|
|
654
|
+
],
|
|
655
|
+
},
|
|
656
|
+
},
|
|
657
|
+
},
|
|
658
|
+
formulationList: [
|
|
659
|
+
{ type: "library", name: "formulation-lib", version: "1.0.0" },
|
|
660
|
+
{ type: "cryptographic-asset", name: "formulation-crypto" },
|
|
661
|
+
],
|
|
662
|
+
};
|
|
663
|
+
|
|
664
|
+
const result = postProcess(bomNSData, {
|
|
665
|
+
autoCompositions: true,
|
|
666
|
+
componentType: ["library"],
|
|
667
|
+
includeFormulation: true,
|
|
668
|
+
specVersion: 1.7,
|
|
669
|
+
});
|
|
670
|
+
|
|
671
|
+
assert.deepStrictEqual(
|
|
672
|
+
result.bomJson.components.map((component) => component.type),
|
|
673
|
+
["library"],
|
|
674
|
+
);
|
|
675
|
+
assert.ok(
|
|
676
|
+
result.bomJson.formulation.every((formula) =>
|
|
677
|
+
(formula.components || []).every(
|
|
678
|
+
(component) => component.type === "library",
|
|
679
|
+
),
|
|
680
|
+
),
|
|
681
|
+
);
|
|
682
|
+
assert.deepStrictEqual(result.bomJson.dependencies, [
|
|
683
|
+
{ ref: "pkg:generic/demo-lib@1.0.0", dependsOn: [] },
|
|
684
|
+
]);
|
|
685
|
+
});
|
|
686
|
+
|
|
480
687
|
it("postProcess removes remaining 1.7-only fields from metadata, components, and formulation inventories for spec version 1.6", () => {
|
|
481
688
|
const bomNSData = {
|
|
482
689
|
bomJson: {
|
|
@@ -484,6 +691,7 @@ it("postProcess removes remaining 1.7-only fields from metadata, components, and
|
|
|
484
691
|
specVersion: "1.6",
|
|
485
692
|
components: [
|
|
486
693
|
{
|
|
694
|
+
"bom-ref": "demo-lib",
|
|
487
695
|
type: "library",
|
|
488
696
|
name: "demo-lib",
|
|
489
697
|
version: "1.0.0",
|
|
@@ -492,7 +700,6 @@ it("postProcess removes remaining 1.7-only fields from metadata, components, and
|
|
|
492
700
|
versionRange: "vers:npm/>=1.0.0|<2.0.0",
|
|
493
701
|
},
|
|
494
702
|
],
|
|
495
|
-
dependencies: [],
|
|
496
703
|
formulation: [
|
|
497
704
|
{
|
|
498
705
|
components: [
|
|
@@ -564,6 +771,7 @@ it("postProcess removes remaining 1.6-only fields from metadata, components, and
|
|
|
564
771
|
specVersion: "1.5",
|
|
565
772
|
components: [
|
|
566
773
|
{
|
|
774
|
+
"bom-ref": "demo-lib",
|
|
567
775
|
type: "library",
|
|
568
776
|
name: "demo-lib",
|
|
569
777
|
version: "1.0.0",
|
|
@@ -574,7 +782,6 @@ it("postProcess removes remaining 1.6-only fields from metadata, components, and
|
|
|
574
782
|
tags: ["demo"],
|
|
575
783
|
},
|
|
576
784
|
],
|
|
577
|
-
dependencies: [],
|
|
578
785
|
formulation: [
|
|
579
786
|
{
|
|
580
787
|
components: [
|
|
@@ -615,6 +822,13 @@ it("postProcess removes remaining 1.6-only fields from metadata, components, and
|
|
|
615
822
|
tags: ["runtime"],
|
|
616
823
|
},
|
|
617
824
|
],
|
|
825
|
+
dependencies: [
|
|
826
|
+
{
|
|
827
|
+
ref: "demo-lib",
|
|
828
|
+
dependsOn: [],
|
|
829
|
+
provides: ["demo-service"],
|
|
830
|
+
},
|
|
831
|
+
],
|
|
618
832
|
},
|
|
619
833
|
};
|
|
620
834
|
|
|
@@ -641,6 +855,7 @@ it("postProcess removes remaining 1.6-only fields from metadata, components, and
|
|
|
641
855
|
assert.strictEqual(metadataComponent.authors, undefined);
|
|
642
856
|
assert.strictEqual(metadataComponent.manufacturer, undefined);
|
|
643
857
|
assert.strictEqual(metadataComponent.tags, undefined);
|
|
858
|
+
assert.strictEqual(result.bomJson.dependencies[0].provides, undefined);
|
|
644
859
|
});
|
|
645
860
|
|
|
646
861
|
it("postProcess removes unsupported evidence occurrence details for spec version 1.5", () => {
|
|
@@ -33,6 +33,12 @@ const SPDX_EXPORT_TYPES = new Set([
|
|
|
33
33
|
"software_File",
|
|
34
34
|
"software_Package",
|
|
35
35
|
]);
|
|
36
|
+
const NPM_NATIVE_ADDON_EVIDENCE_PROPERTIES = new Set([
|
|
37
|
+
"cdx:npm:native_addon",
|
|
38
|
+
"cdx:npm:has_binary",
|
|
39
|
+
"cdx:npm:os",
|
|
40
|
+
"cdx:npm:cpu",
|
|
41
|
+
]);
|
|
36
42
|
let spdxExportSchemaValidator;
|
|
37
43
|
const cycloneDxSchemaValidators = new Map();
|
|
38
44
|
|
|
@@ -720,9 +726,12 @@ export function validateProps(bomJson) {
|
|
|
720
726
|
);
|
|
721
727
|
const suspicious = npmPkgs.filter(
|
|
722
728
|
(c) =>
|
|
729
|
+
c.scope !== "optional" &&
|
|
723
730
|
(c.name.includes("native") || c.name.includes("bindings")) &&
|
|
724
731
|
!nativeByName.has(c.name) &&
|
|
725
|
-
!c.properties?.some((p) =>
|
|
732
|
+
!c.properties?.some((p) =>
|
|
733
|
+
NPM_NATIVE_ADDON_EVIDENCE_PROPERTIES.has(p.name),
|
|
734
|
+
),
|
|
726
735
|
);
|
|
727
736
|
if (suspicious.length > 0 && DEBUG_MODE) {
|
|
728
737
|
warningsList.push(
|
|
@@ -792,7 +801,7 @@ export function validateProps(bomJson) {
|
|
|
792
801
|
}
|
|
793
802
|
}
|
|
794
803
|
}
|
|
795
|
-
if (npmComponentsWithoutTarball > 0 && npmComponentsWithTarball
|
|
804
|
+
if (npmComponentsWithoutTarball > 0 && npmComponentsWithTarball > 0) {
|
|
796
805
|
warningsList.push(
|
|
797
806
|
`Found ${npmComponentsWithoutTarball} pkg:npm components without externalReferences.distribution. Please file a bug, if your package-lock.json or pnpm-lock.yaml includes the tarball url.`,
|
|
798
807
|
);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cyclonedx/cdxgen",
|
|
3
|
-
"version": "12.4.
|
|
3
|
+
"version": "12.4.4",
|
|
4
4
|
"description": "Creates CycloneDX Software Bill of Materials (SBOM) from source or container image",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"sbom",
|
|
@@ -116,7 +116,7 @@
|
|
|
116
116
|
"@npmcli/package-json": "7.0.5",
|
|
117
117
|
"ajv": "8.20.0",
|
|
118
118
|
"ajv-formats": "3.0.1",
|
|
119
|
-
"bin-links": "6.0.
|
|
119
|
+
"bin-links": "6.0.2",
|
|
120
120
|
"cheerio": "1.2.0",
|
|
121
121
|
"common-ancestor-path": "1.0.1",
|
|
122
122
|
"edn-data": "1.1.2",
|
|
@@ -132,27 +132,27 @@
|
|
|
132
132
|
"proc-log": "6.1.0",
|
|
133
133
|
"properties-reader": "3.0.1",
|
|
134
134
|
"read-package-json-fast": "5.0.0",
|
|
135
|
-
"semver": "7.8.
|
|
135
|
+
"semver": "7.8.1",
|
|
136
136
|
"ssri": "13.0.1",
|
|
137
137
|
"tar": "7.5.15",
|
|
138
138
|
"treeverse": "3.0.0",
|
|
139
139
|
"uuid": "14.0.0",
|
|
140
140
|
"walk-up-path": "4.0.0",
|
|
141
141
|
"xml-js": "1.6.11",
|
|
142
|
-
"yaml": "2.
|
|
142
|
+
"yaml": "2.9.0",
|
|
143
143
|
"yargs": "18.0.0",
|
|
144
144
|
"yoctocolors": "2.1.2"
|
|
145
145
|
},
|
|
146
146
|
"devDependencies": {
|
|
147
147
|
"@biomejs/biome": "2.4.15",
|
|
148
148
|
"esmock": "2.7.5",
|
|
149
|
-
"poku": "4.3.
|
|
149
|
+
"poku": "4.3.1",
|
|
150
150
|
"sinon": "22.0.0",
|
|
151
151
|
"typescript": "6.0.3"
|
|
152
152
|
},
|
|
153
153
|
"optionalDependencies": {
|
|
154
|
-
"@appthreat/atom": "2.5.
|
|
155
|
-
"@appthreat/atom-parsetools": "1.1.
|
|
154
|
+
"@appthreat/atom": "2.5.4",
|
|
155
|
+
"@appthreat/atom-parsetools": "1.1.5",
|
|
156
156
|
"@appthreat/cdx-proto": "2.0.1",
|
|
157
157
|
"@bufbuild/protobuf": "2.12.0",
|
|
158
158
|
"@cdxgen/cdx-hbom": "0.5.0",
|
|
@@ -170,7 +170,7 @@
|
|
|
170
170
|
"body-parser": "2.2.2",
|
|
171
171
|
"compression": "1.8.1",
|
|
172
172
|
"connect": "3.7.0",
|
|
173
|
-
"jsonata": "2.1
|
|
173
|
+
"jsonata": "2.2.1"
|
|
174
174
|
},
|
|
175
175
|
"engines": {
|
|
176
176
|
"node": "^20 || ^22 || ^24 || ^25",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/audit/index.js"],"names":[],"mappings":"AAmGA;;;;;GAKG;AACH,qCAHW,MAAM,GACJ,MAAM,CAclB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,GACJ,MAAM,EAAE,CAoBpB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,GACJ;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,EAAE,CA0BjD;AA6CD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8DC;AA4bD;;;;;;;;GAQG;AACH,mDAHW,MAAM,GACJ,MAAM,EAAE,CAqdpB;AAkJD;;;;;;GAMG;AACH,uDAJW,MAAM,UACN,MAAM,GACJ;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CA0CnD;AAED;;;;;;;GAOG;AACH,uDALW,MAAM,UACN,MAAM,cACN,MAAM,GACJ;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAuBnD;AAoED;;;;;;;;;GASG;AACH,4DAJW,MAAM,UACN,MAAM,GACJ,MAAM,EAAE,CAkEpB;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/audit/index.js"],"names":[],"mappings":"AAmGA;;;;;GAKG;AACH,qCAHW,MAAM,GACJ,MAAM,CAclB;AAED;;;;;GAKG;AACH,qCAHW,MAAM,GACJ,MAAM,EAAE,CAoBpB;AAED;;;;;GAKG;AACH,uCAHW,MAAM,GACJ;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,EAAE,CA0BjD;AA6CD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8DC;AA4bD;;;;;;;;GAQG;AACH,mDAHW,MAAM,GACJ,MAAM,EAAE,CAqdpB;AAkJD;;;;;;GAMG;AACH,uDAJW,MAAM,UACN,MAAM,GACJ;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CA0CnD;AAED;;;;;;;GAOG;AACH,uDALW,MAAM,UACN,MAAM,cACN,MAAM,GACJ;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAuBnD;AAoED;;;;;;;;;GASG;AACH,4DAJW,MAAM,UACN,MAAM,GACJ,MAAM,EAAE,CAkEpB;AA4JD;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAuP3B;AAoVD,uDA8CC;AAoBD;;;;;;GAMG;AACH,4CAJW;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,EAAE,WACrC,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA4I3B;AAED;;;;;GAKG;AACH,kCAHW,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAqB3B;AAED;;;;;;GAMG;AACH,4CAJW,MAAM,WACN,MAAM,GACJ;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAmChD;AAED;;;;;GAKG;AACH,2CAHW,MAAM,GACJ,MAAM,GAAG,SAAS,CAU9B;AA7/ED,gDAKE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/cli/index.js"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../lib/cli/index.js"],"names":[],"mappings":"AAu+BA;;;;;;;;;GASG;AACH,wCANW,MAAM,cACN,MAAM,OACN,MAAM,UACN,MAAM,GACJ,MAAM,EAAE,CAcpB;AA8bD;;;;;;;GAOG;AACH,mCALW,MAAM,WACN,MAAM,GAEJ,MAAM,CA8ElB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,MAAM,GAAC,SAAS,CAI5B;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,MAAM,GAAC,SAAS,CAwB5B;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA8zC3B;AAsKD,0EA2hCC;AAgFD;;;;;;;;;;;GAWG;AACH,qDAHW,MAAM,GACJ,MAAM,GAAG,IAAI,CAwEzB;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAylB3B;AAED;;;;;;GAMG;AACH,kCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAoavC;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAC,SAAS,CAAC,CAmJrC;AA2FD;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAiE3B;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CAmPlB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA+GlB;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA0BlB;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA0BlB;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CAyBlB;AAED;;;;;;GAMG;AACH,0CAJW,MAAM,WACN,MAAM,GACJ,MAAM,CAsBlB;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAmE3B;AAED;;;;;;GAMG;AACH,uCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA2C3B;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA0BlB;AAED;;;;;;GAMG;AACH,qCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA0I3B;AAED;;;;;;GAMG;AACH,qCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAgKvC;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAoH3B;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA6C3B;AAED;;;;;;GAMG;AACH,iDAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAkU3B;AAED;;;;;;GAMG;AACH,mCAJW,MAAM,WACN,MAAM,GACJ,MAAM,CA8JlB;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA0P3B;AAED;;;;;;GAMG;AACH,sCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAC,SAAS,CAAC,CA8brC;AAED;;;;;;;;;GASG;AACH,+CAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA+F3B;AAED;;;;;;GAMG;AACH,oCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAyL3B;AAED;;;;;;GAMG;AACH,+CAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAoD3B;AA2FD;;;;;;GAMG;AACH,2CAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA+E3B;AAED;;;;;;;;;GASG;AACH,mCAPW,MAAM,sCAEN,MAAM,wBAGJ,MAAM,CA4ClB;AAED;;;;;;GAMG;AACH,0CAJW,MAAM,EAAE,WACR,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA89B3B;AAED;;;;;;GAMG;AACH,iCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,GAAC,SAAS,CAAC,CAmXrC;AAED;;;;;;GAMG;AACH,kCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CAsB3B;AAED;;;;;;GAMG;AACH,gCAJW,MAAM,WACN,MAAM,GACJ,OAAO,CAAC,MAAM,CAAC,CA8T3B;AAED;;;;;;;GAOG;AACH,gCALW,MAAM,eACN,MAAM,GACL,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAAC,CA+HjD"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../../lib/helpers/analyzer.js"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../../lib/helpers/analyzer.js"],"names":[],"mappings":"AA6nEA;;;;;EAyJC;AAwFD;;;;;;EAmOC;AAyRD;;;EAyaC;AAj+CD,gEAQE;AA4JF,gDAQE;AA6TK;;;GA2DN;AASM,kDAHI,MAAM,GACJ;IAAC,mBAAmB,EAAE,MAAM,EAAE,CAAC;IAAC,UAAU,EAAE,MAAM,EAAE,CAAC;IAAC,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAAC,qBAAqB,EAAE,MAAM,EAAE,CAAA;CAAC,CAe/H;AAuOM;;;;;;EAcN;AAorBM;;;EAQN;AAEM;;;GA+BN;AAWM,iDANI,MAAM,SACN,OAAO,GACL;IAAC,YAAY,EAAE,MAAM,EAAE,CAAC;IAAC,UAAU,EAAE;YAAO,MAAM,GAAE,MAAM,EAAE;KAAC,CAAA;CAAC,CAiK1E;AA68BM,8CAJI,MAAM,SACN,OAAO,GACL;IAAC,UAAU,EAAE,MAAM,EAAE,CAAC;IAAC,YAAY,EAAE,MAAM,EAAE,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAC,CAsI9E;AASM,wCAJI,MAAM,SACN,OAAO,GACL;IAAC,UAAU,EAAE,MAAM,EAAE,CAAC;IAAC,YAAY,EAAE,MAAM,EAAE,CAAC;IAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;CAAC,CA+uB9E"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Convert cdxgen's glob-style exclude patterns to a Scala/Java regex string.
|
|
3
|
+
*
|
|
4
|
+
* @param {string[]} patterns Glob patterns from cdxgen's `--exclude` option
|
|
5
|
+
* @returns {string|undefined} Scala-compatible regex or undefined when empty
|
|
6
|
+
*/
|
|
7
|
+
export function globPatternsToAtomIgnoreRegex(patterns?: string[]): string | undefined;
|
|
8
|
+
export function isPathExcludedByGlobPatterns(filePath: any, patterns?: any[]): boolean;
|
|
9
|
+
export function filterAtomSlicesByExcludePatterns(sliceData: any, patterns?: any[]): any;
|
|
10
|
+
/**
|
|
11
|
+
* Build additional environment variables for Atom from cdxgen CLI options.
|
|
12
|
+
*
|
|
13
|
+
* @param {Object} options CLI options
|
|
14
|
+
* @param {string} language Atom language name
|
|
15
|
+
* @returns {Object} Environment variables to pass to Atom
|
|
16
|
+
*/
|
|
17
|
+
export function buildAtomCommandEnv(options?: Object, language?: string): Object;
|
|
18
|
+
//# sourceMappingURL=atomUtils.d.ts.map
|