@cyclonedx/cyclonedx-library 1.0.0-beta.1

package/dist.web/lib.dev.js

@@ -0,0 +1,3487 @@
+(function webpackUniversalModuleDefinition(root, factory) {
+	if(typeof exports === 'object' && typeof module === 'object')
+		module.exports = factory();
+	else if(typeof define === 'function' && define.amd)
+		define([], factory);
+	else if(typeof exports === 'object')
+		exports["CycloneDX_library"] = factory();
+	else
+		root["CycloneDX_library"] = factory();
+})(self, () => {
+return /******/ (() => { // webpackBootstrap
+/******/ 	"use strict";
+/******/ 	var __webpack_modules__ = ({
+
+/***/ "./src/_index.web.ts":
+/*!***************************!*\
+  !*** ./src/_index.web.ts ***!
+  \***************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.Serialize = exports.Spec = exports.Factories = exports.Models = exports.SPDX = exports.Enums = exports.Types = void 0;
+exports.Types = __importStar(__webpack_require__(/*! ./types */ "./src/types/index.ts"));
+exports.Enums = __importStar(__webpack_require__(/*! ./enums */ "./src/enums/index.ts"));
+exports.SPDX = __importStar(__webpack_require__(/*! ./spdx */ "./src/spdx.ts"));
+exports.Models = __importStar(__webpack_require__(/*! ./models */ "./src/models/index.ts"));
+exports.Factories = __importStar(__webpack_require__(/*! ./factories */ "./src/factories/index.ts"));
+exports.Spec = __importStar(__webpack_require__(/*! ./spec */ "./src/spec.ts"));
+exports.Serialize = __importStar(__webpack_require__(/*! ./serialize/_index.web */ "./src/serialize/_index.web.ts"));
+
+
+/***/ }),
+
+/***/ "./src/enums/attachmentEncoding.ts":
+/*!*****************************************!*\
+  !*** ./src/enums/attachmentEncoding.ts ***!
+  \*****************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.AttachmentEncoding = void 0;
+var AttachmentEncoding;
+(function (AttachmentEncoding) {
+    AttachmentEncoding["Base64"] = "base64";
+})(AttachmentEncoding = exports.AttachmentEncoding || (exports.AttachmentEncoding = {}));
+
+
+/***/ }),
+
+/***/ "./src/enums/componentScope.ts":
+/*!*************************************!*\
+  !*** ./src/enums/componentScope.ts ***!
+  \*************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.ComponentScope = void 0;
+var ComponentScope;
+(function (ComponentScope) {
+    ComponentScope["Required"] = "required";
+    ComponentScope["Optional"] = "optional";
+    ComponentScope["Excluded"] = "excluded";
+})(ComponentScope = exports.ComponentScope || (exports.ComponentScope = {}));
+
+
+/***/ }),
+
+/***/ "./src/enums/componentType.ts":
+/*!************************************!*\
+  !*** ./src/enums/componentType.ts ***!
+  \************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.ComponentType = void 0;
+var ComponentType;
+(function (ComponentType) {
+    ComponentType["Application"] = "application";
+    ComponentType["Framework"] = "framework";
+    ComponentType["Library"] = "library";
+    ComponentType["Container"] = "container";
+    ComponentType["OperatingSystem"] = "operating-system";
+    ComponentType["Device"] = "device";
+    ComponentType["Firmware"] = "firmware";
+    ComponentType["File"] = "file";
+})(ComponentType = exports.ComponentType || (exports.ComponentType = {}));
+
+
+/***/ }),
+
+/***/ "./src/enums/externalReferenceType.ts":
+/*!********************************************!*\
+  !*** ./src/enums/externalReferenceType.ts ***!
+  \********************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.ExternalReferenceType = void 0;
+var ExternalReferenceType;
+(function (ExternalReferenceType) {
+    ExternalReferenceType["VCS"] = "vcs";
+    ExternalReferenceType["IssueTracker"] = "issue-tracker";
+    ExternalReferenceType["Website"] = "website";
+    ExternalReferenceType["Advisories"] = "advisories";
+    ExternalReferenceType["BOM"] = "bom";
+    ExternalReferenceType["MailingList"] = "mailing-list";
+    ExternalReferenceType["Social"] = "social";
+    ExternalReferenceType["Chat"] = "chat";
+    ExternalReferenceType["Documentation"] = "documentation";
+    ExternalReferenceType["Support"] = "support";
+    ExternalReferenceType["Distribution"] = "distribution";
+    ExternalReferenceType["License"] = "license";
+    ExternalReferenceType["BuildMeta"] = "build-meta";
+    ExternalReferenceType["BuildSystem"] = "build-system";
+    ExternalReferenceType["ReleaseNotes"] = "release-notes";
+    ExternalReferenceType["Other"] = "other";
+})(ExternalReferenceType = exports.ExternalReferenceType || (exports.ExternalReferenceType = {}));
+
+
+/***/ }),
+
+/***/ "./src/enums/hashAlogorithm.ts":
+/*!*************************************!*\
+  !*** ./src/enums/hashAlogorithm.ts ***!
+  \*************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.HashAlgorithm = void 0;
+var HashAlgorithm;
+(function (HashAlgorithm) {
+    HashAlgorithm["MD5"] = "MD5";
+    HashAlgorithm["SHA-1"] = "SHA-1";
+    HashAlgorithm["SHA-256"] = "SHA-256";
+    HashAlgorithm["SHA-384"] = "SHA-384";
+    HashAlgorithm["SHA-512"] = "SHA-512";
+    HashAlgorithm["SHA3-256"] = "SHA3-256";
+    HashAlgorithm["SHA3-384"] = "SHA3-384";
+    HashAlgorithm["SHA3-512"] = "SHA3-512";
+    HashAlgorithm["BLAKE2b-256"] = "BLAKE2b-256";
+    HashAlgorithm["BLAKE2b-384"] = "BLAKE2b-384";
+    HashAlgorithm["BLAKE2b-512"] = "BLAKE2b-512";
+    HashAlgorithm["BLAKE3"] = "BLAKE3";
+})(HashAlgorithm = exports.HashAlgorithm || (exports.HashAlgorithm = {}));
+
+
+/***/ }),
+
+/***/ "./src/enums/index.ts":
+/*!****************************!*\
+  !*** ./src/enums/index.ts ***!
+  \****************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+__exportStar(__webpack_require__(/*! ./attachmentEncoding */ "./src/enums/attachmentEncoding.ts"), exports);
+__exportStar(__webpack_require__(/*! ./componentScope */ "./src/enums/componentScope.ts"), exports);
+__exportStar(__webpack_require__(/*! ./componentType */ "./src/enums/componentType.ts"), exports);
+__exportStar(__webpack_require__(/*! ./externalReferenceType */ "./src/enums/externalReferenceType.ts"), exports);
+__exportStar(__webpack_require__(/*! ./hashAlogorithm */ "./src/enums/hashAlogorithm.ts"), exports);
+
+
+/***/ }),
+
+/***/ "./src/factories/index.ts":
+/*!********************************!*\
+  !*** ./src/factories/index.ts ***!
+  \********************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+__exportStar(__webpack_require__(/*! ./licenseFactory */ "./src/factories/licenseFactory.ts"), exports);
+
+
+/***/ }),
+
+/***/ "./src/factories/licenseFactory.ts":
+/*!*****************************************!*\
+  !*** ./src/factories/licenseFactory.ts ***!
+  \*****************************************/
+/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.LicenseFactory = void 0;
+const models_1 = __webpack_require__(/*! ../models */ "./src/models/index.ts");
+const spdx_1 = __webpack_require__(/*! ../spdx */ "./src/spdx.ts");
+class LicenseFactory {
+    makeFromString(value) {
+        try {
+            return this.makeExpression(value);
+        }
+        catch (Error) {
+            return this.makeDisjunctive(value);
+        }
+    }
+    makeExpression(value) {
+        return new models_1.LicenseExpression(value);
+    }
+    makeDisjunctive(value) {
+        try {
+            return this.makeDisjunctiveWithId(value);
+        }
+        catch (error) {
+            return this.makeDisjunctiveWithName(value);
+        }
+    }
+    makeDisjunctiveWithId(value) {
+        const spdxId = (0, spdx_1.fixupSpdxId)(String(value));
+        if (undefined === spdxId) {
+            throw new RangeError('Unsupported SPDX id');
+        }
+        return new models_1.SpdxLicense(spdxId);
+    }
+    makeDisjunctiveWithName(value) {
+        return new models_1.NamedLicense(String(value));
+    }
+}
+exports.LicenseFactory = LicenseFactory;
+
+
+/***/ }),
+
+/***/ "./src/helpers/types.ts":
+/*!******************************!*\
+  !*** ./src/helpers/types.ts ***!
+  \******************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.isNotUndefined = void 0;
+function isNotUndefined(value) {
+    return value !== undefined;
+}
+exports.isNotUndefined = isNotUndefined;
+
+
+/***/ }),
+
+/***/ "./src/models/attachment.ts":
+/*!**********************************!*\
+  !*** ./src/models/attachment.ts ***!
+  \**********************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.Attachment = void 0;
+class Attachment {
+    constructor(content, op = {}) {
+        this.contentType = op.contentType;
+        this.content = content;
+        this.encoding = op.encoding;
+    }
+}
+exports.Attachment = Attachment;
+
+
+/***/ }),
+
+/***/ "./src/models/bom.ts":
+/*!***************************!*\
+  !*** ./src/models/bom.ts ***!
+  \***************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _Bom_version, _Bom_serialNumber;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.Bom = void 0;
+const types_1 = __webpack_require__(/*! ../types */ "./src/types/index.ts");
+const metadata_1 = __webpack_require__(/*! ./metadata */ "./src/models/metadata.ts");
+const component_1 = __webpack_require__(/*! ./component */ "./src/models/component.ts");
+class Bom {
+    constructor(op = {}) {
+        _Bom_version.set(this, 1);
+        _Bom_serialNumber.set(this, void 0);
+        this.metadata = op.metadata ?? new metadata_1.Metadata();
+        this.components = op.components ?? new component_1.ComponentRepository();
+        this.version = op.version ?? this.version;
+        this.serialNumber = op.serialNumber;
+    }
+    get version() {
+        return __classPrivateFieldGet(this, _Bom_version, "f");
+    }
+    set version(value) {
+        if (!(0, types_1.isPositiveInteger)(value)) {
+            throw new TypeError('Not PositiveInteger');
+        }
+        __classPrivateFieldSet(this, _Bom_version, value, "f");
+    }
+    get serialNumber() {
+        return __classPrivateFieldGet(this, _Bom_serialNumber, "f");
+    }
+    set serialNumber(value) {
+        if (value !== undefined && !(0, types_1.isUrnUuid)(value)) {
+            throw new TypeError('Not UrnUuid nor undefined');
+        }
+        __classPrivateFieldSet(this, _Bom_serialNumber, value, "f");
+    }
+}
+exports.Bom = Bom;
+_Bom_version = new WeakMap(), _Bom_serialNumber = new WeakMap();
+
+
+/***/ }),
+
+/***/ "./src/models/bomRef.ts":
+/*!******************************!*\
+  !*** ./src/models/bomRef.ts ***!
+  \******************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.BomRefRepository = exports.BomRef = void 0;
+class BomRef {
+    constructor(value) {
+        this.value = value;
+    }
+    compare(other) {
+        return (this.toString()).localeCompare(other.toString());
+    }
+    toString() {
+        return this.value ?? '';
+    }
+}
+exports.BomRef = BomRef;
+class BomRefRepository extends Set {
+}
+exports.BomRefRepository = BomRefRepository;
+
+
+/***/ }),
+
+/***/ "./src/models/component.ts":
+/*!*********************************!*\
+  !*** ./src/models/component.ts ***!
+  \*********************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _Component_bomRef, _Component_cpe;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.ComponentRepository = exports.Component = void 0;
+const types_1 = __webpack_require__(/*! ../types */ "./src/types/index.ts");
+const bomRef_1 = __webpack_require__(/*! ./bomRef */ "./src/models/bomRef.ts");
+const hash_1 = __webpack_require__(/*! ./hash */ "./src/models/hash.ts");
+const externalReference_1 = __webpack_require__(/*! ./externalReference */ "./src/models/externalReference.ts");
+const license_1 = __webpack_require__(/*! ./license */ "./src/models/license.ts");
+class Component {
+    constructor(type, name, op = {}) {
+        _Component_bomRef.set(this, void 0);
+        _Component_cpe.set(this, void 0);
+        __classPrivateFieldSet(this, _Component_bomRef, new bomRef_1.BomRef(op.bomRef), "f");
+        this.type = type;
+        this.name = name;
+        this.author = op.author;
+        this.copyright = op.copyright;
+        this.externalReferences = op.externalReferences ?? new externalReference_1.ExternalReferenceRepository();
+        this.group = op.group;
+        this.hashes = op.hashes ?? new hash_1.HashRepository();
+        this.licenses = op.licenses ?? new license_1.LicenseRepository();
+        this.publisher = op.publisher;
+        this.purl = op.purl;
+        this.scope = op.scope;
+        this.swid = op.swid;
+        this.version = op.version;
+        this.dependencies = op.dependencies ?? new bomRef_1.BomRefRepository();
+        this.cpe = op.cpe;
+    }
+    get bomRef() {
+        return __classPrivateFieldGet(this, _Component_bomRef, "f");
+    }
+    get cpe() {
+        return __classPrivateFieldGet(this, _Component_cpe, "f");
+    }
+    set cpe(value) {
+        if (value !== undefined && !(0, types_1.isCPE)(value)) {
+            throw new TypeError('Not CPE nor undefined');
+        }
+        __classPrivateFieldSet(this, _Component_cpe, value, "f");
+    }
+    compare(other) {
+        const bomRefCompare = this.bomRef.compare(other.bomRef);
+        if (bomRefCompare !== 0) {
+            return bomRefCompare;
+        }
+        if (this.purl !== undefined && other.purl !== undefined) {
+            return this.purl.toString().localeCompare(other.purl.toString());
+        }
+        if (__classPrivateFieldGet(this, _Component_cpe, "f") !== undefined && __classPrivateFieldGet(other, _Component_cpe, "f") !== undefined) {
+            return __classPrivateFieldGet(this, _Component_cpe, "f").toString().localeCompare(__classPrivateFieldGet(other, _Component_cpe, "f").toString());
+        }
+        return (this.group ?? '').localeCompare(other.group ?? '') ||
+            this.name.localeCompare(other.name) ||
+            (this.version ?? '').localeCompare(other.version ?? '');
+    }
+}
+exports.Component = Component;
+_Component_bomRef = new WeakMap(), _Component_cpe = new WeakMap();
+class ComponentRepository extends Set {
+    static compareItems(a, b) {
+        return a.compare(b);
+    }
+}
+exports.ComponentRepository = ComponentRepository;
+
+
+/***/ }),
+
+/***/ "./src/models/externalReference.ts":
+/*!*****************************************!*\
+  !*** ./src/models/externalReference.ts ***!
+  \*****************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.ExternalReferenceRepository = exports.ExternalReference = void 0;
+class ExternalReference {
+    constructor(url, type, op = {}) {
+        this.url = url;
+        this.type = type;
+        this.comment = op.comment;
+    }
+    compare(other) {
+        return this.type.localeCompare(other.type) ||
+            this.url.toString().localeCompare(other.url.toString());
+    }
+}
+exports.ExternalReference = ExternalReference;
+class ExternalReferenceRepository extends Set {
+    static compareItems(a, b) {
+        return a.compare(b);
+    }
+}
+exports.ExternalReferenceRepository = ExternalReferenceRepository;
+
+
+/***/ }),
+
+/***/ "./src/models/hash.ts":
+/*!****************************!*\
+  !*** ./src/models/hash.ts ***!
+  \****************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.HashRepository = void 0;
+class HashRepository extends Map {
+    static compareItems(a, b) {
+        return a[0].localeCompare(b[0]) ||
+            a[1].localeCompare(b[1]);
+    }
+}
+exports.HashRepository = HashRepository;
+
+
+/***/ }),
+
+/***/ "./src/models/index.ts":
+/*!*****************************!*\
+  !*** ./src/models/index.ts ***!
+  \*****************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+__exportStar(__webpack_require__(/*! ./attachment */ "./src/models/attachment.ts"), exports);
+__exportStar(__webpack_require__(/*! ./bom */ "./src/models/bom.ts"), exports);
+__exportStar(__webpack_require__(/*! ./bomRef */ "./src/models/bomRef.ts"), exports);
+__exportStar(__webpack_require__(/*! ./component */ "./src/models/component.ts"), exports);
+__exportStar(__webpack_require__(/*! ./externalReference */ "./src/models/externalReference.ts"), exports);
+__exportStar(__webpack_require__(/*! ./hash */ "./src/models/hash.ts"), exports);
+__exportStar(__webpack_require__(/*! ./license */ "./src/models/license.ts"), exports);
+__exportStar(__webpack_require__(/*! ./metadata */ "./src/models/metadata.ts"), exports);
+__exportStar(__webpack_require__(/*! ./organizationalContact */ "./src/models/organizationalContact.ts"), exports);
+__exportStar(__webpack_require__(/*! ./organizationalEntity */ "./src/models/organizationalEntity.ts"), exports);
+__exportStar(__webpack_require__(/*! ./swid */ "./src/models/swid.ts"), exports);
+__exportStar(__webpack_require__(/*! ./tool */ "./src/models/tool.ts"), exports);
+
+
+/***/ }),
+
+/***/ "./src/models/license.ts":
+/*!*******************************!*\
+  !*** ./src/models/license.ts ***!
+  \*******************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _LicenseExpression_expression, _SpdxLicense_id;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.LicenseRepository = exports.SpdxLicense = exports.NamedLicense = exports.LicenseExpression = void 0;
+const spdx_1 = __webpack_require__(/*! ../spdx */ "./src/spdx.ts");
+class LicenseExpression {
+    constructor(expression) {
+        _LicenseExpression_expression.set(this, void 0);
+        this.expression = expression;
+    }
+    static isEligibleExpression(expression) {
+        return typeof expression === 'string' &&
+            expression.length >= 8 &&
+            expression[0] === '(' &&
+            expression[expression.length - 1] === ')';
+    }
+    get expression() {
+        return __classPrivateFieldGet(this, _LicenseExpression_expression, "f");
+    }
+    set expression(value) {
+        if (!LicenseExpression.isEligibleExpression(value)) {
+            throw new RangeError('Not eligible expression');
+        }
+        __classPrivateFieldSet(this, _LicenseExpression_expression, value, "f");
+    }
+    compare(other) {
+        return __classPrivateFieldGet(this, _LicenseExpression_expression, "f").localeCompare(__classPrivateFieldGet(other, _LicenseExpression_expression, "f"));
+    }
+}
+exports.LicenseExpression = LicenseExpression;
+_LicenseExpression_expression = new WeakMap();
+class NamedLicense {
+    constructor(name, op = {}) {
+        this.name = name;
+        this.text = op.text;
+        this.url = op.url;
+    }
+    compare(other) {
+        return this.name.localeCompare(other.name);
+    }
+}
+exports.NamedLicense = NamedLicense;
+class SpdxLicense {
+    constructor(id, op = {}) {
+        _SpdxLicense_id.set(this, void 0);
+        this.id = id;
+        this.text = op.text;
+        this.url = op.url;
+    }
+    get id() {
+        return __classPrivateFieldGet(this, _SpdxLicense_id, "f");
+    }
+    set id(value) {
+        if (!(0, spdx_1.isSupportedSpdxId)(value)) {
+            throw new RangeError('Unknown SPDX id');
+        }
+        __classPrivateFieldSet(this, _SpdxLicense_id, value, "f");
+    }
+    compare(other) {
+        return __classPrivateFieldGet(this, _SpdxLicense_id, "f").localeCompare(__classPrivateFieldGet(other, _SpdxLicense_id, "f"));
+    }
+}
+exports.SpdxLicense = SpdxLicense;
+_SpdxLicense_id = new WeakMap();
+class LicenseRepository extends Set {
+    static compareItems(a, b) {
+        if (a.constructor === b.constructor) {
+            return a.compare(b);
+        }
+        return a.constructor.name.localeCompare(b.constructor.name);
+    }
+}
+exports.LicenseRepository = LicenseRepository;
+
+
+/***/ }),
+
+/***/ "./src/models/metadata.ts":
+/*!********************************!*\
+  !*** ./src/models/metadata.ts ***!
+  \********************************/
+/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.Metadata = void 0;
+const tool_1 = __webpack_require__(/*! ./tool */ "./src/models/tool.ts");
+const organizationalContact_1 = __webpack_require__(/*! ./organizationalContact */ "./src/models/organizationalContact.ts");
+class Metadata {
+    constructor(op = {}) {
+        this.timestamp = op.timestamp;
+        this.tools = op.tools ?? new tool_1.ToolRepository();
+        this.authors = op.authors ?? new organizationalContact_1.OrganizationalContactRepository();
+        this.component = op.component;
+        this.manufacture = op.manufacture;
+        this.supplier = op.supplier;
+    }
+}
+exports.Metadata = Metadata;
+
+
+/***/ }),
+
+/***/ "./src/models/organizationalContact.ts":
+/*!*********************************************!*\
+  !*** ./src/models/organizationalContact.ts ***!
+  \*********************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.OrganizationalContactRepository = exports.OrganizationalContact = void 0;
+class OrganizationalContact {
+    constructor(op = {}) {
+        this.name = op.name;
+        this.email = op.email;
+        this.phone = op.phone;
+    }
+    compare(other) {
+        return (this.name ?? '').localeCompare(other.name ?? '') ||
+            (this.email ?? '').localeCompare(other.email ?? '') ||
+            (this.phone ?? '').localeCompare(other.phone ?? '');
+    }
+}
+exports.OrganizationalContact = OrganizationalContact;
+class OrganizationalContactRepository extends Set {
+    static compareItems(a, b) {
+        return a.compare(b);
+    }
+}
+exports.OrganizationalContactRepository = OrganizationalContactRepository;
+
+
+/***/ }),
+
+/***/ "./src/models/organizationalEntity.ts":
+/*!********************************************!*\
+  !*** ./src/models/organizationalEntity.ts ***!
+  \********************************************/
+/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.OrganizationalEntity = void 0;
+const organizationalContact_1 = __webpack_require__(/*! ./organizationalContact */ "./src/models/organizationalContact.ts");
+class OrganizationalEntity {
+    constructor(op = {}) {
+        this.name = op.name;
+        this.url = op.url ?? new Set();
+        this.contact = op.contact ?? new organizationalContact_1.OrganizationalContactRepository();
+    }
+}
+exports.OrganizationalEntity = OrganizationalEntity;
+
+
+/***/ }),
+
+/***/ "./src/models/swid.ts":
+/*!****************************!*\
+  !*** ./src/models/swid.ts ***!
+  \****************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var _SWID_tagVersion;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.SWID = void 0;
+const types_1 = __webpack_require__(/*! ../types */ "./src/types/index.ts");
+class SWID {
+    constructor(tagId, name, op = {}) {
+        _SWID_tagVersion.set(this, void 0);
+        this.tagId = tagId;
+        this.name = name;
+        this.version = op.version;
+        this.patch = op.patch;
+        this.text = op.text;
+        this.url = op.url;
+        this.tagVersion = op.tagVersion;
+    }
+    get tagVersion() {
+        return __classPrivateFieldGet(this, _SWID_tagVersion, "f");
+    }
+    set tagVersion(value) {
+        if (value !== undefined && !(0, types_1.isNonNegativeInteger)(value)) {
+            throw new TypeError('Not NonNegativeInteger nor undefined');
+        }
+        __classPrivateFieldSet(this, _SWID_tagVersion, value, "f");
+    }
+}
+exports.SWID = SWID;
+_SWID_tagVersion = new WeakMap();
+
+
+/***/ }),
+
+/***/ "./src/models/tool.ts":
+/*!****************************!*\
+  !*** ./src/models/tool.ts ***!
+  \****************************/
+/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.ToolRepository = exports.Tool = void 0;
+const hash_1 = __webpack_require__(/*! ./hash */ "./src/models/hash.ts");
+const externalReference_1 = __webpack_require__(/*! ./externalReference */ "./src/models/externalReference.ts");
+class Tool {
+    constructor(op = {}) {
+        this.vendor = op.vendor;
+        this.name = op.name;
+        this.version = op.version;
+        this.hashes = op.hashes ?? new hash_1.HashRepository();
+        this.externalReferences = op.externalReferences ?? new externalReference_1.ExternalReferenceRepository();
+    }
+    compare(other) {
+        return (this.vendor ?? '').localeCompare(other.vendor ?? '') ||
+            (this.name ?? '').localeCompare(other.name ?? '') ||
+            (this.version ?? '').localeCompare(other.version ?? '');
+    }
+}
+exports.Tool = Tool;
+class ToolRepository extends Set {
+    static compareItems(a, b) {
+        return a.compare(b);
+    }
+}
+exports.ToolRepository = ToolRepository;
+
+
+/***/ }),
+
+/***/ "./src/serialize/_index.web.ts":
+/*!*************************************!*\
+  !*** ./src/serialize/_index.web.ts ***!
+  \*************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+__exportStar(__webpack_require__(/*! ./index */ "./src/serialize/index.ts"), exports);
+__exportStar(__webpack_require__(/*! ./xmlSerializer.web */ "./src/serialize/xmlSerializer.web.ts"), exports);
+
+
+/***/ }),
+
+/***/ "./src/serialize/baseSerializer.ts":
+/*!*****************************************!*\
+  !*** ./src/serialize/baseSerializer.ts ***!
+  \*****************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _BaseSerializer_instances, _BaseSerializer_getAllBomRefs;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.BaseSerializer = void 0;
+const bomRefDiscriminator_1 = __webpack_require__(/*! ./bomRefDiscriminator */ "./src/serialize/bomRefDiscriminator.ts");
+class BaseSerializer {
+    constructor() {
+        _BaseSerializer_instances.add(this);
+    }
+    serialize(bom, options) {
+        const bomRefDiscriminator = new bomRefDiscriminator_1.BomRefDiscriminator(__classPrivateFieldGet(this, _BaseSerializer_instances, "m", _BaseSerializer_getAllBomRefs).call(this, bom));
+        try {
+            bomRefDiscriminator.discriminate();
+            const normalized = this._normalize(bom, options);
+            return this._serialize(normalized, options);
+        }
+        finally {
+            bomRefDiscriminator.reset();
+        }
+    }
+}
+exports.BaseSerializer = BaseSerializer;
+_BaseSerializer_instances = new WeakSet(), _BaseSerializer_getAllBomRefs = function _BaseSerializer_getAllBomRefs(bom) {
+    const bomRefs = new Set();
+    if (bom.metadata.component !== undefined) {
+        bomRefs.add(bom.metadata.component.bomRef);
+    }
+    for (const { bomRef } of bom.components) {
+        bomRefs.add(bomRef);
+    }
+    return bomRefs.values();
+};
+
+
+/***/ }),
+
+/***/ "./src/serialize/bomRefDiscriminator.ts":
+/*!**********************************************!*\
+  !*** ./src/serialize/bomRefDiscriminator.ts ***!
+  \**********************************************/
+/***/ (function(__unused_webpack_module, exports) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _BomRefDiscriminator_instances, _BomRefDiscriminator_originalValues, _BomRefDiscriminator_prefix, _BomRefDiscriminator_makeUniqueId;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.BomRefDiscriminator = void 0;
+class BomRefDiscriminator {
+    constructor(bomRefs, prefix = 'BomRef') {
+        _BomRefDiscriminator_instances.add(this);
+        _BomRefDiscriminator_originalValues.set(this, void 0);
+        _BomRefDiscriminator_prefix.set(this, void 0);
+        __classPrivateFieldSet(this, _BomRefDiscriminator_originalValues, new Map(Array.from(bomRefs).map(ref => [ref, ref.value])), "f");
+        __classPrivateFieldSet(this, _BomRefDiscriminator_prefix, prefix, "f");
+    }
+    [(_BomRefDiscriminator_originalValues = new WeakMap(), _BomRefDiscriminator_prefix = new WeakMap(), _BomRefDiscriminator_instances = new WeakSet(), Symbol.iterator)]() {
+        return __classPrivateFieldGet(this, _BomRefDiscriminator_originalValues, "f").keys();
+    }
+    discriminate() {
+        const knownRefValues = new Set();
+        for (const [bomRef] of __classPrivateFieldGet(this, _BomRefDiscriminator_originalValues, "f")) {
+            let value = bomRef.value;
+            if (value === undefined || knownRefValues.has(value)) {
+                value = __classPrivateFieldGet(this, _BomRefDiscriminator_instances, "m", _BomRefDiscriminator_makeUniqueId).call(this);
+                bomRef.value = value;
+            }
+            knownRefValues.add(value);
+        }
+    }
+    reset() {
+        for (const [bomRef, originalValue] of __classPrivateFieldGet(this, _BomRefDiscriminator_originalValues, "f")) {
+            bomRef.value = originalValue;
+        }
+    }
+}
+exports.BomRefDiscriminator = BomRefDiscriminator;
+_BomRefDiscriminator_makeUniqueId = function _BomRefDiscriminator_makeUniqueId() {
+    return `${__classPrivateFieldGet(this, _BomRefDiscriminator_prefix, "f")}${Math.random().toString(32).substring(1)}${Math.random().toString(32).substring(1)}`;
+};
+
+
+/***/ }),
+
+/***/ "./src/serialize/index.ts":
+/*!********************************!*\
+  !*** ./src/serialize/index.ts ***!
+  \********************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.XML = exports.JSON = exports.Types = void 0;
+exports.Types = __importStar(__webpack_require__(/*! ./types */ "./src/serialize/types.ts"));
+__exportStar(__webpack_require__(/*! ./baseSerializer */ "./src/serialize/baseSerializer.ts"), exports);
+__exportStar(__webpack_require__(/*! ./bomRefDiscriminator */ "./src/serialize/bomRefDiscriminator.ts"), exports);
+exports.JSON = __importStar(__webpack_require__(/*! ./json */ "./src/serialize/json/index.ts"));
+__exportStar(__webpack_require__(/*! ./jsonSerializer */ "./src/serialize/jsonSerializer.ts"), exports);
+exports.XML = __importStar(__webpack_require__(/*! ./xml */ "./src/serialize/xml/index.ts"));
+__exportStar(__webpack_require__(/*! ./xmlBaseSerializer */ "./src/serialize/xmlBaseSerializer.ts"), exports);
+
+
+/***/ }),
+
+/***/ "./src/serialize/json/index.ts":
+/*!*************************************!*\
+  !*** ./src/serialize/json/index.ts ***!
+  \*************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.Normalize = exports.Types = void 0;
+exports.Types = __importStar(__webpack_require__(/*! ./types */ "./src/serialize/json/types.ts"));
+exports.Normalize = __importStar(__webpack_require__(/*! ./normalize */ "./src/serialize/json/normalize.ts"));
+
+
+/***/ }),
+
+/***/ "./src/serialize/json/normalize.ts":
+/*!*****************************************!*\
+  !*** ./src/serialize/json/normalize.ts ***!
+  \*****************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _Factory_spec, _LicenseNormalizer_instances, _LicenseNormalizer_normalizeNamedLicense, _LicenseNormalizer_normalizeSpdxLicense, _LicenseNormalizer_normalizeLicenseExpression, _DependencyGraphNormalizer_instances, _DependencyGraphNormalizer_normalizeDependency;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.DependencyGraphNormalizer = exports.AttachmentNormalizer = exports.ExternalReferenceNormalizer = exports.SWIDNormalizer = exports.LicenseNormalizer = exports.ComponentNormalizer = exports.OrganizationalEntityNormalizer = exports.OrganizationalContactNormalizer = exports.HashNormalizer = exports.ToolNormalizer = exports.MetadataNormalizer = exports.BomNormalizer = exports.Factory = void 0;
+const types_1 = __webpack_require__(/*! ../../helpers/types */ "./src/helpers/types.ts");
+const Models = __importStar(__webpack_require__(/*! ../../models */ "./src/models/index.ts"));
+const spec_1 = __webpack_require__(/*! ../../spec */ "./src/spec.ts");
+const types_2 = __webpack_require__(/*! ./types */ "./src/serialize/json/types.ts");
+class Factory {
+    constructor(spec) {
+        _Factory_spec.set(this, void 0);
+        __classPrivateFieldSet(this, _Factory_spec, spec, "f");
+    }
+    get spec() {
+        return __classPrivateFieldGet(this, _Factory_spec, "f");
+    }
+    makeForBom() {
+        return new BomNormalizer(this);
+    }
+    makeForMetadata() {
+        return new MetadataNormalizer(this);
+    }
+    makeForComponent() {
+        return new ComponentNormalizer(this);
+    }
+    makeForTool() {
+        return new ToolNormalizer(this);
+    }
+    makeForOrganizationalContact() {
+        return new OrganizationalContactNormalizer(this);
+    }
+    makeForOrganizationalEntity() {
+        return new OrganizationalEntityNormalizer(this);
+    }
+    makeForHash() {
+        return new HashNormalizer(this);
+    }
+    makeForLicense() {
+        return new LicenseNormalizer(this);
+    }
+    makeForSWID() {
+        return new SWIDNormalizer(this);
+    }
+    makeForExternalReference() {
+        return new ExternalReferenceNormalizer(this);
+    }
+    makeForAttachment() {
+        return new AttachmentNormalizer(this);
+    }
+    makeForDependencyGraph() {
+        return new DependencyGraphNormalizer(this);
+    }
+}
+exports.Factory = Factory;
+_Factory_spec = new WeakMap();
+const schemaUrl = new Map([
+    [spec_1.Version.v1dot2, 'http://cyclonedx.org/schema/bom-1.2b.schema.json'],
+    [spec_1.Version.v1dot3, 'http://cyclonedx.org/schema/bom-1.3a.schema.json'],
+    [spec_1.Version.v1dot4, 'http://cyclonedx.org/schema/bom-1.4.schema.json']
+]);
+class Base {
+    constructor(factory) {
+        this._factory = factory;
+    }
+}
+class BomNormalizer extends Base {
+    normalize(data, options) {
+        return {
+            $schema: schemaUrl.get(this._factory.spec.version),
+            bomFormat: 'CycloneDX',
+            specVersion: this._factory.spec.version,
+            version: data.version,
+            serialNumber: data.serialNumber,
+            metadata: this._factory.makeForMetadata().normalize(data.metadata, options),
+            components: data.components.size > 0
+                ? this._factory.makeForComponent().normalizeIter(data.components, options)
+                : [],
+            dependencies: this._factory.spec.supportsDependencyGraph
+                ? this._factory.makeForDependencyGraph().normalize(data, options)
+                : undefined
+        };
+    }
+}
+exports.BomNormalizer = BomNormalizer;
+class MetadataNormalizer extends Base {
+    normalize(data, options) {
+        const orgEntityNormalizer = this._factory.makeForOrganizationalEntity();
+        return {
+            timestamp: data.timestamp?.toISOString(),
+            tools: data.tools.size > 0
+                ? this._factory.makeForTool().normalizeIter(data.tools, options)
+                : undefined,
+            authors: data.authors.size > 0
+                ? this._factory.makeForOrganizationalContact().normalizeIter(data.authors, options)
+                : undefined,
+            component: data.component === undefined
+                ? undefined
+                : this._factory.makeForComponent().normalize(data.component, options),
+            manufacture: data.manufacture === undefined
+                ? undefined
+                : orgEntityNormalizer.normalize(data.manufacture, options),
+            supplier: data.supplier === undefined
+                ? undefined
+                : orgEntityNormalizer.normalize(data.supplier, options)
+        };
+    }
+}
+exports.MetadataNormalizer = MetadataNormalizer;
+class ToolNormalizer extends Base {
+    normalize(data, options) {
+        return {
+            vendor: data.vendor || undefined,
+            name: data.name || undefined,
+            version: data.version || undefined,
+            hashes: data.hashes.size > 0
+                ? this._factory.makeForHash().normalizeIter(data.hashes, options)
+                : undefined,
+            externalReferences: this._factory.spec.supportsToolReferences && data.externalReferences.size > 0
+                ? this._factory.makeForExternalReference().normalizeIter(data.externalReferences, options)
+                : undefined
+        };
+    }
+    normalizeIter(data, options) {
+        const tools = Array.from(data);
+        if (options.sortLists ?? false) {
+            tools.sort(Models.ToolRepository.compareItems);
+        }
+        return tools.map(t => this.normalize(t, options));
+    }
+}
+exports.ToolNormalizer = ToolNormalizer;
+class HashNormalizer extends Base {
+    normalize([algorithm, content], options) {
+        const spec = this._factory.spec;
+        return spec.supportsHashAlgorithm(algorithm) && spec.supportsHashValue(content)
+            ? {
+                alg: algorithm,
+                content: content
+            }
+            : undefined;
+    }
+    normalizeIter(data, options) {
+        const hashes = Array.from(data);
+        if (options.sortLists ?? false) {
+            hashes.sort(Models.HashRepository.compareItems);
+        }
+        return hashes.map(h => this.normalize(h, options))
+            .filter(types_1.isNotUndefined);
+    }
+}
+exports.HashNormalizer = HashNormalizer;
+class OrganizationalContactNormalizer extends Base {
+    normalize(data, options) {
+        return {
+            name: data.name || undefined,
+            email: types_2.JsonSchema.isIdnEmail(data.email)
+                ? data.email
+                : undefined,
+            phone: data.phone || undefined
+        };
+    }
+    normalizeIter(data, options) {
+        const contacts = Array.from(data);
+        if (options.sortLists ?? false) {
+            contacts.sort(Models.OrganizationalContactRepository.compareItems);
+        }
+        return contacts.map(c => this.normalize(c, options));
+    }
+}
+exports.OrganizationalContactNormalizer = OrganizationalContactNormalizer;
+class OrganizationalEntityNormalizer extends Base {
+    normalize(data, options) {
+        const urls = normalizeStringableIter(data.url, options)
+            .filter(types_2.JsonSchema.isIriReference);
+        return {
+            name: data.name || undefined,
+            url: urls.length > 0
+                ? urls
+                : undefined,
+            contact: data.contact.size > 0
+                ? this._factory.makeForOrganizationalContact().normalizeIter(data.contact, options)
+                : undefined
+        };
+    }
+}
+exports.OrganizationalEntityNormalizer = OrganizationalEntityNormalizer;
+class ComponentNormalizer extends Base {
+    normalize(data, options) {
+        return this._factory.spec.supportsComponentType(data.type)
+            ? {
+                type: data.type,
+                name: data.name,
+                group: data.group || undefined,
+                version: data.version || '',
+                'bom-ref': data.bomRef.value || undefined,
+                supplier: data.supplier === undefined
+                    ? undefined
+                    : this._factory.makeForOrganizationalEntity().normalize(data.supplier, options),
+                author: data.author || undefined,
+                publisher: data.publisher || undefined,
+                description: data.description || undefined,
+                scope: data.scope,
+                hashes: data.hashes.size > 0
+                    ? this._factory.makeForHash().normalizeIter(data.hashes, options)
+                    : undefined,
+                licenses: data.licenses.size > 0
+                    ? this._factory.makeForLicense().normalizeIter(data.licenses, options)
+                    : undefined,
+                copyright: data.copyright || undefined,
+                cpe: data.cpe || undefined,
+                purl: data.purl?.toString(),
+                swid: data.swid === undefined
+                    ? undefined
+                    : this._factory.makeForSWID().normalize(data.swid, options),
+                externalReferences: data.externalReferences.size > 0
+                    ? this._factory.makeForExternalReference().normalizeIter(data.externalReferences, options)
+                    : undefined
+            }
+            : undefined;
+    }
+    normalizeIter(data, options) {
+        const components = Array.from(data);
+        if (options.sortLists ?? false) {
+            components.sort(Models.ComponentRepository.compareItems);
+        }
+        return components.map(c => this.normalize(c, options))
+            .filter(types_1.isNotUndefined);
+    }
+}
+exports.ComponentNormalizer = ComponentNormalizer;
+class LicenseNormalizer extends Base {
+    constructor() {
+        super(...arguments);
+        _LicenseNormalizer_instances.add(this);
+    }
+    normalize(data, options) {
+        switch (true) {
+            case data instanceof Models.NamedLicense:
+                return __classPrivateFieldGet(this, _LicenseNormalizer_instances, "m", _LicenseNormalizer_normalizeNamedLicense).call(this, data, options);
+            case data instanceof Models.SpdxLicense:
+                return __classPrivateFieldGet(this, _LicenseNormalizer_instances, "m", _LicenseNormalizer_normalizeSpdxLicense).call(this, data, options);
+            case data instanceof Models.LicenseExpression:
+                return __classPrivateFieldGet(this, _LicenseNormalizer_instances, "m", _LicenseNormalizer_normalizeLicenseExpression).call(this, data);
+            default:
+                throw new TypeError('Unexpected LicenseChoice');
+        }
+    }
+    normalizeIter(data, options) {
+        const licenses = Array.from(data);
+        if (options.sortLists ?? false) {
+            licenses.sort(Models.LicenseRepository.compareItems);
+        }
+        return licenses.map(c => this.normalize(c, options));
+    }
+}
+exports.LicenseNormalizer = LicenseNormalizer;
+_LicenseNormalizer_instances = new WeakSet(), _LicenseNormalizer_normalizeNamedLicense = function _LicenseNormalizer_normalizeNamedLicense(data, options) {
+    return {
+        license: {
+            name: data.name,
+            text: data.text === undefined
+                ? undefined
+                : this._factory.makeForAttachment().normalize(data.text, options),
+            url: data.url?.toString()
+        }
+    };
+}, _LicenseNormalizer_normalizeSpdxLicense = function _LicenseNormalizer_normalizeSpdxLicense(data, options) {
+    return {
+        license: {
+            id: data.id,
+            text: data.text === undefined
+                ? undefined
+                : this._factory.makeForAttachment().normalize(data.text, options),
+            url: data.url?.toString()
+        }
+    };
+}, _LicenseNormalizer_normalizeLicenseExpression = function _LicenseNormalizer_normalizeLicenseExpression(data) {
+    return {
+        expression: data.expression
+    };
+};
+class SWIDNormalizer extends Base {
+    normalize(data, options) {
+        const url = data.url?.toString();
+        return {
+            tagId: data.tagId,
+            name: data.name,
+            version: data.version || undefined,
+            tagVersion: data.tagVersion,
+            patch: data.patch,
+            text: data.text === undefined
+                ? undefined
+                : this._factory.makeForAttachment().normalize(data.text, options),
+            url: types_2.JsonSchema.isIriReference(url)
+                ? url
+                : undefined
+        };
+    }
+}
+exports.SWIDNormalizer = SWIDNormalizer;
+class ExternalReferenceNormalizer extends Base {
+    normalize(data, options) {
+        return this._factory.spec.supportsExternalReferenceType(data.type)
+            ? {
+                url: data.url.toString(),
+                type: data.type,
+                comment: data.comment || undefined
+            }
+            : undefined;
+    }
+    normalizeIter(data, options) {
+        const refs = Array.from(data);
+        if (options.sortLists ?? false) {
+            refs.sort(Models.ExternalReferenceRepository.compareItems);
+        }
+        return refs.map(r => this.normalize(r, options))
+            .filter(types_1.isNotUndefined);
+    }
+}
+exports.ExternalReferenceNormalizer = ExternalReferenceNormalizer;
+class AttachmentNormalizer extends Base {
+    normalize(data, options) {
+        return {
+            content: data.content,
+            contentType: data.contentType || undefined,
+            encoding: data.encoding
+        };
+    }
+}
+exports.AttachmentNormalizer = AttachmentNormalizer;
+class DependencyGraphNormalizer extends Base {
+    constructor() {
+        super(...arguments);
+        _DependencyGraphNormalizer_instances.add(this);
+    }
+    normalize(data, options) {
+        if (!data.metadata.component?.bomRef.value) {
+            return undefined;
+        }
+        const allRefs = new Map();
+        for (const c of data.components) {
+            allRefs.set(c.bomRef, new Models.BomRefRepository(c.dependencies));
+        }
+        allRefs.set(data.metadata.component.bomRef, data.metadata.component.dependencies);
+        const normalized = [];
+        for (const [ref, deps] of allRefs) {
+            const dep = __classPrivateFieldGet(this, _DependencyGraphNormalizer_instances, "m", _DependencyGraphNormalizer_normalizeDependency).call(this, ref, deps, allRefs, options);
+            if ((0, types_1.isNotUndefined)(dep)) {
+                normalized.push(dep);
+            }
+        }
+        if (options.sortLists ?? false) {
+            normalized.sort(({ ref: a }, { ref: b }) => a.localeCompare(b));
+        }
+        return normalized;
+    }
+}
+exports.DependencyGraphNormalizer = DependencyGraphNormalizer;
+_DependencyGraphNormalizer_instances = new WeakSet(), _DependencyGraphNormalizer_normalizeDependency = function _DependencyGraphNormalizer_normalizeDependency(ref, deps, allRefs, options) {
+    const bomRef = ref.toString();
+    if (bomRef.length === 0) {
+        return undefined;
+    }
+    const dependsOn = normalizeStringableIter(Array.from(deps).filter(d => allRefs.has(d) && d !== ref), options).filter(d => d.length > 0);
+    return {
+        ref: bomRef,
+        dependsOn: dependsOn.length > 0
+            ? dependsOn
+            : undefined
+    };
+};
+function normalizeStringableIter(data, options) {
+    const r = Array.from(data, d => d.toString());
+    if (options.sortLists ?? false) {
+        r.sort((a, b) => a.localeCompare(b));
+    }
+    return r;
+}
+
+
+/***/ }),
+
+/***/ "./src/serialize/json/types.ts":
+/*!*************************************!*\
+  !*** ./src/serialize/json/types.ts ***!
+  \*************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.JsonSchema = void 0;
+var JsonSchema;
+(function (JsonSchema) {
+    function isIriReference(value) {
+        return typeof value === 'string' &&
+            value.length > 0;
+    }
+    JsonSchema.isIriReference = isIriReference;
+    function isIdnEmail(value) {
+        return typeof value === 'string' &&
+            value.length > 0;
+    }
+    JsonSchema.isIdnEmail = isIdnEmail;
+})(JsonSchema = exports.JsonSchema || (exports.JsonSchema = {}));
+
+
+/***/ }),
+
+/***/ "./src/serialize/jsonSerializer.ts":
+/*!*****************************************!*\
+  !*** ./src/serialize/jsonSerializer.ts ***!
+  \*****************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _JsonSerializer_normalizerFactory;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.JsonSerializer = void 0;
+const spec_1 = __webpack_require__(/*! ../spec */ "./src/spec.ts");
+const baseSerializer_1 = __webpack_require__(/*! ./baseSerializer */ "./src/serialize/baseSerializer.ts");
+class JsonSerializer extends baseSerializer_1.BaseSerializer {
+    constructor(normalizerFactory) {
+        if (!normalizerFactory.spec.supportsFormat(spec_1.Format.JSON)) {
+            throw new spec_1.UnsupportedFormatError('Spec does not support JSON format.');
+        }
+        super();
+        _JsonSerializer_normalizerFactory.set(this, void 0);
+        __classPrivateFieldSet(this, _JsonSerializer_normalizerFactory, normalizerFactory, "f");
+    }
+    _normalize(bom, options = {}) {
+        return __classPrivateFieldGet(this, _JsonSerializer_normalizerFactory, "f").makeForBom()
+            .normalize(bom, options);
+    }
+    _serialize(bom, { space } = {}) {
+        return JSON.stringify(bom, null, space);
+    }
+}
+exports.JsonSerializer = JsonSerializer;
+_JsonSerializer_normalizerFactory = new WeakMap();
+
+
+/***/ }),
+
+/***/ "./src/serialize/types.ts":
+/*!********************************!*\
+  !*** ./src/serialize/types.ts ***!
+  \********************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+
+
+/***/ }),
+
+/***/ "./src/serialize/xml/index.ts":
+/*!************************************!*\
+  !*** ./src/serialize/xml/index.ts ***!
+  \************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.Normalize = exports.Types = void 0;
+exports.Types = __importStar(__webpack_require__(/*! ./types */ "./src/serialize/xml/types.ts"));
+exports.Normalize = __importStar(__webpack_require__(/*! ./normalize */ "./src/serialize/xml/normalize.ts"));
+
+
+/***/ }),
+
+/***/ "./src/serialize/xml/normalize.ts":
+/*!****************************************!*\
+  !*** ./src/serialize/xml/normalize.ts ***!
+  \****************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _Factory_spec, _LicenseNormalizer_instances, _LicenseNormalizer_normalizeNamedLicense, _LicenseNormalizer_normalizeSpdxLicense, _LicenseNormalizer_normalizeLicenseExpression, _DependencyGraphNormalizer_instances, _DependencyGraphNormalizer_normalizeDependency;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.DependencyGraphNormalizer = exports.AttachmentNormalizer = exports.ExternalReferenceNormalizer = exports.SWIDNormalizer = exports.LicenseNormalizer = exports.ComponentNormalizer = exports.OrganizationalEntityNormalizer = exports.OrganizationalContactNormalizer = exports.HashNormalizer = exports.ToolNormalizer = exports.MetadataNormalizer = exports.BomNormalizer = exports.Factory = void 0;
+const types_1 = __webpack_require__(/*! ../../helpers/types */ "./src/helpers/types.ts");
+const Models = __importStar(__webpack_require__(/*! ../../models */ "./src/models/index.ts"));
+const spec_1 = __webpack_require__(/*! ../../spec */ "./src/spec.ts");
+const types_2 = __webpack_require__(/*! ./types */ "./src/serialize/xml/types.ts");
+class Factory {
+    constructor(spec) {
+        _Factory_spec.set(this, void 0);
+        __classPrivateFieldSet(this, _Factory_spec, spec, "f");
+    }
+    get spec() {
+        return __classPrivateFieldGet(this, _Factory_spec, "f");
+    }
+    makeForBom() {
+        return new BomNormalizer(this);
+    }
+    makeForMetadata() {
+        return new MetadataNormalizer(this);
+    }
+    makeForComponent() {
+        return new ComponentNormalizer(this);
+    }
+    makeForTool() {
+        return new ToolNormalizer(this);
+    }
+    makeForOrganizationalContact() {
+        return new OrganizationalContactNormalizer(this);
+    }
+    makeForOrganizationalEntity() {
+        return new OrganizationalEntityNormalizer(this);
+    }
+    makeForHash() {
+        return new HashNormalizer(this);
+    }
+    makeForLicense() {
+        return new LicenseNormalizer(this);
+    }
+    makeForSWID() {
+        return new SWIDNormalizer(this);
+    }
+    makeForExternalReference() {
+        return new ExternalReferenceNormalizer(this);
+    }
+    makeForAttachment() {
+        return new AttachmentNormalizer(this);
+    }
+    makeForDependencyGraph() {
+        return new DependencyGraphNormalizer(this);
+    }
+}
+exports.Factory = Factory;
+_Factory_spec = new WeakMap();
+const xmlNamespace = new Map([
+    [spec_1.Version.v1dot2, 'http://cyclonedx.org/schema/bom/1.2'],
+    [spec_1.Version.v1dot3, 'http://cyclonedx.org/schema/bom/1.3'],
+    [spec_1.Version.v1dot4, 'http://cyclonedx.org/schema/bom/1.4']
+]);
+class Base {
+    constructor(factory) {
+        this._factory = factory;
+    }
+}
+class BomNormalizer extends Base {
+    normalize(data, options) {
+        const components = {
+            type: 'element',
+            name: 'components',
+            children: data.components.size > 0
+                ? this._factory.makeForComponent().normalizeIter(data.components, options, 'component')
+                : undefined
+        };
+        return {
+            type: 'element',
+            name: 'bom',
+            namespace: xmlNamespace.get(this._factory.spec.version),
+            attributes: {
+                version: data.version,
+                serialNumber: data.serialNumber
+            },
+            children: [
+                data.metadata
+                    ? this._factory.makeForMetadata().normalize(data.metadata, options, 'metadata')
+                    : undefined,
+                components,
+                this._factory.spec.supportsDependencyGraph
+                    ? this._factory.makeForDependencyGraph().normalize(data, options, 'dependencies')
+                    : undefined
+            ].filter(types_1.isNotUndefined)
+        };
+    }
+}
+exports.BomNormalizer = BomNormalizer;
+class MetadataNormalizer extends Base {
+    normalize(data, options, elementName) {
+        const orgEntityNormalizer = this._factory.makeForOrganizationalEntity();
+        const timestamp = data.timestamp === undefined
+            ? undefined
+            : {
+                type: 'element',
+                name: 'timestamp',
+                children: data.timestamp.toISOString()
+            };
+        const tools = data.tools.size > 0
+            ? {
+                type: 'element',
+                name: 'tools',
+                children: this._factory.makeForTool().normalizeIter(data.tools, options, 'tool')
+            }
+            : undefined;
+        const authors = data.authors.size > 0
+            ? {
+                type: 'element',
+                name: 'authors',
+                children: this._factory.makeForOrganizationalContact()
+                    .normalizeIter(data.authors, options, 'author')
+            }
+            : undefined;
+        return {
+            type: 'element',
+            name: elementName,
+            children: [
+                timestamp,
+                tools,
+                authors,
+                data.component === undefined
+                    ? undefined
+                    : this._factory.makeForComponent().normalize(data.component, options, 'component'),
+                data.manufacture === undefined
+                    ? undefined
+                    : orgEntityNormalizer.normalize(data.manufacture, options, 'manufacture'),
+                data.supplier === undefined
+                    ? undefined
+                    : orgEntityNormalizer.normalize(data.supplier, options, 'supplier')
+            ].filter(types_1.isNotUndefined)
+        };
+    }
+}
+exports.MetadataNormalizer = MetadataNormalizer;
+class ToolNormalizer extends Base {
+    normalize(data, options, elementName) {
+        const hashes = data.hashes.size > 0
+            ? {
+                type: 'element',
+                name: 'hashes',
+                children: this._factory.makeForHash().normalizeIter(data.hashes, options, 'hash')
+            }
+            : undefined;
+        const externalReferences = this._factory.spec.supportsToolReferences && data.externalReferences.size > 0
+            ? {
+                type: 'element',
+                name: 'externalReferences',
+                children: this._factory.makeForExternalReference()
+                    .normalizeIter(data.externalReferences, options, 'reference')
+            }
+            : undefined;
+        return {
+            type: 'element',
+            name: elementName,
+            children: [
+                makeOptionalTextElement(data.vendor, 'vendor'),
+                makeOptionalTextElement(data.name, 'name'),
+                makeOptionalTextElement(data.version, 'version'),
+                hashes,
+                externalReferences
+            ].filter(types_1.isNotUndefined)
+        };
+    }
+    normalizeIter(data, options, elementName) {
+        const tools = Array.from(data);
+        if (options.sortLists) {
+            tools.sort(Models.ToolRepository.compareItems);
+        }
+        return tools.map(t => this.normalize(t, options, elementName));
+    }
+}
+exports.ToolNormalizer = ToolNormalizer;
+class HashNormalizer extends Base {
+    normalize([algorithm, content], options, elementName) {
+        const spec = this._factory.spec;
+        return spec.supportsHashAlgorithm(algorithm) && spec.supportsHashValue(content)
+            ? {
+                type: 'element',
+                name: elementName,
+                attributes: { alg: algorithm },
+                children: content
+            }
+            : undefined;
+    }
+    normalizeIter(data, options, elementName) {
+        const hashes = Array.from(data);
+        if (options.sortLists ?? false) {
+            hashes.sort(Models.HashRepository.compareItems);
+        }
+        return hashes.map(h => this.normalize(h, options, elementName))
+            .filter(types_1.isNotUndefined);
+    }
+}
+exports.HashNormalizer = HashNormalizer;
+class OrganizationalContactNormalizer extends Base {
+    normalize(data, options, elementName) {
+        return {
+            type: 'element',
+            name: elementName,
+            children: [
+                makeOptionalTextElement(data.name, 'name'),
+                makeOptionalTextElement(data.email, 'email'),
+                makeOptionalTextElement(data.phone, 'phone')
+            ].filter(types_1.isNotUndefined)
+        };
+    }
+    normalizeIter(data, options, elementName) {
+        const contacts = Array.from(data);
+        if (options.sortLists ?? false) {
+            contacts.sort(Models.OrganizationalContactRepository.compareItems);
+        }
+        return contacts.map(c => this.normalize(c, options, elementName));
+    }
+}
+exports.OrganizationalContactNormalizer = OrganizationalContactNormalizer;
+class OrganizationalEntityNormalizer extends Base {
+    normalize(data, options, elementName) {
+        return {
+            type: 'element',
+            name: elementName,
+            children: [
+                makeOptionalTextElement(data.name, 'name'),
+                ...makeTextElementIter(data.url, options, 'url')
+                    .filter(({ children: u }) => types_2.XmlSchema.isAnyURI(u)),
+                ...this._factory.makeForOrganizationalContact().normalizeIter(data.contact, options, 'contact')
+            ].filter(types_1.isNotUndefined)
+        };
+    }
+}
+exports.OrganizationalEntityNormalizer = OrganizationalEntityNormalizer;
+class ComponentNormalizer extends Base {
+    normalize(data, options, elementName) {
+        if (!this._factory.spec.supportsComponentType(data.type)) {
+            return undefined;
+        }
+        const supplier = data.supplier === undefined
+            ? undefined
+            : this._factory.makeForOrganizationalEntity().normalize(data.supplier, options, 'supplier');
+        const hashes = data.hashes.size > 0
+            ? {
+                type: 'element',
+                name: 'hashes',
+                children: this._factory.makeForHash().normalizeIter(data.hashes, options, 'hash')
+            }
+            : undefined;
+        const licenses = data.licenses.size > 0
+            ? {
+                type: 'element',
+                name: 'licenses',
+                children: this._factory.makeForLicense().normalizeIter(data.licenses, options)
+            }
+            : undefined;
+        const swid = data.swid === undefined
+            ? undefined
+            : this._factory.makeForSWID().normalize(data.swid, options, 'swid');
+        const extRefs = data.externalReferences.size > 0
+            ? {
+                type: 'element',
+                name: 'externalReferences',
+                children: this._factory.makeForExternalReference()
+                    .normalizeIter(data.externalReferences, options, 'reference')
+            }
+            : undefined;
+        return {
+            type: 'element',
+            name: elementName,
+            attributes: {
+                type: data.type,
+                'bom-ref': data.bomRef.value
+            },
+            children: [
+                supplier,
+                makeOptionalTextElement(data.author, 'author'),
+                makeOptionalTextElement(data.publisher, 'publisher'),
+                makeOptionalTextElement(data.group, 'group'),
+                makeTextElement(data.name, 'name'),
+                makeTextElement(data.version ?? '', 'version'),
+                makeOptionalTextElement(data.description, 'description'),
+                makeOptionalTextElement(data.scope, 'description'),
+                hashes,
+                licenses,
+                makeOptionalTextElement(data.copyright, 'copyright'),
+                makeOptionalTextElement(data.cpe, 'cpe'),
+                makeOptionalTextElement(data.purl, 'purl'),
+                swid,
+                extRefs
+            ].filter(types_1.isNotUndefined)
+        };
+    }
+    normalizeIter(data, options, elementName) {
+        const components = Array.from(data);
+        if (options.sortLists ?? false) {
+            components.sort(Models.ComponentRepository.compareItems);
+        }
+        return components.map(c => this.normalize(c, options, elementName))
+            .filter(types_1.isNotUndefined);
+    }
+}
+exports.ComponentNormalizer = ComponentNormalizer;
+class LicenseNormalizer extends Base {
+    constructor() {
+        super(...arguments);
+        _LicenseNormalizer_instances.add(this);
+    }
+    normalize(data, options) {
+        switch (true) {
+            case data instanceof Models.NamedLicense:
+                return __classPrivateFieldGet(this, _LicenseNormalizer_instances, "m", _LicenseNormalizer_normalizeNamedLicense).call(this, data, options);
+            case data instanceof Models.SpdxLicense:
+                return __classPrivateFieldGet(this, _LicenseNormalizer_instances, "m", _LicenseNormalizer_normalizeSpdxLicense).call(this, data, options);
+            case data instanceof Models.LicenseExpression:
+                return __classPrivateFieldGet(this, _LicenseNormalizer_instances, "m", _LicenseNormalizer_normalizeLicenseExpression).call(this, data);
+            default:
+                throw new TypeError('Unexpected LicenseChoice');
+        }
+    }
+    normalizeIter(data, options) {
+        const licenses = Array.from(data);
+        if (options.sortLists ?? false) {
+            licenses.sort(Models.LicenseRepository.compareItems);
+        }
+        return licenses.map(c => this.normalize(c, options));
+    }
+}
+exports.LicenseNormalizer = LicenseNormalizer;
+_LicenseNormalizer_instances = new WeakSet(), _LicenseNormalizer_normalizeNamedLicense = function _LicenseNormalizer_normalizeNamedLicense(data, options) {
+    const url = data.url?.toString();
+    return {
+        type: 'element',
+        name: 'license',
+        children: [
+            makeTextElement(data.name, 'name'),
+            data.text === undefined
+                ? undefined
+                : this._factory.makeForAttachment().normalize(data.text, options, 'text'),
+            types_2.XmlSchema.isAnyURI(url)
+                ? makeTextElement(url, 'url')
+                : undefined
+        ].filter(types_1.isNotUndefined)
+    };
+}, _LicenseNormalizer_normalizeSpdxLicense = function _LicenseNormalizer_normalizeSpdxLicense(data, options) {
+    const url = data.url?.toString();
+    return {
+        type: 'element',
+        name: 'license',
+        children: [
+            makeTextElement(data.id, 'id'),
+            data.text === undefined
+                ? undefined
+                : this._factory.makeForAttachment().normalize(data.text, options, 'text'),
+            types_2.XmlSchema.isAnyURI(url)
+                ? makeTextElement(url, 'url')
+                : undefined
+        ].filter(types_1.isNotUndefined)
+    };
+}, _LicenseNormalizer_normalizeLicenseExpression = function _LicenseNormalizer_normalizeLicenseExpression(data) {
+    return makeTextElement(data.expression, 'expression');
+};
+class SWIDNormalizer extends Base {
+    normalize(data, options, elementName) {
+        const url = data.url?.toString();
+        return {
+            type: 'element',
+            name: elementName,
+            attributes: {
+                tagId: data.tagId,
+                name: data.name,
+                version: data.version || undefined,
+                tagVersion: data.tagVersion,
+                patch: data.patch === undefined
+                    ? undefined
+                    : (data.patch ? 'true' : 'false')
+            },
+            children: [
+                data.text === undefined
+                    ? undefined
+                    : this._factory.makeForAttachment().normalize(data.text, options, 'text'),
+                types_2.XmlSchema.isAnyURI(url)
+                    ? makeTextElement(url, 'url')
+                    : undefined
+            ].filter(types_1.isNotUndefined)
+        };
+    }
+}
+exports.SWIDNormalizer = SWIDNormalizer;
+class ExternalReferenceNormalizer extends Base {
+    normalize(data, options, elementName) {
+        const url = data.url.toString();
+        return this._factory.spec.supportsExternalReferenceType(data.type) &&
+            types_2.XmlSchema.isAnyURI(url)
+            ? {
+                type: 'element',
+                name: elementName,
+                attributes: {
+                    type: data.type
+                },
+                children: [
+                    makeTextElement(url, 'url'),
+                    makeOptionalTextElement(data.comment, 'comment')
+                ].filter(types_1.isNotUndefined)
+            }
+            : undefined;
+    }
+    normalizeIter(data, options, elementName) {
+        const references = Array.from(data);
+        if (options.sortLists ?? false) {
+            references.sort(Models.ExternalReferenceRepository.compareItems);
+        }
+        return references.map(r => this.normalize(r, options, elementName))
+            .filter(types_1.isNotUndefined);
+    }
+}
+exports.ExternalReferenceNormalizer = ExternalReferenceNormalizer;
+class AttachmentNormalizer extends Base {
+    normalize(data, options, elementName) {
+        return {
+            type: 'element',
+            name: elementName,
+            attributes: {
+                'content-type': data.contentType || undefined,
+                encoding: data.encoding || undefined
+            },
+            children: data.content
+        };
+    }
+}
+exports.AttachmentNormalizer = AttachmentNormalizer;
+class DependencyGraphNormalizer extends Base {
+    constructor() {
+        super(...arguments);
+        _DependencyGraphNormalizer_instances.add(this);
+    }
+    normalize(data, options, elementName) {
+        if (!data.metadata.component?.bomRef.value) {
+            return undefined;
+        }
+        const allRefs = new Map();
+        for (const c of data.components) {
+            allRefs.set(c.bomRef, new Models.BomRefRepository(c.dependencies));
+        }
+        allRefs.set(data.metadata.component.bomRef, data.metadata.component.dependencies);
+        const normalized = [];
+        for (const [ref, deps] of allRefs) {
+            const dep = __classPrivateFieldGet(this, _DependencyGraphNormalizer_instances, "m", _DependencyGraphNormalizer_normalizeDependency).call(this, ref, deps, allRefs, options);
+            if ((0, types_1.isNotUndefined)(dep)) {
+                normalized.push(dep);
+            }
+        }
+        if (options.sortLists ?? false) {
+            normalized.sort(({ attributes: { ref: a } }, { attributes: { ref: b } }) => a.localeCompare(b));
+        }
+        return {
+            type: 'element',
+            name: elementName,
+            children: normalized
+        };
+    }
+}
+exports.DependencyGraphNormalizer = DependencyGraphNormalizer;
+_DependencyGraphNormalizer_instances = new WeakSet(), _DependencyGraphNormalizer_normalizeDependency = function _DependencyGraphNormalizer_normalizeDependency(ref, deps, allRefs, options) {
+    const bomRef = ref.toString();
+    if (bomRef.length === 0) {
+        return undefined;
+    }
+    const dependsOn = Array.from(deps).filter(d => allRefs.has(d) && d !== ref)
+        .map(d => d.toString()).filter(d => d.length > 0);
+    if (options.sortLists ?? false) {
+        dependsOn.sort((a, b) => a.localeCompare(b));
+    }
+    return {
+        type: 'element',
+        name: 'dependency',
+        attributes: { ref: bomRef },
+        children: dependsOn.map(d => ({
+            type: 'element',
+            name: 'dependency',
+            attributes: { ref: d }
+        }))
+    };
+};
+function makeOptionalTextElement(data, elementName) {
+    const s = data?.toString() ?? '';
+    return s.length > 0
+        ? makeTextElement(s, elementName)
+        : undefined;
+}
+function makeTextElement(data, elementName) {
+    return {
+        type: 'element',
+        name: elementName,
+        children: data.toString()
+    };
+}
+function makeTextElementIter(data, options, elementName) {
+    const r = Array.from(data, d => makeTextElement(d, elementName));
+    if (options.sortLists ?? false) {
+        r.sort(({ children: a }, { children: b }) => a.localeCompare(b));
+    }
+    return r;
+}
+
+
+/***/ }),
+
+/***/ "./src/serialize/xml/types.ts":
+/*!************************************!*\
+  !*** ./src/serialize/xml/types.ts ***!
+  \************************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.XmlSchema = void 0;
+var XmlSchema;
+(function (XmlSchema) {
+    function isAnyURI(value) {
+        return typeof value === 'string' &&
+            value.length > 0 &&
+            Array.from(value).filter(c => c === '#').length <= 1;
+    }
+    XmlSchema.isAnyURI = isAnyURI;
+})(XmlSchema = exports.XmlSchema || (exports.XmlSchema = {}));
+
+
+/***/ }),
+
+/***/ "./src/serialize/xmlBaseSerializer.ts":
+/*!********************************************!*\
+  !*** ./src/serialize/xmlBaseSerializer.ts ***!
+  \********************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _XmlBaseSerializer_normalizerFactory;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.XmlBaseSerializer = void 0;
+const spec_1 = __webpack_require__(/*! ../spec */ "./src/spec.ts");
+const baseSerializer_1 = __webpack_require__(/*! ./baseSerializer */ "./src/serialize/baseSerializer.ts");
+class XmlBaseSerializer extends baseSerializer_1.BaseSerializer {
+    constructor(normalizerFactory) {
+        if (!normalizerFactory.spec.supportsFormat(spec_1.Format.JSON)) {
+            throw new spec_1.UnsupportedFormatError('Spec does not support JSON format.');
+        }
+        super();
+        _XmlBaseSerializer_normalizerFactory.set(this, void 0);
+        __classPrivateFieldSet(this, _XmlBaseSerializer_normalizerFactory, normalizerFactory, "f");
+    }
+    _normalize(bom, options = {}) {
+        return __classPrivateFieldGet(this, _XmlBaseSerializer_normalizerFactory, "f").makeForBom()
+            .normalize(bom, options);
+    }
+}
+exports.XmlBaseSerializer = XmlBaseSerializer;
+_XmlBaseSerializer_normalizerFactory = new WeakMap();
+
+
+/***/ }),
+
+/***/ "./src/serialize/xmlSerializer.web.ts":
+/*!********************************************!*\
+  !*** ./src/serialize/xmlSerializer.web.ts ***!
+  \********************************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _XmlSerializer_instances, _XmlSerializer_buildXmlDocument, _XmlSerializer_getNS, _XmlSerializer_buildElement, _XmlSerializer_setAttributes, _XmlSerializer_setChildren;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.XmlSerializer = void 0;
+const types_1 = __webpack_require__(/*! ../helpers/types */ "./src/helpers/types.ts");
+const xmlBaseSerializer_1 = __webpack_require__(/*! ./xmlBaseSerializer */ "./src/serialize/xmlBaseSerializer.ts");
+class XmlSerializer extends xmlBaseSerializer_1.XmlBaseSerializer {
+    constructor() {
+        super(...arguments);
+        _XmlSerializer_instances.add(this);
+    }
+    _serialize(normalizedBom, { space } = {}) {
+        const doc = __classPrivateFieldGet(this, _XmlSerializer_instances, "m", _XmlSerializer_buildXmlDocument).call(this, normalizedBom);
+        return (new XMLSerializer()).serializeToString(doc);
+    }
+}
+exports.XmlSerializer = XmlSerializer;
+_XmlSerializer_instances = new WeakSet(), _XmlSerializer_buildXmlDocument = function _XmlSerializer_buildXmlDocument(normalizedBom) {
+    const namespace = null;
+    const doc = document.implementation.createDocument(namespace, null);
+    doc.appendChild(__classPrivateFieldGet(this, _XmlSerializer_instances, "m", _XmlSerializer_buildElement).call(this, normalizedBom, doc, namespace));
+    return doc;
+}, _XmlSerializer_getNS = function _XmlSerializer_getNS(element) {
+    const ns = (element.namespace ?? element.attributes?.xmlns)?.toString() ?? '';
+    return ns.length > 0
+        ? ns
+        : null;
+}, _XmlSerializer_buildElement = function _XmlSerializer_buildElement(element, doc, parentNS) {
+    const ns = __classPrivateFieldGet(this, _XmlSerializer_instances, "m", _XmlSerializer_getNS).call(this, element) ?? parentNS;
+    const node = doc.createElementNS(ns, element.name);
+    if ((0, types_1.isNotUndefined)(element.attributes)) {
+        __classPrivateFieldGet(this, _XmlSerializer_instances, "m", _XmlSerializer_setAttributes).call(this, node, element.attributes);
+    }
+    if ((0, types_1.isNotUndefined)(element.children)) {
+        __classPrivateFieldGet(this, _XmlSerializer_instances, "m", _XmlSerializer_setChildren).call(this, node, element.children, ns);
+    }
+    return node;
+}, _XmlSerializer_setAttributes = function _XmlSerializer_setAttributes(node, attributes) {
+    for (const [name, value] of Object.entries(attributes)) {
+        if ((0, types_1.isNotUndefined)(value) && name !== 'xmlns') {
+            node.setAttribute(name, `${value}`);
+        }
+    }
+}, _XmlSerializer_setChildren = function _XmlSerializer_setChildren(node, children, parentNS = null) {
+    if (typeof children === 'string' || typeof children === 'number') {
+        node.textContent = children.toString();
+        return;
+    }
+    const doc = node.ownerDocument;
+    for (const child of children) {
+        if (child.type === 'element') {
+            node.appendChild(__classPrivateFieldGet(this, _XmlSerializer_instances, "m", _XmlSerializer_buildElement).call(this, child, doc, parentNS));
+        }
+    }
+};
+
+
+/***/ }),
+
+/***/ "./src/spdx.ts":
+/*!*********************!*\
+  !*** ./src/spdx.ts ***!
+  \*********************/
+/***/ ((__unused_webpack_module, exports, __webpack_require__) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.fixupSpdxId = exports.isSupportedSpdxId = void 0;
+const spdx_SNAPSHOT_schema_json_1 = __webpack_require__(/*! ../res/spdx.SNAPSHOT.schema.json */ "./res/spdx.SNAPSHOT.schema.json");
+const spdxIds = new Set(spdx_SNAPSHOT_schema_json_1.enum);
+const spdxLowerToActual = new Map(spdx_SNAPSHOT_schema_json_1.enum.map(spdxId => [spdxId.toLowerCase(), spdxId]));
+function isSupportedSpdxId(value) {
+    return spdxIds.has(value);
+}
+exports.isSupportedSpdxId = isSupportedSpdxId;
+function fixupSpdxId(value) {
+    return typeof value === 'string' && value.length > 0
+        ? spdxLowerToActual.get(value.toLowerCase())
+        : undefined;
+}
+exports.fixupSpdxId = fixupSpdxId;
+
+
+/***/ }),
+
+/***/ "./src/spec.ts":
+/*!*********************!*\
+  !*** ./src/spec.ts ***!
+  \*********************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _Spec_version, _Spec_formats, _Spec_componentTypes, _Spec_hashAlgorithms, _Spec_hashValuePattern, _Spec_externalReferenceTypes, _Spec_supportsDependencyGraph, _Spec_supportsToolReferences;
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.SpecVersionDict = exports.Spec1dot4 = exports.Spec1dot3 = exports.Spec1dot2 = exports.UnsupportedFormatError = exports.Format = exports.Version = void 0;
+const enums_1 = __webpack_require__(/*! ./enums */ "./src/enums/index.ts");
+var Version;
+(function (Version) {
+    Version["v1dot0"] = "1.0";
+    Version["v1dot1"] = "1.1";
+    Version["v1dot2"] = "1.2";
+    Version["v1dot3"] = "1.3";
+    Version["v1dot4"] = "1.4";
+})(Version = exports.Version || (exports.Version = {}));
+var Format;
+(function (Format) {
+    Format["XML"] = "xml";
+    Format["JSON"] = "json";
+})(Format = exports.Format || (exports.Format = {}));
+class UnsupportedFormatError extends Error {
+}
+exports.UnsupportedFormatError = UnsupportedFormatError;
+class Spec {
+    constructor(version, formats, componentTypes, hashAlgorithms, hashValuePattern, externalReferenceTypes, supportsDependencyGraph, supportsToolReferences) {
+        _Spec_version.set(this, void 0);
+        _Spec_formats.set(this, void 0);
+        _Spec_componentTypes.set(this, void 0);
+        _Spec_hashAlgorithms.set(this, void 0);
+        _Spec_hashValuePattern.set(this, void 0);
+        _Spec_externalReferenceTypes.set(this, void 0);
+        _Spec_supportsDependencyGraph.set(this, void 0);
+        _Spec_supportsToolReferences.set(this, void 0);
+        __classPrivateFieldSet(this, _Spec_version, version, "f");
+        __classPrivateFieldSet(this, _Spec_formats, new Set(formats), "f");
+        __classPrivateFieldSet(this, _Spec_componentTypes, new Set(componentTypes), "f");
+        __classPrivateFieldSet(this, _Spec_hashAlgorithms, new Set(hashAlgorithms), "f");
+        __classPrivateFieldSet(this, _Spec_hashValuePattern, hashValuePattern, "f");
+        __classPrivateFieldSet(this, _Spec_externalReferenceTypes, new Set(externalReferenceTypes), "f");
+        __classPrivateFieldSet(this, _Spec_supportsDependencyGraph, supportsDependencyGraph, "f");
+        __classPrivateFieldSet(this, _Spec_supportsToolReferences, supportsToolReferences, "f");
+    }
+    get version() {
+        return __classPrivateFieldGet(this, _Spec_version, "f");
+    }
+    supportsFormat(f) {
+        return __classPrivateFieldGet(this, _Spec_formats, "f").has(f);
+    }
+    supportsComponentType(ct) {
+        return __classPrivateFieldGet(this, _Spec_componentTypes, "f").has(ct);
+    }
+    supportsHashAlgorithm(ha) {
+        return __classPrivateFieldGet(this, _Spec_hashAlgorithms, "f").has(ha);
+    }
+    supportsHashValue(hv) {
+        return typeof hv === 'string' &&
+            __classPrivateFieldGet(this, _Spec_hashValuePattern, "f").test(hv);
+    }
+    supportsExternalReferenceType(ert) {
+        return __classPrivateFieldGet(this, _Spec_externalReferenceTypes, "f").has(ert);
+    }
+    get supportsDependencyGraph() {
+        return __classPrivateFieldGet(this, _Spec_supportsDependencyGraph, "f");
+    }
+    get supportsToolReferences() {
+        return __classPrivateFieldGet(this, _Spec_supportsToolReferences, "f");
+    }
+}
+_Spec_version = new WeakMap(), _Spec_formats = new WeakMap(), _Spec_componentTypes = new WeakMap(), _Spec_hashAlgorithms = new WeakMap(), _Spec_hashValuePattern = new WeakMap(), _Spec_externalReferenceTypes = new WeakMap(), _Spec_supportsDependencyGraph = new WeakMap(), _Spec_supportsToolReferences = new WeakMap();
+exports.Spec1dot2 = Object.freeze(new Spec(Version.v1dot2, [
+    Format.XML,
+    Format.JSON
+], [
+    enums_1.ComponentType.Application,
+    enums_1.ComponentType.Framework,
+    enums_1.ComponentType.Library,
+    enums_1.ComponentType.Container,
+    enums_1.ComponentType.OperatingSystem,
+    enums_1.ComponentType.Device,
+    enums_1.ComponentType.Firmware,
+    enums_1.ComponentType.File
+], [
+    enums_1.HashAlgorithm.MD5,
+    enums_1.HashAlgorithm['SHA-1'],
+    enums_1.HashAlgorithm['SHA-256'],
+    enums_1.HashAlgorithm['SHA-384'],
+    enums_1.HashAlgorithm['SHA-512'],
+    enums_1.HashAlgorithm['SHA3-256'],
+    enums_1.HashAlgorithm['SHA3-384'],
+    enums_1.HashAlgorithm['SHA3-512'],
+    enums_1.HashAlgorithm['BLAKE2b-256'],
+    enums_1.HashAlgorithm['BLAKE2b-384'],
+    enums_1.HashAlgorithm['BLAKE2b-512'],
+    enums_1.HashAlgorithm.BLAKE3
+], /^([a-fA-F0-9]{32})$|^([a-fA-F0-9]{40})$|^([a-fA-F0-9]{64})$|^([a-fA-F0-9]{96})$|^([a-fA-F0-9]{128})$/, [
+    enums_1.ExternalReferenceType.VCS,
+    enums_1.ExternalReferenceType.IssueTracker,
+    enums_1.ExternalReferenceType.Website,
+    enums_1.ExternalReferenceType.Advisories,
+    enums_1.ExternalReferenceType.BOM,
+    enums_1.ExternalReferenceType.MailingList,
+    enums_1.ExternalReferenceType.Social,
+    enums_1.ExternalReferenceType.Chat,
+    enums_1.ExternalReferenceType.Documentation,
+    enums_1.ExternalReferenceType.Support,
+    enums_1.ExternalReferenceType.Distribution,
+    enums_1.ExternalReferenceType.License,
+    enums_1.ExternalReferenceType.BuildMeta,
+    enums_1.ExternalReferenceType.BuildSystem,
+    enums_1.ExternalReferenceType.Other
+], true, false));
+exports.Spec1dot3 = Object.freeze(new Spec(Version.v1dot3, [
+    Format.XML,
+    Format.JSON
+], [
+    enums_1.ComponentType.Application,
+    enums_1.ComponentType.Framework,
+    enums_1.ComponentType.Library,
+    enums_1.ComponentType.Container,
+    enums_1.ComponentType.OperatingSystem,
+    enums_1.ComponentType.Device,
+    enums_1.ComponentType.Firmware,
+    enums_1.ComponentType.File
+], [
+    enums_1.HashAlgorithm.MD5,
+    enums_1.HashAlgorithm['SHA-1'],
+    enums_1.HashAlgorithm['SHA-256'],
+    enums_1.HashAlgorithm['SHA-384'],
+    enums_1.HashAlgorithm['SHA-512'],
+    enums_1.HashAlgorithm['SHA3-256'],
+    enums_1.HashAlgorithm['SHA3-384'],
+    enums_1.HashAlgorithm['SHA3-512'],
+    enums_1.HashAlgorithm['BLAKE2b-256'],
+    enums_1.HashAlgorithm['BLAKE2b-384'],
+    enums_1.HashAlgorithm['BLAKE2b-512'],
+    enums_1.HashAlgorithm.BLAKE3
+], /^([a-fA-F0-9]{32})$|^([a-fA-F0-9]{40})$|^([a-fA-F0-9]{64})$|^([a-fA-F0-9]{96})$|^([a-fA-F0-9]{128})$/, [
+    enums_1.ExternalReferenceType.VCS,
+    enums_1.ExternalReferenceType.IssueTracker,
+    enums_1.ExternalReferenceType.Website,
+    enums_1.ExternalReferenceType.Advisories,
+    enums_1.ExternalReferenceType.BOM,
+    enums_1.ExternalReferenceType.MailingList,
+    enums_1.ExternalReferenceType.Social,
+    enums_1.ExternalReferenceType.Chat,
+    enums_1.ExternalReferenceType.Documentation,
+    enums_1.ExternalReferenceType.Support,
+    enums_1.ExternalReferenceType.Distribution,
+    enums_1.ExternalReferenceType.License,
+    enums_1.ExternalReferenceType.BuildMeta,
+    enums_1.ExternalReferenceType.BuildSystem,
+    enums_1.ExternalReferenceType.Other
+], true, false));
+exports.Spec1dot4 = Object.freeze(new Spec(Version.v1dot4, [
+    Format.XML,
+    Format.JSON
+], [
+    enums_1.ComponentType.Application,
+    enums_1.ComponentType.Framework,
+    enums_1.ComponentType.Library,
+    enums_1.ComponentType.Container,
+    enums_1.ComponentType.OperatingSystem,
+    enums_1.ComponentType.Device,
+    enums_1.ComponentType.Firmware,
+    enums_1.ComponentType.File
+], [
+    enums_1.HashAlgorithm.MD5,
+    enums_1.HashAlgorithm['SHA-1'],
+    enums_1.HashAlgorithm['SHA-256'],
+    enums_1.HashAlgorithm['SHA-384'],
+    enums_1.HashAlgorithm['SHA-512'],
+    enums_1.HashAlgorithm['SHA3-256'],
+    enums_1.HashAlgorithm['SHA3-384'],
+    enums_1.HashAlgorithm['SHA3-512'],
+    enums_1.HashAlgorithm['BLAKE2b-256'],
+    enums_1.HashAlgorithm['BLAKE2b-384'],
+    enums_1.HashAlgorithm['BLAKE2b-512'],
+    enums_1.HashAlgorithm.BLAKE3
+], /^([a-fA-F0-9]{32})$|^([a-fA-F0-9]{40})$|^([a-fA-F0-9]{64})$|^([a-fA-F0-9]{96})$|^([a-fA-F0-9]{128})$/, [
+    enums_1.ExternalReferenceType.VCS,
+    enums_1.ExternalReferenceType.IssueTracker,
+    enums_1.ExternalReferenceType.Website,
+    enums_1.ExternalReferenceType.Advisories,
+    enums_1.ExternalReferenceType.BOM,
+    enums_1.ExternalReferenceType.MailingList,
+    enums_1.ExternalReferenceType.Social,
+    enums_1.ExternalReferenceType.Chat,
+    enums_1.ExternalReferenceType.Documentation,
+    enums_1.ExternalReferenceType.Support,
+    enums_1.ExternalReferenceType.Distribution,
+    enums_1.ExternalReferenceType.License,
+    enums_1.ExternalReferenceType.BuildMeta,
+    enums_1.ExternalReferenceType.BuildSystem,
+    enums_1.ExternalReferenceType.ReleaseNotes,
+    enums_1.ExternalReferenceType.Other
+], true, true));
+exports.SpecVersionDict = Object.freeze(Object.fromEntries([
+    [Version.v1dot2, exports.Spec1dot2],
+    [Version.v1dot3, exports.Spec1dot3],
+    [Version.v1dot4, exports.Spec1dot4]
+]));
+
+
+/***/ }),
+
+/***/ "./src/types/cpe.ts":
+/*!**************************!*\
+  !*** ./src/types/cpe.ts ***!
+  \**************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.isCPE = void 0;
+const cpePattern = /^([c][pP][eE]:\/[AHOaho]?(:[A-Za-z0-9\._\-~%]*){0,6})$|^(cpe:2\.3:[aho\*\-](:(((\?*|\*?)([a-zA-Z0-9\-\._]|(\\[\\\*\?!&quot;#$$%&amp;'\(\)\+,\/:;&lt;=&gt;@\[\]\^`\{\|}~]))+(\?*|\*?))|[\*\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[\*\-]))(:(((\?*|\*?)([a-zA-Z0-9\-\._]|(\\[\\\*\?!&quot;#$$%&amp;'\(\)\+,\/:;&lt;=&gt;@\[\]\^`\{\|}~]))+(\?*|\*?))|[\*\-])){4})$/;
+function isCPE(value) {
+    return typeof value === 'string' &&
+        cpePattern.test(value);
+}
+exports.isCPE = isCPE;
+
+
+/***/ }),
+
+/***/ "./src/types/index.ts":
+/*!****************************!*\
+  !*** ./src/types/index.ts ***!
+  \****************************/
+/***/ (function(__unused_webpack_module, exports, __webpack_require__) {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+__exportStar(__webpack_require__(/*! ./cpe */ "./src/types/cpe.ts"), exports);
+__exportStar(__webpack_require__(/*! ./integer */ "./src/types/integer.ts"), exports);
+__exportStar(__webpack_require__(/*! ./mimeType */ "./src/types/mimeType.ts"), exports);
+__exportStar(__webpack_require__(/*! ./urn */ "./src/types/urn.ts"), exports);
+
+
+/***/ }),
+
+/***/ "./src/types/integer.ts":
+/*!******************************!*\
+  !*** ./src/types/integer.ts ***!
+  \******************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.isPositiveInteger = exports.isNonNegativeInteger = exports.isInteger = void 0;
+function isInteger(value) {
+    return Number.isInteger(value);
+}
+exports.isInteger = isInteger;
+function isNonNegativeInteger(value) {
+    return isInteger(value) &&
+        value >= 0;
+}
+exports.isNonNegativeInteger = isNonNegativeInteger;
+function isPositiveInteger(value) {
+    return isInteger(value) &&
+        value > 0;
+}
+exports.isPositiveInteger = isPositiveInteger;
+
+
+/***/ }),
+
+/***/ "./src/types/mimeType.ts":
+/*!*******************************!*\
+  !*** ./src/types/mimeType.ts ***!
+  \*******************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.isMimeType = void 0;
+const mimeTypePattern = /^[-+a-z0-9.]+\/[-+a-z0-9.]+$/;
+function isMimeType(value) {
+    return typeof value === 'string' &&
+        mimeTypePattern.test(value);
+}
+exports.isMimeType = isMimeType;
+
+
+/***/ }),
+
+/***/ "./src/types/urn.ts":
+/*!**************************!*\
+  !*** ./src/types/urn.ts ***!
+  \**************************/
+/***/ ((__unused_webpack_module, exports) => {
+
+
+/*!
+This file is part of CycloneDX JavaScript Library.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+SPDX-License-Identifier: Apache-2.0
+Copyright (c) OWASP Foundation. All Rights Reserved.
+*/
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.isUrnUuid = void 0;
+const urnUuidPattern = /^urn:uuid:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/;
+function isUrnUuid(value) {
+    return typeof value === 'string' &&
+        urnUuidPattern.test(value);
+}
+exports.isUrnUuid = isUrnUuid;
+
+
+/***/ }),
+
+/***/ "./res/spdx.SNAPSHOT.schema.json":
+/*!***************************************!*\
+  !*** ./res/spdx.SNAPSHOT.schema.json ***!
+  \***************************************/
+/***/ ((module) => {
+
+module.exports = JSON.parse('{"$schema":"http://json-schema.org/draft-07/schema#","$id":"http://cyclonedx.org/schema/spdx.schema.json","$comment":"v1.0-3.16","type":"string","enum":["Interbase-1.0","Mup","GPL-2.0-with-autoconf-exception","OLDAP-2.1","CC-BY-NC-SA-3.0-IGO","LGPL-2.0+","xpp","OFL-1.1","CNRI-Python","Linux-man-pages-copyleft","OLDAP-2.2","OSL-1.1","EPL-2.0","AFL-1.1","AGPL-1.0-or-later","GLWTPL","MIT-Modern-Variant","BSD-1-Clause","SGI-B-1.0","OML","psfrag","Artistic-1.0","CC-PDDC","eGenix","EUPL-1.1","Sendmail","PSF-2.0","OGL-UK-1.0","MTLL","NAIST-2003","ANTLR-PD-fallback","PostgreSQL","OSL-1.0","NGPL","CC-BY-NC-ND-4.0","CPOL-1.02","FSFULLR","GFDL-1.2-no-invariants-only","Net-SNMP","ADSL","Sendmail-8.23","CNRI-Jython","RPL-1.5","BSD-2-Clause-Patent","OFL-1.1-no-RFN","APSL-1.2","OLDAP-2.4","MPL-2.0-no-copyleft-exception","ISC","CC-BY-SA-2.5","Sleepycat","CUA-OPL-1.0","Frameworx-1.0","CPAL-1.0","NLOD-2.0","CC-BY-NC-2.0","GFDL-1.1-no-invariants-or-later","CC-BY-2.5","Newsletr","Parity-7.0.0","Leptonica","MIT-CMU","APAFML","CC-BY-NC-2.5","CAL-1.0-Combined-Work-Exception","BSD-4-Clause-Shortened","NPL-1.1","Qhull","CECILL-C","GPL-1.0-only","CC-BY-NC-ND-3.0-DE","CC-BY-NC-SA-3.0","CC-BY-NC-SA-1.0","MIT-open-group","Multics","SWL","GPL-1.0+","GPL-3.0-or-later","DOC","PHP-3.0","SISSL-1.2","CDL-1.0","LPL-1.0","RHeCos-1.1","LAL-1.3","CC-BY-SA-3.0-DE","CDLA-Permissive-1.0","gnuplot","App-s2p","iMatix","MS-PL","eCos-2.0","BSD-3-Clause","CC-BY-NC-ND-3.0-IGO","ICU","AGPL-3.0-or-later","CC-BY-SA-2.1-JP","CC-BY-NC-SA-4.0","Unlicense","CC-BY-NC-3.0-DE","OLDAP-1.4","CERN-OHL-W-2.0","SugarCRM-1.1.3","IPA","AFL-2.0","Unicode-DFS-2016","CC-BY-NC-ND-3.0","CERN-OHL-P-2.0","CC-BY-NC-3.0","COIL-1.0","CAL-1.0","LiLiQ-P-1.1","OFL-1.1-RFN","LPL-1.02","OLDAP-1.3","OGDL-Taiwan-1.0","CC-BY-NC-SA-2.0","Python-2.0","NTP-0","FSFAP","ErlPL-1.1","Barr","CC-BY-3.0-US","BSD-3-Clause-No-Nuclear-License-2014","NLPL","BSD-3-Clause-Clear","SGI-B-1.1","PDDL-1.0","CDDL-1.0","LGPL-2.1-or-later","BlueOak-1.0.0","CC-BY-NC-SA-2.0-FR","FDK-AAC","StandardML-NJ","AGPL-1.0-only","CECILL-1.0","AAL","GPL-2.0-with-font-exception","Info-ZIP","SSH-OpenSSH","SSH-short","GPL-2.0-or-later","ClArtistic","SNIA","GFDL-1.1-invariants-only","BSD-3-Clause-No-Military-License","GFDL-1.1","MPL-1.1","OLDAP-1.1","JSON","GFDL-1.3-no-invariants-only","OCLC-2.0","OLDAP-2.0.1","FreeBSD-DOC","GPL-1.0-or-later","YPL-1.1","CPL-1.0","Apache-1.0","OFL-1.0","CC-BY-4.0","DSDP","IBM-pibs","MIT-0","DRL-1.0","Zlib","APL-1.0","Watcom-1.0","GPL-2.0-with-GCC-exception","EUPL-1.2","FSFUL","NASA-1.3","BSD-2-Clause","XFree86-1.1","Eurosym","OLDAP-2.8","dvipdfm","NIST-PD","Apache-1.1","Parity-6.0.0","CC-BY-2.0","LGPL-3.0+","BSD-2-Clause-Views","GPL-2.0-with-classpath-exception","BSD-3-Clause-No-Nuclear-Warranty","X11","CDLA-Permissive-2.0","HaskellReport","Artistic-1.0-cl8","APSL-2.0","GPL-3.0+","SHL-0.5","CNRI-Python-GPL-Compatible","Condor-1.1","OLDAP-2.3","GPL-2.0-only","BUSL-1.1","LiLiQ-R-1.1","AMPAS","copyleft-next-0.3.1","GFDL-1.3-invariants-or-later","OLDAP-2.7","OSL-2.0","Unicode-DFS-2015","CATOSL-1.1","RSCPL","libpng-2.0","LPPL-1.1","CDLA-Sharing-1.0","Glulxe","GFDL-1.3-no-invariants-or-later","OLDAP-1.2","CDDL-1.1","CERN-OHL-1.1","BSD-Source-Code","IJG","Zimbra-1.4","0BSD","CC-BY-1.0","wxWindows","ZPL-2.1","NTP","Artistic-1.0-Perl","CC-BY-ND-2.0","CC-BY-ND-4.0","Adobe-2006","EPL-1.0","diffmark","xinetd","Plexus","JPNIC","Adobe-Glyph","Cube","TCP-wrappers","CC-BY-SA-1.0","BSD-2-Clause-FreeBSD","OGL-Canada-2.0","ANTLR-PD","LGPL-2.1+","OSL-2.1","psutils","SCEA","MirOS","Hippocratic-2.1","GFDL-1.2-invariants-only","LGPL-2.1-only","Entessa","MS-RL","libselinux-1.0","LGPL-2.0","OLDAP-2.5","Imlib2","Libpng","SchemeReport","MPL-1.0","SAX-PD","NLOD-1.0","SimPL-2.0","TU-Berlin-1.0","GFDL-1.1-no-invariants-only","CC-BY-ND-3.0-DE","MakeIndex","EPICS","GFDL-1.3-invariants-only","XSkat","bzip2-1.0.5","Community-Spec-1.0","GL2PS","HPND","bzip2-1.0.6","CC-BY-NC-1.0","Fair","CECILL-B","Glide","CC-BY-SA-4.0","CC0-1.0","MIT-enna","Wsuipa","RSA-MD","VOSTROM","O-UDA-1.0","CERN-OHL-S-2.0","X11-distribute-modifications-variant","copyleft-next-0.3.0","Zimbra-1.3","NIST-PD-fallback","Nokia","AFL-2.1","ZPL-2.0","ODbL-1.0","zlib-acknowledgement","PHP-3.01","Afmparse","HPND-sell-variant","PolyForm-Small-Business-1.0.0","IPL-1.0","CECILL-1.1","MIT-feh","OFL-1.0-RFN","TMate","BSD-3-Clause-No-Nuclear-License","W3C-19980720","SPL-1.0","NetCDF","Aladdin","AMDPLPA","CrystalStacker","Intel-ACPI","CERN-OHL-1.2","CC-BY-NC-SA-3.0-DE","MIT","Zed","OLDAP-2.0","MulanPSL-1.0","EFL-2.0","Latex2e","Spencer-94","OPL-1.0","CC-BY-NC-4.0","LGPL-3.0-or-later","UPL-1.0","NCSA","SGI-B-2.0","GPL-3.0-with-GCC-exception","Zend-2.0","ImageMagick","OLDAP-2.6","Unicode-TOU","GPL-3.0-only","Artistic-2.0","blessing","etalab-2.0","GFDL-1.2-only","LPPL-1.0","Rdisc","BSD-3-Clause-Modification","Xerox","MPL-2.0","BitTorrent-1.1","CC-BY-NC-ND-2.0","SISSL","libtiff","CC-BY-NC-SA-2.0-UK","D-FSL-1.0","LPPL-1.2","TAPR-OHL-1.0","EUPL-1.0","SHL-0.51","FTL","W3C-20150513","OSET-PL-2.1","EUDatagrid","UCL-1.0","Borceux","Elastic-2.0","BSD-2-Clause-NetBSD","BSD-3-Clause-Open-MPI","OSL-3.0","curl","Spencer-86","BSL-1.0","SMLNJ","TOSL","NOSL","AFL-1.2","MulanPSL-2.0","Motosoto","CC-BY-NC-SA-2.5","JasPer-2.0","BSD-4-Clause-UC","Bahyph","VSL-1.0","W3C","ODC-By-1.0","BitTorrent-1.0","OGL-UK-2.0","LGPL-3.0-only","Xnet","Ruby","GFDL-1.3","ZPL-1.1","OCCT-PL","LPPL-1.3c","Apache-2.0","GD","CC-BY-3.0-NL","LPPL-1.3a","CC-BY-2.5-AU","GFDL-1.1-only","GFDL-1.1-or-later","OGL-UK-3.0","YPL-1.0","RPL-1.1","LGPL-2.0-or-later","OPUBL-1.0","Noweb","AFL-3.0","Nunit","CC-BY-3.0","Beerware","Caldera","GPL-1.0","GPL-2.0+","NCGL-UK-2.0","CC-BY-ND-2.5","GPL-2.0","Intel","Vim","CC-BY-SA-2.0","MITNFA","APSL-1.1","GFDL-1.2-or-later","BSD-3-Clause-Attribution","OFL-1.0-no-RFN","Naumen","CC-BY-NC-ND-2.5","C-UDA-1.0","LGPLLR","mpich2","APSL-1.0","Linux-OpenIB","MIT-advertising","GFDL-1.2","OGTSL","Dotseqn","DL-DE-BY-2.0","Saxpath","AGPL-3.0","Abstyles","CC-BY-SA-3.0","Giftware","FreeImage","CECILL-2.1","RPSL-1.0","GFDL-1.3-or-later","GFDL-1.1-invariants-or-later","ECL-2.0","LiLiQ-Rplus-1.1","GPL-3.0-with-autoconf-exception","Jam","GFDL-1.2-no-invariants-or-later","CECILL-2.0","PolyForm-Noncommercial-1.0.0","OGC-1.0","CC-BY-ND-3.0","QPL-1.0","LAL-1.2","CC-BY-3.0-DE","OpenSSL","Spencer-99","CC-BY-SA-3.0-AT","BSD-Protection","OLDAP-2.2.2","NRL","TORQUE-1.1","HTMLTIDY","SSPL-1.0","NPL-1.0","LGPL-2.0-only","AGPL-3.0-only","GFDL-1.2-invariants-or-later","GPL-2.0-with-bison-exception","CC-BY-NC-ND-1.0","ECL-1.0","WTFPL","CC-BY-SA-2.0-UK","GPL-3.0","OLDAP-2.2.1","SMPPL","CC-BY-3.0-AT","EFL-1.0","NBPL-1.0","BSD-3-Clause-LBNL","AGPL-1.0","Crossword","TCL","CC-BY-ND-1.0","AML","TU-Berlin-2.0","GFDL-1.3-only","NPOSL-3.0","BSD-4-Clause","gSOAP-1.3b","LGPL-2.1","LGPL-3.0","freertos-exception-2.0","Swift-exception","Qt-LGPL-exception-1.1","gnu-javamail-exception","CLISP-exception-2.0","eCos-exception-2.0","GPL-CC-1.0","DigiRule-FOSS-exception","Font-exception-2.0","Qt-GPL-exception-1.0","PS-or-PDF-font-exception-20170817","GPL-3.0-linking-source-exception","Linux-syscall-note","GCC-exception-2.0","LZMA-exception","Autoconf-exception-3.0","u-boot-exception-2.0","LLVM-exception","OCaml-LGPL-linking-exception","Autoconf-exception-2.0","Bootloader-exception","LGPL-3.0-linking-exception","openvpn-openssl-exception","FLTK-exception","Bison-exception-2.2","OCCT-exception-1.0","GCC-exception-3.1","OpenJDK-assembly-exception-1.0","WxWindows-exception-3.1","Fawkes-Runtime-exception","Nokia-Qt-exception-1.1","Qwt-exception-1.0","Universal-FOSS-exception-1.0","Classpath-exception-2.0","SHL-2.0","GPL-3.0-linking-exception","SHL-2.1","Libtool-exception","mif-exception","389-exception","i2p-gpl-java-exception"]}');
+
+/***/ })
+
+/******/ 	});
+/************************************************************************/
+/******/ 	// The module cache
+/******/ 	var __webpack_module_cache__ = {};
+/******/ 	
+/******/ 	// The require function
+/******/ 	function __webpack_require__(moduleId) {
+/******/ 		// Check if module is in cache
+/******/ 		var cachedModule = __webpack_module_cache__[moduleId];
+/******/ 		if (cachedModule !== undefined) {
+/******/ 			return cachedModule.exports;
+/******/ 		}
+/******/ 		// Create a new module (and put it into the cache)
+/******/ 		var module = __webpack_module_cache__[moduleId] = {
+/******/ 			// no module.id needed
+/******/ 			// no module.loaded needed
+/******/ 			exports: {}
+/******/ 		};
+/******/ 	
+/******/ 		// Execute the module function
+/******/ 		__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);
+/******/ 	
+/******/ 		// Return the exports of the module
+/******/ 		return module.exports;
+/******/ 	}
+/******/ 	
+/************************************************************************/
+/******/ 	
+/******/ 	// startup
+/******/ 	// Load entry module and return exports
+/******/ 	// This entry module is referenced by other modules so it can't be inlined
+/******/ 	var __webpack_exports__ = __webpack_require__("./src/_index.web.ts");
+/******/ 	
+/******/ 	return __webpack_exports__;
+/******/ })()
+;
+});
+//# sourceMappingURL=lib.dev.js.map