@dxworks/depinder 0.1.5 → 0.2.0

package/dist/plugins/javascript/index.js

@@ -64,7 +64,7 @@ function getParentLockFile(packageFile, maxDepth = 5) {
 const parser = {
     parseDependencyTree: parseLockFile,
 };
-function recursivelyTransformDeps(tree, result) {
+function recursivelyTransformTreeDeps(tree, result) {
     var _a;
     const rootId = `${tree.name}@${tree.version}`;
     Object.values((_a = tree.dependencies) !== null && _a !== void 0 ? _a : {}).forEach(dep => {
@@ -89,28 +89,121 @@ function recursivelyTransformDeps(tree, result) {
                 logging_1.log.warn(`Invalid version! ${e}`);
             }
         }
-        recursivelyTransformDeps(dep, result);
+        recursivelyTransformTreeDeps(dep, result);
     });
 }
-function transformDeps(tree, root) {
+function transformGraphDepsFlat(rootId, dependencies, result) {
+    dependencies.forEach(dependency => {
+        const lastAt = dependency.nodeId.lastIndexOf('@');
+        const name = dependency.nodeId.slice(0, lastAt);
+        const version = dependency.nodeId.slice(lastAt + 1);
+        const id = `${name}@${version}`;
+        const cachedVersion = result.get(id);
+        if (cachedVersion) {
+            cachedVersion.requestedBy = [rootId, ...cachedVersion.requestedBy];
+        }
+        else {
+            try {
+                const semver = new semver_1.SemVer(version !== null && version !== void 0 ? version : '', true);
+                result.set(id, {
+                    id,
+                    version: version,
+                    name: name,
+                    semver: semver,
+                    requestedBy: [rootId],
+                });
+            }
+            catch (e) {
+                logging_1.log.warn(`Invalid version! ${e}`);
+            }
+        }
+        dependency.deps.forEach((transitiveDep) => {
+            const lastAt = transitiveDep.nodeId.lastIndexOf('@');
+            const name = transitiveDep.nodeId.slice(0, lastAt);
+            const version = transitiveDep.nodeId.slice(lastAt + 1);
+            const id = `${name}@${version}`;
+            const cachedVersion = result.get(id);
+            if (cachedVersion) {
+                cachedVersion.requestedBy = [dependency.nodeId, ...cachedVersion.requestedBy];
+            }
+            else {
+                try {
+                    const semver = new semver_1.SemVer(version !== null && version !== void 0 ? version : '', true);
+                    result.set(id, {
+                        id,
+                        version: version,
+                        name: name,
+                        semver: semver,
+                        requestedBy: [dependency.nodeId],
+                    });
+                }
+                catch (e) {
+                    logging_1.log.warn(`Invalid version! ${e}`);
+                }
+            }
+        });
+    });
+}
+function transformTreeDeps(tree, root) {
     logging_1.log.info(`Starting recursive transformation for ${root}`);
     const result = new Map();
-    recursivelyTransformDeps(tree, result);
+    recursivelyTransformTreeDeps(tree, result);
+    logging_1.log.info(`End recursive transformation for ${root}.`);
+    return result;
+}
+function transformGraphDeps(depGraphNodes, root) {
+    logging_1.log.info(`Starting recursive transformation for ${root}`);
+    const result = new Map();
+    transformGraphDepsFlat(depGraphNodes[0].pkgId, depGraphNodes, result);
     logging_1.log.info(`End recursive transformation for ${root}.`);
     return result;
 }
 async function parseLockFile({ root, manifestFile, lockFile }) {
-    var _a, _b;
-    // const lockFileVersion = getLockfileVersionFromFile(lockFile)
-    // log.info(`parsing ${path.resolve(root, lockFile)}`)
-    const result = await (0, snyk_nodejs_lockfile_parser_1.buildDepTreeFromFiles)(root, manifestFile !== null && manifestFile !== void 0 ? manifestFile : 'package.json', lockFile !== null && lockFile !== void 0 ? lockFile : '', true, false);
-    const manifestJSON = JSON.parse(fs_1.default.readFileSync(path_1.default.resolve(root, manifestFile !== null && manifestFile !== void 0 ? manifestFile : 'package.json'), 'utf8'));
-    return {
-        path: path_1.default.resolve(root, manifestFile !== null && manifestFile !== void 0 ? manifestFile : 'package.json'),
-        name: (_a = result.name) !== null && _a !== void 0 ? _a : manifestJSON.name,
-        version: (_b = result.version) !== null && _b !== void 0 ? _b : manifestJSON.version,
-        dependencies: Object.fromEntries(transformDeps(result, root)),
-    };
+    var _a, _b, _c, _d;
+    const manifestFilePath = path_1.default.resolve(root, manifestFile !== null && manifestFile !== void 0 ? manifestFile : 'package.json');
+    const lockFilePath = path_1.default.resolve(root, lockFile);
+    const lockFileVersion = (0, snyk_nodejs_lockfile_parser_1.getLockfileVersionFromFile)(lockFilePath);
+    switch (lockFileVersion) {
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.YarnLockV1:
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.YarnLockV2:
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.NpmLockV1: {
+            const result = await (0, snyk_nodejs_lockfile_parser_1.buildDepTreeFromFiles)(root, manifestFile !== null && manifestFile !== void 0 ? manifestFile : 'package.json', lockFile !== null && lockFile !== void 0 ? lockFile : '', true, false);
+            const manifestJSON = JSON.parse(fs_1.default.readFileSync(manifestFilePath, 'utf8'));
+            return {
+                path: manifestFilePath,
+                name: (_a = result.name) !== null && _a !== void 0 ? _a : manifestJSON.name,
+                version: (_b = result.version) !== null && _b !== void 0 ? _b : manifestJSON.version,
+                dependencies: Object.fromEntries(transformTreeDeps(result, root)),
+            };
+        }
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.NpmLockV2:
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.NpmLockV3: {
+            // const oldResult = await buildDepTreeFromFiles(root, manifestFile ?? 'package.json', lockFile ?? '', true, false)
+            const manifestFileContent = fs_1.default.readFileSync(manifestFilePath, 'utf8');
+            const lockFileContent = fs_1.default.readFileSync(lockFilePath, 'utf8');
+            const result = await (0, snyk_nodejs_lockfile_parser_1.parseNpmLockV2Project)(manifestFileContent, lockFileContent, {
+                includeDevDeps: true,
+                strictOutOfSync: false,
+                includeOptionalDeps: false,
+                pruneCycles: true,
+                includePeerDeps: false,
+                pruneNpmStrictOutOfSync: false
+            });
+            const manifestJSON = JSON.parse(fs_1.default.readFileSync(manifestFilePath, 'utf8'));
+            return {
+                path: manifestFilePath,
+                name: (_c = result.rootPkg.name) !== null && _c !== void 0 ? _c : manifestJSON.name,
+                version: (_d = result.rootPkg.version) !== null && _d !== void 0 ? _d : manifestJSON.version,
+                dependencies: Object.fromEntries(transformGraphDeps(result.toJSON().graph.nodes, root)),
+            };
+        }
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.PnpmLockV5:
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.PnpmLockV6:
+        case snyk_nodejs_lockfile_parser_1.NodeLockfileVersion.PnpmLockV9:
+        default: {
+            throw new Error(`Lockfile version ${lockFileVersion} is not supported by Depinder. Please use npm v1 / v2 / v3 or yarn v1 / v2`);
+        }
+    }
 }
 async function retrieveFromNpm(libraryName) {
     const response = await (0, npm_registry_fetch_1.json)(libraryName);

package/dist/plugins/javascript/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/javascript/index.ts"],"names":[],"mappings":";;;;;;AAOA,6EAAiE;AACjE,gDAAuB;AACvB,mCAA6B;AAG7B,2DAAuC;AAGvC,yCAAmC;AACnC,4CAAmB;AACnB,iDAAuC;AAEvC,MAAM,SAAS,GAAc;IACzB,KAAK,EAAE,CAAC,cAAc,EAAE,mBAAmB,EAAE,WAAW,CAAC;IACzD,cAAc,EAAE,KAAK,CAAC,EAAE;QACpB,MAAM,gBAAgB,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACjH,IAAI,EAAE,cAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,QAAQ,EAAE,cAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3B,YAAY,EAAE,cAAc;SACL,CAAA,CAAC,CAAA;QAE5B,MAAM,2BAA2B,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;aAC9E,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;aACzF,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,iBAAiB,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC;aAC9D,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACR,IAAI,EAAE,cAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,YAAY,EAAE,cAAc;YAC5B,QAAQ,EAAE,iBAAiB,CAAC,EAAE,CAAC;SACR,CAAA,CAAC,CAAA;QAGhC,MAAM,eAAe,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;aAClE,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;aACzF,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,2BAA2B,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;aACpG,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACR,IAAI,EAAE,cAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,YAAY,EAAE,cAAc;SACL,CAAA,CAAC;aAC3B,GAAG,CAAC,OAAO,CAAC,EAAE;YACX,IAAI;gBACA,aAAG,CAAC,IAAI,CAAC,oCAAoC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;gBAC5D,SAAG,CAAC,OAAO,CAAC,EAAE,EAAE,qBAAqB,EAAE,OAAO,CAAC,IAAI,CAAC,CAAA;gBACpD,uCACO,OAAO,KACV,QAAQ,EAAE,cAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAC5D;aACJ;YAAC,OAAO,CAAM,EAAE;gBACb,aAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBACZ,OAAO,IAAI,CAAA;aACd;QACL,CAAC,CAAC;aACD,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,IAAI,CAAC;aACzB,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAA2B,CAAC,CAAA;QAE3C,OAAO,CAAC,GAAG,gBAAgB,EAAE,GAAG,eAAe,EAAE,GAAG,2BAA2B,CAAC,CAAA;IACpF,CAAC;IACD,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC;CAC7C,CAAA;AAGD,SAAS,iBAAiB,CAAC,WAAmB,EAAE,QAAQ,GAAG,CAAC;IACxD,MAAM,GAAG,GAAG,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAA;IACrC,IAAI,QAAQ,GAAG,CAAC;QACZ,OAAO,IAAI,CAAA;IACf,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;QACrD,OAAO,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAA;IACjD,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QAC7C,OAAO,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IACzC,OAAO,iBAAiB,CAAC,GAAG,EAAE,QAAQ,GAAG,CAAC,CAAC,CAAA;AAC/C,CAAC;AAED,MAAM,MAAM,GAAW;IACnB,mBAAmB,EAAE,aAAa;CACrC,CAAA;AAED,SAAS,wBAAwB,CAAC,IAAgB,EAAE,MAAuC;;IACvF,MAAM,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAA;IAC7C,MAAM,CAAC,MAAM,CAAC,MAAA,IAAI,CAAC,YAAY,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;;QACjD,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAA;QACvC,MAAM,aAAa,GAAG,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACpC,IAAI,aAAa,EAAE;YACf,aAAa,CAAC,WAAW,GAAG,CAAC,MAAM,EAAE,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;SACrE;aAAM;YACH,IAAI;gBACA,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,MAAA,GAAG,CAAC,OAAO,mCAAI,EAAE,EAAE,IAAI,CAAC,CAAA;gBAClD,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE;oBACX,EAAE;oBACF,OAAO,EAAE,GAAG,CAAC,OAAO;oBACpB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,CAAC,MAAM,CAAC;iBACF,CAAC,CAAA;aAC3B;YAAC,OAAO,CAAC,EAAE;gBACR,aAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAA;aACpC;SACJ;QACD,wBAAwB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;IACzC,CAAC,CAAC,CAAA;AACN,CAAC;AAED,SAAS,aAAa,CAAC,IAAgB,EAAE,IAAY;IACjD,aAAG,CAAC,IAAI,CAAC,yCAAyC,IAAI,EAAE,CAAC,CAAA;IACzD,MAAM,MAAM,GAAoC,IAAI,GAAG,EAA8B,CAAA;IACrF,wBAAwB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IACtC,aAAG,CAAC,IAAI,CAAC,oCAAoC,IAAI,GAAG,CAAC,CAAA;IACrD,OAAO,MAAM,CAAA;AACjB,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,EAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAwB;;IAC9E,+DAA+D;IAC/D,sDAAsD;IACtD,MAAM,MAAM,GAAG,MAAM,IAAA,mDAAqB,EAAC,IAAI,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,cAAc,EAAE,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,CAAA;IAE7G,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAE,CAAC,YAAY,CAAC,cAAI,CAAC,OAAO,CAAC,IAAI,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,cAAc,CAAC,EAAE,MAAM,CAAC,CAAC,CAAA;IAC5G,OAAO;QACH,IAAI,EAAE,cAAI,CAAC,OAAO,CAAC,IAAI,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,cAAc,CAAC;QACxD,IAAI,EAAE,MAAA,MAAM,CAAC,IAAI,mCAAI,YAAY,CAAC,IAAI;QACtC,OAAO,EAAE,MAAA,MAAM,CAAC,OAAO,mCAAI,YAAY,CAAC,OAAO;QAC/C,YAAY,EAAE,MAAM,CAAC,WAAW,CAAC,aAAa,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;KAChE,CAAA;AACL,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,WAAmB;IACrD,MAAM,QAAQ,GAAQ,MAAM,IAAA,yBAAI,EAAC,WAAW,CAAC,CAAA;IAE7C,OAAO;QACH,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE;;YACvD,OAAO;gBACH,OAAO,EAAE,EAAE,CAAC,OAAO;gBACnB,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC;gBAChD,QAAQ,EAAE,EAAE,CAAC,OAAO;gBACpB,MAAM,EAAE,EAAE,CAAC,OAAO,KAAI,MAAA,QAAQ,CAAC,WAAW,CAAC,0CAAE,MAAM,CAAA;aACtD,CAAA;QACL,CAAC,CAAC;QACF,WAAW,EAAE,QAAQ,CAAC,WAAW;QACjC,SAAS,EAAE,EAAE;QACb,QAAQ,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC5B,QAAQ,EAAE,EAAE;QACZ,QAAQ,EAAE,QAAQ,CAAC,QAAQ;KAC9B,CAAA;AACL,CAAC;AAnBD,0CAmBC;AAED,MAAM,SAAS,GAAc;IACzB,QAAQ,EAAE,eAAe;CAC5B,CAAA;AAED,MAAM,OAAO,GAAyB;IAClC,+BAA+B,EAAE,KAAK;IACtC,OAAO,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,GAAG,EAAE;CACrE,CAAA;AAEY,QAAA,UAAU,GAAW;IAC9B,IAAI,EAAE,KAAK;IACX,OAAO,EAAE,CAAC,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC;IACvD,SAAS;IACT,MAAM;IACN,SAAS;IACT,OAAO;CACV,CAAA"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/plugins/javascript/index.ts"],"names":[],"mappings":";;;;;;AAOA,6EAKoC;AACpC,gDAAuB;AACvB,mCAA6B;AAG7B,2DAAuC;AAGvC,yCAAmC;AACnC,4CAAmB;AACnB,iDAAuC;AAGvC,MAAM,SAAS,GAAc;IACzB,KAAK,EAAE,CAAC,cAAc,EAAE,mBAAmB,EAAE,WAAW,CAAC;IACzD,cAAc,EAAE,KAAK,CAAC,EAAE;QACpB,MAAM,gBAAgB,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACjH,IAAI,EAAE,cAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,QAAQ,EAAE,cAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3B,YAAY,EAAE,cAAc;SACL,CAAA,CAAC,CAAA;QAE5B,MAAM,2BAA2B,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;aAC9E,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;aACzF,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,iBAAiB,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC;aAC9D,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACR,IAAI,EAAE,cAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,YAAY,EAAE,cAAc;YAC5B,QAAQ,EAAE,iBAAiB,CAAC,EAAE,CAAC;SACR,CAAA,CAAC,CAAA;QAGhC,MAAM,eAAe,GAAG,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;aAClE,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;aACzF,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,2BAA2B,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,IAAI,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC;aACpG,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;YACR,IAAI,EAAE,cAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACtB,YAAY,EAAE,cAAc;SACL,CAAA,CAAC;aAC3B,GAAG,CAAC,OAAO,CAAC,EAAE;YACX,IAAI;gBACA,aAAG,CAAC,IAAI,CAAC,oCAAoC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAA;gBAC5D,SAAG,CAAC,OAAO,CAAC,EAAE,EAAE,qBAAqB,EAAE,OAAO,CAAC,IAAI,CAAC,CAAA;gBACpD,uCACO,OAAO,KACV,QAAQ,EAAE,cAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,mBAAmB,CAAC,IAC5D;aACJ;YAAC,OAAO,CAAM,EAAE;gBACb,aAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBACZ,OAAO,IAAI,CAAA;aACd;QACL,CAAC,CAAC;aACD,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,IAAI,CAAC;aACzB,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAA2B,CAAC,CAAA;QAE3C,OAAO,CAAC,GAAG,gBAAgB,EAAE,GAAG,eAAe,EAAE,GAAG,2BAA2B,CAAC,CAAA;IACpF,CAAC;IACD,MAAM,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC;CAC7C,CAAA;AAGD,SAAS,iBAAiB,CAAC,WAAmB,EAAE,QAAQ,GAAG,CAAC;IACxD,MAAM,GAAG,GAAG,cAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAA;IACrC,IAAI,QAAQ,GAAG,CAAC;QACZ,OAAO,IAAI,CAAA;IACf,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;QACrD,OAAO,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAA;IACjD,IAAI,YAAE,CAAC,UAAU,CAAC,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QAC7C,OAAO,cAAI,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,CAAA;IACzC,OAAO,iBAAiB,CAAC,GAAG,EAAE,QAAQ,GAAG,CAAC,CAAC,CAAA;AAC/C,CAAC;AAED,MAAM,MAAM,GAAW;IACnB,mBAAmB,EAAE,aAAa;CACrC,CAAA;AAED,SAAS,4BAA4B,CAAC,IAAgB,EAAE,MAAuC;;IAC3F,MAAM,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAA;IAC7C,MAAM,CAAC,MAAM,CAAC,MAAA,IAAI,CAAC,YAAY,mCAAI,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;;QACjD,MAAM,EAAE,GAAG,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAA;QACvC,MAAM,aAAa,GAAG,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACpC,IAAI,aAAa,EAAE;YACf,aAAa,CAAC,WAAW,GAAG,CAAC,MAAM,EAAE,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;SACrE;aAAM;YACH,IAAI;gBACA,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,MAAA,GAAG,CAAC,OAAO,mCAAI,EAAE,EAAE,IAAI,CAAC,CAAA;gBAClD,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE;oBACX,EAAE;oBACF,OAAO,EAAE,GAAG,CAAC,OAAO;oBACpB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,CAAC,MAAM,CAAC;iBACF,CAAC,CAAA;aAC3B;YAAC,OAAO,CAAC,EAAE;gBACR,aAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAA;aACpC;SACJ;QACD,4BAA4B,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;IAC7C,CAAC,CAAC,CAAA;AACN,CAAC;AAED,SAAS,sBAAsB,CAAC,MAAc,EAAE,YAAyB,EAAG,MAAuC;IAC/G,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;QAC9B,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;QACjD,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;QAC/C,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACnD,MAAM,EAAE,GAAG,GAAG,IAAI,IAAI,OAAO,EAAE,CAAA;QAC/B,MAAM,aAAa,GAAG,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;QACpC,IAAI,aAAa,EAAE;YACf,aAAa,CAAC,WAAW,GAAG,CAAC,MAAM,EAAE,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;SACrE;aAAM;YACH,IAAI;gBACA,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,EAAE,IAAI,CAAC,CAAA;gBAC9C,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE;oBACX,EAAE;oBACF,OAAO,EAAE,OAAO;oBAChB,IAAI,EAAE,IAAI;oBACV,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,CAAC,MAAM,CAAC;iBACF,CAAC,CAAA;aAC3B;YAAC,OAAO,CAAC,EAAE;gBACR,aAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAA;aACpC;SACJ;QAED,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;YACtC,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAA;YACpD,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;YAClD,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YACtD,MAAM,EAAE,GAAG,GAAG,IAAI,IAAI,OAAO,EAAE,CAAA;YAC/B,MAAM,aAAa,GAAG,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAA;YACpC,IAAI,aAAa,EAAE;gBACf,aAAa,CAAC,WAAW,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;aAChF;iBAAM;gBACH,IAAI;oBACA,MAAM,MAAM,GAAG,IAAI,eAAM,CAAC,OAAO,aAAP,OAAO,cAAP,OAAO,GAAI,EAAE,EAAE,IAAI,CAAC,CAAA;oBAC9C,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE;wBACX,EAAE;wBACF,OAAO,EAAE,OAAO;wBAChB,IAAI,EAAE,IAAI;wBACV,MAAM,EAAE,MAAM;wBACd,WAAW,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC;qBACb,CAAC,CAAA;iBAC3B;gBAAC,OAAO,CAAC,EAAE;oBACR,aAAG,CAAC,IAAI,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAA;iBACpC;aACJ;QAEL,CAAC,CAAC,CAAA;IACN,CAAC,CAAC,CAAA;AACN,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAgB,EAAE,IAAY;IACrD,aAAG,CAAC,IAAI,CAAC,yCAAyC,IAAI,EAAE,CAAC,CAAA;IACzD,MAAM,MAAM,GAAoC,IAAI,GAAG,EAA8B,CAAA;IACrF,4BAA4B,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;IAC1C,aAAG,CAAC,IAAI,CAAC,oCAAoC,IAAI,GAAG,CAAC,CAAA;IACrD,OAAO,MAAM,CAAA;AACjB,CAAC;AAED,SAAS,kBAAkB,CAAC,aAA0B,EAAE,IAAY;IAChE,aAAG,CAAC,IAAI,CAAC,yCAAyC,IAAI,EAAE,CAAC,CAAA;IACzD,MAAM,MAAM,GAAoC,IAAI,GAAG,EAA8B,CAAA;IACrF,sBAAsB,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,aAAa,EAAE,MAAM,CAAC,CAAA;IACrE,aAAG,CAAC,IAAI,CAAC,oCAAoC,IAAI,GAAG,CAAC,CAAA;IACrD,OAAO,MAAM,CAAA;AACjB,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,EAAC,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAwB;;IAC9E,MAAM,gBAAgB,GAAG,cAAI,CAAC,OAAO,CAAC,IAAI,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,cAAc,CAAC,CAAA;IAC3E,MAAM,YAAY,GAAG,cAAI,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;IACjD,MAAM,eAAe,GAAyB,IAAA,wDAA0B,EAAC,YAAY,CAAC,CAAA;IACtF,QAAQ,eAAe,EAAE;QACrB,KAAK,iDAAmB,CAAC,UAAU,CAAC;QACpC,KAAK,iDAAmB,CAAC,UAAU,CAAC;QACpC,KAAK,iDAAmB,CAAC,SAAS,CAAC,CAAC;YAChC,MAAM,MAAM,GAAG,MAAM,IAAA,mDAAqB,EAAC,IAAI,EAAE,YAAY,aAAZ,YAAY,cAAZ,YAAY,GAAI,cAAc,EAAE,QAAQ,aAAR,QAAQ,cAAR,QAAQ,GAAI,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,CAAA;YAE7G,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAE,CAAC,YAAY,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;YAC1E,OAAO;gBACH,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,MAAA,MAAM,CAAC,IAAI,mCAAI,YAAY,CAAC,IAAI;gBACtC,OAAO,EAAE,MAAA,MAAM,CAAC,OAAO,mCAAI,YAAY,CAAC,OAAO;gBAC/C,YAAY,EAAE,MAAM,CAAC,WAAW,CAAC,iBAAiB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;aACpE,CAAA;SACJ;QACD,KAAK,iDAAmB,CAAC,SAAS,CAAC;QACnC,KAAK,iDAAmB,CAAC,SAAS,CAAC,CAAC;YAChC,mHAAmH;YACnH,MAAM,mBAAmB,GAAG,YAAE,CAAC,YAAY,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAA;YACrE,MAAM,eAAe,GAAG,YAAE,CAAC,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAA;YAC7D,MAAM,MAAM,GAAG,MAAM,IAAA,mDAAqB,EAAC,mBAAmB,EAAE,eAAe,EAAE;gBAC7E,cAAc,EAAE,IAAI;gBACpB,eAAe,EAAE,KAAK;gBACtB,mBAAmB,EAAE,KAAK;gBAC1B,WAAW,EAAE,IAAI;gBACjB,eAAe,EAAE,KAAK;gBACtB,uBAAuB,EAAE,KAAK;aACjC,CAAC,CAAA;YACF,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAE,CAAC,YAAY,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;YAC1E,OAAO;gBACH,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,MAAA,MAAM,CAAC,OAAO,CAAC,IAAI,mCAAI,YAAY,CAAC,IAAI;gBAC9C,OAAO,EAAE,MAAA,MAAM,CAAC,OAAO,CAAC,OAAO,mCAAI,YAAY,CAAC,OAAO;gBACvD,YAAY,EAAE,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;aAC1F,CAAA;SAEJ;QACD,KAAK,iDAAmB,CAAC,UAAU,CAAC;QACpC,KAAK,iDAAmB,CAAC,UAAU,CAAC;QACpC,KAAK,iDAAmB,CAAC,UAAU,CAAC;QACpC,OAAO,CAAC,CAAC;YACL,MAAM,IAAI,KAAK,CAAC,oBAAoB,eAAe,4EAA4E,CAAC,CAAA;SACnI;KACJ;AACL,CAAC;AAEM,KAAK,UAAU,eAAe,CAAC,WAAmB;IACrD,MAAM,QAAQ,GAAQ,MAAM,IAAA,yBAAI,EAAC,WAAW,CAAC,CAAA;IAE7C,OAAO;QACH,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,EAAO,EAAE,EAAE;;YACvD,OAAO;gBACH,OAAO,EAAE,EAAE,CAAC,OAAO;gBACnB,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC;gBAChD,QAAQ,EAAE,EAAE,CAAC,OAAO;gBACpB,MAAM,EAAE,EAAE,CAAC,OAAO,KAAI,MAAA,QAAQ,CAAC,WAAW,CAAC,0CAAE,MAAM,CAAA;aACtD,CAAA;QACL,CAAC,CAAC;QACF,WAAW,EAAE,QAAQ,CAAC,WAAW;QACjC,SAAS,EAAE,EAAE;QACb,QAAQ,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC5B,QAAQ,EAAE,EAAE;QACZ,QAAQ,EAAE,QAAQ,CAAC,QAAQ;KAC9B,CAAA;AACL,CAAC;AAnBD,0CAmBC;AAED,MAAM,SAAS,GAAc;IACzB,QAAQ,EAAE,eAAe;CAC5B,CAAA;AAED,MAAM,OAAO,GAAyB;IAClC,+BAA+B,EAAE,KAAK;IACtC,OAAO,EAAE,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,GAAG,EAAE;CACrE,CAAA;AAEY,QAAA,UAAU,GAAW;IAC9B,IAAI,EAAE,KAAK;IACX,OAAO,EAAE,CAAC,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,CAAC;IACvD,SAAS;IACT,MAAM;IACN,SAAS;IACT,OAAO;CACV,CAAA"}

package/dist/utils/npm.d.ts

@@ -1,4 +1,5 @@
 /// <reference types="node" />
+/// <reference types="node" />
 export declare const npm: {
     install: typeof install;
     npmCommand: typeof npmCommand;

package/dist/utils/projectMapping.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Interface for path mapping configuration
+ */
+export interface PathMapping {
+    extractedPath: string;
+    actualPath: string;
+}
+/**
+ * Map of extracted paths to actual paths
+ */
+export type PathMappings = Map<string, string>;
+/**
+ * Interface representing a parsed project path
+ */
+export interface ProjectPathInfo {
+    projectPath: string;
+    verifiedPath: string;
+    projectPathExists?: boolean;
+}
+/**
+ * Create path mappings from mapping data
+ * @param mappings Array of path mapping objects
+ * @returns Map of extracted paths to actual paths
+ */
+export declare function createPathMappings(mappings: PathMapping[]): PathMappings;
+/**
+ * Verify if a project path exists on the file system
+ * @param projectPath The extracted project path
+ * @param basePath Base directory to check against
+ * @param pathMappings Optional path mappings to use for verification
+ * @returns Verified path information
+ */
+export declare function verifyProjectPath(projectPath: string, basePath: string, pathMappings?: PathMappings): ProjectPathInfo;
+/**
+ * Extract project information from a dependency path based on origin type
+ * @param dependencyPath The path from the Black Duck report
+ * @param originName The origin name (e.g., npmjs, maven, nuget, pypi, sbt)
+ * @param basePath Optional base path to verify against
+ * @returns Object containing project path and verified path information
+ */
+export declare function extractProjectInfo(dependencyPath: string, originName: string, basePath?: string, pathMappings?: PathMappings): ProjectPathInfo;

package/dist/utils/projectMapping.js

@@ -0,0 +1,301 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.extractProjectInfo = exports.verifyProjectPath = exports.createPathMappings = void 0;
+/**
+ * Project mapping utilities for extracting project information from dependency paths
+ */
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const END_DELIMITERS = [
+    '-yarn',
+    '-npm',
+    'node_modules',
+    '-pip',
+    '-maven',
+    '-gradle',
+    '-nuget',
+    '-sbt',
+    '-cargo',
+    '-rubygems',
+    '-packagist',
+    '-cocoapods',
+    '-swift',
+    '-xcode',
+    '-go_mod',
+    '-setuptools',
+    '-pnpm',
+    '-uv'
+];
+// Special case pattern for monorepo
+const MONOREPO_PATTERN = /packages[\\/]([^\\/]+)[\\/]local[\\/]([^\\/]+)[\\/]-yarn/;
+/**
+ * Check if a segment contains a version-like pattern
+ * @param segment Path segment to check
+ * @returns True if the segment looks like a version
+ */
+function isVersionSegment(segment) {
+    return /^\d+\.\d+\.\d+(?:[-.][A-Za-z0-9]+)*-?$/i.test(segment) ||
+        /^REPLACE_BY_CI$/i.test(segment) ||
+        segment.toLowerCase() === 'unspecified';
+}
+/**
+ * Check if a segment contains a file that should be excluded
+ * @param segment Path segment to check
+ * @returns True if the segment contains a file to exclude
+ */
+function isFileSegment(segment) {
+    return segment.toLowerCase().endsWith('.csproj') ||
+        segment.toLowerCase().endsWith('.props') ||
+        segment.toLowerCase() === 'pom.xml';
+}
+/**
+ * Check if a segment is an organization/company prefix that should be skipped
+ * @param segment Path segment to check
+ * @returns True if the segment looks like an organization prefix
+ */
+function isOrganizationPrefix(segment) {
+    // Common organization prefixes like com.company, org.apache, etc.
+    return /^(com|org|net|edu|gov)\.[a-zA-Z0-9.-]+$/.test(segment);
+}
+/**
+ * Resolves a path with relative segments (.., .)
+ * @param pathSegments Array of path segments to resolve
+ * @returns Array of resolved path segments
+ */
+function resolveRelativePath(pathSegments) {
+    const result = [];
+    let skipCount = 0;
+    for (const segment of pathSegments) {
+        if (segment === '..') {
+            skipCount++;
+        }
+        else if (segment !== '.' && segment !== '') {
+            if (skipCount > 0) {
+                // This segment is skipped because of a '..'
+                skipCount--;
+            }
+            else {
+                result.push(segment);
+            }
+        }
+    }
+    return result;
+}
+/**
+ * Standardizes a path by normalizing slashes, colons, and removing leading/trailing slashes
+ * @param inputPath Path to standardize
+ * @returns Standardized path
+ */
+function standardizePath(inputPath) {
+    if (!inputPath) {
+        return '';
+    }
+    let normalizedPath = inputPath.replace(/\\/g, '/');
+    normalizedPath = normalizedPath.replace(/:/g, '/');
+    if (normalizedPath.startsWith('/')) {
+        normalizedPath = normalizedPath.substring(1);
+    }
+    if (normalizedPath.endsWith('/')) {
+        normalizedPath = normalizedPath.substring(0, normalizedPath.length - 1);
+    }
+    return normalizedPath;
+}
+/**
+ * Check if a path matches the monorepo pattern and extract the project path
+ * @param path Normalized path to check
+ * @returns Project path if monorepo pattern matches, null otherwise
+ */
+function handleMonorepoPattern(path) {
+    const matches = path.match(MONOREPO_PATTERN);
+    if (matches) {
+        return `${matches[2]}/packages/${matches[1]}`;
+    }
+    return null;
+}
+/**
+ * Parse project path from dependency path
+ * @param dependencyPath The path from the Black Duck report
+ * @returns Extracted project path
+ */
+function parseProjectPath(dependencyPath) {
+    if (!dependencyPath) {
+        return '';
+    }
+    try {
+        const normalizedPath = standardizePath(dependencyPath);
+        const monorepoPath = handleMonorepoPattern(normalizedPath);
+        if (monorepoPath) {
+            return monorepoPath;
+        }
+        const segments = normalizedPath.split('/');
+        let endDelimiterIndex = getEndDelimiterIndex(segments);
+        if (endDelimiterIndex === -1) {
+            throw new Error(`No end delimiter found in path: ${normalizedPath}`);
+        }
+        let projectSegments = segments.slice(0, endDelimiterIndex);
+        if (projectSegments.length > 0 && isVersionSegment(projectSegments[projectSegments.length - 1])) {
+            projectSegments.pop(); // Remove the version segment
+        }
+        if (projectSegments.length > 0 && isFileSegment(projectSegments[projectSegments.length - 1])) {
+            projectSegments.pop(); // Remove the last segment if it's a file segment
+        }
+        let startIndex = getStartDelimiterIndex(projectSegments);
+        if (startIndex !== -1) {
+            projectSegments = projectSegments.slice(startIndex + 1);
+        }
+        const resolvedSegments = resolveRelativePath(projectSegments);
+        return resolvedSegments.join('/');
+    }
+    catch (error) {
+        console.error(`Error parsing path: ${error}`);
+        throw error;
+    }
+}
+function getStartDelimiterIndex(projectSegments) {
+    let startIndex = -1;
+    for (let i = 0; i < projectSegments.length; i++) {
+        if (isVersionSegment(projectSegments[i])) {
+            startIndex = i;
+            break; // Stop after finding a version segment
+        }
+        else if (isOrganizationPrefix(projectSegments[i])) {
+            startIndex = i;
+            // Continue looking for version segments after organization prefix
+        }
+    }
+    return startIndex;
+}
+function getEndDelimiterIndex(segments) {
+    let endDelimiterIndex = -1;
+    for (let i = 0; i < segments.length; i++) {
+        const lowerSegment = segments[i].toLowerCase();
+        if (END_DELIMITERS.some(delimiter => lowerSegment === delimiter)) {
+            endDelimiterIndex = i;
+            break;
+        }
+    }
+    return endDelimiterIndex;
+}
+/**
+ * Create path mappings from mapping data
+ * @param mappings Array of path mapping objects
+ * @returns Map of extracted paths to actual paths
+ */
+function createPathMappings(mappings) {
+    const pathMappings = new Map();
+    for (const mapping of mappings) {
+        if (mapping.extractedPath && mapping.actualPath) {
+            pathMappings.set(mapping.extractedPath, mapping.actualPath);
+        }
+    }
+    return pathMappings;
+}
+exports.createPathMappings = createPathMappings;
+/**
+ * Verify if a project path exists on the file system
+ * @param projectPath The extracted project path
+ * @param basePath Base directory to check against
+ * @param pathMappings Optional path mappings to use for verification
+ * @returns Verified path information
+ */
+function verifyProjectPath(projectPath, basePath, pathMappings) {
+    if (!projectPath || !basePath) {
+        return { projectPath, verifiedPath: '', projectPathExists: false };
+    }
+    try {
+        const fullPath = path.join(basePath, projectPath);
+        const originalExists = fs.existsSync(fullPath);
+        if (originalExists) {
+            return {
+                projectPath,
+                verifiedPath: projectPath,
+                projectPathExists: true
+            };
+        }
+        if (pathMappings && pathMappings.has(projectPath)) {
+            const mappedPath = pathMappings.get(projectPath);
+            const mappedFullPath = path.join(basePath, mappedPath);
+            const mappedExists = fs.existsSync(mappedFullPath);
+            return {
+                projectPath,
+                verifiedPath: mappedExists ? mappedPath : '',
+                projectPathExists: originalExists
+            };
+        }
+        // Try without the first path segment
+        const segments = projectPath.split('/');
+        if (segments.length > 1) {
+            const pathWithoutFirstSegment = segments.slice(1).join('/');
+            const modifiedFullPath = path.join(basePath, pathWithoutFirstSegment);
+            const modifiedExists = fs.existsSync(modifiedFullPath);
+            if (modifiedExists) {
+                return {
+                    projectPath,
+                    verifiedPath: pathWithoutFirstSegment,
+                    projectPathExists: false
+                };
+            }
+        }
+        // No mapping found or modified path doesn't exist
+        return {
+            projectPath,
+            verifiedPath: '',
+            projectPathExists: false
+        };
+    }
+    catch (error) {
+        console.error(`Error verifying project path: ${error}`);
+        return { projectPath, verifiedPath: '', projectPathExists: false };
+    }
+}
+exports.verifyProjectPath = verifyProjectPath;
+/**
+ * Extract project information from a dependency path based on origin type
+ * @param dependencyPath The path from the Black Duck report
+ * @param originName The origin name (e.g., npmjs, maven, nuget, pypi, sbt)
+ * @param basePath Optional base path to verify against
+ * @returns Object containing project path and verified path information
+ */
+function extractProjectInfo(dependencyPath, originName, basePath, pathMappings) {
+    if (!dependencyPath) {
+        return { projectPath: '', verifiedPath: '', projectPathExists: false };
+    }
+    try {
+        const projectPath = parseProjectPath(dependencyPath);
+        // Verify the path if basePath is provided
+        if (basePath) {
+            return verifyProjectPath(projectPath, basePath, pathMappings);
+        }
+        // Otherwise return unverified path with empty verifiedPath
+        return { projectPath, verifiedPath: '', projectPathExists: undefined };
+    }
+    catch (error) {
+        console.error(`Error extracting project info: ${error}`);
+        throw error;
+    }
+}
+exports.extractProjectInfo = extractProjectInfo;
+//# sourceMappingURL=projectMapping.js.map

package/dist/utils/projectMapping.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"projectMapping.js","sourceRoot":"","sources":["../../src/utils/projectMapping.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;GAEG;AACH,uCAAyB;AACzB,2CAA6B;AAe7B,MAAM,cAAc,GAAG;IACrB,OAAO;IACP,MAAM;IACN,cAAc;IACd,MAAM;IACN,QAAQ;IACR,SAAS;IACT,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,WAAW;IACX,YAAY;IACZ,YAAY;IACZ,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,aAAa;IACb,OAAO;IACP,KAAK;CACN,CAAC;AAEF,oCAAoC;AACpC,MAAM,gBAAgB,GAAG,0DAA0D,CAAC;AAWpF;;;;GAIG;AACH,SAAS,gBAAgB,CAAC,OAAe;IACvC,OAAO,yCAAyC,CAAC,IAAI,CAAC,OAAO,CAAC;QACvD,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC;QAChC,OAAO,CAAC,WAAW,EAAE,KAAK,aAAa,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa,CAAC,OAAe;IACpC,OAAO,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC;QACzC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACxC,OAAO,CAAC,WAAW,EAAE,KAAK,SAAS,CAAC;AAC7C,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,OAAe;IAC3C,kEAAkE;IAClE,OAAO,yCAAyC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AACjE,CAAC;AAED;;;;GAIG;AACH,SAAS,mBAAmB,CAAC,YAAsB;IACjD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,SAAS,GAAG,CAAC,CAAC;IAElB,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE;QAClC,IAAI,OAAO,KAAK,IAAI,EAAE;YACpB,SAAS,EAAE,CAAC;SACb;aAAM,IAAI,OAAO,KAAK,GAAG,IAAI,OAAO,KAAK,EAAE,EAAE;YAC5C,IAAI,SAAS,GAAG,CAAC,EAAE;gBACjB,4CAA4C;gBAC5C,SAAS,EAAE,CAAC;aACb;iBAAM;gBACL,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;aACtB;SACF;KACF;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,SAAS,eAAe,CAAC,SAAiB;IACxC,IAAI,CAAC,SAAS,EAAE;QACd,OAAO,EAAE,CAAC;KACX;IAED,IAAI,cAAc,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAEnD,cAAc,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAEnD,IAAI,cAAc,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE;QAClC,cAAc,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;KAC9C;IAED,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QAChC,cAAc,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC,EAAE,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;KACzE;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,IAAY;IACzC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IAC7C,IAAI,OAAO,EAAE;QACX,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,aAAa,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;KAC/C;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,gBAAgB,CAAC,cAAsB;IAC9C,IAAI,CAAC,cAAc,EAAE;QACnB,OAAO,EAAE,CAAC;KACX;IAED,IAAI;QACF,MAAM,cAAc,GAAG,eAAe,CAAC,cAAc,CAAC,CAAC;QAEvD,MAAM,YAAY,GAAG,qBAAqB,CAAC,cAAc,CAAC,CAAC;QAC3D,IAAI,YAAY,EAAE;YAChB,OAAO,YAAY,CAAC;SACrB;QAED,MAAM,QAAQ,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAE3C,IAAI,iBAAiB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAEvD,IAAI,iBAAiB,KAAK,CAAC,CAAC,EAAE;YAC5B,MAAM,IAAI,KAAK,CAAC,mCAAmC,cAAc,EAAE,CAAC,CAAC;SACtE;QAED,IAAI,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,iBAAiB,CAAC,CAAC;QAE3D,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,gBAAgB,CAAC,eAAe,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE;YAC/F,eAAe,CAAC,GAAG,EAAE,CAAC,CAAC,6BAA6B;SACrD;QAED,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,aAAa,CAAC,eAAe,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE;YAC5F,eAAe,CAAC,GAAG,EAAE,CAAC,CAAC,iDAAiD;SACzE;QAED,IAAI,UAAU,GAAG,sBAAsB,CAAC,eAAe,CAAC,CAAC;QAEzD,IAAI,UAAU,KAAK,CAAC,CAAC,EAAE;YACrB,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;SACzD;QAED,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,eAAe,CAAC,CAAC;QAE9D,OAAO,gBAAgB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;KACnC;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,CAAC,KAAK,CAAC,uBAAuB,KAAK,EAAE,CAAC,CAAC;QAC9C,MAAM,KAAK,CAAC;KACb;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,eAAyB;IACvD,IAAI,UAAU,GAAG,CAAC,CAAC,CAAC;IAEpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,eAAe,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/C,IAAI,gBAAgB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE;YACxC,UAAU,GAAG,CAAC,CAAC;YACf,MAAM,CAAC,uCAAuC;SAC/C;aAAM,IAAI,oBAAoB,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE;YACnD,UAAU,GAAG,CAAC,CAAC;YACf,kEAAkE;SACnE;KACF;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAkB;IAC9C,IAAI,iBAAiB,GAAG,CAAC,CAAC,CAAC;IAE3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QACxC,MAAM,YAAY,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/C,IAAI,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,YAAY,KAAK,SAAS,CAAC,EAAE;YAChE,iBAAiB,GAAG,CAAC,CAAC;YACtB,MAAM;SACP;KACF;IACD,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,QAAuB;IACxD,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE/C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;QAC9B,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,UAAU,EAAE;YAC/C,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;SAC7D;KACF;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAVD,gDAUC;AAED;;;;;;GAMG;AACH,SAAgB,iBAAiB,CAAC,WAAmB,EAAE,QAAgB,EAAE,YAA2B;IAClG,IAAI,CAAC,WAAW,IAAI,CAAC,QAAQ,EAAE;QAC7B,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,EAAE,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAC;KACpE;IAED,IAAI;QACF,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAClD,MAAM,cAAc,GAAG,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAE/C,IAAI,cAAc,EAAE;YAClB,OAAO;gBACL,WAAW;gBACX,YAAY,EAAE,WAAW;gBACzB,iBAAiB,EAAE,IAAI;aACxB,CAAC;SACH;QAED,IAAI,YAAY,IAAI,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE;YACjD,MAAM,UAAU,GAAG,YAAY,CAAC,GAAG,CAAC,WAAW,CAAW,CAAC;YAC3D,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YACvD,MAAM,YAAY,GAAG,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;YAEnD,OAAO;gBACL,WAAW;gBACX,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE;gBAC5C,iBAAiB,EAAE,cAAc;aAClC,CAAC;SACH;QAED,qCAAqC;QACrC,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACxC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;YACvB,MAAM,uBAAuB,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC5D,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,uBAAuB,CAAC,CAAC;YACtE,MAAM,cAAc,GAAG,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC;YAEvD,IAAI,cAAc,EAAE;gBAClB,OAAO;oBACL,WAAW;oBACX,YAAY,EAAE,uBAAuB;oBACrC,iBAAiB,EAAE,KAAK;iBACzB,CAAC;aACH;SACF;QAED,kDAAkD;QAClD,OAAO;YACL,WAAW;YACX,YAAY,EAAE,EAAE;YAChB,iBAAiB,EAAE,KAAK;SACzB,CAAC;KACH;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,CAAC,KAAK,CAAC,iCAAiC,KAAK,EAAE,CAAC,CAAC;QACxD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,EAAE,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAC;KACpE;AACH,CAAC;AAvDD,8CAuDC;AAED;;;;;;GAMG;AACH,SAAgB,kBAAkB,CAAC,cAAsB,EAAE,UAAkB,EAAE,QAAiB,EAAE,YAA2B;IAC3H,IAAI,CAAC,cAAc,EAAE;QACnB,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAC;KACxE;IAED,IAAI;QACF,MAAM,WAAW,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;QAErD,0CAA0C;QAC1C,IAAI,QAAQ,EAAE;YACZ,OAAO,iBAAiB,CAAC,WAAW,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;SAC/D;QAED,2DAA2D;QAC3D,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,EAAE,EAAE,iBAAiB,EAAE,SAAS,EAAE,CAAC;KACxE;IAAC,OAAO,KAAK,EAAE;QACd,OAAO,CAAC,KAAK,CAAC,kCAAkC,KAAK,EAAE,CAAC,CAAC;QACzD,MAAM,KAAK,CAAC;KACb;AACH,CAAC;AAnBD,gDAmBC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dxworks/depinder",
-  "version": "0.1.5",
+  "version": "0.2.0",
   "description": "",
   "keywords": [
     "dxworks",
@@ -59,12 +59,13 @@
     "puppeteer": "18.0.1",
     "semver": "^7.3.5",
     "snyk-gradle-plugin": "^3.25.2",
-    "snyk-nodejs-lockfile-parser": "^1.52.1",
+    "snyk-nodejs-lockfile-parser": "^1.60.1",
     "spdx-correct": "^3.1.1",
     "spdx-license-ids": "^3.0.10",
     "tmp": "^0.2.1",
     "toml": "^3.0.0",
-    "winston": "^3.11.0"
+    "winston": "^3.11.0",
+    "xml2js": "^0.6.2"
   },
   "devDependencies": {
     "@types/cli-progress": "^3.9.2",
@@ -80,6 +81,7 @@
     "@types/string-template": "^1.0.2",
     "@types/tmp": "^0.2.3",
     "@types/ws": "^8.5.4",
+    "@types/xml2js": "^0.4.14",
     "@typescript-eslint/eslint-plugin": "^4.32.0",
     "@typescript-eslint/parser": "^4.32.0",
     "copyfiles": "^2.4.1",
@@ -94,9 +96,6 @@
     "ts-node": "^10.2.1",
     "typescript": "^4.4.3"
   },
-  "publishConfig": {
-    "registry": "https://npm.pkg.github.com"
-  },
   "dxw": {
     "commands": [
       {