@ecosyste-ms/critical 1.0.0

package/LICENSE

@@ -0,0 +1,26 @@
+Creative Commons Attribution-ShareAlike 4.0 International
+
+Copyright (c) ecosyste.ms
+
+This work is licensed under the Creative Commons Attribution-ShareAlike 4.0
+International License. To view a copy of this license, visit
+http://creativecommons.org/licenses/by-sa/4.0/ or send a letter to Creative
+Commons, PO Box 1866, Mountain View, CA 94042, USA.
+
+You are free to:
+
+  Share - copy and redistribute the material in any medium or format
+  Adapt - remix, transform, and build upon the material for any purpose,
+          even commercially
+
+Under the following terms:
+
+  Attribution - You must give appropriate credit, provide a link to the
+                license, and indicate if changes were made.
+
+  ShareAlike - If you remix, transform, or build upon the material, you
+               must distribute your contributions under the same license.
+
+  No additional restrictions - You may not apply legal terms or technological
+                               measures that legally restrict others from
+                               doing anything the license permits.

package/README.md

@@ -0,0 +1,194 @@
+# @ecosyste-ms/critical
+
+SQLite database of critical open source packages from [ecosyste.ms](https://packages.ecosyste.ms).
+
+The database is rebuilt daily and published to npm and as a GitHub release. Versions use CalVer (`YYYY.M.D`).
+
+## Install
+
+```bash
+npm install @ecosyste-ms/critical
+```
+
+The package includes a pre-built `critical-packages.db` file:
+
+```javascript
+import { databasePath } from '@ecosyste-ms/critical'
+import Database from 'better-sqlite3'
+
+const db = new Database(databasePath)
+const pkg = db.prepare('SELECT * FROM packages WHERE name = ?').get('lodash')
+```
+
+## Download
+
+You can also grab the database directly from the [releases page](../../releases/latest):
+
+- `critical-packages.db` - uncompressed SQLite
+- `critical-packages.db.gz` - gzip compressed
+
+## Building
+
+To build the database yourself:
+
+```javascript
+import { build, createDatabase } from '@ecosyste-ms/critical'
+
+await build({
+  dbPath: 'critical-packages.db',
+  fetchVersionsData: true,
+  onProgress: console.log
+})
+```
+
+From the command line:
+
+```bash
+npx @ecosyste-ms/critical                    # full build with versions
+npx @ecosyste-ms/critical --skip-versions    # faster, packages only
+npx @ecosyste-ms/critical -o my-db.db        # custom output path
+npx @ecosyste-ms/critical --stats            # show database statistics
+```
+
+## Schema
+
+### packages
+
+| Column | Type | Description |
+|--------|------|-------------|
+| id | INTEGER | Primary key from ecosyste.ms |
+| ecosystem | TEXT | Package ecosystem (npm, pypi, rubygems, etc.) |
+| name | TEXT | Package name |
+| purl | TEXT | Package URL (pkg:npm/lodash) |
+| namespace | TEXT | Package namespace if applicable |
+| description | TEXT | Package description |
+| homepage | TEXT | Project homepage URL |
+| repository_url | TEXT | Source repository URL |
+| licenses | TEXT | SPDX license identifier |
+| normalized_licenses | TEXT | JSON array of normalized license identifiers |
+| latest_version | TEXT | Latest release version number |
+| versions_count | INTEGER | Total number of versions |
+| downloads | INTEGER | Download count |
+| downloads_period | TEXT | Period for download count (e.g., last-month) |
+| dependent_packages_count | INTEGER | Number of packages depending on this |
+| dependent_repos_count | INTEGER | Number of repositories depending on this |
+| first_release_at | TEXT | ISO 8601 timestamp of first release |
+| latest_release_at | TEXT | ISO 8601 timestamp of latest release |
+| last_synced_at | TEXT | When ecosyste.ms last synced this package |
+| keywords | TEXT | Space-separated keywords for FTS |
+
+Indexes: `(ecosystem, name)` unique, `purl`, `licenses`, `ecosystem`
+
+### versions
+
+| Column | Type | Description |
+|--------|------|-------------|
+| package_id | INTEGER | Foreign key to packages |
+| number | TEXT | Version number |
+
+Primary key: `(package_id, number)`
+
+### advisories
+
+| Column | Type | Description |
+|--------|------|-------------|
+| id | INTEGER | Auto-increment primary key |
+| package_id | INTEGER | Foreign key to packages |
+| uuid | TEXT | Advisory UUID (GHSA-xxxx-xxxx-xxxx) |
+| url | TEXT | Advisory URL |
+| title | TEXT | Advisory title |
+| description | TEXT | Advisory description |
+| severity | TEXT | Severity level (LOW, MODERATE, HIGH, CRITICAL) |
+| published_at | TEXT | ISO 8601 publish timestamp |
+| cvss_score | REAL | CVSS score |
+
+Indexes: `package_id`, `uuid`, `severity`, `(package_id, uuid)` unique
+
+### repo_metadata
+
+| Column | Type | Description |
+|--------|------|-------------|
+| package_id | INTEGER | Primary key, foreign key to packages |
+| owner | TEXT | Repository owner/organization |
+| repo_name | TEXT | Repository name |
+| full_name | TEXT | Full name (owner/repo) |
+| host | TEXT | Host (github.com, gitlab.com, etc.) |
+| language | TEXT | Primary language |
+| stargazers_count | INTEGER | GitHub stars |
+| forks_count | INTEGER | Fork count |
+| open_issues_count | INTEGER | Open issues |
+| archived | INTEGER | 1 if archived, 0 otherwise |
+| fork | INTEGER | 1 if a fork, 0 otherwise |
+
+Indexes: `full_name`, `owner`
+
+### packages_fts
+
+FTS5 virtual table for full-text search on `ecosystem`, `name`, `description`, and `keywords`.
+
+### build_info
+
+| Column | Type | Description |
+|--------|------|-------------|
+| id | INTEGER | Always 1 |
+| built_at | TEXT | ISO 8601 build timestamp |
+| package_count | INTEGER | Total packages |
+| version_count | INTEGER | Total versions |
+| advisory_count | INTEGER | Total advisories |
+
+## Example Queries
+
+SBOM enrichment by purl:
+
+```sql
+SELECT * FROM packages WHERE purl = 'pkg:npm/lodash';
+
+-- Check if a specific version exists
+SELECT * FROM versions v
+JOIN packages p ON v.package_id = p.id
+WHERE p.purl = 'pkg:npm/lodash' AND v.number = '4.17.21';
+```
+
+Find packages with known vulnerabilities:
+
+```sql
+SELECT p.ecosystem, p.name, a.uuid, a.severity, a.title
+FROM packages p
+JOIN advisories a ON p.id = a.package_id
+WHERE a.severity IN ('HIGH', 'CRITICAL');
+```
+
+License audit:
+
+```sql
+SELECT ecosystem, name, licenses
+FROM packages
+WHERE licenses NOT IN ('MIT', 'Apache-2.0', 'BSD-3-Clause');
+```
+
+Full-text search:
+
+```sql
+SELECT p.* FROM packages p
+JOIN packages_fts ON p.id = packages_fts.rowid
+WHERE packages_fts MATCH 'http client';
+```
+
+Packages by ecosystem:
+
+```sql
+SELECT * FROM packages WHERE ecosystem = 'npm';
+```
+
+Most depended-on packages:
+
+```sql
+SELECT ecosystem, name, dependent_packages_count
+FROM packages
+ORDER BY dependent_packages_count DESC
+LIMIT 100;
+```
+
+## License
+
+CC-BY-SA-4.0

package/bin.js

@@ -0,0 +1,88 @@
+#!/usr/bin/env node
+import { build, databasePath } from './lib/index.js'
+import Database from 'better-sqlite3'
+import { existsSync } from 'fs'
+
+const args = process.argv.slice(2)
+
+if (args.includes('--help') || args.includes('-h')) {
+  console.log(`Usage: critical [options]
+
+Options:
+  --output, -o <path>   Output database path (default: critical-packages.db)
+  --skip-versions       Skip fetching version data (faster)
+  --stats               Show database statistics
+  --help, -h            Show this help message
+
+Examples:
+  npx @ecosyste-ms/critical
+  npx @ecosyste-ms/critical --skip-versions
+  npx @ecosyste-ms/critical -o my-database.db
+  npx @ecosyste-ms/critical --stats`)
+  process.exit(0)
+}
+
+function getArg(flags) {
+  for (const flag of flags) {
+    const idx = args.indexOf(flag)
+    if (idx !== -1 && args[idx + 1]) {
+      return args[idx + 1]
+    }
+  }
+  return null
+}
+
+const dbPath = getArg(['--output', '-o']) || 'critical-packages.db'
+
+if (args.includes('--stats')) {
+  const path = existsSync(dbPath) ? dbPath : databasePath
+  if (!existsSync(path)) {
+    console.error(`Database not found: ${path}`)
+    process.exit(1)
+  }
+  const db = new Database(path, { readonly: true })
+  const info = db.prepare('SELECT * FROM build_info WHERE id = 1').get()
+  const packageCount = db.prepare('SELECT COUNT(*) as count FROM packages').get().count
+  const versionCount = db.prepare('SELECT COUNT(*) as count FROM versions').get().count
+  const advisoryCount = db.prepare('SELECT COUNT(*) as count FROM advisories').get().count
+  const ecosystems = db.prepare(`
+    SELECT ecosystem, COUNT(*) as count
+    FROM packages
+    GROUP BY ecosystem
+    ORDER BY count DESC
+  `).all()
+  const severities = db.prepare(`
+    SELECT severity, COUNT(*) as count
+    FROM advisories
+    GROUP BY severity
+    ORDER BY count DESC
+  `).all()
+
+  console.log(`Database: ${path}`)
+  console.log(`Built: ${info?.built_at || 'unknown'}`)
+  console.log(`\nPackages: ${packageCount}`)
+  console.log(`Versions: ${versionCount}`)
+  console.log(`Advisories: ${advisoryCount}`)
+  console.log(`\nBy ecosystem:`)
+  for (const e of ecosystems) {
+    console.log(`  ${e.ecosystem}: ${e.count}`)
+  }
+  console.log(`\nBy severity:`)
+  for (const s of severities) {
+    console.log(`  ${s.severity || 'unknown'}: ${s.count}`)
+  }
+  db.close()
+  process.exit(0)
+}
+
+const skipVersions = args.includes('--skip-versions')
+
+build({
+  dbPath,
+  fetchVersionsData: !skipVersions
+})
+  .then(() => process.exit(0))
+  .catch(err => {
+    console.error(err)
+    process.exit(1)
+  })

package/lib/index.js

@@ -0,0 +1,382 @@
+import Database from 'better-sqlite3'
+import { mkdir, unlink, readFile } from 'fs/promises'
+import { dirname, join } from 'path'
+import { fileURLToPath } from 'url'
+
+const __dirname = dirname(fileURLToPath(import.meta.url))
+const pkg = JSON.parse(await readFile(join(__dirname, '..', 'package.json'), 'utf8'))
+const USER_AGENT = `${pkg.name}/${pkg.version}`
+const databasePath = join(__dirname, '..', 'critical-packages.db')
+
+const API_BASE = 'https://packages.ecosyste.ms/api/v1'
+const PER_PAGE = 1000
+const RATE_LIMIT_MS = 50
+const CONCURRENCY = 10
+
+function sleep(ms) {
+  return new Promise(resolve => setTimeout(resolve, ms))
+}
+
+async function fetchJson(url) {
+  const response = await fetch(url, {
+    headers: { 'User-Agent': USER_AGENT }
+  })
+  if (!response.ok) {
+    throw new Error(`HTTP ${response.status}: ${url}`)
+  }
+  return response.json()
+}
+
+async function fetchAllCriticalPackages(onProgress) {
+  const packages = []
+  let page = 1
+
+  while (true) {
+    const url = `${API_BASE}/packages/critical?per_page=${PER_PAGE}&page=${page}`
+    onProgress?.(`Fetching page ${page}...`)
+
+    const batch = await fetchJson(url)
+    if (batch.length === 0) break
+
+    packages.push(...batch)
+    page++
+
+    await sleep(RATE_LIMIT_MS)
+  }
+
+  return packages
+}
+
+async function fetchVersionNumbers(ecosystem, name) {
+  const registry = ecosystemToRegistry(ecosystem)
+  if (!registry) return []
+
+  const encodedName = encodeURIComponent(name)
+  const url = `${API_BASE}/registries/${registry}/packages/${encodedName}/version_numbers`
+
+  try {
+    return await fetchJson(url)
+  } catch (err) {
+    return []
+  }
+}
+
+function ecosystemToRegistry(ecosystem) {
+  const map = {
+    'npm': 'npmjs.org',
+    'pypi': 'pypi.org',
+    'rubygems': 'rubygems.org',
+    'go': 'proxy.golang.org',
+    'cargo': 'crates.io',
+    'maven': 'repo1.maven.org',
+    'nuget': 'nuget.org',
+    'packagist': 'packagist.org',
+    'hex': 'hex.pm',
+    'pub': 'pub.dev',
+    'hackage': 'hackage.haskell.org',
+    'cocoapods': 'cocoapods.org',
+    'conda': 'anaconda.org',
+    'clojars': 'clojars.org',
+    'puppet': 'forge.puppet.com',
+    'homebrew': 'formulae.brew.sh',
+  }
+  return map[ecosystem.toLowerCase()] || null
+}
+
+function createDatabase(dbPath) {
+  const db = new Database(dbPath)
+  db.pragma('journal_mode = WAL')
+
+  db.exec(`
+    CREATE TABLE packages (
+      id INTEGER PRIMARY KEY,
+      ecosystem TEXT NOT NULL,
+      name TEXT NOT NULL,
+      purl TEXT,
+      namespace TEXT,
+      description TEXT,
+      homepage TEXT,
+      repository_url TEXT,
+      licenses TEXT,
+      normalized_licenses TEXT,
+      latest_version TEXT,
+      versions_count INTEGER,
+      downloads INTEGER,
+      downloads_period TEXT,
+      dependent_packages_count INTEGER,
+      dependent_repos_count INTEGER,
+      first_release_at TEXT,
+      latest_release_at TEXT,
+      last_synced_at TEXT,
+      keywords TEXT,
+      created_at TEXT DEFAULT CURRENT_TIMESTAMP
+    );
+
+    CREATE UNIQUE INDEX idx_packages_ecosystem_name ON packages(ecosystem, name);
+    CREATE INDEX idx_packages_purl ON packages(purl);
+    CREATE INDEX idx_packages_licenses ON packages(licenses);
+    CREATE INDEX idx_packages_ecosystem ON packages(ecosystem);
+
+    CREATE TABLE versions (
+      package_id INTEGER NOT NULL,
+      number TEXT NOT NULL,
+      PRIMARY KEY (package_id, number),
+      FOREIGN KEY (package_id) REFERENCES packages(id)
+    );
+
+    CREATE TABLE advisories (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      package_id INTEGER NOT NULL,
+      uuid TEXT NOT NULL,
+      url TEXT,
+      title TEXT,
+      description TEXT,
+      severity TEXT,
+      published_at TEXT,
+      cvss_score REAL,
+      FOREIGN KEY (package_id) REFERENCES packages(id)
+    );
+
+    CREATE INDEX idx_advisories_package_id ON advisories(package_id);
+    CREATE INDEX idx_advisories_uuid ON advisories(uuid);
+    CREATE INDEX idx_advisories_severity ON advisories(severity);
+    CREATE UNIQUE INDEX idx_advisories_package_uuid ON advisories(package_id, uuid);
+
+    CREATE TABLE repo_metadata (
+      package_id INTEGER PRIMARY KEY,
+      owner TEXT,
+      repo_name TEXT,
+      full_name TEXT,
+      host TEXT,
+      language TEXT,
+      stargazers_count INTEGER,
+      forks_count INTEGER,
+      open_issues_count INTEGER,
+      archived INTEGER,
+      fork INTEGER,
+      FOREIGN KEY (package_id) REFERENCES packages(id)
+    );
+
+    CREATE INDEX idx_repo_full_name ON repo_metadata(full_name);
+    CREATE INDEX idx_repo_owner ON repo_metadata(owner);
+
+    CREATE VIRTUAL TABLE packages_fts USING fts5(
+      ecosystem,
+      name,
+      description,
+      keywords,
+      content=packages,
+      content_rowid=id
+    );
+
+    CREATE TRIGGER packages_ai AFTER INSERT ON packages BEGIN
+      INSERT INTO packages_fts(rowid, ecosystem, name, description, keywords)
+      VALUES (new.id, new.ecosystem, new.name, new.description, new.keywords);
+    END;
+
+    CREATE TRIGGER packages_ad AFTER DELETE ON packages BEGIN
+      INSERT INTO packages_fts(packages_fts, rowid, ecosystem, name, description, keywords)
+      VALUES ('delete', old.id, old.ecosystem, old.name, old.description, old.keywords);
+    END;
+
+    CREATE TRIGGER packages_au AFTER UPDATE ON packages BEGIN
+      INSERT INTO packages_fts(packages_fts, rowid, ecosystem, name, description, keywords)
+      VALUES ('delete', old.id, old.ecosystem, old.name, old.description, old.keywords);
+      INSERT INTO packages_fts(rowid, ecosystem, name, description, keywords)
+      VALUES (new.id, new.ecosystem, new.name, new.description, new.keywords);
+    END;
+
+    CREATE TABLE build_info (
+      id INTEGER PRIMARY KEY CHECK (id = 1),
+      built_at TEXT NOT NULL,
+      package_count INTEGER,
+      version_count INTEGER,
+      advisory_count INTEGER
+    );
+  `)
+
+  return db
+}
+
+function insertPackage(db, pkg) {
+  const stmt = db.prepare(`
+    INSERT OR REPLACE INTO packages (
+      id, ecosystem, name, purl, namespace, description, homepage,
+      repository_url, licenses, normalized_licenses, latest_version,
+      versions_count, downloads, downloads_period, dependent_packages_count,
+      dependent_repos_count, first_release_at, latest_release_at,
+      last_synced_at, keywords
+    ) VALUES (
+      ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?
+    )
+  `)
+
+  const keywords = Array.isArray(pkg.keywords_array) ? pkg.keywords_array.join(' ') : null
+
+  stmt.run(
+    pkg.id,
+    pkg.ecosystem,
+    pkg.name,
+    pkg.purl,
+    pkg.namespace,
+    pkg.description,
+    pkg.homepage,
+    pkg.repository_url,
+    pkg.licenses,
+    JSON.stringify(pkg.normalized_licenses),
+    pkg.latest_release_number,
+    pkg.versions_count,
+    pkg.downloads,
+    pkg.downloads_period,
+    pkg.dependent_packages_count,
+    pkg.dependent_repos_count,
+    pkg.first_release_published_at,
+    pkg.latest_release_published_at,
+    pkg.last_synced_at,
+    keywords
+  )
+
+  return pkg.id
+}
+
+function insertRepoMetadata(db, packageId, repoMetadata, host) {
+  if (!repoMetadata) return
+
+  const stmt = db.prepare(`
+    INSERT OR REPLACE INTO repo_metadata (
+      package_id, owner, repo_name, full_name, host, language,
+      stargazers_count, forks_count, open_issues_count, archived, fork
+    ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+  `)
+
+  stmt.run(
+    packageId,
+    repoMetadata.owner,
+    repoMetadata.name,
+    repoMetadata.full_name,
+    host?.name,
+    repoMetadata.language,
+    repoMetadata.stargazers_count,
+    repoMetadata.forks_count,
+    repoMetadata.open_issues_count,
+    repoMetadata.archived ? 1 : 0,
+    repoMetadata.fork ? 1 : 0
+  )
+}
+
+function insertAdvisories(db, packageId, advisories) {
+  if (!advisories || advisories.length === 0) return
+
+  const stmt = db.prepare(`
+    INSERT OR REPLACE INTO advisories (
+      package_id, uuid, url, title, description, severity, published_at, cvss_score
+    ) VALUES (?, ?, ?, ?, ?, ?, ?, ?)
+  `)
+
+  for (const advisory of advisories) {
+    if (!advisory || !advisory.uuid) continue
+    stmt.run(
+      packageId,
+      advisory.uuid,
+      advisory.url,
+      advisory.title,
+      advisory.description,
+      advisory.severity,
+      advisory.published_at,
+      advisory.cvss_score
+    )
+  }
+}
+
+function insertVersions(db, packageId, versionNumbers) {
+  if (!versionNumbers || versionNumbers.length === 0) return
+
+  const stmt = db.prepare(`
+    INSERT OR REPLACE INTO versions (package_id, number) VALUES (?, ?)
+  `)
+
+  for (const number of versionNumbers) {
+    stmt.run(packageId, number)
+  }
+}
+
+function updateBuildInfo(db) {
+  const packageCount = db.prepare('SELECT COUNT(*) as count FROM packages').get().count
+  const versionCount = db.prepare('SELECT COUNT(*) as count FROM versions').get().count
+  const advisoryCount = db.prepare('SELECT COUNT(*) as count FROM advisories').get().count
+
+  db.prepare(`
+    INSERT OR REPLACE INTO build_info (id, built_at, package_count, version_count, advisory_count)
+    VALUES (1, ?, ?, ?, ?)
+  `).run(new Date().toISOString(), packageCount, versionCount, advisoryCount)
+}
+
+async function build(options = {}) {
+  const {
+    dbPath = 'critical-packages.db',
+    fetchVersionsData = true,
+    onProgress = console.log
+  } = options
+
+  await mkdir(dirname(dbPath) || '.', { recursive: true }).catch(() => {})
+  await unlink(dbPath).catch(() => {})
+  await unlink(dbPath + '-wal').catch(() => {})
+  await unlink(dbPath + '-shm').catch(() => {})
+
+  onProgress('Creating database...')
+  const db = createDatabase(dbPath)
+
+  onProgress('Fetching critical packages...')
+  const packages = await fetchAllCriticalPackages(onProgress)
+  onProgress(`Found ${packages.length} critical packages`)
+
+  const insertAll = db.transaction((pkgs) => {
+    for (const pkg of pkgs) {
+      insertPackage(db, pkg)
+      insertRepoMetadata(db, pkg.id, pkg.repo_metadata, pkg.host)
+      insertAdvisories(db, pkg.id, pkg.advisories)
+    }
+  })
+
+  onProgress('Inserting packages...')
+  insertAll(packages)
+
+  if (fetchVersionsData) {
+    onProgress('Fetching versions...')
+    let completed = 0
+    const total = packages.length
+
+    const processPackage = async (pkg) => {
+      const versions = await fetchVersionNumbers(pkg.ecosystem, pkg.name)
+      await sleep(RATE_LIMIT_MS)
+      return { pkg, versions }
+    }
+
+    // Process in batches with concurrency limit
+    for (let i = 0; i < packages.length; i += CONCURRENCY) {
+      const batch = packages.slice(i, i + CONCURRENCY)
+      const results = await Promise.all(batch.map(processPackage))
+
+      db.transaction(() => {
+        for (const { pkg, versions } of results) {
+          if (versions.length > 0) {
+            insertVersions(db, pkg.id, versions)
+          }
+        }
+      })()
+
+      completed += batch.length
+      onProgress(`Fetched versions for ${completed}/${total} packages`)
+    }
+  }
+
+  updateBuildInfo(db)
+
+  const info = db.prepare('SELECT * FROM build_info WHERE id = 1').get()
+  onProgress(`Build complete: ${info.package_count} packages, ${info.version_count} versions, ${info.advisory_count} advisories`)
+
+  db.close()
+  return info
+}
+
+export { build, createDatabase, fetchAllCriticalPackages, fetchVersionNumbers, databasePath }

package/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "@ecosyste-ms/critical",
+  "version": "1.0.0",
+  "description": "SQLite database of critical packages from ecosyste.ms",
+  "main": "./lib/index.js",
+  "type": "module",
+  "bin": {
+    "critical": "bin.js"
+  },
+  "scripts": {
+    "build": "node bin.js",
+    "test": "node test/index.js"
+  },
+  "keywords": [
+    "ecosystems",
+    "packages",
+    "sqlite",
+    "critical",
+    "sbom",
+    "vulnerabilities"
+  ],
+  "license": "CC-BY-SA-4.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/ecosyste-ms/critical.git"
+  },
+  "files": [
+    "lib",
+    "bin.js",
+    "README.md",
+    "LICENSE",
+    "critical-packages.db"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "dependencies": {
+    "better-sqlite3": "^11.7.0"
+  }
+}