@herodevs/cli 1.2.0-beta.1 → 1.3.0-beta.1

package/README.md

@@ -16,7 +16,7 @@ $ npm install -g @herodevs/cli
 $ hd COMMAND
 running command...
 $ hd (--version)
-@herodevs/cli/1.2.0-beta.1 linux-x64 node-v22.14.0
+@herodevs/cli/1.3.0-beta.1 linux-x64 node-v22.14.0
 $ hd --help [COMMAND]
 USAGE
   $ hd COMMAND
@@ -80,7 +80,7 @@ EXAMPLES
   $ hd report committers --csv
 ```
 
-_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v1.2.0-beta.1/src/commands/report/committers.ts)_
+_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v1.3.0-beta.1/src/commands/report/committers.ts)_
 
 ## `hd report purls`
 
@@ -114,7 +114,7 @@ EXAMPLES
   $ hd report purls --save --csv
 ```
 
-_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v1.2.0-beta.1/src/commands/report/purls.ts)_
+_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v1.3.0-beta.1/src/commands/report/purls.ts)_
 
 ## `hd scan eol`
 
@@ -122,13 +122,14 @@ Scan a given sbom for EOL data
 
 ```
 USAGE
-  $ hd scan eol [--json] [-f <value>] [-d <value>] [-s] [-a] [-c]
+  $ hd scan eol [--json] [-f <value>] [-p <value>] [-d <value>] [-s] [-a] [-c]
 
 FLAGS
   -a, --all                 Show all components (default is EOL and LTS only)
   -c, --getCustomerSupport  Get Never-Ending Support for End-of-Life components
   -d, --dir=<value>         The directory to scan in order to create a cyclonedx sbom
   -f, --file=<value>        The file path of an existing cyclonedx sbom to scan for EOL
+  -p, --purls=<value>       The file path of a list of purls to scan for EOL
   -s, --save                Save the generated SBOM as nes.sbom.json in the scanned directory
 
 GLOBAL FLAGS
@@ -142,10 +143,12 @@ EXAMPLES
 
   $ hd scan eol --file=path/to/sbom.json
 
+  $ hd scan eol --purls=path/to/purls.json
+
   $ hd scan eol -a --dir=./my-project
 ```
 
-_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v1.2.0-beta.1/src/commands/scan/eol.ts)_
+_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v1.3.0-beta.1/src/commands/scan/eol.ts)_
 
 ## `hd scan sbom`
 
@@ -173,5 +176,5 @@ EXAMPLES
   $ hd scan sbom --file=path/to/sbom.json
 ```
 
-_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v1.2.0-beta.1/src/commands/scan/sbom.ts)_
+_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v1.3.0-beta.1/src/commands/scan/sbom.ts)_
 <!-- commandsstop -->

package/dist/api/nes/nes.client.d.ts

@@ -1,20 +1,23 @@
 import type * as apollo from '@apollo/client/core/index.js';
-import type { ScanResult } from '../../api/types/nes.types.ts';
+import type { InsightsEolScanInput, InsightsEolScanResult } from '../../api/types/nes.types.ts';
+import type { ProcessBatchOptions, ScanInputOptions, ScanResult } from '../types/hd-cli.types.ts';
 export interface NesClient {
     scan: {
-        sbom: (purls: string[]) => Promise<ScanResult>;
+        purls: (purls: string[], options: ScanInputOptions) => Promise<InsightsEolScanResult>;
     };
 }
 export declare class NesApolloClient implements NesClient {
     #private;
     scan: {
-        sbom: (purls: string[]) => Promise<ScanResult>;
+        purls: (purls: string[], options: ScanInputOptions) => Promise<InsightsEolScanResult>;
     };
     constructor(url: string);
     mutate<T, V extends Record<string, unknown>>(mutation: apollo.DocumentNode, variables?: V): Promise<apollo.FetchResult<T>>;
     query<T, V extends Record<string, unknown> | undefined>(query: apollo.DocumentNode, variables?: V): Promise<apollo.ApolloQueryResult<T>>;
 }
-/**
- * Uses the purls from the sbom to run the scan.
- */
-export declare function submitScan(purls: string[]): Promise<ScanResult>;
+export declare const batchSubmitPurls: (purls: string[], options: ScanInputOptions, batchSize: number) => Promise<ScanResult>;
+export declare const createBatches: (items: string[], batchSize: number) => string[][];
+export declare const processBatch: ({ batch, index, totalPages, scanOptions, previousScanId, }: ProcessBatchOptions) => Promise<InsightsEolScanResult>;
+export declare const processBatches: (batches: string[][], scanOptions: ScanInputOptions) => Promise<InsightsEolScanResult[]>;
+export declare const handleBatchResults: (results: InsightsEolScanResult[]) => ScanResult;
+export declare const buildInsightsEolScanInput: (purls: string[], options: ScanInputOptions) => InsightsEolScanInput;

package/dist/api/nes/nes.client.js

@@ -1,8 +1,9 @@
 import { ApolloClient } from "../../api/client.js";
-import { SbomScanner } from "../../service/nes/nes.svc.js";
+import { debugLogger } from "../../service/log.svc.js";
+import { SbomScanner, buildScanResult } from "../../service/nes/nes.svc.js";
 export class NesApolloClient {
     scan = {
-        sbom: SbomScanner(this),
+        purls: SbomScanner(this),
     };
     #apollo;
     constructor(url) {
@@ -16,13 +17,88 @@ export class NesApolloClient {
     }
 }
 /**
- * Uses the purls from the sbom to run the scan.
+ * Submit a scan for a list of purls after they've been batched by batchSubmitPurls
  */
-export async function submitScan(purls) {
+function submitScan(purls, options) {
     // NOTE: GRAPHQL_HOST is set in `./bin/dev.js` or tests
     const host = process.env.GRAPHQL_HOST || 'https://api.nes.herodevs.com';
     const path = process.env.GRAPHQL_PATH || '/graphql';
     const url = host + path;
     const client = new NesApolloClient(url);
-    return client.scan.sbom(purls);
+    return client.scan.purls(purls, options);
 }
+export const batchSubmitPurls = async (purls, options, batchSize) => {
+    try {
+        const batches = createBatches(purls, batchSize);
+        debugLogger('Processing %d batches', batches.length);
+        if (batches.length === 0) {
+            return {
+                components: new Map(),
+                message: 'No batches to process',
+                success: true,
+                warnings: [],
+            };
+        }
+        const results = await processBatches(batches, options);
+        return handleBatchResults(results);
+    }
+    catch (error) {
+        debugLogger('Fatal error in batchSubmitPurls: %s', error);
+        throw new Error(`Failed to process purls: ${error instanceof Error ? error.message : String(error)}`);
+    }
+};
+export const createBatches = (items, batchSize) => {
+    const numberOfBatches = Math.ceil(items.length / batchSize);
+    return Array.from({ length: numberOfBatches }, (_, index) => {
+        const startIndex = index * batchSize;
+        const endIndex = startIndex + batchSize;
+        return items.slice(startIndex, endIndex);
+    });
+};
+export const processBatch = async ({ batch, index, totalPages, scanOptions, previousScanId, }) => {
+    const page = index + 1;
+    if (page > totalPages) {
+        throw new Error('Total pages exceeded');
+    }
+    debugLogger('Processing batch %d of %d', page, totalPages);
+    const result = await submitScan(batch, {
+        ...scanOptions,
+        page,
+        totalPages,
+        scanId: previousScanId,
+    });
+    return result;
+};
+export const processBatches = async (batches, scanOptions) => {
+    const totalPages = batches.length;
+    const results = [];
+    for (const [index, batch] of batches.entries()) {
+        const previousScanId = results[index - 1]?.scanId;
+        const result = await processBatch({
+            batch,
+            index,
+            totalPages,
+            scanOptions,
+            previousScanId,
+        });
+        results.push(result);
+    }
+    return results;
+};
+export const handleBatchResults = (results) => {
+    if (results.length === 0) {
+        throw new Error('No results to process');
+    }
+    // The API returns placeholders for each batch except the last one.
+    const finalResult = results[results.length - 1];
+    return buildScanResult(finalResult);
+};
+export const buildInsightsEolScanInput = (purls, options) => {
+    const { type, page, totalPages } = options;
+    return {
+        components: purls,
+        type,
+        page,
+        totalPages,
+    };
+};

package/dist/api/types/hd-cli.types.d.ts

@@ -0,0 +1,29 @@
+import { type ComponentStatus, type InsightsEolScanComponent, type ScanWarning } from './nes.types.ts';
+export declare const isValidComponentStatus: (status: string) => status is ComponentStatus;
+export interface ScanInputOptions {
+    type: 'SBOM' | 'OTHER';
+    page: number;
+    totalPages: number;
+    scanId?: string;
+}
+export declare const DEFAULT_SCAN_BATCH_SIZE = 1000;
+export declare const DEFAULT_SCAN_INPUT_OPTIONS: ScanInputOptions;
+export type ScanResultComponentsMap = Map<string, InsightsEolScanComponent>;
+export type ScanInput = {
+    components: string[];
+    options: ScanInputOptions;
+};
+export interface ScanResult {
+    components: ScanResultComponentsMap;
+    diagnostics?: Record<string, unknown>;
+    message: string;
+    success: boolean;
+    warnings: ScanWarning[];
+}
+export interface ProcessBatchOptions {
+    batch: string[];
+    index: number;
+    totalPages: number;
+    scanOptions: ScanInputOptions;
+    previousScanId?: string;
+}

package/dist/api/types/hd-cli.types.js

@@ -0,0 +1,10 @@
+import { VALID_STATUSES } from "./nes.types.js";
+export const isValidComponentStatus = (status) => {
+    return VALID_STATUSES.includes(status);
+};
+export const DEFAULT_SCAN_BATCH_SIZE = 1000;
+export const DEFAULT_SCAN_INPUT_OPTIONS = {
+    type: 'SBOM',
+    page: 1,
+    totalPages: 1,
+};

package/dist/api/types/nes.types.d.ts

@@ -1,35 +1,44 @@
-export type ScanInput = {
+/**
+ * Input parameters for the EOL scan operation
+ */
+export interface InsightsEolScanInput {
+    scanId?: string;
+    /** Array of package URLs in purl format to scan */
     components: string[];
-    type: 'SBOM';
-} | {
-    type: 'OTHER';
-};
+    /** The type of scan being performed (e.g. 'SBOM') */
+    type: string;
+    page: number;
+    totalPages: number;
+}
 export interface ScanResponse {
     insights: {
         scan: {
-            eol: ScanResponseReport;
+            eol: InsightsEolScanResult;
         };
     };
 }
-export interface ScanResponseReport {
-    components: ScanResultComponent[];
-    diagnostics?: Record<string, unknown>;
-    message: string;
+/**
+ * Result of the EOL scan operation
+ */
+export interface InsightsEolScanResult {
+    scanId?: string;
     success: boolean;
-    warnings?: ScanWarning[];
+    message: string;
+    components: InsightsEolScanComponent[];
+    warnings: ScanWarning[];
 }
-export declare const VALID_STATUSES: readonly ["UNKNOWN", "OK", "EOL", "LTS"];
-export type ComponentStatus = (typeof VALID_STATUSES)[number];
-export declare const isValidComponentStatus: (status: string) => status is ComponentStatus;
-export declare const validateComponentStatuses: (statuses: string[]) => ComponentStatus[];
-export interface ScanResultComponent {
-    info: {
-        eolAt: Date | null;
-        isEol: boolean;
-        daysEol: number | null;
-        isUnsafe: boolean;
-        status: ComponentStatus;
-    };
+/**
+ * Information about a component's EOL status
+ */
+export interface InsightsEolScanComponentInfo {
+    isEol: boolean;
+    isUnsafe: boolean;
+    eolAt: Date | null;
+    status: ComponentStatus;
+    daysEol: number | null;
+}
+export interface InsightsEolScanComponent {
+    info: InsightsEolScanComponentInfo;
     purl: string;
 }
 export interface ScanWarning {
@@ -39,11 +48,5 @@ export interface ScanWarning {
     error?: unknown;
     diagnostics?: Record<string, unknown>;
 }
-export type ScanResultComponentsMap = Map<string, ScanResultComponent>;
-export interface ScanResult {
-    components: ScanResultComponentsMap;
-    diagnostics?: Record<string, unknown>;
-    message: string;
-    success: boolean;
-    warnings: ScanWarning[];
-}
+export type ComponentStatus = (typeof VALID_STATUSES)[number];
+export declare const VALID_STATUSES: readonly ["UNKNOWN", "OK", "EOL", "LTS"];

package/dist/api/types/nes.types.js

@@ -1,11 +1 @@
 export const VALID_STATUSES = ['UNKNOWN', 'OK', 'EOL', 'LTS'];
-export const isValidComponentStatus = (status) => {
-    return VALID_STATUSES.includes(status);
-};
-export const validateComponentStatuses = (statuses) => {
-    const validStatuses = statuses.filter(isValidComponentStatus);
-    if (validStatuses.length !== statuses.length) {
-        throw new Error('Invalid component status provided');
-    }
-    return validStatuses;
-};

package/dist/commands/report/purls.js

@@ -75,9 +75,7 @@ export default class ReportPurls extends Command {
                 }
             }
             // Return wrapped object with metadata
-            return {
-                purls,
-            };
+            return { purls };
         }
         catch (error) {
             this.error(`Failed to generate PURLs: ${getErrorMessage(error)}`);

package/dist/commands/scan/eol.d.ts

@@ -1,19 +1,22 @@
 import { Command } from '@oclif/core';
-import type { ScanResultComponent } from '../../api/types/nes.types.ts';
+import type { InsightsEolScanComponent } from '../../api/types/nes.types.ts';
 export default class ScanEol extends Command {
     static description: string;
     static enableJsonFlag: boolean;
     static examples: string[];
     static flags: {
         file: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
+        purls: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
         dir: import("@oclif/core/interfaces").OptionFlag<string | undefined, import("@oclif/core/interfaces").CustomOptions>;
         save: import("@oclif/core/interfaces").BooleanFlag<boolean>;
         all: import("@oclif/core/interfaces").BooleanFlag<boolean>;
         getCustomerSupport: import("@oclif/core/interfaces").BooleanFlag<boolean>;
     };
     run(): Promise<{
-        components: ScanResultComponent[];
+        components: InsightsEolScanComponent[];
     }>;
+    private getScan;
+    private getPurlsFromFile;
     private scanSbom;
     private getFilteredComponents;
     private saveReport;

package/dist/commands/scan/eol.js

@@ -1,8 +1,11 @@
 import fs from 'node:fs';
+import path from 'node:path';
 import { Command, Flags, ux } from '@oclif/core';
-import { submitScan } from "../../api/nes/nes.client.js";
+import { batchSubmitPurls } from "../../api/nes/nes.client.js";
+import { DEFAULT_SCAN_BATCH_SIZE, DEFAULT_SCAN_INPUT_OPTIONS } from '../../api/types/hd-cli.types.js';
 import { getErrorMessage, isErrnoException } from "../../service/error.svc.js";
 import { extractPurls } from "../../service/purls.svc.js";
+import { parsePurlsFile } from "../../service/purls.svc.js";
 import { createStatusDisplay } from "../../ui/eol.ui.js";
 import { INDICATORS, STATUS_COLORS } from "../../ui/shared.us.js";
 import ScanSbom from "./sbom.js";
@@ -12,6 +15,7 @@ export default class ScanEol extends Command {
     static examples = [
         '<%= config.bin %> <%= command.id %> --dir=./my-project',
         '<%= config.bin %> <%= command.id %> --file=path/to/sbom.json',
+        '<%= config.bin %> <%= command.id %> --purls=path/to/purls.json',
         '<%= config.bin %> <%= command.id %> -a --dir=./my-project',
     ];
     static flags = {
@@ -19,6 +23,10 @@ export default class ScanEol extends Command {
             char: 'f',
             description: 'The file path of an existing cyclonedx sbom to scan for EOL',
         }),
+        purls: Flags.string({
+            char: 'p',
+            description: 'The file path of a list of purls to scan for EOL',
+        }),
         dir: Flags.string({
             char: 'd',
             description: 'The directory to scan in order to create a cyclonedx sbom',
@@ -44,8 +52,7 @@ export default class ScanEol extends Command {
         if (flags.getCustomerSupport) {
             this.log(ux.colorize('yellow', 'Never-Ending Support is on the way. Please stay tuned for this feature.'));
         }
-        const sbom = await ScanSbom.loadSbom(flags, this.config);
-        const scan = await this.scanSbom(sbom);
+        const scan = await this.getScan(flags, this.config);
         ux.action.stop('\nScan completed');
         const filteredComponents = this.getFilteredComponents(scan, flags.all);
         if (flags.save) {
@@ -57,7 +64,29 @@ export default class ScanEol extends Command {
         await this.displayResults(scan, flags.all);
         return { components: filteredComponents };
     }
-    async scanSbom(sbom) {
+    async getScan(flags, config) {
+        if (flags.purls) {
+            ux.action.start(`Scanning purls from ${flags.purls}`);
+            const purls = this.getPurlsFromFile(flags.purls);
+            return batchSubmitPurls(purls, DEFAULT_SCAN_INPUT_OPTIONS, DEFAULT_SCAN_BATCH_SIZE);
+        }
+        const sbom = await ScanSbom.loadSbom(flags, config);
+        const scan = this.scanSbom(sbom, flags);
+        return scan;
+    }
+    getPurlsFromFile(filePath) {
+        if (typeof filePath !== 'string') {
+            this.error(`Failed to parse file path: ${filePath}`);
+        }
+        try {
+            const purlsFileString = fs.readFileSync(filePath, 'utf8');
+            return parsePurlsFile(purlsFileString);
+        }
+        catch (error) {
+            this.error(`Failed to read purls file. ${getErrorMessage(error)}`);
+        }
+    }
+    async scanSbom(sbom, flags) {
         let scan;
         let purls;
         try {
@@ -67,7 +96,7 @@ export default class ScanEol extends Command {
             this.error(`Failed to extract purls from sbom. ${getErrorMessage(error)}`);
         }
         try {
-            scan = await submitScan(purls);
+            scan = await batchSubmitPurls(purls, DEFAULT_SCAN_INPUT_OPTIONS, DEFAULT_SCAN_BATCH_SIZE);
         }
         catch (error) {
             this.error(`Failed to submit scan to NES from sbom. ${getErrorMessage(error)}`);
@@ -84,7 +113,9 @@ export default class ScanEol extends Command {
     }
     async saveReport(components) {
         try {
-            fs.writeFileSync('nes.eol.json', JSON.stringify({ components }, null, 2));
+            const { flags } = await this.parse(ScanEol);
+            const reportPath = path.join(flags.dir || process.cwd(), 'nes.eol.json');
+            fs.writeFileSync(reportPath, JSON.stringify({ components }, null, 2));
             this.log('Report saved to nes.eol.json');
         }
         catch (error) {

package/dist/service/eol/cdx.svc.d.ts

@@ -1,4 +1,4 @@
-import type { CdxCreator, CdxGenOptions } from './eol.svc.ts';
+import type { CdxGenOptions } from './eol.svc.ts';
 export interface SbomEntry {
     group: string;
     name: string;
@@ -65,10 +65,4 @@ export declare const SBOM_DEFAULT__OPTIONS: {
  * Lazy loads cdxgen (for ESM purposes), scans
  * `directory`, and returns the `bomJson` property.
  */
-export declare function createBomFromDir(directory: string, opts?: CdxGenOptions): Promise<Sbom | undefined>;
-export declare const cdxgen: {
-    createBom: CdxCreator | undefined;
-};
-export declare function getCdxGen(): Promise<{
-    createBom: CdxCreator | undefined;
-}>;
+export declare function createBomFromDir(directory: string, opts?: CdxGenOptions): Promise<any>;

package/dist/service/eol/cdx.svc.js

@@ -1,3 +1,4 @@
+import { createBom } from '@cyclonedx/cdxgen';
 import { debugLogger } from "../../service/log.svc.js";
 export const SBOM_DEFAULT__OPTIONS = {
     $0: 'cdxgen',
@@ -58,25 +59,7 @@ export const SBOM_DEFAULT__OPTIONS = {
  * `directory`, and returns the `bomJson` property.
  */
 export async function createBomFromDir(directory, opts = {}) {
-    const { createBom } = await getCdxGen();
-    const sbom = await createBom?.(directory, { ...SBOM_DEFAULT__OPTIONS, ...opts });
+    const sbom = await createBom(directory, { ...SBOM_DEFAULT__OPTIONS, ...opts });
     debugLogger('Successfully generated SBOM');
     return sbom?.bomJson;
 }
-// use a value holder, for easier mocking
-export const cdxgen = { createBom: undefined };
-export async function getCdxGen() {
-    if (cdxgen.createBom) {
-        return cdxgen;
-    }
-    const ogEnv = process.env.NODE_ENV;
-    process.env.NODE_ENV = undefined;
-    try {
-        // @ts-expect-error
-        cdxgen.createBom = (await import('@cyclonedx/cdxgen')).createBom;
-    }
-    finally {
-        process.env.NODE_ENV = ogEnv;
-    }
-    return cdxgen;
-}

package/dist/service/eol/eol.svc.d.ts

@@ -8,6 +8,5 @@ export interface ScanOptions {
 export type CdxCreator = (dir: string, opts: CdxGenOptions) => Promise<{
     bomJson: Sbom;
 }>;
-export declare function createSbom(directory: string, opts?: ScanOptions): Promise<Sbom>;
+export declare function createSbom(directory: string, opts?: ScanOptions): Promise<any>;
 export declare function validateIsCycloneDxSbom(sbom: unknown): asserts sbom is Sbom;
-export { cdxgen } from './cdx.svc.ts';

package/dist/service/eol/eol.svc.js

@@ -23,4 +23,3 @@ export function validateIsCycloneDxSbom(sbom) {
         throw new Error('Invalid SBOM: missing or invalid components array');
     }
 }
-export { cdxgen } from "./cdx.svc.js";

package/dist/service/eol/sbom.worker.js

@@ -1,6 +1,5 @@
 import { writeFileSync } from 'node:fs';
 import { join } from 'node:path';
-// @ts-expect-error
 import { createBom } from '@cyclonedx/cdxgen';
 import { SBOM_DEFAULT__OPTIONS } from "./cdx.svc.js";
 process.on('uncaughtException', (err) => {

package/dist/service/nes/nes.svc.d.ts

@@ -1,4 +1,5 @@
 import type { NesApolloClient } from '../../api/nes/nes.client.ts';
-import type { ScanResponseReport, ScanResult } from '../../api/types/nes.types.ts';
-export declare const buildScanResult: (scan: ScanResponseReport) => ScanResult;
-export declare const SbomScanner: (client: NesApolloClient) => (purls: string[]) => Promise<ScanResult>;
+import type { ScanInputOptions, ScanResult } from '../../api/types/hd-cli.types.ts';
+import type { InsightsEolScanResult } from '../../api/types/nes.types.ts';
+export declare const buildScanResult: (scan: InsightsEolScanResult) => ScanResult;
+export declare const SbomScanner: (client: NesApolloClient) => (purls: string[], options: ScanInputOptions) => Promise<InsightsEolScanResult>;

package/dist/service/nes/nes.svc.js

@@ -12,8 +12,9 @@ export const buildScanResult = (scan) => {
         warnings: scan.warnings || [],
     };
 };
-export const SbomScanner = (client) => async (purls) => {
-    const input = { components: purls, type: 'SBOM' };
+export const SbomScanner = (client) => async (purls, options) => {
+    const { type, page, totalPages, scanId } = options;
+    const input = { components: purls, type, page, totalPages, scanId };
     const res = await client.mutate(M_SCAN.gql, { input });
     const scan = res.data?.insights?.scan?.eol;
     if (!scan?.success) {
@@ -21,6 +22,5 @@ export const SbomScanner = (client) => async (purls) => {
         debugLogger('scan failed');
         throw new Error('Failed to provide scan: ');
     }
-    const result = buildScanResult(scan);
-    return result;
+    return scan;
 };

package/dist/service/purls.svc.d.ts

@@ -15,3 +15,9 @@ export declare function getPurlOutput(purls: string[], output: string): string;
  * Translate an SBOM to a list of purls for api request.
  */
 export declare function extractPurls(sbom: Sbom): Promise<string[]>;
+/**
+ * Parse a purls file in either JSON or text format, including the format of
+ * nes.purls.json - { purls: [ 'pkg:npm/express@4.18.2', 'pkg:npm/react@18.3.1' ] }
+ * or a text file with one purl per line.
+ */
+export declare function parsePurlsFile(purlsFileString: string): string[];

package/dist/service/purls.svc.js

@@ -27,3 +27,29 @@ export async function extractPurls(sbom) {
     const { components: comps } = sbom;
     return comps.map((c) => c.purl) ?? [];
 }
+/**
+ * Parse a purls file in either JSON or text format, including the format of
+ * nes.purls.json - { purls: [ 'pkg:npm/express@4.18.2', 'pkg:npm/react@18.3.1' ] }
+ * or a text file with one purl per line.
+ */
+export function parsePurlsFile(purlsFileString) {
+    try {
+        const parsed = JSON.parse(purlsFileString);
+        if (parsed && Array.isArray(parsed.purls)) {
+            return parsed.purls;
+        }
+        if (Array.isArray(parsed)) {
+            return parsed;
+        }
+    }
+    catch {
+        const lines = purlsFileString
+            .split('\n')
+            .map((line) => line.trim())
+            .filter((line) => line.length > 0 && line.startsWith('pkg:'));
+        if (lines.length > 0) {
+            return lines;
+        }
+    }
+    throw new Error('Invalid purls file: must be either JSON with purls array or text file with one purl per line');
+}

package/dist/ui/eol.ui.d.ts

@@ -1,4 +1,5 @@
-import type { ComponentStatus, ScanResultComponentsMap } from '../api/types/nes.types.ts';
+import type { ScanResultComponentsMap } from '../api/types/hd-cli.types.ts';
+import type { ComponentStatus } from '../api/types/nes.types.ts';
 export declare function truncatePurl(purl: string): string;
 export declare function colorizeStatus(status: ComponentStatus): string;
 export declare function createStatusDisplay(components: ScanResultComponentsMap, all: boolean): Record<ComponentStatus, string[]>;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@herodevs/cli",
-  "version": "1.2.0-beta.1",
+  "version": "1.3.0-beta.1",
   "author": "HeroDevs, Inc",
   "bin": {
     "hd": "./bin/run.js"
@@ -19,7 +19,7 @@
     "clean": "shx rm -rf dist && npm run clean:files && shx rm -rf node_modules",
     "clean:files": "shx rm -f nes.**.csv nes.**.json nes.**.text",
     "dev": "npm run build && ./bin/dev.js",
-    "dev:debug": "npm run build && DEBUG=* ./bin/dev.js",
+    "dev:debug": "npm run build && DEBUG=oclif:* ./bin/dev.js",
     "format": "biome format --write",
     "lint": "biome lint --write",
     "postpack": "shx rm -f oclif.manifest.json",
@@ -28,7 +28,8 @@
     "readme": "npm run ci:fix && npm run build && npm exec oclif readme",
     "test": "globstar -- node --import tsx --test \"test/**/*.test.ts\"",
     "typecheck": "tsc --noEmit",
-    "version": "oclif readme && git add README.md"
+    "version": "oclif readme && git add README.md",
+    "test:e2e": "globstar -- node --import tsx --test \"e2e/**/*.test.ts\""
   },
   "keywords": [
     "herodevs",
@@ -37,7 +38,7 @@
   ],
   "dependencies": {
     "@apollo/client": "^3.13.1",
-    "@cyclonedx/cdxgen": "^11.2.2",
+    "@cyclonedx/cdxgen": "^11.2.3",
     "@oclif/core": "^4",
     "@oclif/plugin-help": "^6",
     "graphql": "^16.8.1"
@@ -57,7 +58,7 @@
     "typescript": "^5.8.0"
   },
   "engines": {
-    "node": ">=18.0.0"
+    "node": ">=20.0.0"
   },
   "files": [
     "./bin",