@herodevs/cli 1.5.0-beta.3 → 1.6.0-beta.0

package/README.md

@@ -26,7 +26,7 @@ $ npm install -g @herodevs/cli
 $ hd COMMAND
 running command...
 $ hd (--version)
-@herodevs/cli/1.5.0-beta.3 linux-x64 node-v22.14.0
+@herodevs/cli/1.6.0-beta.0 linux-x64 node-v22.14.0
 $ hd --help [COMMAND]
 USAGE
   $ hd COMMAND
@@ -91,7 +91,7 @@ EXAMPLES
   $ hd report committers --csv
 ```
 
-_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v1.5.0-beta.3/src/commands/report/committers.ts)_
+_See code: [src/commands/report/committers.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/report/committers.ts)_
 
 ## `hd report purls`
 
@@ -125,7 +125,7 @@ EXAMPLES
   $ hd report purls --save --csv
 ```
 
-_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v1.5.0-beta.3/src/commands/report/purls.ts)_
+_See code: [src/commands/report/purls.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/report/purls.ts)_
 
 ## `hd scan eol`
 
@@ -159,7 +159,7 @@ EXAMPLES
   $ hd scan eol -a --dir=./my-project
 ```
 
-_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v1.5.0-beta.3/src/commands/scan/eol.ts)_
+_See code: [src/commands/scan/eol.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/scan/eol.ts)_
 
 ## `hd scan sbom`
 
@@ -187,7 +187,7 @@ EXAMPLES
   $ hd scan sbom --file=path/to/sbom.json
 ```
 
-_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v1.5.0-beta.3/src/commands/scan/sbom.ts)_
+_See code: [src/commands/scan/sbom.ts](https://github.com/herodevs/cli/blob/v1.6.0-beta.0/src/commands/scan/sbom.ts)_
 
 ## `hd update [CHANNEL]`
 

package/bin/dev.js

@@ -1,7 +1,5 @@
 #!/usr/bin/env node
 
-import { execute } from '@oclif/core';
-
 // Localhost
 // process.env.GRAPHQL_HOST = 'http://localhost:3000';
 
@@ -11,4 +9,10 @@ process.env.GRAPHQL_HOST = 'https://api.dev.nes.herodevs.com';
 // Prod
 // process.env.GRAPHQL_HOST = 'https://api.nes.herodevs.com';
 
-await execute({ development: true, dir: import.meta.url });
+import main from './main.js';
+
+try {
+  await main(false);
+} catch (error) {
+  process.exit(1);
+}

package/bin/main.js

@@ -0,0 +1,29 @@
+import { parseArgs } from 'node:util';
+import { execute } from '@oclif/core';
+
+async function main(isProduction = false) {
+  const { positionals } = parseArgs({
+    allowPositionals: true,
+    strict: false, // Don't validate flags
+  });
+
+  // If no arguments at all, default to scan:eol -t
+  if (positionals.length === 0) {
+    process.argv.splice(2, 0, 'scan:eol', '-t');
+  }
+  // If only flags are provided, set scan:eol as the command for those flags
+  else if (positionals.length === 1 && positionals[0].startsWith('-')) {
+    process.argv.splice(2, 0, 'scan:eol');
+  }
+
+  try {
+    await execute({
+      development: !isProduction,
+      dir: new URL('./dev.js', import.meta.url),
+    });
+  } catch (error) {
+    process.exit(1);
+  }
+}
+
+export default main;

package/bin/run.js

@@ -1,5 +1,9 @@
 #!/usr/bin/env node
 
-import { execute } from '@oclif/core';
+import main from './main.js';
 
-await execute({ dir: import.meta.url });
+try {
+  await main(true);
+} catch (error) {
+  process.exit(1);
+}

package/dist/service/eol/cdx.svc.d.ts

@@ -1,4 +1,8 @@
 import type { CdxGenOptions } from './eol.svc.ts';
+export interface SbomDependency {
+    ref: string;
+    dependsOn: string[];
+}
 export interface SbomEntry {
     group: string;
     name: string;
@@ -7,7 +11,7 @@ export interface SbomEntry {
 }
 export interface Sbom {
     components: SbomEntry[];
-    dependencies: SbomEntry[];
+    dependencies: SbomDependency[];
 }
 export declare const SBOM_DEFAULT__OPTIONS: {
     $0: string;

package/dist/service/purls.svc.d.ts

@@ -12,9 +12,9 @@ export declare function formatCsvValue(value: string): string;
  */
 export declare function getPurlOutput(purls: string[], output: string): string;
 /**
- * Translate an SBOM to a list of purls for api request.
+ * Extract all PURLs from a CycloneDX SBOM, including components and dependencies
  */
-export declare function extractPurls(sbom: Sbom): Promise<string[]>;
+export declare function extractPurls(sbom: Sbom): string[];
 /**
  * Parse a purls file in either JSON or text format, including the format of
  * eol.purls.json - { purls: [ 'pkg:npm/express@4.18.2', 'pkg:npm/react@18.3.1' ] }

package/dist/service/purls.svc.js

@@ -21,11 +21,44 @@ export function getPurlOutput(purls, output) {
     }
 }
 /**
- * Translate an SBOM to a list of purls for api request.
+ * Extract PURLs from components recursively
  */
-export async function extractPurls(sbom) {
-    const { components: comps } = sbom;
-    return comps.map((c) => c.purl) ?? [];
+function extractPurlsFromComponents(components, purlSet) {
+    for (const component of components) {
+        if (component.purl) {
+            purlSet.add(component.purl);
+        }
+    }
+}
+/**
+ * Extract PURLs from dependencies
+ */
+function extractPurlsFromDependencies(dependencies, purlSet) {
+    for (const dependency of dependencies) {
+        if (dependency.ref) {
+            purlSet.add(dependency.ref);
+        }
+        if (dependency.dependsOn) {
+            for (const dep of dependency.dependsOn) {
+                purlSet.add(dep);
+            }
+        }
+    }
+}
+/**
+ * Extract all PURLs from a CycloneDX SBOM, including components and dependencies
+ */
+export function extractPurls(sbom) {
+    const purlSet = new Set();
+    // Extract from direct components
+    if (sbom.components) {
+        extractPurlsFromComponents(sbom.components, purlSet);
+    }
+    // Extract from dependencies
+    if (sbom.dependencies) {
+        extractPurlsFromDependencies(sbom.dependencies, purlSet);
+    }
+    return Array.from(purlSet);
 }
 /**
  * Parse a purls file in either JSON or text format, including the format of

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@herodevs/cli",
-  "version": "1.5.0-beta.3",
+  "version": "1.6.0-beta.0",
   "author": "HeroDevs, Inc",
   "bin": {
     "hd": "./bin/run.js"
@@ -26,10 +26,6 @@
     "prepack": "oclif manifest && oclif readme",
     "pretest": "npm run lint && npm run typecheck",
     "readme": "npm run ci:fix && npm run build && npm exec oclif readme",
-    "release": "./scripts/release.sh",
-    "pre:release:publish": "npm run prepack && git add README.md",
-    "release:publish:beta": "npm run release -- --publish",
-    "release:publish:latest": "npm run release -- --latest --publish",
     "test": "globstar -- node --import tsx --test \"test/**/*.test.ts\"",
     "test:e2e": "globstar -- node --import tsx --test \"e2e/**/*.test.ts\"",
     "typecheck": "tsc --noEmit"
@@ -57,7 +53,6 @@
     "@types/node": "^22",
     "@types/sinon": "^17.0.4",
     "@types/update-notifier": "^6.0.8",
-    "commit-and-tag-version": "^12.5.1",
     "globstar": "^1.0.0",
     "oclif": "^4",
     "shx": "^0.4.0",
@@ -86,7 +81,7 @@
       "@oclif/plugin-update"
     ],
     "hooks": {
-      "init": "./dist/hooks/npm-update-notifier",
+      "init": "./dist/hooks/npm-update-notifier.js",
       "prerun": "./dist/hooks/prerun.js"
     },
     "topicSeparator": " ",