@mitre/hdf-converters 2.12.2 → 2.13.0

package/lib/src/cyclonedx-sbom-mapper.js.map

@@ -1 +1 @@
-{"version":3,"file":"cyclonedx-sbom-mapper.js","sourceRoot":"","sources":["../../src/cyclonedx-sbom-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AACzD,2CAAgE;AAoBhE,MAAM,WAAW,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAU,CAAC;AA2BvE,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAC9C,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAC1C,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,UAAU,EAAE,GAAG,CAAC;IACjB,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,SAAS,EAAE,GAAG,CAAC;CACjB,CAAC,CAAC;AAGH,SAAS,aAAa,CACpB,KAEiE,EACjE,SAAS,GAAG,IAAI;IAEhB,OAAO,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAClC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;QAC3D,CAAC,CAAC,EAAE,CAAC;AACT,CAAC;AAGD,SAAS,WAAW,CAClB,KAEiE;IAEjE,OAAO,gBAAgB,CAAC,UAAU,CAChC,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,EAC3B,gBAAgB,CACjB,CAAC;AACJ,CAAC;AAID,SAAS,SAAS,CAAC,OAAwC;IACzD,OAAO,OAAO;SACX,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;;QACd,OAAA,MAAM,CAAC,KAAK;YACZ,MAAM,CAAC,MAAM;YACb,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAwB,CAAC;YACnD,CAAC;gBACC,MAAM,CAAC,KAAK,GAAG,EAAE;YACnB,CAAC;gBACC,CAAC,MAAA,cAAc,CAAC,GAAG,CAAC,MAAA,MAAA,MAAM,CAAC,QAAQ,0CAAE,WAAW,EAAE,mCAAI,EAAE,CAAC,mCAAI,GAAG,CAAC,CAAA;KAAA,CACtE;SACA,MAAM,CACL,CAAC,QAAQ,EAAE,QAAQ,EAAE,EAAE,CAErB,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,EAC3C,CAAC,CACF,CAAC;AACN,CAAC;AAGD,SAAS,yBAAyB,CAAC,QAAmB;IACpD,IAAI,QAAQ,EAAE;QACX,QAA+B;aAE7B,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE;YAClB,MAAM,OAAO,GAAI,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,EAAE,CAAY,CAAC,KAAK,CAClE,QAAQ,CACT,CAAC;YACF,OAAO,CACL,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;gBACzD,CAAC,CACC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC5B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;oBACxB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;oBAC1B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;oBACvB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CACzB,CACF,CAAC;QACJ,CAAC,CAAC;aAED,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CACf,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;YAC7B,MAAM,CAAC,MAAM,GAAG,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACrD,MAAM,CAAC,YAAY;gBACjB,2FAA2F,CAAC;QAChG,CAAC,CAAC,CACH,CAAC;KACL;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAa,oBAAoB;IAG/B,YAAY,QAAgB,EAAE,OAAO,GAAG,KAAK;QAC3C,IAAI,CAAC,IAAI,GAAG;YACV,UAAU,EAAE,EAAE;YACd,eAAe,EAAE,EAAE;YACnB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;SAC1B,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QAEvB,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE;YAE5B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE;gBAEjC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;aACtC;SACF;aAAM,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE;YAExC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;SAC3B;aAAM;YACL,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;SACH;IACH,CAAC;IAGD,iBAAiB,CAAC,IAAiB;QAEjC,IAAI,CAAC,UAAU,GAAG,gBAAC,CAAC,SAAS,CAC3B,IAAI,CAAC,GAAG,CAAC,UAAU,CACO,CAAC;QAG7B,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE;YAEvC,IAAI,SAAS,CAAC,UAAU,EAAE;gBAExB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;gBAC9C,OAAO,SAAS,CAAC,UAAU,CAAC;aAC7B;SACF;IACH,CAAC;IAgCD,oBAAoB,CAAC,IAAiB;QAEpC,IAAI,CAAC,eAAe,GAAG,gBAAC,CAAC,SAAS,CAChC,IAAI,CAAC,GAAG,CAAC,eAAe,CACM,CAAC;QAEjC,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,eAAe,EAAE;YAChD,aAAa,CAAC,kBAAkB,GAAG,EAAE,CAAC;YAEtC,aAAa,CAAC,kBAAkB,CAAC,IAAI,CACnC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;iBAErC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE,EAAE;;gBAC9B,OAAA,MAAA,aAAa,CAAC,OAAO,0CACjB,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,EAC9B,QAAQ,CAAC,SAAS,CAAC,SAAS,CAAW,CAAC,CAAA;aAAA,CAC5C;iBAEA,GAAG,CAAC,CAAC,CAAC,KAAK,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CACvC,CAAC;YAGF,KAAK,MAAM,KAAK,IAAI,aAAa,CAAC,kBAAkB,EAAE;gBACpD,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,wBAAwB,EAAE;oBACpD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,wBAAwB,GAAG,EAAE,CAAC;iBACtD;gBACA,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,wBAAqC,CAAC,IAAI,CAChE,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAsB,CACrD,CAAC;aACH;SACF;IACH,CAAC;IAID,SAAS,CAAC,IAAiB;;QAEzB,IAAI,CAAC,eAAe,GAAG;YACrB,GAAI,gBAAC,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAEoB;SACnB,CAAC;QAE5C,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,eAAe,EAAE;YAChD,aAAa,CAAC,kBAAkB,GAAG,MAAA,aAAa,CAAC,OAAO,0CAAE,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;gBAEnE,MAAM,KAAK,GAA0B;oBACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE;oBACjB,SAAS,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE;oBACtB,OAAO,EAAE,IAAI;oBACb,IAAI,EAAE,aAAa;iBACpB,CAAC;gBAEF,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAE5B,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;YACpC,CAAC,CAAC,CAAC;SACJ;IACH,CAAC;IAED,KAAK;QACH,OAAO,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC;IAClE,CAAC;CACF;AA3ID,oDA2IC;AAED,MAAa,mBAAoB,SAAQ,8BAA0B;IAIjE,wBAAwB,CACtB,KAAa,EACb,IAAc;QAEd,OAAO,gBAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,CAAC;IACnD,CAAC;IA6XD,YAAY,UAAuB,EAAE,OAAO,GAAG,KAAK;QAClD,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QA5X1B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE;wBACJ,IAAI,EAAE,wBAAwB;wBAC9B,WAAW,EAAE,CAAC,KAAuC,EAAU,EAAE,CAC/D,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC;4BACrB,CAAC,CAAC,yBAAyB,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,SAAS,CAAC,EAAE;4BAC3D,CAAC,CAAC,sBAAsB;qBAC7B;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,wBAAwB;wBAC9B,WAAW,EAAE,CAAC,KAAuC,EAAU,EAAE;4BAC/D,IAAI,KAAK,CAAC,IAAI,EAAE;gCACd,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gCACnD,OAAO,GAAG,KAAK,GAAG,KAAK,CAAC,IAAI,uBAAuB,CAAC;6BACrD;iCAAM;gCACL,OAAO,sBAAsB,CAAC;6BAC/B;wBACH,CAAC;qBACF;oBACD,OAAO,EAAE;wBACP,IAAI,EAAE,gCAAgC;wBACtC,WAAW,EAAE,qBAAY;qBAC1B;oBACD,UAAU,EAAE;wBACV,IAAI,EAAE,wBAAwB;wBAC9B,WAAW,EAAE,CACX,KAAuC,EACnB,EAAE;4BAEtB,MAAM,YAAY,GAAG,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC;gCAC/C,CAAC,CAAC,KAAM,KAAK,CAAC,YAAwC,CAAC,IAAI,GAAG;gCAC9D,CAAC,CAAC,EAAE,CAAC;4BAEP,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE;gCAE3B,OAAQ,KAAK,CAAC,OAAqC;qCAChD,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,CAAC;qCAChD,IAAI,CAAC,IAAI,CAAC,CAAC;6BACf;iCAAM,IAAI,KAAK,CAAC,MAAM,EAAE;gCAEvB,OAAO,GAAG,KAAK,CAAC,MAAM,GAAG,YAAY,EAAE,CAAC;6BACzC;iCAAM;gCACL,OAAO,SAAS,CAAC;6BAClB;wBACH,CAAC;qBACF;oBACD,OAAO,EAAE;wBACP,IAAI,EAAE,oCAAoC;wBAC1C,WAAW,EAAE,qBAAY;qBAC1B;oBACD,SAAS,EAAE;wBACT,IAAI,EAAE,kCAAkC;wBACxC,WAAW,EAAE,qBAAY;qBAC1B;oBACD,OAAO,EAAE;wBACP,IAAI,EAAE,wBAAwB;wBAC9B,WAAW,EAAE,CACX,KAAuC,EACnB,EAAE;;4BACtB,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE;gCACnB,OAAO,SAAS,CAAC;6BAClB;4BAGD,OAAO,MAAA,KAAK,CAAC,QAAQ,0CACjB,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;;gCAChB,OAAA,CAAA,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,0CAAE,IAAI;oCACpB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI;oCACtB,CAAC,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,OAAO,0CAAE,EAAE,CAAA;6BAAA,EAEzB,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,EACjC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAChB,CAAC;qBACF;oBACD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE;oCACJ,IAAI,EAAE,MAAM;oCACZ,WAAW,EAAE,WAAW;iCACzB;gCACD,GAAG,EAAE;oCACH,IAAI,EAAE,MAAM;oCACZ,WAAW,EAAE,CACX,KAEiE,EACvD,EAAE,CAAC,IAAA,2BAAkB,EAAC,WAAW,CAAC,KAAK,CAAC,CAAC;iCACtD;gCACD,GAAG,EAAE,EAAC,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAC;gCAC/C,SAAS,EAAE;oCACT,IAAI,EAAE,SAAS;oCACf,WAAW,EAAE,qBAAY;iCAC1B;gCACD,OAAO,EAAE;oCACP,IAAI,EAAE,SAAS;oCACf,WAAW,EAAE,CACX,KAAsC,EAClB,EAAE,CACtB,KAAK;wCACH,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;6CACP,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;;4CACd,MAAM,YAAY,GAAG,CAAA,MAAA,MAAM,CAAC,MAAM,0CAAE,IAAI;gDACtC,CAAC,CAAC,GAAG,MAAA,MAAM,CAAC,MAAM,0CAAE,IAAI,KAAK;gDAC7B,CAAC,CAAC,wBAAwB,CAAC;4CAC7B,OAAO,GAAG,YAAY,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;wCAC7C,CAAC,CAAC;6CACD,IAAI,CAAC,IAAI,CAAC;wCACf,CAAC,CAAC,SAAS;iCAChB;gCACD,OAAO,EAAE;oCACP,IAAI,EAAE,SAAS;oCACf,WAAW,EAAE,qBAAY;iCAC1B;gCACD,SAAS,EAAE;oCACT,IAAI,EAAE,WAAW;oCACjB,WAAW,EAAE,qBAAY;iCAC1B;gCACD,OAAO,EAAE;oCACP,IAAI,EAAE,SAAS;oCACf,WAAW,EAAE,qBAAY;iCAC1B;gCAED,QAAQ,EAAE;oCACR,IAAI,EAAE,UAAU;oCAChB,WAAW,EAAE,qBAAY;iCAC1B;gCACD,OAAO,EAAE;oCACP,IAAI,EAAE,SAAS;oCACf,WAAW,EAAE,CACX,KAAoC,EAChB,EAAE;;wCACtB,OAAA,KAAK;4CACH,CAAC,CAAC,GAAG,MAAA,KAAK,CAAC,WAAW,0CAChB,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,EACpC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,EACrB,IAAI,CAAC,IAAI,CAAC,EAAE;4CACjB,CAAC,CAAC,SAAS,CAAA;qCAAA;iCAChB;gCACD,KAAK,EAAE;oCACL,IAAI,EAAE,OAAO;oCACb,WAAW,EAAE,CACX,KAIe,EACK,EAAE;;wCACtB,IAAI,CAAC,KAAK,EAAE;4CACV,OAAO,SAAS,CAAC;yCAClB;wCACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;4CACxB,OAAO,KAAK;iDACT,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;iDACxB,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC;iDACtB,IAAI,CAAC,IAAI,CAAC,CAAC;yCACf;wCACD,OAAO;4CACL,GAAG,CAAC,MAAA,MAAA,KAAK,CAAC,UAAU,0CAAE,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,mCACtD,EAAE,CAAC;4CACL,GAAG,CAAC,MAAA,MAAA,KAAK,CAAC,QAAQ,0CAAE,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,mCACpD,EAAE,CAAC;yCACN,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACf,CAAC;iCACF;gCAED,gBAAgB,EAAE;oCAChB,IAAI,EAAE,gBAAgB;oCACtB,WAAW,EAAE,qBAAY;iCAC1B;gCACD,wBAAwB,EAAE;oCACxB,IAAI,EAAE,wBAAwB;oCAC9B,WAAW,EAAE,qBAAY;iCAC1B;gCACD,mBAAmB,EAAE;oCACnB,IAAI,EAAE,mBAAmB;oCACzB,WAAW,EAAE,CAAC,KAAiB,EAAsB,EAAE,CACrD,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;iCAC3D;gCACD,iBAAiB,EAAE;oCACjB,IAAI,EAAE,iBAAiB;oCACvB,WAAW,EAAE,qBAAY;iCAC1B;gCACD,sBAAsB,EAAE;oCACtB,IAAI,EAAE,sBAAsB;oCAC5B,WAAW,EAAE,qBAAY;iCAC1B;gCACD,sBAAsB,EAAE;oCACtB,IAAI,EAAE,sBAAsB;oCAC5B,WAAW,EAAE,qBAAY;iCAC1B;6BACF;4BACD,YAAY,EAAE;gCACZ,WAAW,EAAE,CACX,KAEyD,EACzD,EAAE;oCACF,MAAM,cAAc,GAAG,KAAK,CAAC,cAAc;wCACzC,CAAC,CAAC,mBAAmB,KAAK,CAAC,cAAc,EAAE;wCAC3C,CAAC,CAAC,EAAE,CAAC;oCAEP,MAAM,UAAU,GAAG,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC;wCAC3C,CAAC,CAAC,eAAe,KAAK,CAAC,UAAU,EAAE;wCACnC,CAAC,CAAC,EAAE,CAAC;oCACP,OAAO;wCACL,cAAc,IAAI,UAAU;4CAC1B,CAAC,CAAC;gDACE,IAAI,EAAE,GAAG,cAAc,OAAO,UAAU,EAAE,CAAC,IAAI,EAAE;gDACjD,KAAK,EAAE,KAAK;6CACb;4CACH,CAAC,CAAC,SAAS;wCACb,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,gBAAgB,CAAC;4CAC5B,CAAC,CAAC;gDACE,IAAI,EAAE,qBAAqB,IAAI,CAAC,SAAS,CACvC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,gBAAgB,CAAC,EAC9B,IAAI,EACJ,CAAC,CACF,EAAE;gDACH,KAAK,EAAE,OAAO;6CACf;4CACH,CAAC,CAAC,SAAS;qCACd,CAAC,MAAM,CAAC,CAAC,cAAc,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;gCAC/C,CAAC;6BAC0C;4BAC7C,IAAI,EAAE;gCACJ;oCACE,WAAW,EAAE,CACX,KAA8B,EACL,EAAE;wCAC3B,MAAM,SAAS,GAAG,CAAC,QAAQ,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;wCACzD,MAAM,GAAG,GAAG,SAAS;6CAClB,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;6CAC1C,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,gBAAC,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;wCACpC,OAAO,EAAC,GAAG,EAAE,GAAG,EAAC,CAAC;oCACpB,CAAC;iCACF;6BACF;4BACD,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE;gCAEL,WAAW,EAAE,CACX,KAEyD,EACjD,EAAE,CACV,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE;6BAC7D;4BACD,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE;gCACJ,WAAW,EAAE,CACX,KAEyD,EACrC,EAAE;oCACtB,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW;wCACnC,CAAC,CAAC,gBAAgB,KAAK,CAAC,WAAW,EAAE;wCACrC,CAAC,CAAC,EAAE,CAAC;oCACP,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oCAC7D,OAAO,IAAA,qBAAY,EAAC,GAAG,WAAW,OAAO,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;gCAC5D,CAAC;6BACF;4BACD,MAAM,EAAE;gCACN,WAAW,EAAE,CACX,KAEyD,EACjD,EAAE,WAAC,OAAA,SAAS,CAAC,MAAA,KAAK,CAAC,OAAO,mCAAI,EAAE,CAAC,CAAA,EAAA;6BAC5C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CACZ,gBAAC,CAAC,IAAI,CAAC,aAAa,EAAE,oBAAoB,CAAC,EAC3C,IAAI,EACJ,CAAC,CACF;6BACJ;4BACD,gBAAgB,EAAE,yBAAyB;4BAC3C,OAAO,EAAE;gCACP;oCACE,IAAI,EAAE,oBAAoB;oCAC1B,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,WAAW,EAAE,CAAC,KAAa,EAAU,EAAE;4CACrC,MAAM,qBAAqB,GAAG,IAAI,CAAC,wBAAwB,CACzD,KAAK,EACL,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,CAC7B,CAAC;4CACF,MAAM,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,qBAAqB,EAAE,OAAO,CAAC;gDACjD,CAAC,CAAC,GAAG,qBAAqB,CAAC,KAAK,GAAG;gDACnC,CAAC,CAAC,EAAE,CAAC;4CACP,MAAM,OAAO,GAAG,gBAAC,CAAC,GAAG,CAAC,qBAAqB,EAAE,SAAS,CAAC;gDACrD,CAAC,CAAC,IAAI,qBAAqB,CAAC,OAAO,EAAE;gDACrC,CAAC,CAAC,EAAE,CAAC;4CACP,OAAO,aAAa,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG,OAAO,gBAAgB,CAAC;wCAC7F,CAAC;qCACF;oCACD,OAAO,EAAE;wCACP,WAAW,EAAE,CAAC,KAAa,EAAU,EAAE;4CAErC,MAAM,qBAAqB,GAAG,IAAI,CAAC,wBAAwB,CACzD,KAAK,EACL;gDACE,MAAM;gDACN,WAAW;gDACX,SAAS;gDACT,UAAU;gDACV,cAAc;gDACd,SAAS;gDACT,QAAQ;gDACR,WAAW;gDACX,OAAO;gDACP,MAAM;gDACN,SAAS;gDACT,aAAa;gDACb,UAAU;gDACV,WAAW;6CACZ,CACF,CAAC;4CACF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC;iDAC3C,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;gDACX,OAAO,KAAK,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;oDAC9C,CAAC,CAAC,SAAS,gBAAC,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,qBAAqB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;oDACtF,CAAC,CAAC,SAAS,gBAAC,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;4CAClE,CAAC,CAAC;iDACD,IAAI,CAAC,EAAE,CAAC,CAAC;4CACZ,OAAO,sBAAsB,GAAG,EAAE,CAAC;wCACrC,CAAC;qCACF;oCACD,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,KAAkB,EAA2B,EAAE;oBAG3D,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC,MAAM,CACxC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,OAAO,CAClC,CAAC;oBACF,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,MAAM;gCACZ,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;gCACtD,YAAY,EAAE,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,kBAAkB,CAAC;gCAC9C,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE;oCACtB,YAAY;oCACZ,iBAAiB;oCACjB,cAAc;iCACf,CAAC;6BACH;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,KAAK,CAAC,GAAG,EAAC,CAAC;qBACtC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AA1YD,kDA0YC"}
+{"version":3,"file":"cyclonedx-sbom-mapper.js","sourceRoot":"","sources":["../../src/cyclonedx-sbom-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AACzD,2CAAgE;AAoBhE,MAAM,WAAW,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAU,CAAC;AA2BvE,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAC9C,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAC1C,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,UAAU,EAAE,GAAG,CAAC;IACjB,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,SAAS,EAAE,GAAG,CAAC;CACjB,CAAC,CAAC;AAEH,qFAAqF;AACrF,SAAS,aAAa,CACpB,KAEiE,EACjE,SAAS,GAAG,IAAI;IAEhB,OAAO,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAClC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;QAC3D,CAAC,CAAC,EAAE,CAAC;AACT,CAAC;AAED,sDAAsD;AACtD,SAAS,WAAW,CAClB,KAEiE;IAEjE,OAAO,gBAAgB,CAAC,UAAU,CAChC,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,EAC3B,gBAAgB,CACjB,CAAC;AACJ,CAAC;AAED,oEAAoE;AACpE,iEAAiE;AACjE,SAAS,SAAS,CAAC,OAAwC;IACzD,OAAO,OAAO;SACX,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CACd,MAAM,CAAC,KAAK;QACZ,MAAM,CAAC,MAAM;QACb,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAwB,CAAC,CAAC,sEAAsE;QAC1H,CAAC,CAAC,uDAAuD;YACvD,MAAM,CAAC,KAAK,GAAG,EAAE;QACnB,CAAC,CAAC,oEAAoE;YACpE,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC,IAAI,GAAG,CAAC,CACtE;SACA,MAAM,CACL,CAAC,QAAQ,EAAE,QAAQ,EAAE,EAAE;IACrB,+BAA+B;IAC/B,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,EAC3C,CAAC,CACF,CAAC;AACN,CAAC;AAED,8HAA8H;AAC9H,SAAS,yBAAyB,CAAC,QAAmB;IACpD,IAAI,QAAQ,EAAE,CAAC;QACZ,QAA+B;YAC9B,iFAAiF;aAChF,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE;YAClB,MAAM,OAAO,GAAI,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,EAAE,CAAY,CAAC,KAAK,CAClE,QAAQ,CACT,CAAC;YACF,OAAO,CACL,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;gBACzD,CAAC,CACC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC5B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;oBACxB,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;oBAC1B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;oBACvB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CACzB,CACF,CAAC;QACJ,CAAC,CAAC;YACF,oGAAoG;aACnG,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CACf,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;YAC7B,MAAM,CAAC,MAAM,GAAG,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACrD,MAAM,CAAC,YAAY;gBACjB,2FAA2F,CAAC;QAChG,CAAC,CAAC,CACH,CAAC;IACN,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAa,oBAAoB;IAC/B,IAAI,CAAc;IAClB,OAAO,CAAU;IACjB,YAAY,QAAgB,EAAE,OAAO,GAAG,KAAK;QAC3C,IAAI,CAAC,IAAI,GAAG;YACV,UAAU,EAAE,EAAE;YACd,eAAe,EAAE,EAAE;YACnB,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;SAC1B,CAAC;QACF,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QAEvB,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC;YAC7B,4BAA4B;YAC5B,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;gBAClC,sFAAsF;gBACtF,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;aAAM,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;YACzC,6CAA6C;YAC7C,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,KAAK,CACb,yFAAyF,CAC1F,CAAC;QACJ,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,iBAAiB,CAAC,IAAiB;QACjC,gCAAgC;QAChC,IAAI,CAAC,UAAU,GAAG,gBAAC,CAAC,SAAS,CAC3B,IAAI,CAAC,GAAG,CAAC,UAAU,CACO,CAAC;QAE7B,4DAA4D;QAC5D,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACxC,kCAAkC;YAClC,IAAI,SAAS,CAAC,UAAU,EAAE,CAAC;gBACzB,4GAA4G;gBAC5G,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC;gBAC9C,OAAO,SAAS,CAAC,UAAU,CAAC;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA6BE;IACF,oBAAoB,CAAC,IAAiB;QACpC,qCAAqC;QACrC,IAAI,CAAC,eAAe,GAAG,gBAAC,CAAC,SAAS,CAChC,IAAI,CAAC,GAAG,CAAC,eAAe,CACM,CAAC;QAEjC,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACjD,aAAa,CAAC,kBAAkB,GAAG,EAAE,CAAC;YAEtC,aAAa,CAAC,kBAAkB,CAAC,IAAI,CACnC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;gBACtC,4DAA4D;iBAC3D,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE,EAAE,CAC9B,aAAa,CAAC,OAAO;gBACnB,EAAE,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;iBAC/B,QAAQ,CAAC,SAAS,CAAC,SAAS,CAAW,CAAC,CAC5C;gBACD,qFAAqF;iBACpF,GAAG,CAAC,CAAC,CAAC,KAAK,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CACvC,CAAC;YAEF,8FAA8F;YAC9F,KAAK,MAAM,KAAK,IAAI,aAAa,CAAC,kBAAkB,EAAE,CAAC;gBACrD,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,wBAAwB,EAAE,CAAC;oBACrD,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,wBAAwB,GAAG,EAAE,CAAC;gBACvD,CAAC;gBACA,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,wBAAqC,CAAC,IAAI,CAChE,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAsB,CACrD,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,8GAA8G;IAC9G,iGAAiG;IACjG,SAAS,CAAC,IAAiB;QACzB,qCAAqC;QACrC,IAAI,CAAC,eAAe,GAAG;YACrB,GAAI,gBAAC,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAEoB;SACnB,CAAC;QAE5C,KAAK,MAAM,aAAa,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YACjD,aAAa,CAAC,kBAAkB,GAAG,aAAa,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;gBACnE,6FAA6F;gBAC7F,MAAM,KAAK,GAA0B;oBACnC,IAAI,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE;oBACjB,SAAS,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE;oBACtB,OAAO,EAAE,IAAI;oBACb,IAAI,EAAE,aAAa,CAAC,2EAA2E;iBAChG,CAAC;gBACF,+DAA+D;gBAC/D,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBAC5B,wCAAwC;gBACxC,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;YACpC,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,KAAK;QACH,OAAO,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC;IAClE,CAAC;CACF;AA3ID,oDA2IC;AAED,MAAa,mBAAoB,SAAQ,8BAA0B;IACjE,OAAO,CAAU;IAEjB,qEAAqE;IACrE,wBAAwB,CACtB,KAAa,EACb,IAAc;QAEd,OAAO,gBAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,IAAI,CAAC,CAAC;IACnD,CAAC;IAED,QAAQ,GAGJ;QACF,QAAQ,EAAE;YACR,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAoB;SAC9B;QACD,OAAO,EAAE,sBAAoB;QAC7B,UAAU,EAAE,EAAE;QACd,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE;oBACJ,IAAI,EAAE,wBAAwB;oBAC9B,WAAW,EAAE,CAAC,KAAuC,EAAU,EAAE,CAC/D,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC;wBACrB,CAAC,CAAC,yBAAyB,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,SAAS,CAAC,EAAE;wBAC3D,CAAC,CAAC,sBAAsB;iBAC7B;gBACD,KAAK,EAAE;oBACL,IAAI,EAAE,wBAAwB;oBAC9B,WAAW,EAAE,CAAC,KAAuC,EAAU,EAAE;wBAC/D,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;4BACf,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;4BACnD,OAAO,GAAG,KAAK,GAAG,KAAK,CAAC,IAAI,uBAAuB,CAAC;wBACtD,CAAC;6BAAM,CAAC;4BACN,OAAO,sBAAsB,CAAC;wBAChC,CAAC;oBACH,CAAC;iBACF;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,gCAAgC;oBACtC,WAAW,EAAE,qBAAY;iBAC1B;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,wBAAwB;oBAC9B,WAAW,EAAE,CACX,KAAuC,EACnB,EAAE;wBACtB,2CAA2C;wBAC3C,MAAM,YAAY,GAAG,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC;4BAC/C,CAAC,CAAC,KAAM,KAAK,CAAC,YAAwC,CAAC,IAAI,GAAG;4BAC9D,CAAC,CAAC,EAAE,CAAC;wBACP,yFAAyF;wBACzF,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,EAAE,CAAC;4BAC5B,iCAAiC;4BACjC,OAAQ,KAAK,CAAC,OAAqC;iCAChD,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,CAAC;iCAChD,IAAI,CAAC,IAAI,CAAC,CAAC;wBAChB,CAAC;6BAAM,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;4BACxB,sDAAsD;4BACtD,OAAO,GAAG,KAAK,CAAC,MAAM,GAAG,YAAY,EAAE,CAAC;wBAC1C,CAAC;6BAAM,CAAC;4BACN,OAAO,SAAS,CAAC;wBACnB,CAAC;oBACH,CAAC;iBACF;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,oCAAoC;oBAC1C,WAAW,EAAE,qBAAY;iBAC1B;gBACD,SAAS,EAAE;oBACT,IAAI,EAAE,kCAAkC;oBACxC,WAAW,EAAE,qBAAY;iBAC1B;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,wBAAwB;oBAC9B,WAAW,EAAE,CACX,KAAuC,EACnB,EAAE;wBACtB,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;4BACpB,OAAO,SAAS,CAAC;wBACnB,CAAC;wBACD,4EAA4E;wBAC5E,6CAA6C;wBAC7C,OAAO,KAAK,CAAC,QAAQ;4BACnB,EAAE,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAChB,OAAO,EAAE,OAAO,EAAE,IAAI;4BACpB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI;4BACtB,CAAC,CAAC,OAAO,EAAE,OAAO,EAAE,EAAE,CACzB;6BACA,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC;6BAClC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAChB,CAAC;iBACF;gBACD,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,iBAAiB;wBACvB,GAAG,EAAE,IAAI;wBACT,IAAI,EAAE;4BACJ,IAAI,EAAE;gCACJ,IAAI,EAAE,MAAM;gCACZ,WAAW,EAAE,WAAW;6BACzB;4BACD,GAAG,EAAE;gCACH,IAAI,EAAE,MAAM;gCACZ,WAAW,EAAE,CACX,KAEiE,EACvD,EAAE,CAAC,IAAA,2BAAkB,EAAC,WAAW,CAAC,KAAK,CAAC,CAAC;6BACtD;4BACD,GAAG,EAAE,EAAC,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAC;4BAC/C,SAAS,EAAE;gCACT,IAAI,EAAE,SAAS;gCACf,WAAW,EAAE,qBAAY;6BAC1B;4BACD,OAAO,EAAE;gCACP,IAAI,EAAE,SAAS;gCACf,WAAW,EAAE,CACX,KAAsC,EAClB,EAAE,CACtB,KAAK;oCACH,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC;yCACP,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;wCACd,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI;4CACtC,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,IAAI,KAAK;4CAC7B,CAAC,CAAC,wBAAwB,CAAC;wCAC7B,OAAO,GAAG,YAAY,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;oCAC7C,CAAC,CAAC;yCACD,IAAI,CAAC,IAAI,CAAC;oCACf,CAAC,CAAC,SAAS;6BAChB;4BACD,OAAO,EAAE;gCACP,IAAI,EAAE,SAAS;gCACf,WAAW,EAAE,qBAAY;6BAC1B;4BACD,SAAS,EAAE;gCACT,IAAI,EAAE,WAAW;gCACjB,WAAW,EAAE,qBAAY;6BAC1B;4BACD,OAAO,EAAE;gCACP,IAAI,EAAE,SAAS;gCACf,WAAW,EAAE,qBAAY;6BAC1B;4BACD,0CAA0C;4BAC1C,QAAQ,EAAE;gCACR,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,qBAAY;6BAC1B;4BACD,OAAO,EAAE;gCACP,IAAI,EAAE,SAAS;gCACf,WAAW,EAAE,CACX,KAAoC,EAChB,EAAE,CACtB,KAAK;oCACH,CAAC,CAAC,GAAG,KAAK,CAAC,WAAW;wCAClB,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;yCACrC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC;yCACtB,IAAI,CAAC,IAAI,CAAC,EAAE;oCACjB,CAAC,CAAC,SAAS;6BAChB;4BACD,KAAK,EAAE;gCACL,IAAI,EAAE,OAAO;gCACb,WAAW,EAAE,CACX,KAIe,EACK,EAAE;oCACtB,IAAI,CAAC,KAAK,EAAE,CAAC;wCACX,OAAO,SAAS,CAAC;oCACnB,CAAC;oCACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;wCACzB,OAAO,KAAK;6CACT,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;6CACxB,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC;6CACtB,IAAI,CAAC,IAAI,CAAC,CAAC;oCAChB,CAAC;oCACD,OAAO;wCACL,GAAG,CAAC,KAAK,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC;4CACtD,EAAE,CAAC;wCACL,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC;4CACpD,EAAE,CAAC;qCACN,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCACf,CAAC;6BACF;4BACD,0CAA0C;4BAC1C,gBAAgB,EAAE;gCAChB,IAAI,EAAE,gBAAgB;gCACtB,WAAW,EAAE,qBAAY;6BAC1B;4BACD,wBAAwB,EAAE;gCACxB,IAAI,EAAE,wBAAwB;gCAC9B,WAAW,EAAE,qBAAY;6BAC1B;4BACD,mBAAmB,EAAE;gCACnB,IAAI,EAAE,mBAAmB;gCACzB,WAAW,EAAE,CAAC,KAAiB,EAAsB,EAAE,CACrD,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;6BAC3D;4BACD,iBAAiB,EAAE;gCACjB,IAAI,EAAE,iBAAiB;gCACvB,WAAW,EAAE,qBAAY;6BAC1B;4BACD,sBAAsB,EAAE;gCACtB,IAAI,EAAE,sBAAsB;gCAC5B,WAAW,EAAE,qBAAY;6BAC1B;4BACD,sBAAsB,EAAE;gCACtB,IAAI,EAAE,sBAAsB;gCAC5B,WAAW,EAAE,qBAAY;6BAC1B;yBACF;wBACD,YAAY,EAAE;4BACZ,WAAW,EAAE,CACX,KAEyD,EACzD,EAAE;gCACF,MAAM,cAAc,GAAG,KAAK,CAAC,cAAc;oCACzC,CAAC,CAAC,mBAAmB,KAAK,CAAC,cAAc,EAAE;oCAC3C,CAAC,CAAC,EAAE,CAAC;gCACP,uFAAuF;gCACvF,MAAM,UAAU,GAAG,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC;oCAC3C,CAAC,CAAC,eAAe,KAAK,CAAC,UAAU,EAAE;oCACnC,CAAC,CAAC,EAAE,CAAC;gCACP,OAAO;oCACL,cAAc,IAAI,UAAU;wCAC1B,CAAC,CAAC;4CACE,IAAI,EAAE,GAAG,cAAc,OAAO,UAAU,EAAE,CAAC,IAAI,EAAE;4CACjD,KAAK,EAAE,KAAK;yCACb;wCACH,CAAC,CAAC,SAAS;oCACb,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,gBAAgB,CAAC;wCAC5B,CAAC,CAAC;4CACE,IAAI,EAAE,qBAAqB,IAAI,CAAC,SAAS,CACvC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,gBAAgB,CAAC,EAC9B,IAAI,EACJ,CAAC,CACF,EAAE;4CACH,KAAK,EAAE,OAAO;yCACf;wCACH,CAAC,CAAC,SAAS;iCACd,CAAC,MAAM,CAAC,CAAC,cAAc,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;4BAC/C,CAAC;yBAC0C;wBAC7C,IAAI,EAAE;4BACJ;gCACE,WAAW,EAAE,CACX,KAA8B,EACL,EAAE;oCAC3B,MAAM,SAAS,GAAG,CAAC,QAAQ,EAAE,YAAY,EAAE,YAAY,CAAC,CAAC;oCACzD,MAAM,GAAG,GAAG,SAAS;yCAClB,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;yCAC1C,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,gBAAC,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;oCACpC,OAAO,EAAC,GAAG,EAAE,GAAG,EAAC,CAAC;gCACpB,CAAC;6BACF;yBACF;wBACD,eAAe,EAAE,EAAE;wBACnB,KAAK,EAAE;4BACL,wCAAwC;4BACxC,WAAW,EAAE,CACX,KAEyD,EACjD,EAAE,CACV,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,EAAE,EAAE;yBAC7D;wBACD,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;wBAChB,IAAI,EAAE;4BACJ,WAAW,EAAE,CACX,KAEyD,EACrC,EAAE;gCACtB,MAAM,WAAW,GAAG,KAAK,CAAC,WAAW;oCACnC,CAAC,CAAC,gBAAgB,KAAK,CAAC,WAAW,EAAE;oCACrC,CAAC,CAAC,EAAE,CAAC;gCACP,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gCAC7D,OAAO,IAAA,qBAAY,EAAC,GAAG,WAAW,OAAO,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,CAAC;4BAC5D,CAAC;yBACF;wBACD,MAAM,EAAE;4BACN,WAAW,EAAE,CACX,KAEyD,EACjD,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,IAAI,EAAE,CAAC;yBAC5C;wBACD,IAAI,EAAE;4BACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CACZ,gBAAC,CAAC,IAAI,CAAC,aAAa,EAAE,oBAAoB,CAAC,EAC3C,IAAI,EACJ,CAAC,CACF;yBACJ;wBACD,gBAAgB,EAAE,yBAAyB;wBAC3C,OAAO,EAAE;4BACP;gCACE,IAAI,EAAE,oBAAoB;gCAC1B,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;gCAC3C,SAAS,EAAE;oCACT,WAAW,EAAE,CAAC,KAAa,EAAU,EAAE;wCACrC,MAAM,qBAAqB,GAAG,IAAI,CAAC,wBAAwB,CACzD,KAAK,EACL,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,CAC7B,CAAC;wCACF,MAAM,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,qBAAqB,EAAE,OAAO,CAAC;4CACjD,CAAC,CAAC,GAAG,qBAAqB,CAAC,KAAK,GAAG;4CACnC,CAAC,CAAC,EAAE,CAAC;wCACP,MAAM,OAAO,GAAG,gBAAC,CAAC,GAAG,CAAC,qBAAqB,EAAE,SAAS,CAAC;4CACrD,CAAC,CAAC,IAAI,qBAAqB,CAAC,OAAO,EAAE;4CACrC,CAAC,CAAC,EAAE,CAAC;wCACP,OAAO,aAAa,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,qBAAqB,EAAE,MAAM,CAAC,GAAG,OAAO,gBAAgB,CAAC;oCAC7F,CAAC;iCACF;gCACD,OAAO,EAAE;oCACP,WAAW,EAAE,CAAC,KAAa,EAAU,EAAE;wCACrC,iGAAiG;wCACjG,MAAM,qBAAqB,GAAG,IAAI,CAAC,wBAAwB,CACzD,KAAK,EACL;4CACE,MAAM;4CACN,WAAW;4CACX,SAAS;4CACT,UAAU;4CACV,cAAc;4CACd,SAAS,EAAE,4BAA4B;4CACvC,QAAQ,EAAE,qBAAqB;4CAC/B,WAAW;4CACX,OAAO;4CACP,MAAM;4CACN,SAAS;4CACT,aAAa;4CACb,UAAU;4CACV,WAAW;yCACZ,CACF,CAAC;wCACF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC;6CAC3C,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;4CACX,OAAO,KAAK,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC;gDAC9C,CAAC,CAAC,SAAS,gBAAC,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,qBAAqB,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;gDACtF,CAAC,CAAC,SAAS,gBAAC,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,qBAAqB,CAAC,GAAG,CAAC,EAAE,CAAC;wCAClE,CAAC,CAAC;6CACD,IAAI,CAAC,EAAE,CAAC,CAAC;wCACZ,OAAO,sBAAsB,GAAG,EAAE,CAAC;oCACrC,CAAC;iCACF;gCACD,UAAU,EAAE,EAAE;6BACf;yBACF;qBACF;iBACF;gBACD,MAAM,EAAE,EAAE;aACX;SACF;QACD,WAAW,EAAE;YACX,WAAW,EAAE,CAAC,KAAkB,EAA2B,EAAE;gBAC3D,+DAA+D;gBAC/D,oDAAoD;gBACpD,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC,MAAM,CACxC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,OAAO,CAClC,CAAC;gBACF,OAAO;oBACL,cAAc,EAAE;wBACd;4BACE,IAAI,EAAE,MAAM;4BACZ,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;4BACtD,YAAY,EAAE,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,kBAAkB,CAAC;4BAC9C,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE;gCACtB,YAAY;gCACZ,iBAAiB;gCACjB,cAAc;6BACf,CAAC;yBACH;qBACF;oBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,KAAK,CAAC,GAAG,EAAC,CAAC;iBACtC,CAAC;YACJ,CAAC;SACF;KACF,CAAC;IACF,YAAY,UAAuB,EAAE,OAAO,GAAG,KAAK;QAClD,KAAK,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QACxB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AA1YD,kDA0YC","sourcesContent":["import {ExecJSON} from 'inspecjs';\nimport _ from 'lodash';\nimport {version as HeimdallToolsVersion} from '../package.json';\nimport {BaseConverter, ILookupPath, MappedTransform} from './base-converter';\nimport {CweNistMapping} from './mappings/CweNistMapping';\nimport {filterString, getCCIsForNISTTags} from './utils/global';\nimport {\n  CycloneDXSoftwareBillOfMaterialSpecification,\n  CycloneDXSoftwareBillOfMaterialsStandard,\n  CycloneDXBillOfMaterialsStandardVulnerability,\n  CycloneDXSoftwareBillOfMaterialsStandardVulnerability,\n  FluffyCredits,\n  PurpleCredits,\n  FluffyRating,\n  PurpleRating,\n  MethodEnum,\n  Response,\n  CreationToolsLegacyElement,\n  ToolsTools,\n  ToolsToolsLegacy,\n  FluffyTools,\n  ComponentClass,\n  ComponentObject\n} from '../types/cyclonedx';\n\nconst cvssMethods = ['CVSSv2', 'CVSSv3', 'CVSSv31', 'CVSSv4'] as const;\ntype CVSSMethodEnum = Extract<MethodEnum, (typeof cvssMethods)[number]>;\n\ntype IntermediaryComponent = Omit<\n  ComponentClass | ComponentObject,\n  'components'\n> & {\n  components?: IntermediaryComponent[];\n  affectingVulnerabilities?: string[];\n  isDummy?: boolean;\n};\n\ntype IntermediaryVulnerability = (\n  | CycloneDXBillOfMaterialsStandardVulnerability\n  | CycloneDXSoftwareBillOfMaterialsStandardVulnerability\n) & {\n  affectedComponents?: number[];\n};\n\ntype DataStorage = {\n  components: IntermediaryComponent[];\n  vulnerabilities: IntermediaryVulnerability[];\n  raw:\n    | CycloneDXSoftwareBillOfMaterialSpecification\n    | CycloneDXSoftwareBillOfMaterialsStandard;\n};\n\nconst CWE_NIST_MAPPING = new CweNistMapping();\nconst DEFAULT_NIST_TAG = ['SI-2', 'RA-5'];\nconst IMPACT_MAPPING: Map<string, number> = new Map([\n  ['critical', 1.0],\n  ['high', 0.7],\n  ['medium', 0.5],\n  ['low', 0.3],\n  ['info', 0.5],\n  ['none', 0.0],\n  ['unknown', 0.5]\n]);\n\n// Convert object type to string[] and prepend `CWE` if used directly for tag display\nfunction formatCWETags(\n  input:\n    | CycloneDXBillOfMaterialsStandardVulnerability['cwes']\n    | CycloneDXSoftwareBillOfMaterialsStandardVulnerability['cwes'],\n  addPrefix = true\n): string[] {\n  return input && Array.isArray(input)\n    ? input.map((cwe) => (addPrefix ? `CWE-${cwe}` : `${cwe}`))\n    : [];\n}\n\n// Convert gathered CWEs to corresponding NIST 800-53s\nfunction getNISTTags(\n  input:\n    | CycloneDXBillOfMaterialsStandardVulnerability['cwes']\n    | CycloneDXSoftwareBillOfMaterialsStandardVulnerability['cwes']\n): string[] {\n  return CWE_NIST_MAPPING.nistFilter(\n    formatCWETags(input, false),\n    DEFAULT_NIST_TAG\n  );\n}\n\n// A single SBOM vulnerability can contain multiple security ratings\n// Find the max of any existing ratings and then pass to `impact`\nfunction maxImpact(ratings: FluffyRating[] | PurpleRating[]): number {\n  return ratings\n    .map((rating) =>\n      rating.score &&\n      rating.method &&\n      cvssMethods.includes(rating.method as CVSSMethodEnum) // cast required since .includes expects the parameter to be a subtype\n        ? // Prefer to use CVSS-based `score` field when possible\n          rating.score / 10\n        : // Else interpret it from `severity` field, defaulting to medium/0.5\n          (IMPACT_MAPPING.get(rating.severity?.toLowerCase() ?? '') ?? 0.5)\n    )\n    .reduce(\n      (maxValue, newValue) =>\n        // Find max of existing ratings\n        maxValue > newValue ? maxValue : newValue,\n      0\n    );\n}\n\n// If the highest rating severity for a control is `info` or `unknown`, set the results to skipped and request a manual review\nfunction skipSeverityInfoOrUnknown(controls: unknown[]): unknown[] {\n  if (controls) {\n    (controls as ExecJSON.Control[])\n      // Filter to controls whose highest rating severity is either `info` or `unknown`\n      .filter((control) => {\n        const ratings = (_.get(control, 'tags.ratings', '') as string).split(\n          / - |, /\n        );\n        return (\n          (ratings.includes('info') || ratings.includes('unknown')) &&\n          !(\n            ratings.includes('critical') ||\n            ratings.includes('high') ||\n            ratings.includes('medium') ||\n            ratings.includes('low') ||\n            ratings.includes('none')\n          )\n        );\n      })\n      // For every result contained by that control, set the status to skipped and request a manual review\n      .map((control) =>\n        control.results.map((result) => {\n          result.status = ExecJSON.ControlResultStatus.Skipped;\n          result.skip_message =\n            'Manual review required because a CycloneDX rating severity is set to `info` or `unknown`.';\n        })\n      );\n  }\n  return controls;\n}\n\nexport class CycloneDXSBOMResults {\n  data: DataStorage;\n  withRaw: boolean;\n  constructor(sbomJson: string, withRaw = false) {\n    this.data = {\n      components: [],\n      vulnerabilities: [],\n      raw: JSON.parse(sbomJson)\n    };\n    this.withRaw = withRaw;\n\n    if (this.data.raw.components) {\n      // We know this is SBOM data\n      this.flattenComponents(this.data);\n      if (this.data.raw.vulnerabilities) {\n        // If this SBOM data has a vulnerabilities field, we can create an intermediary object\n        this.generateIntermediary(this.data);\n      }\n    } else if (this.data.raw.vulnerabilities) {\n      // Back up in case we ingest VEX data instead\n      this.formatVEX(this.data);\n    } else {\n      throw new Error(\n        'Unrecognized CycloneDX format detected. We currently only support SBOM and VEX formats.'\n      );\n    }\n  }\n\n  // Flatten any arbitrarily nested components list\n  flattenComponents(data: DataStorage) {\n    // Pull components from raw data\n    data.components = _.cloneDeep(\n      data.raw.components\n    ) as IntermediaryComponent[];\n\n    // Look through every component at the top level of the list\n    for (const component of data.components) {\n      // Identify if subcomponents exist\n      if (component.components) {\n        // If so, pull out the subcomponents and push them to end of top level component list for further flattening\n        data.components.push(...component.components);\n        delete component.components;\n      }\n    }\n  }\n\n  /*\n  Copy the indices of all components that are affected by a vulnerability and place them under that corresponding vulnerability\n  Also note in each component the IDs of the vulnerabilities that affect them\n  This allows for bidirectional traversal in SBOM view\n\n  Should result in the following general structure:\n  {\n    components: [\n      component: {\n        affectingVulnerabilities: [ // Added field\n          vulnID,\n          ...\n        ],\n        ...\n      },\n      ...\n    ],\n    vulnerabilities: [\n      vulnerability: {\n        affectedComponents: [       // Added field\n          componentIndex,\n          ...\n        ],\n        ...\n      },\n      ...\n    ],\n    ...\n  }\n  */\n  generateIntermediary(data: DataStorage) {\n    // Pull vulnerabilities from raw data\n    data.vulnerabilities = _.cloneDeep(\n      data.raw.vulnerabilities\n    ) as IntermediaryVulnerability[];\n\n    for (const vulnerability of data.vulnerabilities) {\n      vulnerability.affectedComponents = [];\n\n      vulnerability.affectedComponents.push(\n        ...Array.from(data.components.entries())\n          // Find every component that is affected via listed bom-refs\n          .filter(([_index, component]) =>\n            vulnerability.affects\n              ?.map((id) => id.ref.toString())\n              .includes(component['bom-ref'] as string)\n          )\n          // Add the index of that affected component to the corresponding vulnerability object\n          .map(([index, _component]) => index)\n      );\n\n      // Also record the ID of the vulnerability in the component for use in bidirectional traversal\n      for (const index of vulnerability.affectedComponents) {\n        if (!data.components[index].affectingVulnerabilities) {\n          data.components[index].affectingVulnerabilities = [];\n        }\n        (data.components[index].affectingVulnerabilities as string[]).push(\n          _.get(vulnerability, 'bom-ref') as unknown as string\n        );\n      }\n    }\n  }\n\n  // VEX by default has no component info, resulting in profile errors when parsing the vulnerabilities for OHDF\n  // Fix that by adding a temporary result that refers the vulnerability back to its associated BOM\n  formatVEX(data: DataStorage) {\n    // Pull vulnerabilities from raw data\n    data.vulnerabilities = [\n      ...(_.cloneDeep(data.raw.vulnerabilities) as\n        | CycloneDXBillOfMaterialsStandardVulnerability[]\n        | CycloneDXSoftwareBillOfMaterialsStandardVulnerability[])\n    ] as unknown as IntermediaryVulnerability[];\n\n    for (const vulnerability of data.vulnerabilities) {\n      vulnerability.affectedComponents = vulnerability.affects?.map((id) => {\n        // Build a dummy component for each bom-ref identified as being affected by the vulnerability\n        const dummy: IntermediaryComponent = {\n          name: `${id.ref}`,\n          'bom-ref': `${id.ref}`,\n          isDummy: true,\n          type: 'application' // a type must be provided, and \"application\" is the default classification\n        };\n        // Add that component to the corresponding vulnerability object\n        data.components.push(dummy);\n        // Return the index of that dummy object\n        return data.components.length - 1;\n      });\n    }\n  }\n\n  toHdf(): ExecJSON.Execution {\n    return new CycloneDXSBOMMapper(this.data, this.withRaw).toHdf();\n  }\n}\n\nexport class CycloneDXSBOMMapper extends BaseConverter<DataStorage> {\n  withRaw: boolean;\n\n  // Pull any keys from a given index for the stored components listing\n  getComponentValueAtIndex(\n    index: number,\n    keys: string[]\n  ): Record<string, unknown> {\n    return _.pick(this.data.components[index], keys);\n  }\n\n  mappings: MappedTransform<\n    ExecJSON.Execution & {passthrough: unknown},\n    ILookupPath\n  > = {\n    platform: {\n      name: 'Heimdall Tools',\n      release: HeimdallToolsVersion\n    },\n    version: HeimdallToolsVersion,\n    statistics: {},\n    profiles: [\n      {\n        name: {\n          path: 'raw.metadata.component',\n          transformer: (input: ComponentClass | ComponentObject): string =>\n            _.has(input, 'bom-ref')\n              ? `CycloneDX BOM Report: ${input.type}/${input['bom-ref']}`\n              : 'CycloneDX BOM Report'\n        },\n        title: {\n          path: 'raw.metadata.component',\n          transformer: (input: ComponentClass | ComponentObject): string => {\n            if (input.name) {\n              const group = input.group ? `${input.group}/` : '';\n              return `${group}${input.name} CycloneDX BOM Report`;\n            } else {\n              return 'CycloneDX BOM Report';\n            }\n          }\n        },\n        version: {\n          path: 'raw.metadata.component.version',\n          transformer: filterString\n        },\n        maintainer: {\n          path: 'raw.metadata.component',\n          transformer: (\n            input: ComponentClass | ComponentObject\n          ): string | undefined => {\n            // Find organization of authors if possible\n            const manufacturer = _.has(input, 'manufacturer')\n              ? ` (${(input.manufacturer as Record<string, unknown>).name})`\n              : '';\n            // Check through every single possible field which may hold ownership over this component\n            if (_.has(input, 'authors')) {\n              // Join list of component authors\n              return (input.authors as Record<string, unknown>[])\n                .map((author) => `${author.name}${manufacturer}`)\n                .join(', ');\n            } else if (input.author) {\n              // `author` is deprecated in v1.6 but may still appear\n              return `${input.author}${manufacturer}`;\n            } else {\n              return undefined;\n            }\n          }\n        },\n        summary: {\n          path: 'raw.metadata.component.description',\n          transformer: filterString\n        },\n        copyright: {\n          path: 'raw.metadata.component.copyright',\n          transformer: filterString\n        },\n        license: {\n          path: 'raw.metadata.component',\n          transformer: (\n            input: ComponentClass | ComponentObject\n          ): string | undefined => {\n            if (!input.licenses) {\n              return undefined;\n            }\n            // Certain license reports only provide the license name in the `name` field\n            // Check there first and then default to `id`\n            return input.licenses\n              ?.map((license) =>\n                license?.license?.name\n                  ? license.license.name\n                  : license?.license?.id\n              )\n              .filter((identifier) => identifier)\n              .join(', ');\n          }\n        },\n        supports: [],\n        attributes: [],\n        groups: [],\n        status: 'loaded',\n        controls: [\n          {\n            path: 'vulnerabilities',\n            key: 'id',\n            tags: {\n              nist: {\n                path: 'cwes',\n                transformer: getNISTTags\n              },\n              cci: {\n                path: 'cwes',\n                transformer: (\n                  input:\n                    | CycloneDXBillOfMaterialsStandardVulnerability['cwes']\n                    | CycloneDXSoftwareBillOfMaterialsStandardVulnerability['cwes']\n                ): string[] => getCCIsForNISTTags(getNISTTags(input))\n              },\n              cwe: {path: 'cwes', transformer: formatCWETags},\n              'bom-ref': {\n                path: 'bom-ref',\n                transformer: filterString\n              },\n              ratings: {\n                path: 'ratings',\n                transformer: (\n                  input: FluffyRating[] | PurpleRating[]\n                ): string | undefined =>\n                  input\n                    ? [...input]\n                        .map((rating) => {\n                          const ratingSource = rating.source?.name\n                            ? `${rating.source?.name} - `\n                            : 'Unidentified Source - ';\n                          return `${ratingSource}${rating.severity}`;\n                        })\n                        .join(', ')\n                    : undefined\n              },\n              created: {\n                path: 'created',\n                transformer: filterString\n              },\n              published: {\n                path: 'published',\n                transformer: filterString\n              },\n              updated: {\n                path: 'updated',\n                transformer: filterString\n              },\n              // Workflow items will not affect `impact`\n              rejected: {\n                path: 'rejected',\n                transformer: filterString\n              },\n              credits: {\n                path: 'credits',\n                transformer: (\n                  input: FluffyCredits | PurpleCredits\n                ): string | undefined =>\n                  input\n                    ? `${input.individuals\n                        ?.map((individual) => individual.name)\n                        .filter((name) => name)\n                        .join(', ')}`\n                    : undefined\n              },\n              tools: {\n                path: 'tools',\n                transformer: (\n                  input:\n                    | CreationToolsLegacyElement[]\n                    | ToolsToolsLegacy[]\n                    | ToolsTools\n                    | FluffyTools\n                ): string | undefined => {\n                  if (!input) {\n                    return undefined;\n                  }\n                  if (Array.isArray(input)) {\n                    return input\n                      .map((tool) => tool.name)\n                      .filter((name) => name)\n                      .join(', ');\n                  }\n                  return [\n                    ...(input.components?.map((component) => component.name) ??\n                      []),\n                    ...(input.services?.map((component) => component.name) ??\n                      [])\n                  ].join(', ');\n                }\n              },\n              // Workflow items will not affect `impact`\n              'analysis.state': {\n                path: 'analysis.state',\n                transformer: filterString\n              },\n              'analysis.justification': {\n                path: 'analysis.justification',\n                transformer: filterString\n              },\n              'analysis.response': {\n                path: 'analysis.response',\n                transformer: (input: Response[]): string | undefined =>\n                  input && input.length > 0 ? input.join(', ') : undefined\n              },\n              'analysis.detail': {\n                path: 'analysis.detail',\n                transformer: filterString\n              },\n              'analysis.firstIssued': {\n                path: 'analysis.firstIssued',\n                transformer: filterString\n              },\n              'analysis.lastUpdated': {\n                path: 'analysis.lastUpdated',\n                transformer: filterString\n              }\n            },\n            descriptions: {\n              transformer: (\n                input:\n                  | CycloneDXBillOfMaterialsStandardVulnerability\n                  | CycloneDXSoftwareBillOfMaterialsStandardVulnerability\n              ) => {\n                const recommendation = input.recommendation\n                  ? `Recommendation: ${input.recommendation}`\n                  : '';\n                // Workaround not defined by types? Use lodash for now until proper type is implemented\n                const workaround = _.has(input, 'workaround')\n                  ? `Workaround: ${input.workaround}`\n                  : '';\n                return [\n                  recommendation || workaround\n                    ? {\n                        data: `${recommendation}\\n\\n${workaround}`.trim(),\n                        label: 'fix'\n                      }\n                    : undefined,\n                  _.has(input, 'proofOfConcept')\n                    ? {\n                        data: `Proof of concept: ${JSON.stringify(\n                          _.get(input, 'proofOfConcept'),\n                          null,\n                          2\n                        )}`,\n                        label: 'check'\n                      }\n                    : undefined\n                ].filter((subdescription) => subdescription);\n              }\n            } as unknown as ExecJSON.ControlDescription[],\n            refs: [\n              {\n                transformer: (\n                  input: Record<string, unknown>\n                ): Record<string, unknown> => {\n                  const searchFor = ['source', 'references', 'advisories'];\n                  const ref = searchFor\n                    .filter((key) => input.hasOwnProperty(key))\n                    .map((key) => _.pick(input, key));\n                  return {ref: ref};\n                }\n              }\n            ],\n            source_location: {},\n            title: {\n              // Give description as title if possible\n              transformer: (\n                input:\n                  | CycloneDXBillOfMaterialsStandardVulnerability\n                  | CycloneDXSoftwareBillOfMaterialsStandardVulnerability\n              ): string =>\n                input.description ? `${input.description}` : `${input.id}`\n            },\n            id: {path: 'id'},\n            desc: {\n              transformer: (\n                input:\n                  | CycloneDXBillOfMaterialsStandardVulnerability\n                  | CycloneDXSoftwareBillOfMaterialsStandardVulnerability\n              ): string | undefined => {\n                const description = input.description\n                  ? `Description: ${input.description}`\n                  : '';\n                const detail = input.detail ? `Detail: ${input.detail}` : '';\n                return filterString(`${description}\\n\\n${detail}`.trim());\n              }\n            },\n            impact: {\n              transformer: (\n                input:\n                  | CycloneDXBillOfMaterialsStandardVulnerability\n                  | CycloneDXSoftwareBillOfMaterialsStandardVulnerability\n              ): number => maxImpact(input.ratings ?? [])\n            },\n            code: {\n              transformer: (vulnerability: Record<string, unknown>): string =>\n                JSON.stringify(\n                  _.omit(vulnerability, 'affectedComponents'),\n                  null,\n                  2\n                )\n            },\n            arrayTransformer: skipSeverityInfoOrUnknown,\n            results: [\n              {\n                path: 'affectedComponents',\n                status: ExecJSON.ControlResultStatus.Failed,\n                code_desc: {\n                  transformer: (index: number): string => {\n                    const selectComponentValues = this.getComponentValueAtIndex(\n                      index,\n                      ['group', 'version', 'name']\n                    );\n                    const group = _.has(selectComponentValues, 'group')\n                      ? `${selectComponentValues.group}/`\n                      : '';\n                    const version = _.has(selectComponentValues, 'version')\n                      ? `@${selectComponentValues.version}`\n                      : '';\n                    return `Component ${group}${_.get(selectComponentValues, 'name')}${version} is vulnerable`;\n                  }\n                },\n                message: {\n                  transformer: (index: number): string => {\n                    // Selectively pick out fields to display; full components are listed in full component structure\n                    const selectComponentValues = this.getComponentValueAtIndex(\n                      index,\n                      [\n                        'type',\n                        'mime-type',\n                        'bom-ref',\n                        'supplier',\n                        'manufacturer',\n                        'authors', // Replaces `author` in v1.6\n                        'author', // Deprecated in v1.6\n                        'publisher',\n                        'group',\n                        'name',\n                        'version',\n                        'description',\n                        'licenses',\n                        'copyright'\n                      ]\n                    );\n                    const msg = Object.keys(selectComponentValues)\n                      .map((key) => {\n                        return Array.isArray(selectComponentValues[key])\n                          ? `\\n\\n- ${_.capitalize(key)}: ${JSON.stringify(selectComponentValues[key], null, 2)}`\n                          : `\\n\\n- ${_.capitalize(key)}: ${selectComponentValues[key]}`;\n                      })\n                      .join('');\n                    return `-Component Summary-${msg}`;\n                  }\n                },\n                start_time: ''\n              }\n            ]\n          }\n        ],\n        sha256: ''\n      }\n    ],\n    passthrough: {\n      transformer: (input: DataStorage): Record<string, unknown> => {\n        // VEX files will generate dummy components for control results\n        // Filter them out for the proper components listing\n        const components = input.components.filter(\n          (component) => !component.isDummy\n        );\n        return {\n          auxiliary_data: [\n            {\n              name: 'SBOM',\n              components: components.length ? components : undefined,\n              dependencies: _.get(input, 'raw.dependencies'),\n              data: _.omit(input.raw, [\n                'components',\n                'vulnerabilities',\n                'dependencies'\n              ])\n            }\n          ],\n          ...(this.withRaw && {raw: input.raw})\n        };\n      }\n    }\n  };\n  constructor(exportJson: DataStorage, withRaw = false) {\n    super(exportJson, true);\n    this.withRaw = withRaw;\n  }\n}\n"]}

package/lib/src/dbprotect-mapper.d.ts

@@ -7,3 +7,4 @@ export declare class DBProtectMapper extends BaseConverter {
     }, ILookupPath>;
     constructor(dbProtectXml: string, withRaw?: boolean);
 }
+//# sourceMappingURL=dbprotect-mapper.d.ts.map

package/lib/src/dbprotect-mapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dbprotect-mapper.d.ts","sourceRoot":"","sources":["../../src/dbprotect-mapper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,QAAQ,EAAC,MAAM,UAAU,CAAC;AAGlC,OAAO,EACL,aAAa,EACb,WAAW,EAEX,eAAe,EAEhB,MAAM,kBAAkB,CAAC;AA+F1B,qBAAa,eAAgB,SAAQ,aAAa;IAChD,OAAO,EAAE,OAAO,CAAC;IAEjB,QAAQ,EAAE,eAAe,CACvB,QAAQ,CAAC,SAAS,GAAG;QAAC,WAAW,EAAE,OAAO,CAAA;KAAC,EAC3C,WAAW,CACZ,CAwDC;gBACU,YAAY,EAAE,MAAM,EAAE,OAAO,UAAQ;CAIlD"}

package/lib/src/dbprotect-mapper.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.DBProtectMapper = void 0;
 const inspecjs_1 = require("inspecjs");
@@ -109,64 +119,65 @@ function idToString(id) {
     }
 }
 class DBProtectMapper extends base_converter_1.BaseConverter {
+    withRaw;
+    mappings = {
+        platform: {
+            name: 'Heimdall Tools',
+            release: package_json_1.version
+        },
+        version: package_json_1.version,
+        statistics: {},
+        profiles: [
+            {
+                name: { path: 'data.[0].Policy' },
+                title: { path: 'data.[0].Job Name' },
+                summary: { path: 'data.[0]', transformer: formatSummary },
+                supports: [],
+                attributes: [],
+                groups: [],
+                status: 'loaded',
+                controls: [
+                    {
+                        path: 'data',
+                        key: 'id',
+                        tags: {
+                            nist: global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
+                            cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS)
+                        },
+                        refs: [],
+                        source_location: {},
+                        title: { path: 'Check' },
+                        id: { path: 'Check ID', transformer: idToString },
+                        desc: { transformer: formatDesc },
+                        impact: {
+                            path: 'Risk DV',
+                            transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
+                        },
+                        code: {
+                            transformer: (vulnerability) => JSON.stringify(vulnerability, null, 2)
+                        },
+                        results: [
+                            {
+                                arrayTransformer: handleBacktrace,
+                                status: { path: 'Result Status', transformer: getStatus },
+                                code_desc: { path: 'Details' },
+                                start_time: { path: 'Date' },
+                                backtrace: [{ path: 'Result Status', transformer: getBacktrace }]
+                            }
+                        ]
+                    }
+                ],
+                sha256: ''
+            }
+        ],
+        passthrough: {
+            transformer: (data) => {
+                return { ...(this.withRaw && { raw: data }) };
+            }
+        }
+    };
     constructor(dbProtectXml, withRaw = false) {
         super(compileFindings((0, base_converter_1.parseXml)(dbProtectXml)));
-        this.mappings = {
-            platform: {
-                name: 'Heimdall Tools',
-                release: package_json_1.version
-            },
-            version: package_json_1.version,
-            statistics: {},
-            profiles: [
-                {
-                    name: { path: 'data.[0].Policy' },
-                    title: { path: 'data.[0].Job Name' },
-                    summary: { path: 'data.[0]', transformer: formatSummary },
-                    supports: [],
-                    attributes: [],
-                    groups: [],
-                    status: 'loaded',
-                    controls: [
-                        {
-                            path: 'data',
-                            key: 'id',
-                            tags: {
-                                nist: global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
-                                cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS)
-                            },
-                            refs: [],
-                            source_location: {},
-                            title: { path: 'Check' },
-                            id: { path: 'Check ID', transformer: idToString },
-                            desc: { transformer: formatDesc },
-                            impact: {
-                                path: 'Risk DV',
-                                transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
-                            },
-                            code: {
-                                transformer: (vulnerability) => JSON.stringify(vulnerability, null, 2)
-                            },
-                            results: [
-                                {
-                                    arrayTransformer: handleBacktrace,
-                                    status: { path: 'Result Status', transformer: getStatus },
-                                    code_desc: { path: 'Details' },
-                                    start_time: { path: 'Date' },
-                                    backtrace: [{ path: 'Result Status', transformer: getBacktrace }]
-                                }
-                            ]
-                        }
-                    ],
-                    sha256: ''
-                }
-            ],
-            passthrough: {
-                transformer: (data) => {
-                    return { ...(this.withRaw && { raw: data }) };
-                }
-            }
-        };
         this.withRaw = withRaw;
     }
 }

package/lib/src/dbprotect-mapper.js.map

@@ -1 +1 @@
-{"version":3,"file":"dbprotect-mapper.js","sourceRoot":"","sources":["../../src/dbprotect-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAM0B;AAC1B,2CAGwB;AAExB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,eAAe,EAAE,CAAC,CAAC;CACrB,CAAC,CAAC;AAEH,SAAS,eAAe,CACtB,KAA8B;IAE9B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAC;IAElD,IAAI,MAAM,GAAc,EAAE,CAAC;IAE3B,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;QAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,OAAgC,EAAU,EAAE;YACrE,OAAO,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAW,CAAC;QAC1C,CAAC,CAAC,CAAC;QACH,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAgC,EAAE,EAAE;YACzD,OAAO,MAAM,CAAC,WAAW,CACvB,QAAQ,CAAC,GAAG,CAAC,UAAU,IAAY,EAAE,CAAS;gBAC5C,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;YAC/C,CAAC,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;AAChD,CAAC;AACD,SAAS,aAAa,CAAC,KAAc;IACnC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC,EAAE,CAAC,CAAC;IAC5D,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC;IACpD,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;IACxD,IAAI,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;IACxE,IAAI,CAAC,IAAI,CACP,gCAAgC,CAAC,CAAC,GAAG,CACnC,KAAK,EACL,4BAA4B,CAC7B,GAAG,CACL,CAAC;IACF,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,UAAU,CAAC,KAAc;IAChC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;IAC5C,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,gBAAgB,CAAC,EAAE,CAAC,CAAC;IAChE,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,QAAQ,KAAK,EAAE;QACb,KAAK,MAAM;YACT,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;QAC9C,KAAK,QAAQ;YACX,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;QAC7C,KAAK,SAAS;YACZ,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;QAC7C,KAAK,eAAe;YAClB,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;KAC9C;IACD,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;AAC9C,CAAC;AACD,SAAS,YAAY,CAAC,KAAc;IAClC,IAAI,KAAK,KAAK,QAAQ,EAAE;QACtB,OAAO,yBAAyB,CAAC;KAClC;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,eAAe,CAAC,KAAc;IACrC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QACxB,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;YAC5B,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE;gBACzC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;aACrC;iBAAM;gBACL,OAAO,OAAO,CAAC;aAChB;QACH,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,KAAiC,CAAC;AAC3C,CAAC;AACD,SAAS,UAAU,CAAC,EAAW;IAC7B,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;QACpD,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;KACtB;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;IA+DhD,YAAY,YAAoB,EAAE,OAAO,GAAG,KAAK;QAC/C,KAAK,CAAC,eAAe,CAAC,IAAA,yBAAQ,EAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QA7DjD,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;oBAC/B,KAAK,EAAE,EAAC,IAAI,EAAE,mBAAmB,EAAC;oBAClC,OAAO,EAAE,EAAC,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,aAAa,EAAC;oBACvD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,MAAM;4BACZ,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,+CAAsC;gCAC5C,GAAG,EAAE,IAAA,2BAAkB,EAAC,+CAAsC,CAAC;6BAChE;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;4BACtB,EAAE,EAAE,EAAC,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,EAAC;4BAC/C,IAAI,EAAE,EAAC,WAAW,EAAE,UAAU,EAAC;4BAC/B,MAAM,EAAE;gCACN,IAAI,EAAE,SAAS;gCACf,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,gBAAgB,EAAE,eAAe;oCACjC,MAAM,EAAE,EAAC,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAC;oCACvD,SAAS,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;oCAC5B,UAAU,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;oCAC1B,SAAS,EAAE,CAAC,EAAC,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,YAAY,EAAC,CAAC;iCAChE;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO,EAAC,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC,EAAC,CAAC;gBAC5C,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAnED,0CAmEC"}
+{"version":3,"file":"dbprotect-mapper.js","sourceRoot":"","sources":["../../src/dbprotect-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAM0B;AAC1B,2CAGwB;AAExB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,eAAe,EAAE,CAAC,CAAC;CACrB,CAAC,CAAC;AAEH,SAAS,eAAe,CACtB,KAA8B;IAE9B,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAC;IAElD,IAAI,MAAM,GAAc,EAAE,CAAC;IAE3B,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,OAAgC,EAAU,EAAE;YACrE,OAAO,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAW,CAAC;QAC1C,CAAC,CAAC,CAAC;QACH,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAgC,EAAE,EAAE;YACzD,OAAO,MAAM,CAAC,WAAW,CACvB,QAAQ,CAAC,GAAG,CAAC,UAAU,IAAY,EAAE,CAAS;gBAC5C,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;YAC/C,CAAC,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC;AAChD,CAAC;AACD,SAAS,aAAa,CAAC,KAAc;IACnC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC,EAAE,CAAC,CAAC;IAC5D,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC;IACpD,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;IACxD,IAAI,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;IACxE,IAAI,CAAC,IAAI,CACP,gCAAgC,CAAC,CAAC,GAAG,CACnC,KAAK,EACL,4BAA4B,CAC7B,GAAG,CACL,CAAC;IACF,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,UAAU,CAAC,KAAc;IAChC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC,CAAC;IAC5C,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,gBAAgB,CAAC,EAAE,CAAC,CAAC;IAChE,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,MAAM;YACT,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;QAC9C,KAAK,QAAQ;YACX,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;QAC7C,KAAK,SAAS;YACZ,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;QAC7C,KAAK,eAAe;YAClB,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;IAC/C,CAAC;IACD,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;AAC9C,CAAC;AACD,SAAS,YAAY,CAAC,KAAc;IAClC,IAAI,KAAK,KAAK,QAAQ,EAAE,CAAC;QACvB,OAAO,yBAAyB,CAAC;IACnC,CAAC;SAAM,CAAC;QACN,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AACD,SAAS,eAAe,CAAC,KAAc;IACrC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;YAC5B,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;gBAC1C,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,OAAO,OAAO,CAAC;YACjB,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,KAAiC,CAAC;AAC3C,CAAC;AACD,SAAS,UAAU,CAAC,EAAW;IAC7B,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE,CAAC;QACrD,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;IACvB,CAAC;SAAM,CAAC;QACN,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;IAChD,OAAO,CAAU;IAEjB,QAAQ,GAGJ;QACF,QAAQ,EAAE;YACR,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAoB;SAC9B;QACD,OAAO,EAAE,sBAAoB;QAC7B,UAAU,EAAE,EAAE;QACd,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;gBAC/B,KAAK,EAAE,EAAC,IAAI,EAAE,mBAAmB,EAAC;gBAClC,OAAO,EAAE,EAAC,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,aAAa,EAAC;gBACvD,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,MAAM;wBACZ,GAAG,EAAE,IAAI;wBACT,IAAI,EAAE;4BACJ,IAAI,EAAE,+CAAsC;4BAC5C,GAAG,EAAE,IAAA,2BAAkB,EAAC,+CAAsC,CAAC;yBAChE;wBACD,IAAI,EAAE,EAAE;wBACR,eAAe,EAAE,EAAE;wBACnB,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;wBACtB,EAAE,EAAE,EAAC,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,EAAC;wBAC/C,IAAI,EAAE,EAAC,WAAW,EAAE,UAAU,EAAC;wBAC/B,MAAM,EAAE;4BACN,IAAI,EAAE,SAAS;4BACf,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;yBAC3C;wBACD,IAAI,EAAE;4BACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;yBACzC;wBACD,OAAO,EAAE;4BACP;gCACE,gBAAgB,EAAE,eAAe;gCACjC,MAAM,EAAE,EAAC,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAC;gCACvD,SAAS,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;gCAC5B,UAAU,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;gCAC1B,SAAS,EAAE,CAAC,EAAC,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,YAAY,EAAC,CAAC;6BAChE;yBACF;qBACF;iBACF;gBACD,MAAM,EAAE,EAAE;aACX;SACF;QACD,WAAW,EAAE;YACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;gBACtE,OAAO,EAAC,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC,EAAC,CAAC;YAC5C,CAAC;SACF;KACF,CAAC;IACF,YAAY,YAAoB,EAAE,OAAO,GAAG,KAAK;QAC/C,KAAK,CAAC,eAAe,CAAC,IAAA,yBAAQ,EAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC/C,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAnED,0CAmEC","sourcesContent":["import {ExecJSON} from 'inspecjs';\nimport * as _ from 'lodash';\nimport {version as HeimdallToolsVersion} from '../package.json';\nimport {\n  BaseConverter,\n  ILookupPath,\n  impactMapping,\n  MappedTransform,\n  parseXml\n} from './base-converter';\nimport {\n  DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,\n  getCCIsForNISTTags\n} from './utils/global';\n\nconst IMPACT_MAPPING: Map<string, number> = new Map([\n  ['high', 0.7],\n  ['medium', 0.5],\n  ['low', 0.3],\n  ['informational', 0]\n]);\n\nfunction compileFindings(\n  input: Record<string, unknown>\n): Record<string, unknown> {\n  const keys = _.get(input, 'dataset.metadata.item');\n  const findings = _.get(input, 'dataset.data.row');\n\n  let output: unknown[] = [];\n\n  if (Array.isArray(keys) && Array.isArray(findings)) {\n    const keyNames = keys.map((element: Record<string, unknown>): string => {\n      return _.get(element, 'name') as string;\n    });\n    output = findings.map((element: Record<string, unknown>) => {\n      return Object.fromEntries(\n        keyNames.map(function (name: string, i: number) {\n          return [name, _.get(element, `value[${i}]`)];\n        })\n      );\n    });\n  }\n  return Object.fromEntries([['data', output]]);\n}\nfunction formatSummary(entry: unknown): string {\n  const text = [];\n  text.push(`Organization : ${_.get(entry, 'Organization')}`);\n  text.push(`Asset : ${_.get(entry, 'Check Asset')}`);\n  text.push(`Asset Type : ${_.get(entry, 'Asset Type')}`);\n  text.push(`IP Address, Port, Instance : ${_.get(entry, 'Asset Type')}`);\n  text.push(\n    `IP Address, Port, Instance : ${_.get(\n      entry,\n      'IP Address, Port, Instance'\n    )} `\n  );\n  return text.join('\\n');\n}\nfunction formatDesc(entry: unknown): string {\n  const text = [];\n  text.push(`Task : ${_.get(entry, 'Task')}`);\n  text.push(`Check Category : ${_.get(entry, 'Check Category')}`);\n  return text.join('; ');\n}\nfunction getStatus(input: unknown): ExecJSON.ControlResultStatus {\n  switch (input) {\n    case 'Fact':\n      return ExecJSON.ControlResultStatus.Skipped;\n    case 'Failed':\n      return ExecJSON.ControlResultStatus.Failed;\n    case 'Finding':\n      return ExecJSON.ControlResultStatus.Failed;\n    case 'Not A Finding':\n      return ExecJSON.ControlResultStatus.Passed;\n  }\n  return ExecJSON.ControlResultStatus.Skipped;\n}\nfunction getBacktrace(input: unknown): string {\n  if (input === 'Failed') {\n    return 'DB Protect Failed Check';\n  } else {\n    return '';\n  }\n}\nfunction handleBacktrace(input: unknown): ExecJSON.ControlResult[] {\n  if (Array.isArray(input)) {\n    input = input.map((element) => {\n      if (_.get(element, 'backtrace')[0] === '') {\n        return _.omit(element, 'backtrace');\n      } else {\n        return element;\n      }\n    });\n  }\n  return input as ExecJSON.ControlResult[];\n}\nfunction idToString(id: unknown): string {\n  if (typeof id === 'string' || typeof id === 'number') {\n    return id.toString();\n  } else {\n    return '';\n  }\n}\n\nexport class DBProtectMapper extends BaseConverter {\n  withRaw: boolean;\n\n  mappings: MappedTransform<\n    ExecJSON.Execution & {passthrough: unknown},\n    ILookupPath\n  > = {\n    platform: {\n      name: 'Heimdall Tools',\n      release: HeimdallToolsVersion\n    },\n    version: HeimdallToolsVersion,\n    statistics: {},\n    profiles: [\n      {\n        name: {path: 'data.[0].Policy'},\n        title: {path: 'data.[0].Job Name'},\n        summary: {path: 'data.[0]', transformer: formatSummary},\n        supports: [],\n        attributes: [],\n        groups: [],\n        status: 'loaded',\n        controls: [\n          {\n            path: 'data',\n            key: 'id',\n            tags: {\n              nist: DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,\n              cci: getCCIsForNISTTags(DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS)\n            },\n            refs: [],\n            source_location: {},\n            title: {path: 'Check'},\n            id: {path: 'Check ID', transformer: idToString},\n            desc: {transformer: formatDesc},\n            impact: {\n              path: 'Risk DV',\n              transformer: impactMapping(IMPACT_MAPPING)\n            },\n            code: {\n              transformer: (vulnerability: Record<string, unknown>): string =>\n                JSON.stringify(vulnerability, null, 2)\n            },\n            results: [\n              {\n                arrayTransformer: handleBacktrace,\n                status: {path: 'Result Status', transformer: getStatus},\n                code_desc: {path: 'Details'},\n                start_time: {path: 'Date'},\n                backtrace: [{path: 'Result Status', transformer: getBacktrace}]\n              }\n            ]\n          }\n        ],\n        sha256: ''\n      }\n    ],\n    passthrough: {\n      transformer: (data: Record<string, unknown>): Record<string, unknown> => {\n        return {...(this.withRaw && {raw: data})};\n      }\n    }\n  };\n  constructor(dbProtectXml: string, withRaw = false) {\n    super(compileFindings(parseXml(dbProtectXml)));\n    this.withRaw = withRaw;\n  }\n}\n"]}

package/lib/src/dependency-track-mapper.d.ts

@@ -7,3 +7,4 @@ export declare class DependencyTrackMapper extends BaseConverter {
     }, ILookupPath>;
     constructor(dtJson: string, withRaw?: boolean);
 }
+//# sourceMappingURL=dependency-track-mapper.d.ts.map

package/lib/src/dependency-track-mapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dependency-track-mapper.d.ts","sourceRoot":"","sources":["../../src/dependency-track-mapper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,QAAQ,EAAC,MAAM,UAAU,CAAC;AAGlC,OAAO,EACL,aAAa,EACb,WAAW,EAEX,eAAe,EAChB,MAAM,kBAAkB,CAAC;AAqD1B,qBAAa,qBAAsB,SAAQ,aAAa;IACtD,OAAO,EAAE,OAAO,CAAC;IAEjB,QAAQ,EAAE,eAAe,CACvB,QAAQ,CAAC,SAAS,GAAG;QAAC,WAAW,EAAE,OAAO,CAAA;KAAC,EAC3C,WAAW,CACZ,CAkIC;gBACU,MAAM,EAAE,MAAM,EAAE,OAAO,UAAQ;CAI5C"}