@nahisaho/musubix-security 2.0.1 → 2.1.1

package/dist/cve/cve-cache.test.js

@@ -0,0 +1,363 @@
+/**
+ * @fileoverview CVE Cache Unit Tests
+ * @module @nahisaho/musubix-security/cve/cve-cache.test
+ */
+import { describe, it, expect, beforeEach, afterEach } from 'vitest';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as os from 'node:os';
+import { CVECache, createMemoryCache, getDefaultCache, closeDefaultCache, } from './cve-cache.js';
+/**
+ * Create a mock CVE for testing
+ */
+function createMockCVE(id, options) {
+    return {
+        id,
+        description: `Mock vulnerability ${id}`,
+        published: new Date('2024-01-01T00:00:00.000Z'),
+        lastModified: new Date('2024-01-02T00:00:00.000Z'),
+        cvss: options?.cvss ?? {
+            version: '3.1',
+            baseScore: 7.5,
+            severity: 'HIGH',
+            vectorString: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N',
+            attackVector: 'NETWORK',
+            attackComplexity: 'LOW',
+            privilegesRequired: 'NONE',
+            userInteraction: 'NONE',
+            scope: 'UNCHANGED',
+            confidentialityImpact: 'HIGH',
+            integrityImpact: 'NONE',
+            availabilityImpact: 'NONE',
+        },
+        cwes: options?.cwes ?? ['CWE-79'],
+        references: options?.references ?? [
+            { url: `https://example.com/${id}`, source: 'MISC' },
+        ],
+        affectedProducts: options?.affectedProducts ?? [{
+                cpe: 'cpe:2.3:a:test:product:*:*:*:*:*:*:*:*',
+                vulnerable: true,
+            }],
+        status: 'ANALYZED',
+        ...options,
+    };
+}
+describe('CVECache', () => {
+    let tempDir;
+    let dbPath;
+    beforeEach(() => {
+        tempDir = fs.mkdtempSync(path.join(os.tmpdir(), 'cve-cache-test-'));
+        dbPath = path.join(tempDir, 'test-cache.json');
+    });
+    afterEach(() => {
+        closeDefaultCache();
+        fs.rmSync(tempDir, { recursive: true, force: true });
+    });
+    describe('constructor', () => {
+        it('should create cache with default options', () => {
+            const cache = new CVECache({ dbPath });
+            expect(cache).toBeInstanceOf(CVECache);
+            cache.close();
+        });
+        it('should create cache with custom options', () => {
+            const cache = new CVECache({
+                dbPath,
+                defaultTTL: 60000,
+                maxEntries: 100,
+                autoCleanup: false,
+            });
+            expect(cache).toBeInstanceOf(CVECache);
+            cache.close();
+        });
+        it('should create storage directory if not exists', () => {
+            const nestedPath = path.join(tempDir, 'nested', 'dir', 'cache.json');
+            const cache = new CVECache({ dbPath: nestedPath });
+            expect(fs.existsSync(path.dirname(nestedPath))).toBe(true);
+            cache.close();
+        });
+    });
+    describe('CVE operations', () => {
+        let cache;
+        beforeEach(() => {
+            cache = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+        });
+        afterEach(() => {
+            cache.close();
+        });
+        it('should store and retrieve CVE', () => {
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve);
+            const retrieved = cache.getCVE('CVE-2024-12345');
+            expect(retrieved).toEqual(cve);
+        });
+        it('should return undefined for non-existent CVE', () => {
+            const result = cache.getCVE('CVE-9999-99999');
+            expect(result).toBeUndefined();
+        });
+        it('should check if CVE exists', () => {
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve);
+            expect(cache.hasCVE('CVE-2024-12345')).toBe(true);
+            expect(cache.hasCVE('CVE-9999-99999')).toBe(false);
+        });
+        it('should delete CVE', () => {
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve);
+            const deleted = cache.deleteCVE('CVE-2024-12345');
+            expect(deleted).toBe(true);
+            expect(cache.getCVE('CVE-2024-12345')).toBeUndefined();
+        });
+        it('should return false when deleting non-existent CVE', () => {
+            const deleted = cache.deleteCVE('CVE-9999-99999');
+            expect(deleted).toBe(false);
+        });
+        it('should get CVE metadata', () => {
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve);
+            const metadata = cache.getCVEMetadata('CVE-2024-12345');
+            expect(metadata).toBeDefined();
+            expect(metadata?.createdAt).toBeDefined();
+            expect(metadata?.expiresAt).toBeGreaterThan(metadata.createdAt);
+        });
+        it('should store CVE with custom TTL', () => {
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve, 1000); // 1 second TTL
+            const metadata = cache.getCVEMetadata('CVE-2024-12345');
+            expect(metadata.expiresAt - metadata.createdAt).toBe(1000);
+        });
+        it('should store CVE with ETag', () => {
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve, undefined, 'etag-123');
+            const metadata = cache.getCVEMetadata('CVE-2024-12345');
+            expect(metadata?.etag).toBe('etag-123');
+        });
+    });
+    describe('expiration', () => {
+        it('should return undefined for expired CVE', async () => {
+            const cache = new CVECache({
+                dbPath,
+                defaultTTL: 10, // 10ms TTL
+                autoCleanup: false,
+            });
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve);
+            // Wait for expiration
+            await new Promise(resolve => setTimeout(resolve, 50));
+            const retrieved = cache.getCVE('CVE-2024-12345');
+            expect(retrieved).toBeUndefined();
+            cache.close();
+        });
+        it('should cleanup expired entries', async () => {
+            const cache = new CVECache({
+                dbPath,
+                defaultTTL: 10,
+                autoCleanup: false,
+            });
+            cache.setCVE(createMockCVE('CVE-2024-0001'));
+            cache.setCVE(createMockCVE('CVE-2024-0002'));
+            await new Promise(resolve => setTimeout(resolve, 50));
+            const removed = cache.cleanup();
+            expect(removed).toBe(2);
+            cache.close();
+        });
+        it('should touch CVE to extend TTL', () => {
+            const cache = new CVECache({
+                dbPath,
+                defaultTTL: 1000,
+                autoCleanup: false,
+            });
+            const cve = createMockCVE('CVE-2024-12345');
+            cache.setCVE(cve);
+            const originalMetadata = cache.getCVEMetadata('CVE-2024-12345');
+            // Touch with new TTL
+            cache.touchCVE('CVE-2024-12345', 5000);
+            const newMetadata = cache.getCVEMetadata('CVE-2024-12345');
+            expect(newMetadata.expiresAt).toBeGreaterThan(originalMetadata.expiresAt);
+            cache.close();
+        });
+    });
+    describe('CPE operations', () => {
+        let cache;
+        beforeEach(() => {
+            cache = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+        });
+        afterEach(() => {
+            cache.close();
+        });
+        it('should store and retrieve CVEs by CPE', () => {
+            const cves = [
+                createMockCVE('CVE-2024-0001'),
+                createMockCVE('CVE-2024-0002'),
+            ];
+            const cpeName = 'cpe:2.3:a:expressjs:express:4.17.1:*:*:*:*:node.js:*:*';
+            cache.setCVEsByCPE(cpeName, cves);
+            const retrieved = cache.getCVEsByCPE(cpeName);
+            expect(retrieved).toEqual(cves);
+        });
+        it('should return undefined for non-cached CPE', () => {
+            const result = cache.getCVEsByCPE('cpe:2.3:a:unknown:unknown:*:*:*:*:*:*:*:*');
+            expect(result).toBeUndefined();
+        });
+    });
+    describe('keyword operations', () => {
+        let cache;
+        beforeEach(() => {
+            cache = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+        });
+        afterEach(() => {
+            cache.close();
+        });
+        it('should store and retrieve CVEs by keyword', () => {
+            const cves = [createMockCVE('CVE-2024-0001')];
+            cache.setCVEsByKeyword('express', cves);
+            const retrieved = cache.getCVEsByKeyword('express');
+            expect(retrieved).toEqual(cves);
+        });
+        it('should be case-insensitive for keywords', () => {
+            const cves = [createMockCVE('CVE-2024-0001')];
+            cache.setCVEsByKeyword('EXPRESS', cves);
+            const retrieved = cache.getCVEsByKeyword('express');
+            expect(retrieved).toEqual(cves);
+        });
+    });
+    describe('batch operations', () => {
+        let cache;
+        beforeEach(() => {
+            cache = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+        });
+        afterEach(() => {
+            cache.close();
+        });
+        it('should get multiple CVEs at once', () => {
+            cache.setCVE(createMockCVE('CVE-2024-0001'));
+            cache.setCVE(createMockCVE('CVE-2024-0002'));
+            const result = cache.getMultipleCVEs([
+                'CVE-2024-0001',
+                'CVE-2024-0002',
+                'CVE-2024-9999', // Non-existent
+            ]);
+            expect(result.size).toBe(2);
+            expect(result.has('CVE-2024-0001')).toBe(true);
+            expect(result.has('CVE-2024-0002')).toBe(true);
+            expect(result.has('CVE-2024-9999')).toBe(false);
+        });
+        it('should set multiple CVEs at once', () => {
+            const cves = [
+                createMockCVE('CVE-2024-0001'),
+                createMockCVE('CVE-2024-0002'),
+                createMockCVE('CVE-2024-0003'),
+            ];
+            cache.setMultipleCVEs(cves);
+            expect(cache.getCVE('CVE-2024-0001')).toBeDefined();
+            expect(cache.getCVE('CVE-2024-0002')).toBeDefined();
+            expect(cache.getCVE('CVE-2024-0003')).toBeDefined();
+        });
+    });
+    describe('statistics', () => {
+        it('should calculate cache statistics', () => {
+            const cache = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+            cache.setCVE(createMockCVE('CVE-2024-0001'));
+            cache.setCVE(createMockCVE('CVE-2024-0002'));
+            // Generate some hits and misses
+            cache.getCVE('CVE-2024-0001'); // hit
+            cache.getCVE('CVE-2024-9999'); // miss
+            const stats = cache.getStats();
+            expect(stats.totalEntries).toBe(2);
+            expect(stats.validEntries).toBe(2);
+            expect(stats.hitRate).toBe(0.5); // 1 hit, 1 miss
+            expect(stats.sizeBytes).toBeGreaterThan(0);
+            cache.close();
+        });
+    });
+    describe('max entries enforcement', () => {
+        it('should enforce max entries limit', () => {
+            const cache = new CVECache({
+                dbPath,
+                maxEntries: 3,
+                autoCleanup: false,
+            });
+            cache.setCVE(createMockCVE('CVE-2024-0001'));
+            cache.setCVE(createMockCVE('CVE-2024-0002'));
+            cache.setCVE(createMockCVE('CVE-2024-0003'));
+            cache.setCVE(createMockCVE('CVE-2024-0004'));
+            const stats = cache.getStats();
+            expect(stats.totalEntries).toBe(3);
+            cache.close();
+        });
+    });
+    describe('persistence', () => {
+        it('should persist data to disk', () => {
+            const cache1 = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+            cache1.setCVE(createMockCVE('CVE-2024-12345'));
+            cache1.close();
+            // Create new cache instance with same path
+            const cache2 = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+            const retrieved = cache2.getCVE('CVE-2024-12345');
+            expect(retrieved).toBeDefined();
+            expect(retrieved?.id).toBe('CVE-2024-12345');
+            cache2.close();
+        });
+        it('should clear all data', () => {
+            const cache = new CVECache({
+                dbPath,
+                autoCleanup: false,
+            });
+            cache.setCVE(createMockCVE('CVE-2024-0001'));
+            cache.setCVE(createMockCVE('CVE-2024-0002'));
+            cache.clear();
+            expect(cache.getCVE('CVE-2024-0001')).toBeUndefined();
+            expect(cache.getCVE('CVE-2024-0002')).toBeUndefined();
+            expect(cache.getStats().totalEntries).toBe(0);
+            cache.close();
+        });
+    });
+});
+describe('createMemoryCache', () => {
+    it('should create a memory-only cache', () => {
+        const cache = createMemoryCache();
+        cache.setCVE(createMockCVE('CVE-2024-12345'));
+        expect(cache.getCVE('CVE-2024-12345')).toBeDefined();
+        cache.close();
+    });
+});
+describe('getDefaultCache / closeDefaultCache', () => {
+    afterEach(() => {
+        closeDefaultCache();
+    });
+    it('should return singleton instance', () => {
+        const cache1 = getDefaultCache();
+        const cache2 = getDefaultCache();
+        expect(cache1).toBe(cache2);
+    });
+    it('should close default cache', () => {
+        const cache = getDefaultCache();
+        cache.setCVE(createMockCVE('CVE-2024-12345'));
+        closeDefaultCache();
+        // Getting default cache again should create new instance
+        const newCache = getDefaultCache();
+        // Note: Previous data may still be persisted on disk
+        expect(newCache).toBeDefined();
+    });
+});
+//# sourceMappingURL=cve-cache.test.js.map

package/dist/cve/cve-cache.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cve-cache.test.js","sourceRoot":"","sources":["../../src/cve/cve-cache.test.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EACL,QAAQ,EACR,iBAAiB,EACjB,eAAe,EACf,iBAAiB,GAClB,MAAM,gBAAgB,CAAC;AAGxB;;GAEG;AACH,SAAS,aAAa,CAAC,EAAU,EAAE,OAAsB;IACvD,OAAO;QACL,EAAE;QACF,WAAW,EAAE,sBAAsB,EAAE,EAAE;QACvC,SAAS,EAAE,IAAI,IAAI,CAAC,0BAA0B,CAAC;QAC/C,YAAY,EAAE,IAAI,IAAI,CAAC,0BAA0B,CAAC;QAClD,IAAI,EAAE,OAAO,EAAE,IAAI,IAAI;YACrB,OAAO,EAAE,KAAK;YACd,SAAS,EAAE,GAAG;YACd,QAAQ,EAAE,MAAM;YAChB,YAAY,EAAE,8CAA8C;YAC5D,YAAY,EAAE,SAAS;YACvB,gBAAgB,EAAE,KAAK;YACvB,kBAAkB,EAAE,MAAM;YAC1B,eAAe,EAAE,MAAM;YACvB,KAAK,EAAE,WAAW;YAClB,qBAAqB,EAAE,MAAM;YAC7B,eAAe,EAAE,MAAM;YACvB,kBAAkB,EAAE,MAAM;SAC3B;QACD,IAAI,EAAE,OAAO,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC;QACjC,UAAU,EAAE,OAAO,EAAE,UAAU,IAAI;YACjC,EAAE,GAAG,EAAE,uBAAuB,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE;SACrD;QACD,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,CAAC;gBAC9C,GAAG,EAAE,wCAAwC;gBAC7C,UAAU,EAAE,IAAI;aACjB,CAAC;QACF,MAAM,EAAE,UAAU;QAClB,GAAG,OAAO;KACX,CAAC;AACJ,CAAC;AAED,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;IACxB,IAAI,OAAe,CAAC;IACpB,IAAI,MAAc,CAAC;IAEnB,UAAU,CAAC,GAAG,EAAE;QACd,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,iBAAiB,CAAC,CAAC,CAAC;QACpE,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,iBAAiB,EAAE,CAAC;QACpB,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;YACvC,MAAM,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YACvC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACzB,MAAM;gBACN,UAAU,EAAE,KAAK;gBACjB,UAAU,EAAE,GAAG;gBACf,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YACH,MAAM,CAAC,KAAK,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YACvC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,CAAC,CAAC;YACrE,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC;YACnD,MAAM,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC3D,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,IAAI,KAAe,CAAC;QAEpB,UAAU,CAAC,GAAG,EAAE;YACd,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACnB,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,SAAS,CAAC,GAAG,EAAE;YACb,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YACjD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAC9C,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,CAAC;QACjC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mBAAmB,EAAE,GAAG,EAAE;YAC3B,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,OAAO,GAAG,KAAK,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YAClD,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC3B,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;QACzD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;YAC5D,MAAM,OAAO,GAAG,KAAK,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YAClD,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,QAAQ,GAAG,KAAK,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;YACxD,MAAM,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;YAC/B,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAC1C,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,eAAe,CAAC,QAAS,CAAC,SAAS,CAAC,CAAC;QACnE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,eAAe;YAExC,MAAM,QAAQ,GAAG,KAAK,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;YACxD,MAAM,CAAC,QAAS,CAAC,SAAS,GAAG,QAAS,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;YAEzC,MAAM,QAAQ,GAAG,KAAK,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;YACxD,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;YACvD,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACzB,MAAM;gBACN,UAAU,EAAE,EAAE,EAAE,WAAW;gBAC3B,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAElB,sBAAsB;YACtB,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;YAEtD,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YACjD,MAAM,CAAC,SAAS,CAAC,CAAC,aAAa,EAAE,CAAC;YAClC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;YAC9C,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACzB,MAAM;gBACN,UAAU,EAAE,EAAE;gBACd,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAE7C,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;YAEtD,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC;YAChC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACxB,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACzB,MAAM;gBACN,UAAU,EAAE,IAAI;gBAChB,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,MAAM,GAAG,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC;YAC5C,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAElB,MAAM,gBAAgB,GAAG,KAAK,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;YAEhE,qBAAqB;YACrB,KAAK,CAAC,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC;YAEvC,MAAM,WAAW,GAAG,KAAK,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;YAC3D,MAAM,CAAC,WAAY,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,gBAAiB,CAAC,SAAS,CAAC,CAAC;YAC5E,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,IAAI,KAAe,CAAC;QAEpB,UAAU,CAAC,GAAG,EAAE;YACd,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACnB,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,SAAS,CAAC,GAAG,EAAE;YACb,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,IAAI,GAAG;gBACX,aAAa,CAAC,eAAe,CAAC;gBAC9B,aAAa,CAAC,eAAe,CAAC;aAC/B,CAAC;YACF,MAAM,OAAO,GAAG,wDAAwD,CAAC;YAEzE,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAClC,MAAM,SAAS,GAAG,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAE9C,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;YACpD,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAAC,2CAA2C,CAAC,CAAC;YAC/E,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,IAAI,KAAe,CAAC;QAEpB,UAAU,CAAC,GAAG,EAAE;YACd,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACnB,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,SAAS,CAAC,GAAG,EAAE;YACb,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,IAAI,GAAG,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC9C,KAAK,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YAExC,MAAM,SAAS,GAAG,KAAK,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YACpD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,IAAI,GAAG,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC9C,KAAK,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;YAExC,MAAM,SAAS,GAAG,KAAK,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;YACpD,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;QAChC,IAAI,KAAe,CAAC;QAEpB,UAAU,CAAC,GAAG,EAAE;YACd,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACnB,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,SAAS,CAAC,GAAG,EAAE;YACb,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAE7C,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC;gBACnC,eAAe;gBACf,eAAe;gBACf,eAAe,EAAE,eAAe;aACjC,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC5B,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/C,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,IAAI,GAAG;gBACX,aAAa,CAAC,eAAe,CAAC;gBAC9B,aAAa,CAAC,eAAe,CAAC;gBAC9B,aAAa,CAAC,eAAe,CAAC;aAC/B,CAAC;YAEF,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAE5B,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACpD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACpD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QACtD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACzB,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAE7C,gCAAgC;YAChC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,MAAM;YACrC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,OAAO;YAEtC,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAE/B,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACnC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACnC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,gBAAgB;YACjD,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC3C,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;QACvC,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACzB,MAAM;gBACN,UAAU,EAAE,CAAC;gBACb,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAE7C,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC/B,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACnC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,MAAM,GAAG,IAAI,QAAQ,CAAC;gBAC1B,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC,CAAC;YAC/C,MAAM,CAAC,KAAK,EAAE,CAAC;YAEf,2CAA2C;YAC3C,MAAM,MAAM,GAAG,IAAI,QAAQ,CAAC;gBAC1B,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;YAClD,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC7C,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;YAC/B,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;gBACzB,MAAM;gBACN,WAAW,EAAE,KAAK;aACnB,CAAC,CAAC;YAEH,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC;YAC7C,KAAK,CAAC,KAAK,EAAE,CAAC;YAEd,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;YACtD,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,aAAa,EAAE,CAAC;YACtD,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC9C,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,KAAK,GAAG,iBAAiB,EAAE,CAAC;QAClC,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC,CAAC;QAC9C,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QACrD,KAAK,CAAC,KAAK,EAAE,CAAC;IAChB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,qCAAqC,EAAE,GAAG,EAAE;IACnD,SAAS,CAAC,GAAG,EAAE;QACb,iBAAiB,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;QACjC,MAAM,MAAM,GAAG,eAAe,EAAE,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC,CAAC;QAC9C,iBAAiB,EAAE,CAAC;QAEpB,yDAAyD;QACzD,MAAM,QAAQ,GAAG,eAAe,EAAE,CAAC;QACnC,qDAAqD;QACrD,MAAM,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/cve/dependency-parser.d.ts

@@ -0,0 +1,204 @@
+/**
+ * @fileoverview Package JSON Parser for dependency extraction
+ * @module @nahisaho/musubix-security/cve/dependency-parser
+ *
+ * Parses package.json and package-lock.json to extract dependency
+ * information for vulnerability scanning.
+ *
+ * @requirement REQ-CVE-002 - Dependency extraction from package files
+ * @design DES-EPIC2-005 - Dependency Parser component
+ */
+/**
+ * Dependency types in package.json
+ */
+export type DependencyType = 'dependencies' | 'devDependencies' | 'peerDependencies' | 'optionalDependencies';
+/**
+ * Parsed dependency information
+ */
+export interface ParsedDependency {
+    /** Package name */
+    name: string;
+    /** Version specifier from package.json (may be a range) */
+    versionSpecifier: string;
+    /** Resolved exact version (from lock file if available) */
+    resolvedVersion?: string;
+    /** Type of dependency */
+    type: DependencyType;
+    /** Whether this is a direct or transitive dependency */
+    isDirect: boolean;
+    /** Dependencies of this package */
+    dependencies?: string[];
+    /** Integrity hash (from lock file) */
+    integrity?: string;
+    /** Package URL for download */
+    resolved?: string;
+}
+/**
+ * Package.json structure (partial)
+ */
+export interface PackageJson {
+    name?: string;
+    version?: string;
+    dependencies?: Record<string, string>;
+    devDependencies?: Record<string, string>;
+    peerDependencies?: Record<string, string>;
+    optionalDependencies?: Record<string, string>;
+}
+/**
+ * Package-lock.json structure (v2/v3)
+ */
+export interface PackageLockJson {
+    name?: string;
+    version?: string;
+    lockfileVersion?: number;
+    packages?: Record<string, PackageLockEntry>;
+    dependencies?: Record<string, LegacyLockEntry>;
+}
+/**
+ * Package-lock.json packages entry (v2/v3)
+ */
+export interface PackageLockEntry {
+    version?: string;
+    resolved?: string;
+    integrity?: string;
+    dev?: boolean;
+    optional?: boolean;
+    peer?: boolean;
+    dependencies?: Record<string, string>;
+    devDependencies?: Record<string, string>;
+    peerDependencies?: Record<string, string>;
+    optionalDependencies?: Record<string, string>;
+}
+/**
+ * Legacy package-lock.json dependencies entry (v1)
+ */
+export interface LegacyLockEntry {
+    version: string;
+    resolved?: string;
+    integrity?: string;
+    dev?: boolean;
+    optional?: boolean;
+    requires?: Record<string, string>;
+    dependencies?: Record<string, LegacyLockEntry>;
+}
+/**
+ * Parser options
+ */
+export interface DependencyParserOptions {
+    /** Include dev dependencies (default: true) */
+    includeDevDependencies?: boolean;
+    /** Include peer dependencies (default: false) */
+    includePeerDependencies?: boolean;
+    /** Include optional dependencies (default: true) */
+    includeOptionalDependencies?: boolean;
+    /** Maximum depth for transitive dependencies (default: unlimited) */
+    maxDepth?: number;
+}
+/**
+ * Parse result
+ */
+export interface ParseResult {
+    /** Project name */
+    projectName?: string;
+    /** Project version */
+    projectVersion?: string;
+    /** All parsed dependencies */
+    dependencies: ParsedDependency[];
+    /** Direct dependencies count */
+    directCount: number;
+    /** Transitive dependencies count */
+    transitiveCount: number;
+    /** Parsing warnings */
+    warnings: string[];
+}
+/**
+ * Dependency Parser for npm projects
+ *
+ * @example
+ * ```typescript
+ * const parser = new DependencyParser();
+ *
+ * // Parse from directory
+ * const result = await parser.parseDirectory('./my-project');
+ *
+ * // Parse from package.json content
+ * const deps = parser.parsePackageJson(packageJsonContent);
+ *
+ * // Get all dependencies as flat list
+ * console.log(result.dependencies);
+ * ```
+ */
+export declare class DependencyParser {
+    private readonly options;
+    constructor(options?: DependencyParserOptions);
+    /**
+     * Parse dependencies from a project directory
+     * @param dirPath - Path to project directory
+     * @returns Parsed dependencies
+     */
+    parseDirectory(dirPath: string): Promise<ParseResult>;
+    /**
+     * Parse package.json content directly
+     * @param content - package.json content as string
+     * @returns Direct dependencies (no transitive without lock file)
+     */
+    parsePackageJson(content: string): ParsedDependency[];
+    /**
+     * Parse package-lock.json content directly
+     * @param content - package-lock.json content as string
+     * @returns All dependencies including transitive
+     */
+    parsePackageLock(content: string): ParsedDependency[];
+    /**
+     * Parse with both package.json and lock file
+     */
+    private parsePackageJsonWithLock;
+    /**
+     * Extract dependencies from lock file
+     */
+    private extractFromLockFile;
+    /**
+     * Extract from v1 lock format (recursive)
+     */
+    private extractFromLegacyLock;
+    /**
+     * Extract dependencies from package.json section
+     */
+    private extractDependencies;
+    /**
+     * Determine dependency type from lock entry
+     */
+    private determineDependencyType;
+    /**
+     * Check if dependency type should be included
+     */
+    private shouldIncludeType;
+    /**
+     * Extract package name from node_modules path
+     */
+    private extractPackageNameFromPath;
+}
+/**
+ * Resolve version specifier to concrete version
+ * Handles npm version ranges
+ */
+export declare function resolveVersionSpecifier(specifier: string): {
+    type: 'exact' | 'range' | 'tag' | 'url' | 'git';
+    version?: string;
+    minVersion?: string;
+    maxVersion?: string;
+};
+/**
+ * Filter dependencies for security scanning
+ * Removes dev dependencies if not needed, etc.
+ */
+export declare function filterDependenciesForScanning(dependencies: ParsedDependency[], options?: {
+    includeDevDependencies?: boolean;
+    includeTransitive?: boolean;
+    directOnly?: boolean;
+}): ParsedDependency[];
+/**
+ * Get unique packages (deduplicate by name)
+ */
+export declare function getUniquePackages(dependencies: ParsedDependency[]): ParsedDependency[];
+//# sourceMappingURL=dependency-parser.d.ts.map

package/dist/cve/dependency-parser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dependency-parser.d.ts","sourceRoot":"","sources":["../../src/cve/dependency-parser.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAKH;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,cAAc,GACd,iBAAiB,GACjB,kBAAkB,GAClB,sBAAsB,CAAC;AAE3B;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,mBAAmB;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,2DAA2D;IAC3D,gBAAgB,EAAE,MAAM,CAAC;IACzB,2DAA2D;IAC3D,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,yBAAyB;IACzB,IAAI,EAAE,cAAc,CAAC;IACrB,wDAAwD;IACxD,QAAQ,EAAE,OAAO,CAAC;IAClB,mCAAmC;IACnC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,sCAAsC;IACtC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,+BAA+B;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACzC,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,oBAAoB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/C;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAC5C,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;CAChD;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,eAAe,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACzC,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC1C,oBAAoB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC/C;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAClC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;CAChD;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,+CAA+C;IAC/C,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,iDAAiD;IACjD,uBAAuB,CAAC,EAAE,OAAO,CAAC;IAClC,oDAAoD;IACpD,2BAA2B,CAAC,EAAE,OAAO,CAAC;IACtC,qEAAqE;IACrE,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,mBAAmB;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,sBAAsB;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,8BAA8B;IAC9B,YAAY,EAAE,gBAAgB,EAAE,CAAC;IACjC,gCAAgC;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,oCAAoC;IACpC,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB;IACvB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAoC;gBAEhD,OAAO,GAAE,uBAA4B;IASjD;;;;OAIG;IACG,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC;IA8B3D;;;;OAIG;IACH,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,gBAAgB,EAAE;IAyCrD;;;;OAIG;IACH,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,gBAAgB,EAAE;IAKrD;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAmDhC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAuC3B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAsC7B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAkB3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAO/B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAezB;;OAEG;IACH,OAAO,CAAC,0BAA0B;CAQnC;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG;IAC1D,IAAI,EAAE,OAAO,GAAG,OAAO,GAAG,KAAK,GAAG,KAAK,GAAG,KAAK,CAAC;IAChD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,CA+BA;AAED;;;GAGG;AACH,wBAAgB,6BAA6B,CAC3C,YAAY,EAAE,gBAAgB,EAAE,EAChC,OAAO,GAAE;IACP,sBAAsB,CAAC,EAAE,OAAO,CAAC;IACjC,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,UAAU,CAAC,EAAE,OAAO,CAAC;CACjB,GACL,gBAAgB,EAAE,CAwBpB;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,YAAY,EAAE,gBAAgB,EAAE,GAC/B,gBAAgB,EAAE,CAWpB"}